ServerAdmin its@linaro.org
CustomLog /var/log/apache2/{{inventory_hostname}}.access.log combined
ErrorLog /var/log/apache2/{{inventory_hostname}}.error.log
Redirect / https://{{inventory_hostname}}/restricted
ServerName {{inventory_hostname}}
ServerAdmin its@linaro.org
CustomLog /var/log/apache2/{{inventory_hostname}}.access.log combined
ErrorLog /var/log/apache2/{{inventory_hostname}}.error.log
LogLevel warn
DocumentRoot {{install_base}}/{{inventory_hostname}}
SSLEngine On
SSLProtocol All -SSLv2 -SSLv3
SSLCompression Off
SSLHonorCipherOrder On
SSLOptions +StdEnvVars
SSLCipherSuite "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:\
EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:\
!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:\
CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
SSLCertificateFile {{ssl_cert}}
SSLCertificateKeyFile {{ssl_key}}
SSLCACertificateFile {{ssl_ca_cert}}
Require all granted
Options Indexes FollowSymLinks
IndexIgnore /errors
AuthType Basic
AuthName "{{ inventory_hostname }}"
AuthBasicProvider ldap
AuthLDAPUrl "{{ apache_ldap_url }}"
AuthLDAPBindDN "{{ apache_ldap_bind }}"
AuthLDAPBindPassword {{ apache_ldap_bind_pwd }}
AuthLDAPRemoteUserAttribute uid
Require valid-user
Require ldap-group cn=linaro-login-users,ou=mailing,ou=groups,dc=linaro,dc=org