iankelling.org
/
git
/
basic-https-conf
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
2a4e0bd
)
misc bug fixes
author
Ian Kelling
<iank@fsf.org>
Mon, 20 Nov 2017 02:04:40 +0000
(21:04 -0500)
committer
Ian Kelling
<iank@fsf.org>
Mon, 20 Nov 2017 02:04:40 +0000
(21:04 -0500)
web-conf
patch
|
blob
|
history
diff --git
a/web-conf
b/web-conf
index 881c68d2f4a0423214898c9c120033ec6eeb1949..61b735be95269f415e84e152d4ae86df49120e22 100755
(executable)
--- a/
web-conf
+++ b/
web-conf
@@
-67,6
+67,7
@@
while true; do
esac
done
esac
done
+# t = type, h = host
if (( ${#@} == 3 )); then
read -r extra_settings t h <<<"${@}"
else
if (( ${#@} == 3 )); then
read -r extra_settings t h <<<"${@}"
else
@@
-178,15
+179,16
@@
EOF
a2enmod proxy proxy_http
# fyi: trailing slash is important
# reference: https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html
a2enmod proxy proxy_http
# fyi: trailing slash is important
# reference: https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html
+ # retry=0: https://stackoverflow.com/questions/683052/why-am-i-getting-an-apache-proxy-503-error
cat >>$vhost_file <<EOF
cat >>$vhost_file <<EOF
- ProxyPass "/" "http://$proxy/"
+ ProxyPass "/" "http://$proxy/"
retry=0
ProxyPassReverse "/" "http://$proxy/"
EOF
fi
ProxyPassReverse "/" "http://$proxy/"
EOF
fi
-
if $ssl; then
if $ssl; then
+ a2enmod headers
https_arg=" https"
common_ssl_conf=/etc/apache2/common-ssl.conf
cat >>$vhost_file <<EOF
https_arg=" https"
common_ssl_conf=/etc/apache2/common-ssl.conf
cat >>$vhost_file <<EOF
@@
-200,13
+202,6
@@
EOF
Header always set Content-Security-Policy upgrade-insecure-requests
EOF
Header always set Content-Security-Policy upgrade-insecure-requests
EOF
- cat >/etc/apache2/conf-enabled/local-custom.conf <<'EOF'
-# vhost_combined with %D (request time in microseconds)
-# this file is just a convenient place to drop it.
-LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %D" vhost_time_combined
-SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
-EOF
-
echo "$0: creating $redir_file"
cat >$redir_file <<EOF
<VirtualHost *:80>
echo "$0: creating $redir_file"
cat >$redir_file <<EOF
<VirtualHost *:80>
@@
-390,3
+385,10
@@
EOF
service nginx restart
fi ####### end if nginx
service nginx restart
fi ####### end if nginx
+
+cat >/etc/apache2/conf-enabled/local-custom.conf <<'EOF'
+# vhost_combined with %D (request time in microseconds)
+# this file is just a convenient place to drop it.
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %D" vhost_time_combined
+SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
+EOF