capistrano-exfel 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3f39bbd681a6dfe262623018dbc25c2f21b1067bd0941ab5fa15968d307818b4
-  data.tar.gz: 6f4b167cd5fb9d9f19fad48c932280607c2a1703aabce99fae2c2a78197b061e
+  metadata.gz: db4bdb4541437adbee7068c17988232ed83871f17ca7131eaa64e2371aeabdc3
+  data.tar.gz: c58b66065fc1232c637548ac8e982fdf159aa7a8de870a6b966d7b8add01b971
 SHA512:
-  metadata.gz: df06350ebf4be066955c1c913a40b06ccee33d170d4b5bbae5b4e3c61da5647573e022c5f5f123e9cafc2ec0309d0dae737f0603e1779761c8c754bb6fda7291
-  data.tar.gz: 424dfaf2e183e4c7b8ddb0df286c8fc8dc0724a759034b1096b2ae2bd91bb97322b188cf6da41dc6f503a52209a56004e9c1c56e16e26a60e77e009e05337437
+  metadata.gz: 8da33a59375c6545637eb879a71cc69e7c2dbb3bb6de605a3928cfa1873a8fa3273a4f6935e22db33dca108532cdd7a03112939670461cc7e4f5a1679d75ca29
+  data.tar.gz: 212dfe77a050b4967fe7460bf92fd14c81dfd38ee966cae3483394428a85cc8940b6c1438cb957205b70b362cd904b0ea1d2709ac61b519c690ee32bba156abd

data/Gemfile

@@ -6,4 +6,4 @@ source 'https://rubygems.org'
 gemspec
 
 # Use Rubocop to validate ruby code syntax
-gem 'rubocop', '1.53.1', require: false, group: :development
+gem 'rubocop', '1.64.1', require: false, group: :development

data/README.md

@@ -1,17 +1,17 @@
 # Capistrano::Exfel
 
 Deploys Ruby on Rails Applications in EXFEL VMs using Capistrano3 throw username/password authentication.
-The standard EXFEL VMs consist of CentOS 7, Alma Linux 8/9 or Ubuntu 20/22 with Apache.
-Installation of Phusion Passenger and RVM are also required for this gem.
+The standard EXFEL VMs for web applications is Ubuntu 22 with Apache web server.
+Installation of Phusion Passenger and RVM are also required to this gem.
 
 ## Installation
 
 Add these lines to your application's Gemfile:
 
     # Use Capistrano for deployment
-    gem 'capistrano', '3.17.3', require: false
-    gem 'capistrano-exfel', '0.4.0', require: false
-    gem 'capistrano-rails', '1.6.2', require: false
+    gem 'capistrano', '3.18.1', require: false
+    gem 'capistrano-exfel', '0.5.0', require: false
+    gem 'capistrano-rails', '1.6.3', require: false
     gem 'capistrano-rvm', '0.1.2', require: false
 
 
@@ -28,20 +28,10 @@ $ gem install capistrano-exfel
 
 ## Usage
 
-Add this line to your `Capfile` for Scientific Linux 6 machines:
-
-    # Load Capistrano Exfel Scientific Linux 6 tasks
-    require 'capistrano/exfel/sl6'
-
-Add this line to your `Capfile` for CentOS 7 machines:
-
-    # Load Capistrano Exfel CentOS tasks
-    require 'capistrano/exfel/co7'
-
-Add this line to your `Capfile` for Ubuntu 14 machines:
+Add this line to your `Capfile` for Ubuntu 22 machines:
 
     # Load Ubuntu 14 tasks
-    require 'capistrano/exfel/ub14'
+    require 'capistrano/exfel/ubuntu22'
 
 
 This gem will reuse `capistrano-rails` and `capistrano-rvm` tasks to build the following tasks:

data/lib/capistrano/exfel/version.rb

@@ -3,6 +3,6 @@
 module Capistrano
   # Capistrano::Exfel version information
   module Exfel
-    VERSION = '0.4.0'
+    VERSION = '0.5.0'
   end
 end

data/lib/capistrano/recipes/apache/app_ssl.conf

@@ -11,9 +11,9 @@
     RackBaseURI /<<APPLICATION_NAME>>
     RailsEnv <<ENVIRONMENT>>
 
-    PassengerUser nobody
+    PassengerUser www-data
     # CentOS: nobody / Ubuntu/Debian: nogroup
-    PassengerGroup nobody
+    PassengerGroup nogroup
 
     # which ruby version to use
     PassengerRuby <<RUBY_PATH>>
@@ -22,4 +22,8 @@
     Options -Indexes +MultiViews +FollowSymLinks
     AllowOverride None
     Require all granted
+
+    order allow,deny
+    allow from all
+
   </Directory>

data/lib/capistrano/tasks/apache.rake

@@ -6,29 +6,9 @@ namespace :apache do
   desc 'Configure Apache (httpd) and restart it'
   task :configure_and_start do
     invoke 'apache:configure'
-    invoke 'apache:chkconfig_on' # This task should go to Puppet or installation script
-    invoke 'apache:replace_apache_defaults' # This task should go to Puppet or installation script
     invoke 'apache:create_symbolic_link'
   end
 
-  # This task should be moved into Puppet or the installation script
-  desc 'Configure Apache to start at bootup'
-  task :chkconfig_on do
-    on roles(:web) do
-      info 'In task apache:chkconfig_on'
-
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
-
-      debug '#' * 50
-
-      debug 'chkconfig httpd on'
-      execute "#{sudo_cmd} chkconfig httpd on"
-
-      info 'Configured Apache to start at bootup'
-      debug '#' * 50
-    end
-  end
-
   desc 'Restart Apache (httpd) service'
   task :restart do
     on roles(:web) do
@@ -36,16 +16,16 @@ namespace :apache do
 
       debug '#' * 50
 
-      debug 'service httpd stop'
-      execute "#{sudo_cmd} service httpd stop"
+      debug 'systemctl stop apache2'
+      execute "#{sudo_cmd} systemctl stop apache2"
 
-      debug 'pkill -9 httpd || true'
-      execute "#{sudo_cmd} pkill -9 httpd || true"
+      debug 'pkill -9 apache2 || true'
+      execute "#{sudo_cmd} pkill -9 apache2 || true"
 
-      debug 'service httpd start'
-      execute "#{sudo_cmd} service httpd start"
+      debug 'systemctl start apache2'
+      execute "#{sudo_cmd} systemctl start apache2"
 
-      info 'Restarted Apache (httpd) service'
+      info 'Restarted Apache (apache2) service'
       debug '#' * 50
     end
   end
@@ -53,71 +33,9 @@ namespace :apache do
   desc 'Configure Apache configuration files'
   task :configure do
     invoke 'apache:create_apache_shared_folder'
-    invoke 'apache:create_apache_sites_folder'
-    invoke 'apache:configure_apache_modules'
     invoke 'apache:configure_app_ssl_conf_file'
   end
 
-  # This task should be moved into Puppet or the installation script
-  desc 'Create Apache multi-site configuration folder'
-  task :create_apache_sites_folder do
-    on roles(:app) do
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
-
-      debug '#' * 50
-      debug 'Create Apache multi-site configuration folder'
-
-      debug 'mkdir -p /etc/httpd/sites.d'
-      execute "#{sudo_cmd} mkdir -p /etc/httpd/sites.d"
-
-      debug '#' * 50
-    end
-  end
-
-  # This task should be moved into Puppet or the installation script
-  desc 'Configure Apache modules'
-  task :configure_apache_modules do
-    on roles(:app) do
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
-
-      debug '#' * 50
-      debug 'Configure (HTTP) Apache Passenger module'
-
-      set :shared_passenger_file, '/etc/httpd/conf.modules.d/00-passenger.conf'
-      passenger_file = File.expand_path('../recipes/apache/00-passenger.conf', __dir__)
-
-      # Create a temporary copy of the passenger module file
-      set :tmp_passenger_file, '/tmp/00-passenger.conf'
-
-      upload! StringIO.new(File.read(passenger_file)), fetch(:tmp_passenger_file).to_s
-
-      rvm_passenger_root_cmd = "/usr/local/rvm/bin/rvm #{fetch(:rvm_ruby_version)} do passenger-config --root"
-      passenger_root = get_command_output(rvm_passenger_root_cmd)
-      ruby_path = "/#{passenger_root.split('/')[1..5].join('/')}/wrappers/ruby"
-
-      debug "sed -i 's|<<PASSENGER_ROOT>>|#{passenger_root}|g' #{fetch(:tmp_passenger_file)}"
-      execute "sed -i 's|<<PASSENGER_ROOT>>|#{passenger_root}|g' #{fetch(:tmp_passenger_file)}"
-      execute "sed -i 's|<<RUBY_PATH>>|#{ruby_path}|g' #{fetch(:tmp_passenger_file)}"
-
-      # Replace the passenger module file
-      execute "#{sudo_cmd} mv -f #{fetch(:tmp_passenger_file)} #{fetch(:shared_passenger_file)}"
-      execute "#{sudo_cmd} chown root.root #{fetch(:shared_passenger_file)}"
-
-      debug '#' * 50
-      debug 'Deactivate unnecessary Apache modules'
-      %w[00-dav.conf 00-lua.conf 00-proxy.conf 01-cgi.conf].each do |file|
-        if remote_file_exists?("/etc/httpd/conf.modules.d/#{file}")
-          # only perform backup of Apache modules files unless already done
-          unless remote_file_exists?("/etc/httpd/conf.modules.d/#{file}_bck")
-            execute "#{sudo_cmd} cp /etc/httpd/conf.modules.d/#{file} /etc/httpd/conf.modules.d/#{file}_bck"
-          end
-          execute "#{sudo_cmd} truncate -s 0 /etc/httpd/conf.modules.d/#{file}"
-        end
-      end
-      debug '#' * 50
-    end
-  end
-
   desc 'Configure (HTTPS) Apache Application configuration files'
   task :configure_app_ssl_conf_file do
     on roles(:app), in: :sequence do
@@ -133,66 +51,16 @@ namespace :apache do
       debug "chmod g+w #{fetch(:shared_apache_conf_ssl_file)}"
       execute "chmod g+w #{fetch(:shared_apache_conf_ssl_file)}"
 
-      rvm_passenger_root_cmd = "/usr/local/rvm/bin/rvm #{fetch(:rvm_ruby_version)} do passenger-config --root"
-      passenger_root = get_command_output(rvm_passenger_root_cmd)
-      ruby_path = "/#{passenger_root.split('/')[1..5].join('/')}/wrappers/ruby"
+      ruby_path = get_command_output("/usr/local/rvm/bin/rvm #{fetch(:rvm_ruby_version)} do which ruby")
 
       execute "sed -i 's/<<APPLICATION_NAME>>/#{fetch(:app_name_uri)}/g' #{fetch(:shared_apache_conf_ssl_file)}"
       execute "sed -i 's/<<ENVIRONMENT>>/#{fetch(:environment)}/g' #{fetch(:shared_apache_conf_ssl_file)}"
       execute "sed -i 's|<<RUBY_PATH>>|#{ruby_path}|g' #{fetch(:shared_apache_conf_ssl_file)}"
 
-      execute "#{sudo_cmd} ln -sfn #{fetch(:shared_apache_conf_ssl_file)} /etc/httpd/sites.d/"
-
-      debug '#' * 50
-    end
-  end
-
-  # This task should be moved into Puppet or the installation script
-  desc 'Replace CentOS 7 default httpd.conf and ssl.conf file with our version'
-  task :replace_apache_defaults do
-    on roles(:web) do
-      sudo_cmd = "echo '#{fetch(:password)}' | sudo -S"
+      execute "#{sudo_cmd} ln -sfn #{fetch(:shared_apache_conf_ssl_file)} /etc/apache2/sites-available/"
+      execute "#{sudo_cmd} a2ensite `basename #{fetch(:shared_apache_conf_ssl_file)} .conf`"
 
       debug '#' * 50
-      debug 'Update httpd.conf and ssl.conf'
-
-      set :httpd_conf_file, '/etc/httpd/conf/httpd.conf'
-
-      # Replace the original Apache configuration file
-      if remote_file_exists?('/etc/httpd/conf/httpd.conf_bck')
-        info 'Apache original configuration file already backed up at: /etc/httpd/conf/httpd.conf_bck'
-      else
-        execute "#{sudo_cmd} cp -f #{fetch(:httpd_conf_file)} /etc/httpd/conf/httpd.conf_bck"
-        info 'Apache original configuration file backed up at: /etc/httpd/conf/httpd.conf_bck'
-      end
-
-      # Create a temporary copy of the Apache configuration file
-      set :tmp_httpd_file, '/tmp/httpd.conf'
-      httpd_safe_file = File.expand_path('../recipes/apache/httpd.conf', __dir__)
-
-      upload! StringIO.new(File.read(httpd_safe_file)), fetch(:tmp_httpd_file).to_s
-
-      # Replace the original Apache configuration file
-      execute "#{sudo_cmd} mv -f #{fetch(:tmp_httpd_file)} #{fetch(:httpd_conf_file)}"
-
-      set :ssl_conf_file, '/etc/httpd/conf.d/ssl.conf'
-
-      # Replace the original Apache ssl configuration file
-      if remote_file_exists?('/etc/httpd/conf.d/ssl.conf_bck')
-        info 'Apache original ssl configuration file already backed up at: /etc/httpd/conf.d/ssl.conf_bck'
-      else
-        execute "#{sudo_cmd} cp -f #{fetch(:ssl_conf_file)} /etc/httpd/conf.d/ssl.conf_bck"
-        info 'Apache original ssl configuration file backed up at: /etc/httpd/conf.d/ssl.conf_bck'
-      end
-
-      # Create a temporary copy of the Apache ssl configuration file
-      set :tmp_ssl_file, '/tmp/ssl.conf'
-      ssl_safe_file = File.expand_path('../recipes/apache/ssl.conf', __dir__)
-
-      upload! StringIO.new(File.read(ssl_safe_file)), fetch(:tmp_ssl_file).to_s
-
-      # Replace the original Apache ssl configuration file
-      execute "#{sudo_cmd} mv -f #{fetch(:tmp_ssl_file)} #{fetch(:ssl_conf_file)}"
     end
   end
 
@@ -206,8 +74,8 @@ namespace :apache do
   task :check_write_permissions_on_deploy do
     on roles(:app), in: :sequence do |host|
       debug '#' * 50
-      debug "Checking folder '#{fetch(:deploy_to)}' (where the application has to be deployed) "\
-            "for the right permissions on Host '#{host}'"
+      debug "Checking folder '#{fetch(:deploy_to)}' (where the application has to be deployed) " \
+              "for the right permissions on Host '#{host}'"
 
       if test("[ -w #{fetch(:deploy_to)} ]")
         info "#{fetch(:deploy_to)} is writable on #{host}"

data/lib/capistrano/tasks/app_home.rake

@@ -79,12 +79,12 @@ namespace :app_home do
         debug '#' * 50
 
         # Needs access to the folder due to the first write and log rotation
-        debug "chown -R nobody.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/log"
-        execute "#{sudo_cmd} chown -R nobody.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/log"
+        debug "chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/log"
+        execute "#{sudo_cmd} chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/log"
 
         # Needs write permissions
-        debug "chown -R nobody.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/tmp/"
-        execute "#{sudo_cmd} chown -R nobody.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/tmp/"
+        debug "chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/tmp/"
+        execute "#{sudo_cmd} chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:shared_path)}/tmp/"
 
         # Since the cache is local to any App installation it's necessary to update permissions
         app_cache_folder = release_path.join('tmp/cache')
@@ -93,9 +93,9 @@ namespace :app_home do
         debug "mkdir -p #{app_cache_folder}"
         execute "#{sudo_cmd} mkdir -p #{app_cache_folder}"
 
-        # Phusion Passenger (as nobody) needs write permissions to cache folder
-        debug "chown -R nobody.#{fetch(:app_group_owner)} #{app_cache_folder}"
-        execute "#{sudo_cmd} chown -R nobody.#{fetch(:app_group_owner)} #{app_cache_folder}"
+        # Phusion Passenger (respective user) needs write permissions to cache folder
+        debug "chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{app_cache_folder}"
+        execute "#{sudo_cmd} chown -R #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{app_cache_folder}"
 
         # Give write permissions to groups
         debug "chmod g+ws #{app_cache_folder}"
@@ -116,7 +116,7 @@ namespace :app_home do
         set :public_folder_path, "#{release_path}/public"
 
         debug '#' * 50
-        chown_command = "chown -Rf nobody.#{fetch(:app_group_owner)} #{fetch(:public_folder_path)}/*"
+        chown_command = "chown -Rf #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:public_folder_path)}/*"
         debug chown_command
         execute "#{sudo_cmd} #{chown_command}"
 
@@ -170,14 +170,4 @@ namespace :app_home do
     end
   end
 
-  ###
-  # This task doesn't look to be working:
-  # desc 'Restart application'
-  ###
-  task :restart do
-    on roles(:app) do
-      info "#{'#' * 10} Touching restart.txt..."
-      execute :touch, release_path.join('tmp/restart.txt')
-    end
-  end
 end

data/lib/capistrano/tasks/application.rake

@@ -147,6 +147,7 @@ namespace :load do
 
     # Sudo related information
     set :use_sudo, -> { true }
+    set :app_user_owner, -> { 'www-data' }
     set :app_group_owner, -> { 'exfl_itdm' }
 
     # Capistrano::Rails

data/lib/capistrano/tasks/database.rake

@@ -76,7 +76,7 @@ namespace :database do
       debug '#' * 50
 
       # Update database.yml user and group owners
-      chown_command = "chown nobody.#{fetch(:app_group_owner)} #{fetch(:database_file_path)}"
+      chown_command = "chown #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:database_file_path)}"
       debug chown_command
       execute "#{sudo_cmd} #{chown_command}"
 

data/lib/capistrano/tasks/secrets.rake

@@ -95,7 +95,7 @@ namespace :secrets do
       debug '#' * 50
 
       # Update database.yml user and group owners
-      chown_command = "chown nobody.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
+      chown_command = "chown #{fetch(:app_user_owner)}.#{fetch(:app_group_owner)} #{fetch(:secrets_file_path)}"
       debug chown_command
       execute "#{sudo_cmd} #{chown_command}"
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-exfel
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Luis Maia
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-06-28 00:00:00.000000000 Z
+date: 2024-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -54,16 +54,14 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- capistrano-exfel-0.4.0.gem
 - capistrano-exfel.gemspec
 - capistrano.graph
 - capistrano.png
 - lib/capistrano/exfel.rb
-- lib/capistrano/exfel/co7.rb
+- lib/capistrano/exfel/ubuntu22.rb
 - lib/capistrano/exfel/version.rb
-- lib/capistrano/recipes/apache/00-passenger.conf
 - lib/capistrano/recipes/apache/app_ssl.conf
-- lib/capistrano/recipes/apache/httpd.conf
-- lib/capistrano/recipes/apache/ssl.conf
 - lib/capistrano/recipes/config/database_mysql.yml
 - lib/capistrano/recipes/config/database_postgresql.yml
 - lib/capistrano/recipes/config/database_sqlite.yml
@@ -94,7 +92,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.5.7
 signing_key:
 specification_version: 4
 summary: Deploy Ruby on Rails 4, 5, 6 and 7 Applications in EXFEL Virtual Machines

data/lib/capistrano/recipes/apache/00-passenger.conf

@@ -1,6 +0,0 @@
-LoadModule passenger_module <<PASSENGER_ROOT>>/buildout/apache2/mod_passenger.so
-<IfModule mod_passenger.c>
- PassengerRoot <<PASSENGER_ROOT>>
- PassengerDefaultRuby <<RUBY_PATH>>
-</IfModule>
-

data/lib/capistrano/recipes/apache/httpd.conf

@@ -1,74 +0,0 @@
-
-ServerRoot "/etc/httpd"
-Listen 80
-
-Include conf.modules.d/*.conf
-
-User apache
-Group apache
-
-ServerAdmin root@localhost
-ServerSignature Off
-ServerTokens Prod
-
-<Directory />
-    AllowOverride none
-    Require all denied
-</Directory>
-
-DocumentRoot "/var/www/html"
-
-<Directory "/var/www">
-    AllowOverride None
-    Require all granted
-</Directory>
-
-<Directory "/var/www/html">
-    Options Indexes FollowSymLinks
-    AllowOverride None
-    Require all granted
-
-    # Redirect all HTTP to https://%{SERVER_NAME}/, keeping the requested path
-    RewriteEngine On
-    RewriteCond %{HTTPS} !=on
-    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
-
-</Directory>
-
-<IfModule dir_module>
-    DirectoryIndex index.html
-</IfModule>
-
-<Files ".ht*">
-    Require all denied
-</Files>
-
-ErrorLog "logs/error_log"
-
-LogLevel warn
-
-<IfModule log_config_module>
-    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
-    LogFormat "%h %l %u %t \"%r\" %>s %b" common
-    <IfModule logio_module>
-      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
-    </IfModule>
-    CustomLog "logs/access_log" combined
-</IfModule>
-
-
-<IfModule mime_module>
-    TypesConfig /etc/mime.types
-    AddType application/x-compress .Z
-    AddType application/x-gzip .gz .tgz
-</IfModule>
-
-AddDefaultCharset UTF-8
-
-<IfModule mime_magic_module>
-    MIMEMagicFile conf/magic
-</IfModule>
-
-
-EnableSendfile on
-IncludeOptional conf.d/*.conf

data/lib/capistrano/recipes/apache/ssl.conf

@@ -1,49 +0,0 @@
-Listen 443 https
-
-SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
-
-SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
-SSLSessionCacheTimeout  300
-
-SSLRandomSeed startup file:/dev/urandom  256
-SSLRandomSeed connect builtin
-
-SSLCryptoDevice builtin
-
-##
-## SSL Virtual Host Context
-##
-
-<VirtualHost _default_:443>
-
-ErrorLog logs/ssl_error_log
-LogLevel warn
-
-SSLEngine on
-
-SSLProtocol all -SSLv2 -SSLv3
-
-SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
-
-SSLCertificateFile /etc/pki/tls/certs/localhost.crt
-
-SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
-
-<Files ~ "\.(cgi|shtml|phtml|php3?)$">
-    SSLOptions +StdEnvVars
-</Files>
-<Directory "/var/www/cgi-bin">
-    SSLOptions +StdEnvVars
-</Directory>
-
-BrowserMatch "MSIE [2-5]" \
-         nokeepalive ssl-unclean-shutdown \
-         downgrade-1.0 force-response-1.0
-
-RemoteIPHeader X-Forwarded-For
-LogFormat "%t - %a - %s - %{Host}i - \"%r\" \"%{Referer}i\" \"%{User-agent}i\" %D" xfel
-CustomLog logs/ssl_access_log xfel
-
-IncludeOptional sites.d/*.conf
-
-</VirtualHost>