53 lines
1.9 KiB
Plaintext
53 lines
1.9 KiB
Plaintext
# ************************************
|
|
# Vhost template in module nagios
|
|
# Managed by Puppet
|
|
# ************************************
|
|
|
|
<VirtualHost <%= @vhost_listen_ip %>:<%= @http_port %>>
|
|
<% if @ui_tls_enabled -%>
|
|
ServerName <%= @ui_certificate_hostname %>
|
|
SSLEngine on
|
|
SSLCertificateFile "<%= @ui_certificate_filename %>"
|
|
|
|
## Configuration from mozilla.github.io/server-side-tls/ssl-config-generator/
|
|
# For Apache 2.4.7 with "modern" profile.
|
|
Header always set Strict-Transport-Security "max-age=15768000"
|
|
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
|
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
|
|
SSLHonorCipherOrder on
|
|
SSLCompression off
|
|
<% else -%>
|
|
ServerName nagios-ui
|
|
<% end -%>
|
|
DocumentRoot "/usr/share/nagios3/htdocs"
|
|
|
|
# Alias for UI
|
|
ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3
|
|
# Alias for HTTP commands
|
|
ScriptAlias /cgi-bin /usr/lib/cgi-bin/nagios3
|
|
# Aliases for static content
|
|
Alias /stylesheets /etc/nagios3/stylesheets
|
|
Alias /nagios3/images /usr/share/nagios3/htdocs/images
|
|
Alias /nagios3/js /usr/share/nagios3/htdocs/js
|
|
Alias /nagios3/stylesheets /etc/nagios3/stylesheets
|
|
<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)>
|
|
Options FollowSymLinks
|
|
DirectoryIndex index.php index.html
|
|
AllowOverride AuthConfig
|
|
Order Allow,Deny
|
|
Allow From All
|
|
AuthName "Nagios Access"
|
|
AuthType Basic
|
|
AuthUserFile <%= @cgi_htpasswd_file %>
|
|
require valid-user
|
|
</DirectoryMatch>
|
|
|
|
<Directory /usr/share/nagios3/htdocs>
|
|
Options +ExecCGI
|
|
|
|
</Directory>
|
|
ErrorLog "/var/log/apache2/nagios_error.log"
|
|
ServerSignature Off
|
|
CustomLog "/var/log/apache2/nagios_access.log" combined
|
|
</VirtualHost>
|