blob: 7b2cabfc52a7d0596359b9401a4021392651c717 (
plain)
- <IfDefine !_TLSHOST>
- <IfDefine _HOST>
- Define _TLSHOST ${_HOST}
- </IfDefine>
- </IfDefine>
- <IfDefine !_TLS_KEY>
- <IfDefine _TLSHOST>
- Define _TLS_CERT_CHAIN /var/lib/dehydrated/certs/${_TLSHOST}/fullchain.pem
- Define _TLS_KEY /var/lib/dehydrated/certs/${_TLSHOST}/privkey.pem
- </IfDefine>
- </IfDefine>
- <IfDefine _TLSHOST>
- <If "%{HTTPS} == 'off'">
- RedirectMatch permanent ^(?!/.well-known/)(.*) https://${_HOST}/$1
- </If>
- <IfModule mod_gnutls.c>
- GnuTLSEnable on
- <IfDefine _TLS_KEY>
- GnuTLSCertificateFile ${_TLS_CERT_CHAIN}
- GnuTLSKeyFile ${_TLS_KEY}
- </IfDefine>
- </IfModule>
- <IfModule mod_ssl.c>
- <IfModule !mod_gnutls.c>
- SSLEngine on
- <IfDefine _TLS_KEY>
- SSLCertificateFile ${_TLS_CERT_CHAIN}
- SSLCertificateKeyFile ${_TLS_KEY}
- </IfDefine>
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- <Directory /usr/lib/cgi-bin>
- SSLOptions +StdEnvVars
- </Directory>
- </IfModule>
- </IfModule>
- </IfModule> # _TLSHOST
|