From: Philipp Dallig Date: Tue, 8 Nov 2016 15:14:07 +0000 (+0100) Subject: sirona-aem - SIRONABUG-83 + SIRONAADFR-784 X-Git-Tag: v0.1.0~3846 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=61121c9db6434e0f7fc7261632b33960bc9d985e;p=pixelpark%2Fhiera.git sirona-aem - SIRONABUG-83 + SIRONAADFR-784 --- diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml index 464a46cd..dfb82844 100644 --- a/customer/sirona-aem/production.yaml +++ b/customer/sirona-aem/production.yaml @@ -150,6 +150,9 @@ aem::domain_mappings: www.cerec.com: # 29.09.2016 DNS noch nicht auf AEM aem_path: '/content/cerec' create_sling_mapping: true + assets.dentsplysirona.com: + aem_path: '/content/dam' + create_sling_mapping: true site::profile::apache::htdigest: server: @@ -689,6 +692,13 @@ site::profile::aem::publish::pp_vhosts: comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/%%{ich-trickse}{ENV:language}.html [R=301,L]' + - regel_1: + comment: 'Migration' + rewrite_rule: + - '^/de/vorteile$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de/vorteile.html [R=301,L]' + - '^/de/information$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de/information.html [R=301,L]' + - '^/de/produkte$ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de/produkte.html [R=301,L]' + - '^/de/ %%{ich-trickse}{REQUEST_SCHEME}://www.exzellenzgruender.de/de-de.html [R=301,L]' # Sirona www.see-more-with-sirona.com see-more-with-sirona: serveraliases: @@ -778,6 +788,20 @@ site::profile::aem::publish::pp_vhosts: comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.cerec.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' + assets: + servername: assets.dentsplysirona.com + docroot: '/var/www/html/cache/content/dam' + ssl_cert: '/etc/pki/tls/certs/cerec.com-cert.pem' + ssl_key: '/etc/pki/tls/private/cerec.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/cerec.com-cert.pem' + docroot_owner: apache + directories: + - docroot: + provider: directory + path: '/var/www/html/cache/content/dam' + sethandler: dispatcher-handler + options: + - FollowSymLinks # Apache Author site::profile::aem::author::enable_apache: true @@ -1896,3 +1920,78 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' + dam: + virtualhosts: + - 'assets.dentsplysirona.com' + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/var/www/html/cache/content/dam' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin'