diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2012-05-18 13:55:53 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2012-05-18 13:55:53 -0300 |
commit | 45a5dc053f67b0b881c9dd0a5bbd20e862b3be1c (patch) | |
tree | e5ee082f099fb722ef1733fd964ae5e295a80950 /templates | |
parent | 3f2e3ae9e2135f6b42e445020ad68e32e9d3d1b3 (diff) | |
download | puppet-apache-45a5dc053f67b0b881c9dd0a5bbd20e862b3be1c.tar.gz puppet-apache-45a5dc053f67b0b881c9dd0a5bbd20e862b3be1c.tar.bz2 |
Adding support for canonical hostnames
Diffstat (limited to 'templates')
-rw-r--r-- | templates/site.erb | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/templates/site.erb b/templates/site.erb index 3545e62..4daf2be 100644 --- a/templates/site.erb +++ b/templates/site.erb @@ -3,12 +3,14 @@ ServerName <%= title %>.<%= hosting_domain %> <% if server_alias != false %> ServerAlias <%= server_alias %><% end %> DocumentRoot <%= docroot %> - <% if https_redirect != false %> +<% if https_redirect != false or canonical != false %> + RewriteEngine On +<% end -%> +<% if https_redirect != false %> # Use HTTP Strict Transport Security to force client to use secure connections only Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains" # Redirect all HTTP to HTTPS - RewriteEngine On RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [redirect=301]<% end %> <% if redirect_match != false %> RedirectMatch ^/$ <%= protocol %>://<%= title %>.<%= hosting_domain %>/<%= redirect_match %><% end %> <% if redirect != false %> Redirect <%= redirect %><% end %> @@ -23,6 +25,11 @@ AssignUserId <%= user %> <%= gid %> </IfModule> <% end %> +<% if canonical != false %> + RewriteCond %{HTTP_HOST} !=<%= canonical %> [NC] + RewriteCond %{HTTP_HOST} !="" + RewriteRule ^/(.*) https://<%= canonical %>/$1 [L,R=301] +<% end %> </VirtualHost> # end vhost for <%= title %> <% if ssl == true %> |