# :vim set syntax apache
LogLevel info
# - log locally
# CustomLog /var/log/apache2/access.log combined
# ErrorLog /var/log/apache2/error.log
# - log to syslog
CustomLog "|/usr/bin/logger -p local7.info" common
ErrorLog syslog:local7
# ----------------------------------------------------------------------------------
# Set up Perl
# ----------------------------------------------------------------------------------
# - needed by CGIs
PerlRequire /etc/apache2/eg_startup
PerlChildInitHandler OpenILS::WWW::Reporter::child_init
PerlChildInitHandler OpenILS::WWW::SuperCat::child_init
PerlChildInitHandler OpenILS::WWW::AddedContent::child_init
PerlChildInitHandler OpenILS::WWW::AutoSuggest::child_init
# ----------------------------------------------------------------------------------
# Set some defaults for our working directories
# ----------------------------------------------------------------------------------
Order allow,deny
Allow from all
# ----------------------------------------------------------------------------------
# XUL directory
# ----------------------------------------------------------------------------------
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
# ----------------------------------------------------------------------------------
# Remove the language portion from the URL
# ----------------------------------------------------------------------------------
AliasMatch ^/opac/.*/skin/(.*)/(.*)/(.*) @localstatedir@/web/opac/skin/$1/$2/$3
AliasMatch ^/opac/.*/extras/slimpac/(.*) @localstatedir@/web/opac/extras/slimpac/$1
AliasMatch ^/opac/.*/extras/selfcheck/(.*) @localstatedir@/web/opac/extras/selfcheck/$1
# ----------------------------------------------------------------------------------
# System config CGI scripts go here
# ----------------------------------------------------------------------------------
Alias /cgi-bin/offline/ "@localstatedir@/cgi-bin/offline/"
AddHandler cgi-script .cgi .pl
AllowOverride None
Options None
Order deny,allow
Deny from all
Allow from 10.0.0.0/8
Options FollowSymLinks ExecCGI Indexes
# ----------------------------------------------------------------------------------
# Updates folder
# ----------------------------------------------------------------------------------
Alias /updates/ "@localstatedir@/updates/pub/"
ForceType cgi-script
ForceType cgi-script
ForceType cgi-script
ForceType cgi-script
AllowOverride None
Options None
Allow from all
Options ExecCGI
# ----------------------------------------------------------------------------------
# OPTIONAL: Set how long the client will cache our content. Change to suit
# ----------------------------------------------------------------------------------
ExpiresActive On
ExpiresDefault "access plus 1 month"
ExpiresByType text/html "access plus 18 hours"
ExpiresByType application/xhtml+xml "access plus 18 hours"
ExpiresByType application/x-javascript "access plus 18 hours"
ExpiresByType application/javascript "access plus 18 hours"
ExpiresByType text/css "access plus 50 minutes"
# ----------------------------------------------------------------------------------
# Set up our SSL virtual host
# ----------------------------------------------------------------------------------
#Listen 443
NameVirtualHost *:443
DocumentRoot "@localstatedir@/web"
ServerName localhost:443
ServerAlias 127.0.0.1:443
SSLEngine on
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM
# If you don't have an SSL cert, you can create self-signed
# certificate and key with:
# openssl req -new -x509 -nodes -out server.crt -keyout server.key
SSLCertificateFile ssl/server.crt
SSLCertificateKeyFile ssl/server.key
# - absorb the shared virtual host settings
Include eg_vhost.conf
# help IE along with SSL pages
SetEnvIf User-Agent ".*MSIE [1-5].*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SetEnvIf User-Agent ".*MSIE [6-9].*" \
ssl-unclean-shutdown
# ----------------------------------------------------------------------------------
# Set up our main virtual host
# Port 80 comes after 443 to avoid "unknown protocol speaking not SSL to HTTPS port!?"
# errors, per http://wiki.apache.org/httpd/InternalDummyConnection
# ----------------------------------------------------------------------------------
# Commented to avoid warnings from duplicate "NameVirtualHost: *80" directives
#NameVirtualHost *:80
ServerName localhost:80
ServerAlias 127.0.0.1:80
DocumentRoot @localstatedir@/web/
DirectoryIndex index.xml index.html index.xhtml
# - absorb the shared virtual host settings
Include eg_vhost.conf