summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/init.pp3
-rw-r--r--templates/site.erb11
2 files changed, 11 insertions, 3 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 96bd9f8..6b7b382 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -190,7 +190,8 @@ class apache {
$mpm = true, $mpm_user = '', $mpm_group = '', $password = '*',
$comment = '', $sshkey = absent,
$groups = '', $shell = '/bin/false', $manage_user = true,
- $ssl = false, $listen = '*', $https_redirect = false) {
+ $ssl = false, $listen = '*', $https_redirect = false,
+ $canonical = false) {
$vhost = $filename ? {
'' => "$title",
diff --git a/templates/site.erb b/templates/site.erb
index 3545e62..4daf2be 100644
--- a/templates/site.erb
+++ b/templates/site.erb
@@ -3,12 +3,14 @@
ServerName <%= title %>.<%= hosting_domain %>
<% if server_alias != false %> ServerAlias <%= server_alias %><% end %>
DocumentRoot <%= docroot %>
- <% if https_redirect != false %>
+<% if https_redirect != false or canonical != false %>
+ RewriteEngine On
+<% end -%>
+<% if https_redirect != false %>
# Use HTTP Strict Transport Security to force client to use secure connections only
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
# Redirect all HTTP to HTTPS
- RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [redirect=301]<% end %>
<% if redirect_match != false %> RedirectMatch ^/$ <%= protocol %>://<%= title %>.<%= hosting_domain %>/<%= redirect_match %><% end %>
<% if redirect != false %> Redirect <%= redirect %><% end %>
@@ -23,6 +25,11 @@
AssignUserId <%= user %> <%= gid %>
</IfModule>
<% end %>
+<% if canonical != false %>
+ RewriteCond %{HTTP_HOST} !=<%= canonical %> [NC]
+ RewriteCond %{HTTP_HOST} !=""
+ RewriteRule ^/(.*) https://<%= canonical %>/$1 [L,R=301]
+<% end %>
</VirtualHost>
# end vhost for <%= title %>
<% if ssl == true %>