2018-04-23 15:13:29 +02:00
|
|
|
<VirtualHost *:80>
|
|
|
|
RedirectMatch "^/$" "/horizon"
|
2018-08-10 14:04:40 +02:00
|
|
|
ServerName merlin.hpc.rug.nl
|
2018-04-23 15:13:29 +02:00
|
|
|
RewriteEngine On
|
|
|
|
RewriteCond %{HTTPS} off
|
|
|
|
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
|
|
|
|
</VirtualHost>
|
|
|
|
<VirtualHost *:443>
|
|
|
|
RedirectMatch "^/$" "/horizon"
|
2018-08-10 14:04:40 +02:00
|
|
|
ServerName merlin.hpc.rug.nl
|
2018-04-23 15:13:29 +02:00
|
|
|
|
|
|
|
SSLEngine On
|
2018-08-10 14:04:40 +02:00
|
|
|
SSLCertificateFile "/certs/merlin.hpc.rug.nl.crt"
|
|
|
|
SSLCertificateKeyFile "/certs/merlin.hpc.rug.nl.key"
|
2018-08-15 15:26:30 +02:00
|
|
|
SSLCACertificateFile "/certs/DigiCertCA.crt"
|
2018-04-23 15:13:29 +02:00
|
|
|
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
|
|
|
|
|
|
|
|
# HTTP Strict Transport Security (HSTS) enforces that all communications
|
|
|
|
# with a server go over SSL. This mitigates the threat from attacks such
|
|
|
|
# as SSL-Strip which replaces links on the wire, stripping away https prefixes
|
|
|
|
# and potentially allowing an attacker to view confidential information on the
|
|
|
|
# wire
|
|
|
|
Header add Strict-Transport-Security "max-age=15768000"
|
|
|
|
|
|
|
|
Alias /horizon/static /var/lib/openstack-dashboard/static/
|
|
|
|
Alias /static /var/lib/openstack-dashboard/static/
|
|
|
|
|
|
|
|
<Directory /var/lib/openstack-dashboard/static>
|
|
|
|
Require all granted
|
|
|
|
</Directory>
|
|
|
|
|
|
|
|
WSGIScriptAlias /horizon /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi process-group=horizon
|
|
|
|
WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10 display-name=%{GROUP}
|
|
|
|
WSGIProcessGroup horizon
|
|
|
|
</VirtualHost>
|
|
|
|
|