From 54e62a552dad30e095281356bd07f5a6ddde3bbf Mon Sep 17 00:00:00 2001 From: =?utf8?q?Oliver=20B=C3=B6ttcher?= Date: Wed, 29 Mar 2017 16:37:14 +0200 Subject: [PATCH] MHK - www-kueche-de -> kueche.de --- .../www01-mhk-kueche-de.pixelpark.net.yaml | 64 +++++++++++-------- .../www02-mhk-kueche-de.pixelpark.net.yaml | 64 +++++++++++-------- .../www03-mhk-kueche-de.pixelpark.net.yaml | 64 +++++++++++-------- 3 files changed, 108 insertions(+), 84 deletions(-) diff --git a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml index 37f08d57..982f9afe 100644 --- a/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www01-mhk-kueche-de.pixelpark.net.yaml @@ -17,36 +17,38 @@ apache::mod::remoteip::proxy_ips: - '77.74.235.125' site::profile::apache::pp_vhosts: - baustellenseite: - docroot: '/var/www/mhk/kueche.de' - servername: kueche.de - serveraliases: - - www.kueche.de - ssl: false - setenvif: - - 'HTTPS on HTTPS=on' - access_log_format: remote_combined - rewrites: - - nonwww: - rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' - rewrite_rule: - - '^(.*)$ http://kueche.de$1 [R=301,L]' - - to_ssl: - comment: 'all to https' - rewrite_cond: - - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' - rewrite_rule: - - '^(.*)$ https://kueche.de$1 [R=301,L]' - headers: - - 'set X-Frame-Options: sameorigin' - - 'set X-XSS-Protection: "1; mode=block"' - - 'set X-Content-Type-Options: nosniff' - - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' + #baustellenseite: + # docroot: '/var/www/mhk/kueche.de' + # servername: kueche.de + # serveraliases: + # - www.kueche.de + # ssl: false + # setenvif: + # - 'HTTPS on HTTPS=on' + # access_log_format: remote_combined + # rewrites: + # - nonwww: + # rewrite_cond: + # - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + # rewrite_rule: + # - '^(.*)$ http://kueche.de$1 [R=301,L]' + # - to_ssl: + # comment: 'all to https' + # rewrite_cond: + # - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + # rewrite_rule: + # - '^(.*)$ https://kueche.de$1 [R=301,L]' + # headers: + # - 'set X-Frame-Options: sameorigin' + # - 'set X-XSS-Protection: "1; mode=block"' + # - 'set X-Content-Type-Options: nosniff' + # - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' www: docroot: '/var/www/mhk' - servername: www-kueche-de.pixelpark.net + servername: kueche.de serveraliases: + - www.kueche.de + - www-kueche-de.pixelpark.net - www01-mhk-kueche-de.pixelpark.net ssl: false directories: @@ -68,10 +70,15 @@ site::profile::apache::pp_vhosts: auth_user_file: '/var/lib/httpd/htpasswd' auth_require: 'valid-user' rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de$1 [R=301,L]' - to_ssl: comment: 'all to https' rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP_HOST} ^kueche.de$ [NC]' - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' rewrite_rule: - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' @@ -134,6 +141,7 @@ site::profile::apache::pp_vhosts: - 'set X-Frame-Options: sameorigin' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Content-Type-Options: nosniff' + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' access_log_format: remote_combined logstash::generic_resource: diff --git a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml index 75651a4c..ac2158f9 100644 --- a/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www02-mhk-kueche-de.pixelpark.net.yaml @@ -17,36 +17,38 @@ apache::mod::remoteip::proxy_ips: - '77.74.235.125' site::profile::apache::pp_vhosts: - baustellenseite: - docroot: '/var/www/mhk/kueche.de' - servername: kueche.de - serveraliases: - - www.kueche.de - ssl: false - setenvif: - - 'HTTPS on HTTPS=on' - access_log_format: remote_combined - rewrites: - - nonwww: - rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' - rewrite_rule: - - '^(.*)$ http://kueche.de$1 [R=301,L]' - - to_ssl: - comment: 'all to https' - rewrite_cond: - - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' - rewrite_rule: - - '^(.*)$ https://kueche.de$1 [R=301,L]' - headers: - - 'set X-Frame-Options: sameorigin' - - 'set X-XSS-Protection: "1; mode=block"' - - 'set X-Content-Type-Options: nosniff' - - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' + #baustellenseite: + # docroot: '/var/www/mhk/kueche.de' + # servername: kueche.de + # serveraliases: + # - www.kueche.de + # ssl: false + # setenvif: + # - 'HTTPS on HTTPS=on' + # access_log_format: remote_combined + # rewrites: + # - nonwww: + # rewrite_cond: + # - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + # rewrite_rule: + # - '^(.*)$ http://kueche.de$1 [R=301,L]' + # - to_ssl: + # comment: 'all to https' + # rewrite_cond: + # - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + # rewrite_rule: + # - '^(.*)$ https://kueche.de$1 [R=301,L]' + # headers: + # - 'set X-Frame-Options: sameorigin' + # - 'set X-XSS-Protection: "1; mode=block"' + # - 'set X-Content-Type-Options: nosniff' + # - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' www: docroot: '/var/www/mhk' - servername: www-kueche-de.pixelpark.net + servername: kueche.de serveraliases: + - www.kueche.de + - www-kueche-de.pixelpark.net - www02-mhk-kueche-de.pixelpark.net ssl: false directories: @@ -59,10 +61,15 @@ site::profile::apache::pp_vhosts: auth_user_file: '/var/lib/httpd/htpasswd' auth_require: 'valid-user' rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de$1 [R=301,L]' - to_ssl: comment: 'all to https' rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP_HOST} ^kueche.de$ [NC]' - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' rewrite_rule: - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' @@ -125,6 +132,7 @@ site::profile::apache::pp_vhosts: - 'set X-Frame-Options: sameorigin' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Content-Type-Options: nosniff' + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' access_log_format: remote_combined logstash::generic_resource: diff --git a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml index 20d83dbe..e72774d1 100644 --- a/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml +++ b/customer/mhk/www03-mhk-kueche-de.pixelpark.net.yaml @@ -17,36 +17,38 @@ apache::mod::remoteip::proxy_ips: - '77.74.235.125' site::profile::apache::pp_vhosts: - baustellenseite: - docroot: '/var/www/mhk/kueche.de' - servername: kueche.de - serveraliases: - - www.kueche.de - ssl: false - setenvif: - - 'HTTPS on HTTPS=on' - access_log_format: remote_combined - rewrites: - - nonwww: - rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' - rewrite_rule: - - '^(.*)$ http://kueche.de$1 [R=301,L]' - - to_ssl: - comment: 'all to https' - rewrite_cond: - - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' - rewrite_rule: - - '^(.*)$ https://kueche.de$1 [R=301,L]' - headers: - - 'set X-Frame-Options: sameorigin' - - 'set X-XSS-Protection: "1; mode=block"' - - 'set X-Content-Type-Options: nosniff' - - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' + #baustellenseite: + # docroot: '/var/www/mhk/kueche.de' + # servername: kueche.de + # serveraliases: + # - www.kueche.de + # ssl: false + # setenvif: + # - 'HTTPS on HTTPS=on' + # access_log_format: remote_combined + # rewrites: + # - nonwww: + # rewrite_cond: + # - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + # rewrite_rule: + # - '^(.*)$ http://kueche.de$1 [R=301,L]' + # - to_ssl: + # comment: 'all to https' + # rewrite_cond: + # - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' + # rewrite_rule: + # - '^(.*)$ https://kueche.de$1 [R=301,L]' + # headers: + # - 'set X-Frame-Options: sameorigin' + # - 'set X-XSS-Protection: "1; mode=block"' + # - 'set X-Content-Type-Options: nosniff' + # - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' www: docroot: '/var/www/mhk' - servername: www-kueche-de.pixelpark.net + servername: kueche.de serveraliases: + - www.kueche.de + - www-kueche-de.pixelpark.net - www03-mhk-kueche-de.pixelpark.net ssl: false directories: @@ -59,10 +61,15 @@ site::profile::apache::pp_vhosts: auth_user_file: '/var/lib/httpd/htpasswd' auth_require: 'valid-user' rewrites: + - nonwww: + rewrite_cond: + - '%%{ich-trickse}{HTTP_HOST} !^kueche.de$ [NC]' + rewrite_rule: + - '^(.*)$ http://kueche.de$1 [R=301,L]' - to_ssl: comment: 'all to https' rewrite_cond: - - '%%{ich-trickse}{HTTP_HOST} ^www-kueche-de.pixelpark.net$ [NC]' + - '%%{ich-trickse}{HTTP_HOST} ^kueche.de$ [NC]' - '%%{ich-trickse}{HTTP:HTTPS} !=on [NC]' rewrite_rule: - '^(.*)$ https://%%{ich-trickse}{SERVER_NAME}$1 [R=301,L]' @@ -125,6 +132,7 @@ site::profile::apache::pp_vhosts: - 'set X-Frame-Options: sameorigin' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Content-Type-Options: nosniff' + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' access_log_format: remote_combined logstash::generic_resource: -- 2.39.5