blob: bbfba628b1d27d4a16a7293df7315e97108c6d75 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
apache_certificate_path: /etc/pki/tls/certs/httpd-{{ apache_server_name }}.pem
apache_certificate_key_path: /etc/pki/tls/private/httpd-{{ apache_server_name }}.key
apache_ldap_url: "ldaps://{{ freeipa_hosts | join(' ') }}/{{ freeipa_user_basedn }}"
apache_ldap_creds: |
AuthLDAPBindDN uid={{ apache_sysaccount_username }},{{ freeipa_sysaccount_basedn }}
AuthLDAPBindPassword {{ apache_sysaccount_password }}
apache_ldap_config: |
AuthLDAPUrl "{{ apache_ldap_url }}?uid"
{{ apache_ldap_creds }}
apache_gssapi_session_config: |
GssapiUseSessions On
Session On
SessionCookieName gssapi_session path=/;httponly;secure;samesite=strict
GssapiSessionKey file:{{ apache_gssapi_session_key }}
apache_proxy_vhost_config: |
ProxyPreserveHost On
ProxyRequests Off
apache_proxy_header_config: |
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
apache_proxy_config: |
{{ apache_proxy_vhost_config }}
{{ apache_proxy_header_config }}
|