Thomas Buck
efc165f792
Support custom 404 pages in blog
5 anos atrás
Thomas Buck
345e85490d
add another custom postgres user and database for own small php scripts and stuff like that.
5 anos atrás
Thomas Buck
08a0e8efd7
Disable account registration for gitea and commento
5 anos atrás
Thomas Buck
df70d73549
Rename fathom subdomain to stats and make it a variable.
5 anos atrás
Thomas Buck
e74015eadf
Also redirect normal web access to www domain.
5 anos atrás
Thomas Buck
d023141dc0
Allow short open tags in PHP code and enable for blog hosting.
5 anos atrás
Thomas Buck
2d359819a2
Similar log settings for all apache virtual hosts
5 anos atrás
Thomas Buck
30832be156
Add Commento to blog task and add example index page for webhosting.
5 anos atrás
Thomas Buck
96696af9bc
Tweak fathom task
5 anos atrás
Thomas Buck
7b8f15528d
Fix a bunch of broken http->https redirects and make them always temporary
5 anos atrás
Thomas Buck
cce03e9f94
Add well-known directory to all hosts served by Apache
5 anos atrás
Thomas Buck
eb39986288
fix fathom monit wrong task name and missing ignore_errors for first run. fix typo.
5 anos atrás
Thomas Buck
caf49050d2
Remove useless step in apache related tasks that forced apache restart.
5 anos atrás
Thomas Buck
5215ac9a25
Password lookup called wrong, all generated passwords were 20 chars long, regardless of specification.
5 anos atrás
Thomas Buck
04ba7ad539
Added Fathom statistics tracker to blog task
5 anos atrás
Thomas Buck
3c51ebedd4
Apache now configurable for multiple virtual domains.
5 anos atrás
Mike Ashley
d3abc02f84
Clean up Apache SSL configuration
Avoid using the Include directive. Move most of the SSL configuration
to the global configuration and leave enabling the SSL engine to each
virtual host that wants to use it.
9 anos atrás
Laurent Arnoud
ad22aed4cc
rm used in place of argument state=absent to file module
9 anos atrás
Will McCutchen
16b66cc849
Define apache SSL config in one place
9 anos atrás
Sven Neuhaus
a088d9c456
Use "modern" SSLCipherSuite per Mozilla recommendations.
See https://wiki.mozilla.org/Security/Server_Side_TLS for details.
Removes RC4 cipher. Fixes issue #341 .
Also explicitly disabled SSLCompression and enables OCSP stapling.
We should put all these settings in
/etc/apache2/mods-enabled/ssl.conf
to avoid duplication...
9 anos atrás
Sven Neuhaus
a849a49f37
Fix: Files shouldn't be owned or writeable by httpd unless necessary.
9 anos atrás
Patrick O'Doherty
6f6fc6a90f
Disable SSLv3 in all Apache vhosts
10 anos atrás
Sven Neuhaus
0a164d519f
Fix syntax for "removes" options
10 anos atrás
Sven Neuhaus
ab614fd70a
Added rules for dealing with old virtualhost files in
/etc/apache2/sites-available and old (dangling) symlinks in
/etc/apaches/sites-enabled.
Also, remove unnecessary apache2 restart after creating a new
virtualhost but not yet enabling it.
10 anos atrás
Sven Neuhaus
0f6dfdc6ca
More apache fixes.
The virtual site files must be owned by root (serious security issue)
and they must have the .conf filename suffix for a2ensite on
Ubuntu 14.04LTS (apache 2.4.7).
10 anos atrás
James Ravn
e3825cf6dd
Revert "Redirects naked domain to www"
This reverts commit 703d356492 .
10 anos atrás
James Ravn
703d356492
Redirects naked domain to www
Properly behaving websites should 301 redirect the naked domain.
11 anos atrás
Alex Payne
d28f0f82b9
move to non-deprecated template variable formatting
11 anos atrás
Luke Cyca
37a0400c22
Standardize apache’s 301 redirect to https, and enable HSTS
11 anos atrás
Luke Cyca
93e7b3e3bd
Use common domain variable instead of blog_domain
11 anos atrás
Greg Karékinian
58dddc55d1
Remove variables from roles
Refs #39
11 anos atrás
Luke Cyca
c697e135e9
Move NameVirtualHost directives to ports.conf
11 anos atrás
Luke Cyca
09c8fcb295
Named all tasks and made them idempotent where possible
11 anos atrás
Luke Cyca
d5b2d7ade0
Improved apache SSL config, and disabled directory index
11 anos atrás
Alex Payne
080d38986c
first commit
11 anos atrás