Add templates from puppet converted to jinja

13 files changed, 79 insertions, 0 deletions

diff --git a/roles/httpd/templates/apache-status.conf.j2 b/roles/httpd/templates/apache-status.conf.j2
new file mode 100644
index 000000000..762bd0892
--- /dev/null
+++ b/roles/httpd/templates/apache-status.conf.j2
@@ -0,0 +1,2 @@
+RewriteEngine On
+RewriteRule ^{{ path }}/((?:app|bapp|proxy|fas|koji|puppet|hosted|people|torrent|secondary|cvs)\d*)$ http://$1/apache-status [P,L]
diff --git a/roles/httpd/templates/app-headers.conf.j2 b/roles/httpd/templates/app-headers.conf.j2
new file mode 100644
index 000000000..1f89eba00
--- /dev/null
+++ b/roles/httpd/templates/app-headers.conf.j2
@@ -0,0 +1,3 @@
+Header set AppTime "%D"
+PassEnv HOSTNAME
+Header set AppServer "{{ fqdn }}"
diff --git a/roles/httpd/templates/koji-headers.conf.j2 b/roles/httpd/templates/koji-headers.conf.j2
new file mode 100644
index 000000000..2190eba97
--- /dev/null
+++ b/roles/httpd/templates/koji-headers.conf.j2
@@ -0,0 +1,3 @@
+Header set KojiTime "%D"
+PassEnv HOSTNAME
+Header set KojiServer "{{ fqdn }}"
diff --git a/roles/httpd/templates/logs.conf.j2 b/roles/httpd/templates/logs.conf.j2
new file mode 100644
index 000000000..f4b06d971
--- /dev/null
+++ b/roles/httpd/templates/logs.conf.j2
@@ -0,0 +1,2 @@
+CustomLog "logs/{{ name }}-access.log" combined
+ErrorLog "logs/{{ name }}-error.log"
diff --git a/roles/httpd/templates/mailman-proxy.conf.j2 b/roles/httpd/templates/mailman-proxy.conf.j2
new file mode 100644
index 000000000..8c422b04a
--- /dev/null
+++ b/roles/httpd/templates/mailman-proxy.conf.j2
@@ -0,0 +1,4 @@
+ProxyPass {{ iconpath }} {{ proxyurl }}/icons
+ProxyPassReverse {{ iconpath }} {{ proxyurl }}/icons
+ProxyPass {{ path }} {{ proxyurl }}/mailman
+ProxyPassReverse {{ path }} {{ proxyurl }}/mailman
diff --git a/roles/httpd/templates/mime-types.conf.j2 b/roles/httpd/templates/mime-types.conf.j2
new file mode 100644
index 000000000..2d76be770
--- /dev/null
+++ b/roles/httpd/templates/mime-types.conf.j2
@@ -0,0 +1 @@
+AddType {{ mimetype }} <% extensions.each do |ext| -}} {{ ext }} <% end -}}
diff --git a/roles/httpd/templates/proxy-headers.conf.j2 b/roles/httpd/templates/proxy-headers.conf.j2
new file mode 100644
index 000000000..011791bf5
--- /dev/null
+++ b/roles/httpd/templates/proxy-headers.conf.j2
@@ -0,0 +1,3 @@
+Header set ProxyTime "%D"
+PassEnv HOSTNAME
+Header set ProxyServer "{{ fqdn }}"
diff --git a/roles/httpd/templates/redirect-proxy.conf.j2 b/roles/httpd/templates/redirect-proxy.conf.j2
new file mode 100644
index 000000000..719483b51
--- /dev/null
+++ b/roles/httpd/templates/redirect-proxy.conf.j2
@@ -0,0 +1 @@
+Redirect {{ status }} {{ path }} {{ target }}
diff --git a/roles/httpd/templates/redirectmatch-proxy.conf.j2 b/roles/httpd/templates/redirectmatch-proxy.conf.j2
new file mode 100644
index 000000000..4de6cf787
--- /dev/null
+++ b/roles/httpd/templates/redirectmatch-proxy.conf.j2
@@ -0,0 +1 @@
+RedirectMatch {{ status }} {{ regex }} {{ target }}
diff --git a/roles/httpd/templates/rewrite-notarget.conf.j2 b/roles/httpd/templates/rewrite-notarget.conf.j2
new file mode 100644
index 000000000..f04ea5edb
--- /dev/null
+++ b/roles/httpd/templates/rewrite-notarget.conf.j2
@@ -0,0 +1,2 @@
+RewriteEngine On
+RewriteRule {{ path }} - [R={{ status }},L]
diff --git a/roles/httpd/templates/rewrite-proxy.conf.j2 b/roles/httpd/templates/rewrite-proxy.conf.j2
new file mode 100644
index 000000000..e2f2fe6de
--- /dev/null
+++ b/roles/httpd/templates/rewrite-proxy.conf.j2
@@ -0,0 +1,6 @@
+RewriteEngine On
+{% if  path == '/favicon.ico$' %}
+RewriteRule {{ path }} {{ target }} [P]
+{% else %}
+RewriteRule {{ path }} {{ target }} [R={{ status }},L]
+{% endif %}
diff --git a/roles/httpd/templates/robots.conf.j2 b/roles/httpd/templates/robots.conf.j2
new file mode 100644
index 000000000..040f48d39
--- /dev/null
+++ b/roles/httpd/templates/robots.conf.j2
@@ -0,0 +1 @@
+Alias /robots.txt /srv/web/robots.txt.{{ name }}
diff --git a/roles/httpd/templates/website.conf.j2 b/roles/httpd/templates/website.conf.j2
new file mode 100644
index 000000000..466b2b0d1
--- /dev/null
+++ b/roles/httpd/templates/website.conf.j2
@@ -0,0 +1,50 @@
+<VirtualHost {{ ips.map{|ip| ip + ":80"}.join(" ") }}>
+  ServerName {{ name }}
+{% if  not server_aliases.empty? -%}
+  ServerAlias {{ server_aliases.join(" ") }}
+<% end -%>
+  ServerAdmin {{ server_admin }}
+  TraceEnable Off
+
+{% if  gzip -%}
+  SetOutputFilter DEFLATE
+<% end -%>
+
+{% if  sslonly -%}
+  RewriteEngine On
+  RewriteCond %{HTTPS} off
+  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE]
+<% else -%>
+  Include "conf.d/{{ name }}/*.conf"
+<% end -%>
+</VirtualHost>
+
+{% if  ssl -%}
+<VirtualHost {{ ips.map{|ip| ip + ":443"}.join(" ") }}>
+  ServerName {{ name }}
+{% if  not server_aliases.empty? -%}
+  ServerAlias {{ server_aliases.join(" ") }}
+<% end -%>
+  ServerAdmin {{ server_admin }}
+
+{% if  gzip -%}
+  SetOutputFilter DEFLATE
+<% end -%>
+
+  SSLEngine on
+  SSLCertificateFile /etc/pki/tls/certs/{{ cert_name }}.cert
+  SSLCertificateKeyFile /etc/pki/tls/private/{{ cert_name }}.key
+{% if  not sSLCertificateChainFile.empty? -%}
+  SSLCertificateChainFile /etc/pki/tls/certs/{{ sSLCertificateChainFile }}
+<% end -%>
+  SSLHonorCipherOrder On
+
+  # https://fedorahosted.org/fedora-infrastructure/ticket/4101#comment:14
+  # If you change the protocols or cipher suites, you should probably update
+  # modules/squid/files/squid.conf-el6 too, to keep it in sync.
+  SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
+  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
+
+  Include "conf.d/{{ name }}/*.conf"
+</VirtualHost>
+<% end -%>