From 9898a8210813f468fb31b2c114dd8d5553fee5ba Mon Sep 17 00:00:00 2001 From: B Stack Date: Mon, 31 Oct 2016 11:10:10 -0400 Subject: Initial commit --- etc/httpd/sites/mirror.conf | 65 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 etc/httpd/sites/mirror.conf (limited to 'etc/httpd/sites/mirror.conf') diff --git a/etc/httpd/sites/mirror.conf b/etc/httpd/sites/mirror.conf new file mode 100644 index 0000000..5f2e761 --- /dev/null +++ b/etc/httpd/sites/mirror.conf @@ -0,0 +1,65 @@ +# File: /etc/httpd/sites/mirror.conf +# Package: mirror +# Title: Apache mirror config +# Purpose: To provide a standard mirror http and https site +# Reference: +# Instructions: +# you can make a simple IP listener conf with the following +# thisip=$( ifconfig 2>/dev/null | awk '/Bcast|broadcast/{print $2}' | tr -cd '[^0-9\.\n]' | head -n1) +# printf "Listen %s\nListen %s" "${thisip}:80" "${thisip}:443" > /etc/httpd/sites/${thisip}.conf +# Be sure to fix the IP addresses here for the virtual hosts. +# Also ensure /etc/hosts has the right hostnames configured for the ssl vhost below +# Document: Below this line + + + + ServerName mirror.example.com:80 + ServerAlias mirror brass mirror-brass mirrorbrass brassmirror *.mirror.example.com brass.example.com + # this server also provides bgscripts.repo at http://mirror.example.com/bgscripts which is /var/www/html/mirror.example.com/bgscripts + + DocumentRoot "/var/www/html/mirror.example.com" + + Alias /mirror /mnt/mirror + + # Index options + Options +Indexes + IndexOptions IgnoreCase FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* SuppressHTMLPreamble + IndexIgnore FOOTER.html repodata tivoli *.so bgscripts + ReadmeName FOOTER.html + + # Useful additions for the mirror + AddIcon /icons/rpm.png .rpm + AddIcon /icons/repo.png .repo + AddType application/octet-stream .iso + + + AllowOverride None + Order allow,deny + Allow from all + Options Indexes FollowSymLinks + + + # Allows "centos.mirror.example.com" redirection to "mirror.example.com/centos" behavior + RewriteEngine On + RewriteCond %{HTTP_HOST} ^([^.]*)\.mirror\.example\.com$ + RewriteRule /(.*) http://mirror.example.com/%1/$1 [R,L] + + + + + SSLEngine on + SSLProtocol all -SSLv2 -SSLv3 + SSLHonorCipherOrder on + SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" + SSLCertificateFile /etc/pki/tls/certs/wildcard.crt + SSLCertificateKeyFile /etc/pki/tls/private/wildcard.key + SSLCACertificateFile /etc/pki/tls/certs/rapidssl.crt + + LogLevel warn + # Reverse proxy all ssl traffic to the nonencrypted site. This is a template for any and all sites. + # Observe that this depends on /etc/hosts or DNS to look up the variable SERVER_NAME + SSLProxyEngine On + RewriteEngine On + RewriteRule ^/(.*)$ http://%{SERVER_NAME}/$1 [P,L] + + -- cgit