diff options
Diffstat (limited to 'roles/apache_vhost/vars/main.yml')
-rw-r--r-- | roles/apache_vhost/vars/main.yml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/roles/apache_vhost/vars/main.yml b/roles/apache_vhost/vars/main.yml new file mode 100644 index 0000000..bbfba62 --- /dev/null +++ b/roles/apache_vhost/vars/main.yml @@ -0,0 +1,26 @@ +apache_certificate_path: /etc/pki/tls/certs/httpd-{{ apache_server_name }}.pem +apache_certificate_key_path: /etc/pki/tls/private/httpd-{{ apache_server_name }}.key + +apache_ldap_url: "ldaps://{{ freeipa_hosts | join(' ') }}/{{ freeipa_user_basedn }}" +apache_ldap_creds: | + AuthLDAPBindDN uid={{ apache_sysaccount_username }},{{ freeipa_sysaccount_basedn }} + AuthLDAPBindPassword {{ apache_sysaccount_password }} +apache_ldap_config: | + AuthLDAPUrl "{{ apache_ldap_url }}?uid" + {{ apache_ldap_creds }} + +apache_gssapi_session_config: | + GssapiUseSessions On + Session On + SessionCookieName gssapi_session path=/;httponly;secure;samesite=strict + GssapiSessionKey file:{{ apache_gssapi_session_key }} + +apache_proxy_vhost_config: | + ProxyPreserveHost On + ProxyRequests Off +apache_proxy_header_config: | + RequestHeader set X-Forwarded-Proto "https" + RequestHeader set X-Real-IP %{REMOTE_ADDR}s +apache_proxy_config: | + {{ apache_proxy_vhost_config }} + {{ apache_proxy_header_config }} |