diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:23:43 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:52:13 -0500 |
commit | 0261e875679f1bf63c8d689da7fc7e014597885d (patch) | |
tree | 3f19cd74a0c1070944f75437f30b098d6ef2ffcb /roles/apache_vhost/vars | |
download | selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.tar.gz selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.zip |
initial commit
Diffstat (limited to 'roles/apache_vhost/vars')
-rw-r--r-- | roles/apache_vhost/vars/main.yml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/roles/apache_vhost/vars/main.yml b/roles/apache_vhost/vars/main.yml new file mode 100644 index 0000000..bbfba62 --- /dev/null +++ b/roles/apache_vhost/vars/main.yml @@ -0,0 +1,26 @@ +apache_certificate_path: /etc/pki/tls/certs/httpd-{{ apache_server_name }}.pem +apache_certificate_key_path: /etc/pki/tls/private/httpd-{{ apache_server_name }}.key + +apache_ldap_url: "ldaps://{{ freeipa_hosts | join(' ') }}/{{ freeipa_user_basedn }}" +apache_ldap_creds: | + AuthLDAPBindDN uid={{ apache_sysaccount_username }},{{ freeipa_sysaccount_basedn }} + AuthLDAPBindPassword {{ apache_sysaccount_password }} +apache_ldap_config: | + AuthLDAPUrl "{{ apache_ldap_url }}?uid" + {{ apache_ldap_creds }} + +apache_gssapi_session_config: | + GssapiUseSessions On + Session On + SessionCookieName gssapi_session path=/;httponly;secure;samesite=strict + GssapiSessionKey file:{{ apache_gssapi_session_key }} + +apache_proxy_vhost_config: | + ProxyPreserveHost On + ProxyRequests Off +apache_proxy_header_config: | + RequestHeader set X-Forwarded-Proto "https" + RequestHeader set X-Real-IP %{REMOTE_ADDR}s +apache_proxy_config: | + {{ apache_proxy_vhost_config }} + {{ apache_proxy_header_config }} |