From: Oliver Böttcher Date: Fri, 20 Jul 2018 09:48:52 +0000 (+0200) Subject: Pixelpark - rename net->com X-Git-Tag: v0.1.0~558 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=c6b380b94bd4bcffd4b2da954544379f5231eebc;p=pixelpark%2Fhiera.git Pixelpark - rename net->com --- diff --git a/customer/pixelpark/extranet01.pixelpark.com.yaml b/customer/pixelpark/extranet01.pixelpark.com.yaml new file mode 100644 index 00000000..731d0071 --- /dev/null +++ b/customer/pixelpark/extranet01.pixelpark.com.yaml @@ -0,0 +1,79 @@ +--- +accounts::users: + gregor.naeckel: + apply: true + sudo: true +# custom-admins + +infra::role: base +infra::additional_classes: + - infra::profile::apache + - apache::mod::proxy_ajp + +infra::profile::apache::pp_vhosts: + extranet: + docroot: /var/www/extranet + servername: extranet.pixelpark.com # wenn fertig umgezogen + serveraliases: + - extranet01.pixelpark.net # DNS Eintrag + - extranet01.pixelpark.com # CNAME von extranet01.pixelpark.net + cert_servername: 'wildcard.pixelpark.com' + cert_customer: 'pixelpark' + ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' + ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' + ssl_proxyengine: true + proxy_preserve_host: true + docroot_owner: apache + docroot_group: apache + docroot_mode: '2775' + directories: + - directory_root: + provider: directory + path: '/var/www/extranet' + options: + - FollowSymLinks + - MultiViews + allow_override: + - All + directoryindex: index.html + proxy_pass: + - { path: /server-status, url: '!' } + - { path: /server-info, url: '!' } + - { path: /confluence, url: 'ajp://extranet01.pixelpark.net:8001/confluence' } + + headers_ssl: + - always set Strict-Transport-Security "max-age=31556926" + setenvif: + - 'Remote_Addr ^(217\.66\.49\.|217\.66\.50\.|217\.66\.51\.|217\.66\.56\.|213\.61\.241\.|81\.173\.202\.|83\.125\.19\.|194\.8\.221\.2|10\.200\.|62\.214\.114\.) ppnetze=true' + rewrites: + - comment: 'Rewrite from / to /confluence' + rewrite_rule: + - ^(/?)$ /confluence/ [R=301,L] + - comment: 'switch to https' + rewrite_cond: + - '%%{ich-trickse}{HTTPS} !=on [NC]' + rewrite_rule: + - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L] + - comment: 'browse people' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/browsepeople\.action$ - [F,L]' + - comment: 'display' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/display/~(.*)$ - [F,L]' + - comment: 'rest mentions network' + rewrite_cond: + - '%%{ich-trickse}{ENV:ppnetze} !=true' + rewrite_rule: + - '^/confluence/rest/mentions/1/network.json$ - [F,L]' +# - comment: 'search user' +# rewrite_cond: +# - '%%{ich-trickse}{ENV:ppnetze} !=true' +# rewrite_cond: +# - '%%{ich-trickse}{QUERY_STRING} search=user' +# rewrite_rule: +# - '^/confluence/rest/prototype/1/search.json$ - [F,L]' diff --git a/customer/pixelpark/extranet01.pixelpark.net.yaml b/customer/pixelpark/extranet01.pixelpark.net.yaml deleted file mode 100644 index 731d0071..00000000 --- a/customer/pixelpark/extranet01.pixelpark.net.yaml +++ /dev/null @@ -1,79 +0,0 @@ ---- -accounts::users: - gregor.naeckel: - apply: true - sudo: true -# custom-admins - -infra::role: base -infra::additional_classes: - - infra::profile::apache - - apache::mod::proxy_ajp - -infra::profile::apache::pp_vhosts: - extranet: - docroot: /var/www/extranet - servername: extranet.pixelpark.com # wenn fertig umgezogen - serveraliases: - - extranet01.pixelpark.net # DNS Eintrag - - extranet01.pixelpark.com # CNAME von extranet01.pixelpark.net - cert_servername: 'wildcard.pixelpark.com' - cert_customer: 'pixelpark' - ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' - ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem' - ssl_proxyengine: true - proxy_preserve_host: true - docroot_owner: apache - docroot_group: apache - docroot_mode: '2775' - directories: - - directory_root: - provider: directory - path: '/var/www/extranet' - options: - - FollowSymLinks - - MultiViews - allow_override: - - All - directoryindex: index.html - proxy_pass: - - { path: /server-status, url: '!' } - - { path: /server-info, url: '!' } - - { path: /confluence, url: 'ajp://extranet01.pixelpark.net:8001/confluence' } - - headers_ssl: - - always set Strict-Transport-Security "max-age=31556926" - setenvif: - - 'Remote_Addr ^(217\.66\.49\.|217\.66\.50\.|217\.66\.51\.|217\.66\.56\.|213\.61\.241\.|81\.173\.202\.|83\.125\.19\.|194\.8\.221\.2|10\.200\.|62\.214\.114\.) ppnetze=true' - rewrites: - - comment: 'Rewrite from / to /confluence' - rewrite_rule: - - ^(/?)$ /confluence/ [R=301,L] - - comment: 'switch to https' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on [NC]' - rewrite_rule: - - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L] - - comment: 'browse people' - rewrite_cond: - - '%%{ich-trickse}{ENV:ppnetze} !=true' - rewrite_rule: - - '^/confluence/browsepeople\.action$ - [F,L]' - - comment: 'display' - rewrite_cond: - - '%%{ich-trickse}{ENV:ppnetze} !=true' - rewrite_rule: - - '^/confluence/display/~(.*)$ - [F,L]' - - comment: 'rest mentions network' - rewrite_cond: - - '%%{ich-trickse}{ENV:ppnetze} !=true' - rewrite_rule: - - '^/confluence/rest/mentions/1/network.json$ - [F,L]' -# - comment: 'search user' -# rewrite_cond: -# - '%%{ich-trickse}{ENV:ppnetze} !=true' -# rewrite_cond: -# - '%%{ich-trickse}{QUERY_STRING} search=user' -# rewrite_rule: -# - '^/confluence/rest/prototype/1/search.json$ - [F,L]'