269 lines
9.1 KiB
Plaintext
269 lines
9.1 KiB
Plaintext
# VHostHTTP for http only
|
|
# VHostHTTPS for http & https w/ optional http to https redirect
|
|
# VHostHTTPSVarnish for https -> Varnish -> http
|
|
# VHostSubdomainHTTP
|
|
# VHostSubdomainHTTPS
|
|
# VHostSubdomainHTTPSVarnish
|
|
# *only use one of the VHost options above at at time*
|
|
#
|
|
# VMailHTTPS for webmail at mail. subdomain assumes & requires https w/ valid cert
|
|
#
|
|
# RedirectHTTP for http only
|
|
# RedirectHTTPS for http & https
|
|
# *only use one of the Redirect options above at at time*
|
|
#
|
|
# VHostAliasHTTP for http only
|
|
# VHostAliasHTTPS for http & https
|
|
# VHostAliasHTTPSVarnish for http & https
|
|
# *only use one of the Alias options above at at time*
|
|
|
|
# VHostHTTP - HTTP on Port 80. Includes ServerAlias for .example.com subdomain
|
|
<Macro VHostHTTP $vhost $username>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
<Macro VHostSubdomainHTTP $vhost $username $subdomain>
|
|
<VirtualHost *:80>
|
|
ServerName $subdomain.$vhost
|
|
ServerAlias $subdomain.$vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/$subdomain
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
# VHostHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for .example.com subdomain
|
|
<Macro VHostHTTPS $vhost $username>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
## <Location "/">
|
|
## <If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
## Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
|
|
## </If>
|
|
## </Location>
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
# VHostSubdomainHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for .example.com subdomain
|
|
<Macro VHostSubdomainHTTPS $vhost $username $subdomain>
|
|
<VirtualHost *:80>
|
|
ServerName $subdomain.$vhost
|
|
ServerAlias $subdomain.$vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/$subdomain
|
|
## <Location "/">
|
|
## <If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
## Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
|
|
## </If>
|
|
## </Location>
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $subdomain.$vhost
|
|
ServerAlias $subdomain.$vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/$subdomain
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
# VHostHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
|
|
<Macro VHostHTTPSVarnish $vhost $username>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
RequestHeader set X-Forwarded-Proto https
|
|
ProxyPreserveHost On
|
|
ProxyPass / http://127.0.0.1:6081/
|
|
ProxyPassReverse / http://127.0.0.1:6081/
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
# VHostSubdomainHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
|
|
<Macro VHostSubdomainHTTPSVarnish $vhost $username $subdomain>
|
|
<VirtualHost *:80>
|
|
ServerName $subdomain.$vhost
|
|
ServerAlias $subdomain.$vhost.example.com
|
|
DocumentRoot /srv/www/$vhost/$subdomain
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $subdomain.$vhost
|
|
ServerAlias $subdomain.$vhost.example.com
|
|
RequestHeader set X-Forwarded-Proto https
|
|
ProxyPreserveHost On
|
|
ProxyPass / http://127.0.0.1:6081/
|
|
ProxyPassReverse / http://127.0.0.1:6081/
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
# Webmail - HTTP Port 80 Redirects to HTTPS Port 443
|
|
<Macro VMailHTTPS $vhost>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
<Location "/">
|
|
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
Redirect / https://$vhost
|
|
</If>
|
|
</Location>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $vhost
|
|
DocumentRoot /srv/www/html/roundcube/public_html
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
<Macro RedirectHTTP $vhost $redirect>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
<Location "/">
|
|
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
Redirect 301 "$redirect%{REQUEST_URI}"
|
|
</If>
|
|
</Location>
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
<Macro RedirectHTTPS $vhost $redirect>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
<Location "/">
|
|
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
Redirect 301 "$redirect%{REQUEST_URI}"
|
|
</If>
|
|
</Location>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
<Location "/">
|
|
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
Redirect 301 "$redirect%{REQUEST_URI}"
|
|
</If>
|
|
</Location>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
<Macro VHostAliasHTTP $vhost $username $alias>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$alias/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$alias/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
</Macro>
|
|
|
|
<Macro VHostAliasHTTPS $vhost $username $alias>
|
|
<VirtualHost *:80>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$alias/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$alias/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
## <Location "/">
|
|
## <If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
|
|
## Redirect 301 "https://%{HTTP_HOST}%{REQUEST_URI}"
|
|
## </If>
|
|
## </Location>
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
<VirtualHost *:443>
|
|
ServerName $vhost
|
|
ServerAlias www.$vhost
|
|
ServerAlias $vhost.example.com
|
|
DocumentRoot /srv/www/$alias/html
|
|
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$alias/"
|
|
RewriteEngine on
|
|
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
|
|
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
|
|
<FilesMatch ".+\.ph(ar|p|tml)$">
|
|
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost"
|
|
</FilesMatch>
|
|
SSLEngine on
|
|
SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem
|
|
</VirtualHost>
|
|
</Macro>
|