327 lines
10 KiB
Plaintext
Raw Normal View History

2021-04-04 13:28:22 -07:00
# VHostHTTP for http only
# VHostHTTPS for http & https w/ optional http to https redirect
# VHostHTTPSVarnish for https -> Varnish -> http
# VHostSubdomainHTTP
# VHostSubdomainHTTPS
# VHostSubdomainHTTPSVarnish
# *only use one of the VHost options above at at time*
#
# VMailHTTPS for webmail at mail. subdomain assumes & requires https w/ valid cert
#
# RedirectHTTP for http only
# RedirectHTTPS for http & https
# *only use one of the Redirect options above at at time*
#
# VHostAliasHTTP for http only
# VHostAliasHTTPS for http & https
# VHostAliasHTTPSVarnish for http & https
# *only use one of the Alias options above at at time*
2022-07-21 15:06:41 -07:00
# Optional AliasDomain for accessing VirtualHosts.
# Uncomment and change example.com to suit your needs.
#Define AliasDomain example.com
2022-07-21 15:26:07 -07:00
# Uncomment to force a redirect from HTTP to HTTPS for all VirtualHosts that have HTTPS enabled
#Define ForceHTTPS
2022-07-21 15:25:10 -07:00
2022-07-21 15:06:41 -07:00
# VHostHTTP - HTTP on Port 80
2021-04-04 13:28:22 -07:00
<Macro VHostHTTP $vhost $username>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
DocumentRoot /srv/www/$vhost/html
2022-04-26 15:58:13 -07:00
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
</Macro>
<Macro VHostSubdomainHTTP $vhost $username $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
</IfDefine>
2022-07-21 15:25:10 -07:00
DocumentRoot /srv/www/$vhost/html/$subdomain
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
</Macro>
2022-07-21 15:06:41 -07:00
# VHostHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for ${AliasDomain} subdomain
2021-04-04 13:28:22 -07:00
<Macro VHostHTTPS $vhost $username>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
DocumentRoot /srv/www/$vhost/html
2022-04-26 15:58:13 -07:00
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2022-07-21 15:25:10 -07:00
<IfDefine ForceHTTPS>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
</If>
</Location>
</IfDefine>
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
DocumentRoot /srv/www/$vhost/html
2022-04-26 15:58:13 -07:00
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
2022-07-19 13:18:12 -07:00
Alias /stats /srv/www/$vhost/stats
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
<Location /stats>
AuthType Basic
AuthName "Usage Statistics for $vhost"
AuthBasicProvider external
AuthExternal pwauth
2022-07-21 09:13:02 -07:00
<RequireAny>
Require ip 127.0.0.1
Require user $username
</RequireAny>
2022-07-19 13:18:12 -07:00
</Location>
2021-04-04 13:28:22 -07:00
</VirtualHost>
</Macro>
2022-07-21 15:06:41 -07:00
# VHostSubdomainHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for ${AliasDomain} subdomain
2021-04-04 13:28:22 -07:00
<Macro VHostSubdomainHTTPS $vhost $username $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
</IfDefine>
2022-07-21 15:25:10 -07:00
DocumentRoot /srv/www/$vhost/html/$subdomain
<IfDefine ForceHTTPS>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
</If>
</Location>
</IfDefine>
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $subdomain.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
</IfDefine>
2022-07-21 15:25:10 -07:00
DocumentRoot /srv/www/$vhost/html/$subdomain
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
</VirtualHost>
</Macro>
# VHostHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
<Macro VHostHTTPSVarnish $vhost $username>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
DocumentRoot /srv/www/$vhost/html
2022-04-26 15:58:13 -07:00
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
RequestHeader set X-Forwarded-Proto https
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:6081/
ProxyPassReverse / http://127.0.0.1:6081/
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
</VirtualHost>
</Macro>
# VHostSubdomainHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
<Macro VHostSubdomainHTTPSVarnish $vhost $username $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
</IfDefine>
2022-07-21 15:25:10 -07:00
DocumentRoot /srv/www/$vhost/html/$subdomain
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $subdomain.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
RequestHeader set X-Forwarded-Proto https
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:6081/
ProxyPassReverse / http://127.0.0.1:6081/
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
</VirtualHost>
</Macro>
# Webmail - HTTP Port 80 Redirects to HTTPS Port 443
<Macro VMailHTTPS $vhost>
<VirtualHost *:80>
ServerName $vhost
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect / https://$vhost
</If>
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
2021-04-21 10:06:23 -07:00
DocumentRoot /srv/www/html/roundcube/public_html
2021-04-04 13:28:22 -07:00
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
</VirtualHost>
</Macro>
<Macro RedirectHTTP $vhost $redirect>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "$redirect%{REQUEST_URI}"
</If>
</Location>
</VirtualHost>
</Macro>
<Macro RedirectHTTPS $vhost $redirect>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "$redirect%{REQUEST_URI}"
</If>
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
ServerAlias www.$vhost
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
</IfDefine>
2021-04-04 13:28:22 -07:00
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "$redirect%{REQUEST_URI}"
</If>
</Location>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
</VirtualHost>
</Macro>
<Macro VHostAliasHTTP $vhost $username $alias>
<VirtualHost *:80>
2022-10-21 14:41:20 -07:00
ServerName $alias
ServerAlias www.$alias
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
2022-10-21 14:41:20 -07:00
ServerAlias $alias.${AliasDomain}
2022-07-21 15:06:41 -07:00
</IfDefine>
2022-10-21 14:41:20 -07:00
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
2022-04-26 15:58:13 -07:00
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
</Macro>
<Macro VHostAliasHTTPS $vhost $username $alias>
<VirtualHost *:80>
2022-10-21 14:41:20 -07:00
ServerName $alias
ServerAlias www.$alias
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
2022-10-21 14:41:20 -07:00
ServerAlias $alias.${AliasDomain}
2022-07-21 15:06:41 -07:00
</IfDefine>
2022-10-21 14:41:20 -07:00
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
2022-04-26 15:58:13 -07:00
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2022-07-21 15:25:10 -07:00
<IfDefine ForceHTTPS>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
</If>
</Location>
</IfDefine>
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
2022-10-21 14:41:20 -07:00
ServerName $alias
ServerAlias www.$alias
2022-07-21 15:06:41 -07:00
<IfDefine AliasDomain>
2022-10-21 14:41:20 -07:00
ServerAlias $alias.${AliasDomain}
2022-07-21 15:06:41 -07:00
</IfDefine>
2022-10-21 14:41:20 -07:00
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
2022-04-26 15:58:13 -07:00
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
2021-04-04 13:28:22 -07:00
<FilesMatch ".+\.ph(ar|p|tml)$">
2022-08-29 15:32:56 -07:00
SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
2021-04-04 13:28:22 -07:00
</FilesMatch>
SSLEngine on
2021-10-05 11:33:24 -07:00
SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem
2021-04-04 13:28:22 -07:00
</VirtualHost>
</Macro>