Thomas Buck
efc165f792
Support custom 404 pages in blog
5 years ago
Thomas Buck
345e85490d
add another custom postgres user and database for own small php scripts and stuff like that.
5 years ago
Thomas Buck
08a0e8efd7
Disable account registration for gitea and commento
5 years ago
Thomas Buck
df70d73549
Rename fathom subdomain to stats and make it a variable.
5 years ago
Thomas Buck
e74015eadf
Also redirect normal web access to www domain.
5 years ago
Thomas Buck
d023141dc0
Allow short open tags in PHP code and enable for blog hosting.
5 years ago
Thomas Buck
2d359819a2
Similar log settings for all apache virtual hosts
5 years ago
Thomas Buck
30832be156
Add Commento to blog task and add example index page for webhosting.
5 years ago
Thomas Buck
96696af9bc
Tweak fathom task
5 years ago
Thomas Buck
7b8f15528d
Fix a bunch of broken http->https redirects and make them always temporary
5 years ago
Thomas Buck
cce03e9f94
Add well-known directory to all hosts served by Apache
5 years ago
Thomas Buck
eb39986288
fix fathom monit wrong task name and missing ignore_errors for first run. fix typo.
5 years ago
Thomas Buck
caf49050d2
Remove useless step in apache related tasks that forced apache restart.
5 years ago
Thomas Buck
5215ac9a25
Password lookup called wrong, all generated passwords were 20 chars long, regardless of specification.
5 years ago
Thomas Buck
04ba7ad539
Added Fathom statistics tracker to blog task
5 years ago
Thomas Buck
3c51ebedd4
Apache now configurable for multiple virtual domains.
5 years ago
Mike Ashley
d3abc02f84
Clean up Apache SSL configuration
Avoid using the Include directive. Move most of the SSL configuration
to the global configuration and leave enabling the SSL engine to each
virtual host that wants to use it.
8 years ago
Laurent Arnoud
ad22aed4cc
rm used in place of argument state=absent to file module
9 years ago
Will McCutchen
16b66cc849
Define apache SSL config in one place
9 years ago
Sven Neuhaus
a088d9c456
Use "modern" SSLCipherSuite per Mozilla recommendations.
See https://wiki.mozilla.org/Security/Server_Side_TLS for details.
Removes RC4 cipher. Fixes issue #341 .
Also explicitly disabled SSLCompression and enables OCSP stapling.
We should put all these settings in
/etc/apache2/mods-enabled/ssl.conf
to avoid duplication...
9 years ago
Sven Neuhaus
a849a49f37
Fix: Files shouldn't be owned or writeable by httpd unless necessary.
9 years ago
Patrick O'Doherty
6f6fc6a90f
Disable SSLv3 in all Apache vhosts
10 years ago
Sven Neuhaus
0a164d519f
Fix syntax for "removes" options
10 years ago
Sven Neuhaus
ab614fd70a
Added rules for dealing with old virtualhost files in
/etc/apache2/sites-available and old (dangling) symlinks in
/etc/apaches/sites-enabled.
Also, remove unnecessary apache2 restart after creating a new
virtualhost but not yet enabling it.
10 years ago
Sven Neuhaus
0f6dfdc6ca
More apache fixes.
The virtual site files must be owned by root (serious security issue)
and they must have the .conf filename suffix for a2ensite on
Ubuntu 14.04LTS (apache 2.4.7).
10 years ago
James Ravn
e3825cf6dd
Revert "Redirects naked domain to www"
This reverts commit 703d356492 .
10 years ago
James Ravn
703d356492
Redirects naked domain to www
Properly behaving websites should 301 redirect the naked domain.
10 years ago
Alex Payne
d28f0f82b9
move to non-deprecated template variable formatting
11 years ago
Luke Cyca
37a0400c22
Standardize apache’s 301 redirect to https, and enable HSTS
11 years ago
Luke Cyca
93e7b3e3bd
Use common domain variable instead of blog_domain
11 years ago
Greg Karékinian
58dddc55d1
Remove variables from roles
Refs #39
11 years ago
Luke Cyca
c697e135e9
Move NameVirtualHost directives to ports.conf
11 years ago
Luke Cyca
09c8fcb295
Named all tasks and made them idempotent where possible
11 years ago
Luke Cyca
d5b2d7ade0
Improved apache SSL config, and disabled directory index
11 years ago
Alex Payne
080d38986c
first commit
11 years ago