aboutsummaryrefslogtreecommitdiffstats
path: root/roles/apache_vhost/vars/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/apache_vhost/vars/main.yml')
-rw-r--r--roles/apache_vhost/vars/main.yml26
1 files changed, 26 insertions, 0 deletions
diff --git a/roles/apache_vhost/vars/main.yml b/roles/apache_vhost/vars/main.yml
new file mode 100644
index 0000000..bbfba62
--- /dev/null
+++ b/roles/apache_vhost/vars/main.yml
@@ -0,0 +1,26 @@
+apache_certificate_path: /etc/pki/tls/certs/httpd-{{ apache_server_name }}.pem
+apache_certificate_key_path: /etc/pki/tls/private/httpd-{{ apache_server_name }}.key
+
+apache_ldap_url: "ldaps://{{ freeipa_hosts | join(' ') }}/{{ freeipa_user_basedn }}"
+apache_ldap_creds: |
+ AuthLDAPBindDN uid={{ apache_sysaccount_username }},{{ freeipa_sysaccount_basedn }}
+ AuthLDAPBindPassword {{ apache_sysaccount_password }}
+apache_ldap_config: |
+ AuthLDAPUrl "{{ apache_ldap_url }}?uid"
+ {{ apache_ldap_creds }}
+
+apache_gssapi_session_config: |
+ GssapiUseSessions On
+ Session On
+ SessionCookieName gssapi_session path=/;httponly;secure;samesite=strict
+ GssapiSessionKey file:{{ apache_gssapi_session_key }}
+
+apache_proxy_vhost_config: |
+ ProxyPreserveHost On
+ ProxyRequests Off
+apache_proxy_header_config: |
+ RequestHeader set X-Forwarded-Proto "https"
+ RequestHeader set X-Real-IP %{REMOTE_ADDR}s
+apache_proxy_config: |
+ {{ apache_proxy_vhost_config }}
+ {{ apache_proxy_header_config }}
generated by cgit (git 2.34.1) at 2024-09-19 11:57:14 -0400