-
Notifications
You must be signed in to change notification settings - Fork 0
/
httpd.conf
155 lines (128 loc) · 3.27 KB
/
httpd.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
#
# Macros
#
IP="lo0"
#
# Servers
#
# default http server to redirect the request scheme "http" to "https"
server "defaulter http redirect scheme" {
listen on $IP port http
tcp nodelay
log style forwarded
# ACME challenge
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "*" {
block return 302 "https://$HTTP_HOST$REQUEST_URI"
}
}
# default https server
server "defaulter https" {
listen on $IP port https # using relayd TLS server
hsts subdomains
tcp nodelay
log style forwarded
# ACME challenge over TLS
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
# Set the directory index file to index.html
location "*/" {
request rewrite "/$HTTP_HOST$DOCUMENT_URI/index.html?$QUERY_STRING"
}
location "/*" {
request rewrite "/$HTTP_HOST$REQUEST_URI"
}
}
# opt-in https server to redirect the parent domain to its "www" subdomain
server "defaulter https redirect to www" {
# parent domain
alias "example.com"
listen on $IP port https # using relayd TLS server
hsts subdomains
tcp nodelay
log style forwarded
# ACME challenge over TLS
location "/.well-known/acme-challenge/*" {
root "/acme"
request strip 2
}
location "*" {
block return 302 "$REQUEST_SCHEME://www.$HTTP_HOST$REQUEST_URI"
}
}
# a custom http[s] server
#server "openbsd.mirror.example.com" {
# listen on $IP port http
# listen on $IP port https # using relayd TLS server
#
# tcp nodelay
# log style forwarded
#
# # ACME challenge over TLS
# location "/.well-known/acme-challenge/*" {
# root "/acme"
# request strip 2
# }
#
# # Serve up ftp space mounted in /var/www/pub
# #
# # Mirror for distribution sets (!) https://www.openbsd.org/httpd.conf
# location "/pub/OpenBSD*" {
# root "/"
# directory auto index
# }
#
# # Send man.cgi requests to man.openbsd.org
# location "/cgi-bin/man.cgi*" {
# block return 301 "https://man.openbsd.org$REQUEST_URI"
# }
# # Send cvsweb requests to cvsweb.openbsd.org
# location "/cgi-bin/cvsweb*" {
# block return 301 "https://cvsweb.openbsd.org$REQUEST_URI"
# }
#}
#
# Include MIME types instead of the built-in ones
#
types {
# system-wide
include "/usr/share/misc/mime.types"
# custom (overwrite)
#
# Data interchange
application/ld+json jsonld
application/vnd.geo+json geojson
# Manifest files
application/manifest+json webmanifest
application/x-web-app-manifest+json webapp
text/cache-manifest appcache
# Media files
audio/x-wav wav
image/jxr jxr hdp wdp
video/ogg ogv
# Microsoft Office
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
# Web fonts
application/font-woff2 woff2
application/x-font-ttf ttc ttf
# Other
application/x-bb-appworld bbaw
application/x-bittorrent torrent
application/x-chrome-extension crx
application/x-opera-extension oex
application/xslt+xml xsl
text/markdown md
text/vcard vcard vcf
text/vnd.rim.location.xloc xloc
text/vtt vtt
# Necessary to ensure patch files show up as text not binary
text/plain sig
}