system-config/playbooks/roles/static/files/50-tarballs.openstack.org.conf
Ian Wienand 3fd6e16077 Add tarballs.<openstack|opendev>.org to static.opendev.org
Add these hosts to static.opendev.org, serving from AFS.  Note that
tarballs.openstack.org just redirects to static.opendev.org/openstack.

This should have no effect currently, it will only become live when we
switch DNS.

For more details see the thread at:

 http://lists.openstack.org/pipermail/openstack-infra/2020-January/006584.html

Change-Id: Ie56fac17ffaa91ee55be986de636485a58125a02
2020-02-06 08:24:16 +11:00

36 lines
1.2 KiB
Plaintext
Executable File

<VirtualHost *:80>
ServerName tarballs.openstack.org
RewriteEngine On
RewriteRule ^/(.*) https://tarballs.openstack.org/$1 [last,redirect=permanent]
LogLevel warn
ErrorLog /var/log/apache2/tarballs.openstack.org_error.log
CustomLog /var/log/apache2/tarballs.openstack.org_access.log combined
ServerSignature Off
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName tarballs.openstack.org
DocumentRoot ${AFS_ROOT}
SSLCertificateFile /etc/letsencrypt-certs/tarballs.openstack.org/tarballs.openstack.org.cer
SSLCertificateKeyFile /etc/letsencrypt-certs/tarballs.openstack.org/tarballs.openstack.org.key
SSLCertificateChainFile /etc/letsencrypt-certs/tarballs.openstack.org/ca.cer
SSLProtocol All -SSLv2 -SSLv3
# Note: this list should ensure ciphers that provide forward secrecy
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
SSLHonorCipherOrder on
RewriteEngine On
RewriteRule ^/?(.*)$ https://tarballs.opendev.org/openstack/$1 [L]
LogLevel warn
ErrorLog /var/log/apache2/tarballs.openstack.org_error.log
CustomLog /var/log/apache2/tarballs.openstack.org_access.log combined
ServerSignature Off
</VirtualHost>
</IfModule>