From 958b501725166e4a5e38f4c8062356b0d7328bc7 Mon Sep 17 00:00:00 2001 From: Jim Hague Date: Wed, 8 Mar 2023 15:44:34 +0000 Subject: [PATCH] Add dottes website details. --- .../dottes.cryhavoc.org.uk.conf | 52 +++++++++++++++++++ states/dottes_website/init.sls | 18 +++++++ 2 files changed, 70 insertions(+) create mode 100644 states/dottes_website/dottes.cryhavoc.org.uk.conf create mode 100644 states/dottes_website/init.sls diff --git a/states/dottes_website/dottes.cryhavoc.org.uk.conf b/states/dottes_website/dottes.cryhavoc.org.uk.conf new file mode 100644 index 0000000..b816120 --- /dev/null +++ b/states/dottes_website/dottes.cryhavoc.org.uk.conf @@ -0,0 +1,52 @@ + + + + ServerName dottes.cryhavoc.org.uk + + ErrorLog /var/log/apache2/dottes-error.log + CustomLog /var/log/apache2/dottes-access.log combined + + RemoteIPProxyProtocol On + + DocumentRoot /srv/jenkins/jobs/Dottes/builds/lastSuccessfulBuild/archive/web + + Options Indexes FollowSymLinks + Options +Includes + + # We only want SSI on index.html, but I can't see how to just + # do that. Since we don't have that many .html, just enable it + # for them all. I did use the XBitHack, but X bits aren't + # preserved when the files are archived. + AddOutputFilter INCLUDES .html + + AllowOverride None + Order allow,deny + allow from all + + Require all granted + + + SSLEngine on + SSLCertificateFile /var/lib/dehydrated/certs/dottes.cryhavoc.org.uk/fullchain.pem + SSLCertificateKeyFile /var/lib/dehydrated/certs/dottes.cryhavoc.org.uk/privkey.pem + + + + + + ServerName dottes.cryhavoc.org.uk + + ErrorLog /var/log/apache2/dottes-error.log + CustomLog /var/log/apache2/dottes-access.log combined + + RemoteIPProxyProtocol On + + + # + # This redirects all accesses to the HTTPS version of the site. + # + RewriteEngine On + + RewriteRule ^/?(.*) https://dottes.cryhavoc.org.uk/$1 [R=301,L] + + diff --git a/states/dottes_website/init.sls b/states/dottes_website/init.sls new file mode 100644 index 0000000..f01984b --- /dev/null +++ b/states/dottes_website/init.sls @@ -0,0 +1,18 @@ +dottes_website: + file.managed: + - require: + - sls: apache + - sls: certificates + - names: + - /etc/apache2/sites-available/dottes.cryhavoc.org.uk.conf: + - source: salt://dottes_website/dottes.cryhavoc.org.uk.conf + apache_site.enabled: + - require: + - file: /etc/apache2/sites-available/dottes.cryhavoc.org.uk.conf + - name: dottes.cryhavoc.org.uk + service.running: + - name: apache2 + - reload: true + - watch: + - file: /etc/apache2/sites-available/dottes.cryhavoc.org.uk.conf +