opendev/puppet-ethercalc
Code Issues Proposed changes
puppet-ethercalc/templates/etherpadlite.vhost.erb
Clark Boylan e0ecfcd1f7 Don't host robots.txt from etherpad repo install 
Updating the robots.txt in the etherpad vcsrepo makes it hard to manage
that repo properly. Solve this by serving the static robots.txt file
directly from apache rather than via etherpad service. Use a mod_rewrite
since we are already using that to set up the proxying.

Change-Id: Iccccf1ef194060490512e6550c22bdb9d3478ba8
2015-03-16 09:45:34 -07:00

79 lines
3.3 KiB
Plaintext
Raw Blame History

<VirtualHost *:80>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-access.log combined
Redirect / https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("etherpad_lite::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %>
<% if scope.lookupvar("etherpad_lite::apache::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("etherpad_lite::apache::ssl_chain_file") %>
<% end %>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
<IfModule mod_proxy.c>
# The following redirects "nice" urls such as https://etherpad.example.org/padname
# to https://etherpad.example.org/p/padname. It was problematic directly
# supporting "nice" urls as etherpad hardcodes /p/ in many places.
# Adapted from https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy
RewriteEngine on
RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>
RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %> [L,R=301]
# Server robots.txt directly so that it does not affect
# etherpad-lite installation.
RewriteRule ^/robots.txt$ <%= scope.lookupvar("etherpad_lite::apache::docroot") %>/robots.txt [L]
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/locales/
RewriteCond %{REQUEST_URI} !^/locales.json
RewriteCond %{REQUEST_URI} !^/admin
RewriteCond %{REQUEST_URI} !^/p/
RewriteCond %{REQUEST_URI} !^/static/
RewriteCond %{REQUEST_URI} !^/pluginfw/
RewriteCond %{REQUEST_URI} !^/javascripts/
RewriteCond %{REQUEST_URI} !^/socket.io/
RewriteCond %{REQUEST_URI} !^/ep/
RewriteCond %{REQUEST_URI} !^/minified/
RewriteCond %{REQUEST_URI} !^/api/
RewriteCond %{REQUEST_URI} !^/ro/
RewriteCond %{REQUEST_URI} !^/error/
RewriteCond %{REQUEST_URI} !^/jserror
RewriteCond %{REQUEST_URI} !/favicon.ico
RewriteCond %{REQUEST_URI} !/robots.txt
RewriteRule ^/+(.+)$ https://<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>/p/$1 [NC,L,R=301]
RewriteRule ^/(.*)$ http://localhost:9001/$1 [P]
ProxyPassReverse / http://localhost:9001/
</IfModule>
</VirtualHost>
</IfModule>
View Git Blame Copy Permalink