ff5ea7dd39
- Add dependencies for gettext and PDF support - add whois and netbase to support whois checks - remove docker/mysql.php because configuration should be done via environment variables - install CAcert CA certificates to allow retrieval of translation data from translations.cacert.org - build i18n files on start of application container - disable broken OCSP stapling for local certificates - add language data during database initialization
56 lines
1.4 KiB
Plaintext
56 lines
1.4 KiB
Plaintext
# customized settings for CAcert webserver
|
|
|
|
MaxRequestsPerChild 100
|
|
|
|
ServerAdmin support@cacert.localhost
|
|
ServerName cacert.localhost
|
|
|
|
Header always set X-Frame-Options "DENY"
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set X-Content-Type-Options "nosniff"
|
|
|
|
DocumentRoot /www/www
|
|
|
|
<Directory />
|
|
Options -Indexes +Includes +FollowSymLinks
|
|
AllowOverride None
|
|
</Directory>
|
|
|
|
<Directory /www/www>
|
|
Options -Indexes +Includes +FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<Directory /www/www/docs>
|
|
Options +Indexes +Includes +FollowSymLinks +MultiViews
|
|
AllowOverride None
|
|
</Directory>
|
|
|
|
<Directory /www/stamp>
|
|
Options -Indexes +Includes +FollowSymLinks
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
UseCanonicalName off
|
|
HostnameLookups on
|
|
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" mod_gzip: %{mod_gzip_compression_ratio}npct. %T %v" full
|
|
|
|
CustomLog /var/log/apache2/access.log full
|
|
|
|
ServerSignature off
|
|
|
|
AddDefaultCharset on
|
|
|
|
<IfModule mod_ssl.c>
|
|
# OCSP Stapling, only in httpd 2.3.3 and later
|
|
SSLUseStapling off
|
|
SSLStaplingResponderTimeout 5
|
|
SSLStaplingReturnResponderErrors off
|
|
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ocsp(1280000)
|
|
SSLStaplingFakeTryLater off
|
|
SSLStaplingStandardCacheTimeout 86400
|
|
</IfModule>
|