ServerAdmin its@linaro.org CustomLog /var/log/apache2/{{inventory_hostname}}.access.log combined ErrorLog /var/log/apache2/{{inventory_hostname}}.error.log Redirect / https://{{inventory_hostname}}/restricted ServerName {{inventory_hostname}} ServerAdmin its@linaro.org CustomLog /var/log/apache2/{{inventory_hostname}}.access.log combined ErrorLog /var/log/apache2/{{inventory_hostname}}.error.log LogLevel warn DocumentRoot {{install_base}}/{{inventory_hostname}} SSLEngine On SSLProtocol All -SSLv2 -SSLv3 SSLCompression Off SSLHonorCipherOrder On SSLOptions +StdEnvVars SSLCipherSuite "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:\ EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:\ !aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:\ CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA" SSLCertificateFile {{ssl_cert}} SSLCertificateKeyFile {{ssl_key}} SSLCACertificateFile {{ssl_ca_cert}} Require all granted Options Indexes FollowSymLinks IndexIgnore /errors AuthType Basic AuthName "{{ inventory_hostname }}" AuthBasicProvider ldap AuthLDAPUrl "{{ apache_ldap_url }}" AuthLDAPBindDN "{{ apache_ldap_bind }}" AuthLDAPBindPassword {{ apache_ldap_bind_pwd }} AuthLDAPRemoteUserAttribute uid Require valid-user Require ldap-group cn=linaro-login-users,ou=mailing,ou=groups,dc=linaro,dc=org