ServerName <%= @servername %> ServerAdmin cert@cert.sunet.se DocumentRoot /var/www/html RewriteEngine On RewriteRule ^(.*)$ https://<%= @servername %>/$1 [R,L] ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined ServerName <%= @servername %> ServerAdmin cert@cert.sunet.se SSLEngine on <% if @use_snakeoil -%> SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key <% else -%> SSLCertificateFile <%= @tls_cert %> SSLCertificateKeyFile <%= @tls_key %> SSLCertificateChainFile <%= @tls_chain %> <% end -%> SSLCACertificatePath /etc/ssl/certs/ SSLCACertificateFile /etc/ssl/certs/ca-certificates.crt Protocols h2 http/1.1 SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2 SSLHonorCipherOrder off SSLSessionTickets off Header always set Strict-Transport-Security "max-age=63072000" <% if $use_shib -%> AuthType shibboleth ShibRequestSetting requireSession On ShibUseHeaders On AuthGroupFile /etc/apache2/groups.txt Require group <%= @apache_group %> <% else -%> Require all granted <% end -%> ProxyRequests Off ProxyPass "http://127.0.0.1:8666/api" ProxyPassReverse "http://127.0.0.1:8666/api" Header always set X-DEBUG-PATH "/api" # RewriteEngine on # RewriteCond %{REQUEST_URI} !^/(index.html|static|api|intelmq-webinput) # RewriteRule .* /index.html [PT] DocumentRoot /opt/intelmq/www/fody Header set Content-Security-Policy "script-src 'self'" Header set X-Content-Security-Policy "script-src 'self'" Require all granted Options FollowSymLinks Alias /intelmq-manager /opt/intelmq/www/intelmq-manager <% if $use_shib -%> AuthType shibboleth ShibRequestSetting requireSession On ShibUseHeaders On AuthGroupFile /etc/apache2/groups.txt Require group <%= @apache_group %> <% else -%> Require all granted <% end -%> Header set Content-Security-Policy "script-src 'self'" Header set X-Content-Security-Policy "script-src 'self'" ProxyPass unix:/var/run/intelmq_api.sock|http://127.0.0.1:8081/ ProxyPassReverse unix:/var/run/intelmq_api.sock|http://127.0.0.1:8081/ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Listen 127.0.0.1:8666 ServerAdmin cert@cert.sunet.se DocumentRoot /opt/intelmq/venv/lib/python3.11/site-packages/intelmq_fody_backend WSGIDaemonProcess www-fody threads=1 maximum-requests=10000 python-home=/opt/intelmq/venv python-path=/opt/intelmq/venv/lib/python3.11/site-packages WSGIScriptAlias / /opt/intelmq/venv/lib/python3.11/site-packages/intelmq_fody_backend/serve.py WSGICallableObject __hug_wsgi__ WSGIPassAuthorization On WSGIApplicationGroup %{GLOBAL} Header set Content-Security-Policy "script-src 'self'" Header set X-Content-Security-Policy "script-src 'self'" Require all granted Options FollowSymLinks LogLevel debug ErrorLog ${APACHE_LOG_DIR}/fody-backend-error.log #CustomLog ${APACHE_LOG_DIR}/fody-backend-access.log combined # combined + logging the time taken to serve the request in microseconds CustomLog ${APACHE_LOG_DIR}/fody-backend-access.log "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %{ms}T"