ansible/roles/nextcloud/templates/apache2-vhost-ssl.conf

36 lines
1.0 KiB
Plaintext
Raw Normal View History

2020-08-02 19:43:08 -05:00
# Configuration for {{ nextcloud.url }}
# vim:ft=apache:
# Accept connections from non-SNI clients
SSLStrictSNIVHostCheck off
# Website configuration
<VirtualHost *:80>
2020-08-02 19:43:08 -05:00
ServerName {{ nextcloud.url }}
Redirect permanent / https://{{ nextcloud.url }}
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
2020-08-02 19:43:08 -05:00
SSLCertificateFile /etc/pki/cert/crt/{{ nextcloud.url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ nextcloud.url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ nextcloud.url}}-fullchain.crt
SSLProtocol {{ ssl_protocol }}
2020-06-03 06:07:11 -05:00
SSLCipherSuite {{ ssl_cipher_suite }}
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
2020-08-02 19:43:08 -05:00
ServerName {{ nextcloud.url }}
DocumentRoot {{ nextcloud_webroot }}
2020-02-06 00:01:26 -06:00
<Directory "{{ nextcloud_webroot }}">
Require all granted
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
2020-02-06 03:22:38 -06:00
<IfModule mod_headers.c>
2020-06-25 06:30:44 -05:00
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
2020-02-06 03:22:38 -06:00
</IfModule>
</VirtualHost>