From: Philipp Dallig Date: Thu, 13 Jul 2017 09:36:16 +0000 (+0200) Subject: fbb-www - create cdm vHost and move some Headers X-Git-Tag: v0.1.0~2666^2~139 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=fa7bceb2aa6bb919cc51690813c76d7b445aed61;p=pixelpark%2Fhiera.git fbb-www - create cdm vHost and move some Headers --- diff --git a/customer/fbb-www/production.yaml b/customer/fbb-www/production.yaml index 75197dfb..51dcde9c 100644 --- a/customer/fbb-www/production.yaml +++ b/customer/fbb-www/production.yaml @@ -186,6 +186,13 @@ infra::profile::apache::pp_vhosts: ssl: false docroot_owner: apache docroot_group: apache + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' download-berlin-airport: docroot: '/var/www/download-berlin-airport' servername: download.berlin-airport.de @@ -200,6 +207,13 @@ infra::profile::apache::pp_vhosts: docroot_owner: web docroot_group: fbb docroot_mode: '0775' + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' media-berlin-airport: docroot: '/var/www/media-berlin-airport' servername: media.berlin-airport.de @@ -209,6 +223,13 @@ infra::profile::apache::pp_vhosts: ssl: false docroot_owner: presse.upload docroot_group: fbb + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' domain-catcher: ssl: false default_vhost: true @@ -479,6 +500,24 @@ infra::profile::apache::pp_vhosts: rewrite_rule: - '^/.*$ http://www.berlin-airport.de/de/ [R=301,NE,L]' + cdm-berlin-airport: + docroot: '/var/www/cdm-berlin-airport' + servername: cdm.berlin-airport.de + serveraliases: + - cdm01.berlin-airport.de + - cdm02.berlin-airport.de + ssl: false + docroot_owner: apache + docroot_group: apache + #wird benoetigt weil die docroot auf einen symlink zeigt + manage_docroot: false + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' berlin-airport: docroot: '/var/www/berlin-airport' servername: prd-www-fbb.pixelpark.net diff --git a/customer/fbb-www/test.yaml b/customer/fbb-www/test.yaml index 0d31b978..60483cfb 100644 --- a/customer/fbb-www/test.yaml +++ b/customer/fbb-www/test.yaml @@ -266,6 +266,13 @@ infra::profile::apache::pp_vhosts: ssl: false docroot_owner: apache docroot_group: apache + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' download-berlin-airport: docroot: '/var/www/download-berlin-airport' servername: tstdownload.berlin-airport.de @@ -280,6 +287,13 @@ infra::profile::apache::pp_vhosts: docroot_owner: web docroot_group: fbb docroot_mode: '0775' + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' media-berlin-airport: docroot: '/var/www/media-berlin-airport' servername: tstmedia.berlin-airport.de @@ -289,6 +303,24 @@ infra::profile::apache::pp_vhosts: ssl: false docroot_owner: presse.upload docroot_group: fbb + cdm-berlin-airport: + docroot: '/var/www/cdm-berlin-airport' + servername: tstcdm.berlin-airport.de + serveraliases: + - tstcdm01.berlin-airport.de + - tstcdm02.berlin-airport.de + ssl: false + docroot_owner: apache + docroot_group: apache + #wird benoetigt weil die docroot auf einen symlink zeigt + manage_docroot: false + setenvif: + - 'HTTPS on X-Forwarded-Proto=https' + - 'HTTPS on HTTPS=on' + headers: + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' berlin-airport: docroot: '/var/www/berlin-airport' servername: tst-www-fbb.pixelpark.net