blob: 9bfd2b87443d1babcffa60ddbb9a5413f08bb392 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# begin vhost for <%= @fqdn %>
<VirtualHost *:<%= scope.lookupvar('apache::http_port') %>>
ServerName <%= @fqdn %>
DocumentRoot <%= scope.lookupvar('apache::default_folder') %>
# begin site config
<Directory <%= scope.lookupvar('apache::default_folder') %>>
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
</Directory>
# end site config
</VirtualHost>
# end vhost for <%= @fqdn %>
# A default VirtualHost for any site listening only in localhost.
#
# This is meant to protect these sites (such as Tor Onion Services) from
# exposing other data from the server, such as the default public VirtualHost
# above.
#
# This is not a strong measure, since the server can be fingerprinted by other
# means.
#
# Best thing to do is not mix public and non-public sites in the same server.
#
# For additional details, check
# https://gitlab.torproject.org/tpo/onion-services/onion-support/-/issues/30
<VirtualHost 127.0.0.1:80>
</VirtualHost>
|