mirror of
https://github.com/dockersrc/scripts
synced 2024-11-23 23:23:04 -05:00
253 lines
9.7 KiB
Plaintext
253 lines
9.7 KiB
Plaintext
|
# This is the main Apache HTTP server configuration file.
|
||
|
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
|
||
|
ServerTokens PROD
|
||
|
ServerRoot /var/www
|
||
|
Listen REPLACE_SERVER_PORT
|
||
|
|
||
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
||
|
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||
|
LoadModule authn_file_module modules/mod_authn_file.so
|
||
|
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||
|
LoadModule authn_anon_module modules/mod_authn_anon.so
|
||
|
LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||
|
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||
|
LoadModule authn_core_module modules/mod_authn_core.so
|
||
|
LoadModule authz_host_module modules/mod_authz_host.so
|
||
|
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||
|
LoadModule authz_user_module modules/mod_authz_user.so
|
||
|
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||
|
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||
|
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||
|
LoadModule authz_core_module modules/mod_authz_core.so
|
||
|
LoadModule access_compat_module modules/mod_access_compat.so
|
||
|
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||
|
LoadModule auth_form_module modules/mod_auth_form.so
|
||
|
LoadModule auth_digest_module modules/mod_auth_digest.so
|
||
|
LoadModule allowmethods_module modules/mod_allowmethods.so
|
||
|
LoadModule file_cache_module modules/mod_file_cache.so
|
||
|
LoadModule cache_module modules/mod_cache.so
|
||
|
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||
|
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||
|
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||
|
LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||
|
LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||
|
LoadModule socache_redis_module modules/mod_socache_redis.so
|
||
|
LoadModule watchdog_module modules/mod_watchdog.so
|
||
|
LoadModule macro_module modules/mod_macro.so
|
||
|
LoadModule dbd_module modules/mod_dbd.so
|
||
|
LoadModule dumpio_module modules/mod_dumpio.so
|
||
|
LoadModule echo_module modules/mod_echo.so
|
||
|
LoadModule buffer_module modules/mod_buffer.so
|
||
|
LoadModule data_module modules/mod_data.so
|
||
|
LoadModule ratelimit_module modules/mod_ratelimit.so
|
||
|
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||
|
LoadModule ext_filter_module modules/mod_ext_filter.so
|
||
|
LoadModule request_module modules/mod_request.so
|
||
|
LoadModule include_module modules/mod_include.so
|
||
|
LoadModule filter_module modules/mod_filter.so
|
||
|
LoadModule reflector_module modules/mod_reflector.so
|
||
|
LoadModule substitute_module modules/mod_substitute.so
|
||
|
LoadModule sed_module modules/mod_sed.so
|
||
|
LoadModule charset_lite_module modules/mod_charset_lite.so
|
||
|
LoadModule deflate_module modules/mod_deflate.so
|
||
|
LoadModule brotli_module modules/mod_brotli.so
|
||
|
LoadModule mime_module modules/mod_mime.so
|
||
|
LoadModule log_config_module modules/mod_log_config.so
|
||
|
LoadModule log_debug_module modules/mod_log_debug.so
|
||
|
LoadModule log_forensic_module modules/mod_log_forensic.so
|
||
|
LoadModule logio_module modules/mod_logio.so
|
||
|
LoadModule env_module modules/mod_env.so
|
||
|
LoadModule mime_magic_module modules/mod_mime_magic.so
|
||
|
LoadModule expires_module modules/mod_expires.so
|
||
|
LoadModule headers_module modules/mod_headers.so
|
||
|
LoadModule usertrack_module modules/mod_usertrack.so
|
||
|
LoadModule unique_id_module modules/mod_unique_id.so
|
||
|
LoadModule setenvif_module modules/mod_setenvif.so
|
||
|
LoadModule version_module modules/mod_version.so
|
||
|
LoadModule remoteip_module modules/mod_remoteip.so
|
||
|
LoadModule session_module modules/mod_session.so
|
||
|
LoadModule session_cookie_module modules/mod_session_cookie.so
|
||
|
LoadModule session_crypto_module modules/mod_session_crypto.so
|
||
|
LoadModule session_dbd_module modules/mod_session_dbd.so
|
||
|
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
||
|
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
||
|
LoadModule dialup_module modules/mod_dialup.so
|
||
|
LoadModule http2_module modules/mod_http2.so
|
||
|
LoadModule unixd_module modules/mod_unixd.so
|
||
|
LoadModule heartbeat_module modules/mod_heartbeat.so
|
||
|
LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||
|
LoadModule status_module modules/mod_status.so
|
||
|
LoadModule autoindex_module modules/mod_autoindex.so
|
||
|
LoadModule asis_module modules/mod_asis.so
|
||
|
LoadModule info_module modules/mod_info.so
|
||
|
LoadModule cgi_module modules/mod_cgi.so
|
||
|
LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
||
|
LoadModule negotiation_module modules/mod_negotiation.so
|
||
|
LoadModule dir_module modules/mod_dir.so
|
||
|
LoadModule actions_module modules/mod_actions.so
|
||
|
LoadModule speling_module modules/mod_speling.so
|
||
|
LoadModule userdir_module modules/mod_userdir.so
|
||
|
LoadModule alias_module modules/mod_alias.so
|
||
|
LoadModule rewrite_module modules/mod_rewrite.so
|
||
|
LoadModule fcgid_module modules/mod_fcgid.so
|
||
|
LoadModule dav_module modules/mod_dav.so
|
||
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||
|
LoadModule ssl_module modules/mod_ssl.so
|
||
|
LoadModule wsgi_module modules/mod_wsgi.so
|
||
|
LoadModule lua_module modules/mod_lua.so
|
||
|
LoadModule proxy_module modules/mod_proxy.so
|
||
|
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||
|
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||
|
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||
|
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||
|
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||
|
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||
|
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||
|
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
|
||
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||
|
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
||
|
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
|
||
|
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
|
||
|
#LoadModule suexec_module modules/mod_suexec.so
|
||
|
#LoadModule php_module modules/mod_php8.so
|
||
|
|
||
|
<IfModule unixd_module>
|
||
|
User apache
|
||
|
Group apache
|
||
|
</IfModule>
|
||
|
|
||
|
# 'Main' server configuration
|
||
|
ServerName REPLACE_SERVER_NAME
|
||
|
ServerAdmin REPLACE_SERVER_ADMIN
|
||
|
ServerSignature On
|
||
|
|
||
|
DocumentRoot "REPLACE_SERVER_DIR"
|
||
|
|
||
|
<Directory />
|
||
|
AllowOverride none
|
||
|
Require all denied
|
||
|
</Directory>
|
||
|
|
||
|
<Directory "/var/www">
|
||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||
|
AllowOverride All
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<Directory "/data/htdocs">
|
||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||
|
AllowOverride All
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<Directory "REPLACE_SERVER_DIR">
|
||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||
|
AllowOverride All
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<Directory "/usr/local/share/apache2">
|
||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||
|
AllowOverride All
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<Directory "/usr/local/share/template-files/data/htdocs/www">
|
||
|
Options Indexes FollowSymLinks MultiViews ExecCGI Includes
|
||
|
AllowOverride All
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<IfModule dir_module>
|
||
|
DirectoryIndex index.php index.cgi index.asp index.aspx index.pl index.aspx index.shtml awstats.pl index.txt index.json index.html index.html.var Default.aspx default.aspx index.unknown.php index.default.php
|
||
|
</IfModule>
|
||
|
|
||
|
<Files ".ht*">
|
||
|
Require all denied
|
||
|
</Files>
|
||
|
|
||
|
ErrorLog /data/logs/httpd/httpd.log
|
||
|
LogLevel warn
|
||
|
|
||
|
<IfModule log_config_module>
|
||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
||
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
||
|
<IfModule logio_module>
|
||
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
|
||
|
</IfModule>
|
||
|
CustomLog /data/logs/httpd/access.default.log combined
|
||
|
</IfModule>
|
||
|
|
||
|
<IfModule alias_module>
|
||
|
Alias /health /data/htdocs/www/health/index.txt
|
||
|
Alias /health/json /data/htdocs/www/health/index.json
|
||
|
ScriptAlias /cgi-bin/ "/data/htdocs/cgi-bin/"
|
||
|
</IfModule>
|
||
|
|
||
|
<Directory "/data/htdocs/cgi-bin">
|
||
|
AllowOverride None
|
||
|
Options None
|
||
|
Require all granted
|
||
|
</Directory>
|
||
|
|
||
|
<IfModule cgid_module>
|
||
|
#Scriptsock cgisock
|
||
|
</IfModule>
|
||
|
|
||
|
<IfModule headers_module>
|
||
|
RequestHeader unset Proxy early
|
||
|
</IfModule>
|
||
|
|
||
|
<IfModule mime_module>
|
||
|
TypesConfig /etc/apache2/mime.types
|
||
|
AddType application/x-gzip .tgz
|
||
|
AddEncoding x-compress .Z
|
||
|
AddEncoding x-gzip .gz .tgz
|
||
|
AddType application/x-compress .Z
|
||
|
AddType application/x-gzip .gz .tgz
|
||
|
AddHandler cgi-script .cgi
|
||
|
AddHandler type-map var
|
||
|
AddType text/html .shtml
|
||
|
AddOutputFilter INCLUDES .shtml
|
||
|
</IfModule>
|
||
|
|
||
|
<IfModule mime_magic_module>
|
||
|
MIMEMagicFile /etc/apache2/magic
|
||
|
</IfModule>
|
||
|
|
||
|
#SSLUseStapling On
|
||
|
#SSLOCSPEnable on
|
||
|
#SSLStaplingCache shmcb:/run/httpd/ssl_stapling(32768)
|
||
|
SSLProxyCheckPeerName off
|
||
|
SSLProxyCheckPeerExpire off
|
||
|
SSLProxyCheckPeerCN off
|
||
|
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
|
||
|
SSLSessionCacheTimeout 300
|
||
|
SSLRandomSeed startup file:/dev/urandom 256
|
||
|
SSLRandomSeed connect builtin
|
||
|
SSLCryptoDevice builtin
|
||
|
SSLOpenSSLConfCmd DHParameters "/etc/ssl/dhparam/httpd.pem"
|
||
|
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||
|
SSLHonorCipherOrder on
|
||
|
SSLOptions +StrictRequire
|
||
|
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
||
|
Protocols h2 http/1.1
|
||
|
|
||
|
Header set Strict-Transport-Security "max-age=31536000; preload" env=HTTPS
|
||
|
Header always set Access-Control-Allow-Origin "*"
|
||
|
Header always set Content-Security-Policy "*"
|
||
|
Header always set Access-Control-Max-Age "1000"
|
||
|
Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
|
||
|
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
|
||
|
Header always add Header "It took %D microseconds for request"
|
||
|
|
||
|
<IfModule mod_status.c>
|
||
|
<Location /server-status>
|
||
|
SetHandler server-status
|
||
|
</Location>
|
||
|
</IfModule>
|
||
|
|
||
|
ProxyErrorOverride on
|
||
|
IncludeOptional /etc/apache2/conf.d/*.conf
|
||
|
IncludeOptional /etc/apache2/vhosts.d/*.conf
|