opendev/puppet-ethercalc
Code Issues Proposed changes
puppet-ethercalc/templates/etherpadlite.vhost.erb
James E. Blair cc8e0cbad8 Switch to proxypass with retry=0 for etherpad 
We think Apache may be caching 503 responses (possibly themselves
a result of [1]).  Set retry=0 so that we do not cache any failures
and switch to proxypass so that we can set that option.

[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=37770

Change-Id: Ibd1087bc8feb288bfb8f66f4e6de61ebe8414233
2015-08-19 11:19:13 -07:00

87 lines
3.6 KiB
Plaintext
Raw Blame History

<VirtualHost *:80>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-access.log combined
Redirect / https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %>
<% if scope.lookupvar("etherpad_lite::apache::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("etherpad_lite::apache::ssl_chain_file") %>
<% end %>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
<IfModule mod_proxy.c>
# The following redirects "nice" urls such as https://etherpad.example.org/padname
# to https://etherpad.example.org/p/padname. It was problematic directly
# supporting "nice" urls as etherpad hardcodes /p/ in many places.
# Adapted from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
RewriteEngine on
RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301]
# Server robots.txt directly so that it does not affect
# etherpad-lite installation.
RewriteRule ^/robots.txt$ <%= scope.lookupvar("etherpad_lite::apache::docroot") %>/robots.txt [L]
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/locales/
RewriteCond %{REQUEST_URI} !^/locales.json
RewriteCond %{REQUEST_URI} !^/admin
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/static/
RewriteCond %{REQUEST_URI} !^/pluginfw/
RewriteCond %{REQUEST_URI} !^/javascripts/
RewriteCond %{REQUEST_URI} !^/socket.io/
RewriteCond %{REQUEST_URI} !^/ep/
RewriteCond %{REQUEST_URI} !^/minified/
RewriteCond %{REQUEST_URI} !^/api/
RewriteCond %{REQUEST_URI} !^/ro/
RewriteCond %{REQUEST_URI} !^/error/
RewriteCond %{REQUEST_URI} !^/jserror
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 [NC,L,R=301]
<IfModule mod_proxy_wstunnel.c>
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9001/$1 [P,L]
ProxyPass /socket.io http://localhost:9001 retry=0
ProxyPassReverse /socket.io http://localhost:9001
</IfModule>
ProxyPass / http://localhost:9001/ retry=0
ProxyPassReverse / http://localhost:9001/
</IfModule>
</VirtualHost>
</IfModule>
View Git Blame Copy Permalink