diff options
Diffstat (limited to 'debian/config-dir')
152 files changed, 2475 insertions, 0 deletions
diff --git a/debian/config-dir/apache2.conf.in b/debian/config-dir/apache2.conf.in new file mode 100644 index 0000000..bc665d4 --- /dev/null +++ b/debian/config-dir/apache2.conf.in @@ -0,0 +1,225 @@ +# This is the main Apache server configuration file. It contains the +# configuration directives that give the server its instructions. +# See http://httpd.apache.org/docs/2.4/ for detailed information about +# the directives and /usr/share/doc/apache2/README.Debian about Debian specific +# hints. +# +# +# Summary of how the Apache 2 configuration works in Debian: +# The Apache 2 web server configuration in Debian is quite different to +# upstream's suggested way to configure the web server. This is because Debian's +# default Apache2 installation attempts to make adding and removing modules, +# virtual hosts, and extra configuration directives as flexible as possible, in +# order to make automating the changes and administering the server as easy as +# possible. + +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf-enabled +# | `-- *.conf +# `-- sites-enabled +# `-- *.conf +# +# +# * apache2.conf is the main configuration file (this file). It puts the pieces +# together by including all remaining configuration files when starting up the +# web server. +# +# * ports.conf is always included from the main configuration file. It is +# supposed to determine listening ports for incoming connections which can be +# customized anytime. +# +# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ +# directories contain particular configuration snippets which manage modules, +# global configuration fragments, or virtual host configurations, +# respectively. +# +# They are activated by symlinking available configuration files from their +# respective *-available/ counterparts. These should be managed by using our +# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See +# their respective man pages for detailed information. +# +# * The binary is called apache2. Due to the use of environment variables, in +# the default configuration, apache2 needs to be started/stopped with +# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not +# work with the default configuration. + + +# Global configuration +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the Mutex documentation (available +# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +___MUTEX___Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a <VirtualHost> +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a <VirtualHost> +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. +<Directory /> + Options FollowSymLinks + AllowOverride None + Require all denied +</Directory> + +<Directory /usr/share> + AllowOverride None + Require all granted +</Directory> + +<Directory /var/www/> + Options Indexes FollowSymLinks + AllowOverride None + Require all granted +</Directory> + +#<Directory /srv/> +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +#</Directory> + + + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# +<FilesMatch "^\.ht"> + Require all denied +</FilesMatch> + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf diff --git a/debian/config-dir/conf-available/charset.conf b/debian/config-dir/conf-available/charset.conf new file mode 100644 index 0000000..40d7198 --- /dev/null +++ b/debian/config-dir/conf-available/charset.conf @@ -0,0 +1,6 @@ +# Read the documentation before enabling AddDefaultCharset. +# In general, it is only a good idea if you know that all your files +# have this encoding. It will override any encoding given in the files +# in meta http-equiv or xml encoding tags. + +#AddDefaultCharset UTF-8 diff --git a/debian/config-dir/conf-available/localized-error-pages.conf b/debian/config-dir/conf-available/localized-error-pages.conf new file mode 100644 index 0000000..a3a198a --- /dev/null +++ b/debian/config-dir/conf-available/localized-error-pages.conf @@ -0,0 +1,79 @@ +# Customizable error responses come in three flavors: +# 1) plain text +# 2) local redirects +# 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# Putting this all together, we can internationalize error responses. +# +# We use Alias to redirect any /error/HTTP_<error>.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# +# You can modify the messages' appearance without changing any of the +# default HTTP_<error>.html.var files by adding the line: +# +#Alias /error/include/ "/your/include/path/" +# +# which allows you to create your own set of files by starting with the +# /usr/share/apache2/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. If you include the Alias in the global server +# context, is has to come _before_ the 'Alias /error/ ...' line. +# +# The default include files will display your Apache version number and your +# ServerAdmin email address regardless of the setting of ServerSignature. +# +# WARNING: The configuration below will NOT work out of the box if you have a +# SetHandler directive in a <Location /> context somewhere. Adding +# the following three lines AFTER the <Location /> context should +# make it work in most cases: +# <Location /error/> +# SetHandler none +# </Location> +# +# The internationalized error documents require mod_alias, mod_include +# and mod_negotiation. To activate them, uncomment the following 37 lines. + +#<IfModule mod_negotiation.c> +# <IfModule mod_include.c> +# <IfModule mod_alias.c> +# +# Alias /error/ "/usr/share/apache2/error/" +# +# <Directory "/usr/share/apache2/error"> +# Options IncludesNoExec +# AddOutputFilter Includes html +# AddHandler type-map var +# Order allow,deny +# Allow from all +# LanguagePriority en cs de es fr it nl sv pt-br ro +# ForceLanguagePriority Prefer Fallback +# </Directory> +# +# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +# ErrorDocument 410 /error/HTTP_GONE.html.var +# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var +# </IfModule> +# </IfModule> +#</IfModule> diff --git a/debian/config-dir/conf-available/other-vhosts-access-log.conf b/debian/config-dir/conf-available/other-vhosts-access-log.conf new file mode 100644 index 0000000..9f7aecd --- /dev/null +++ b/debian/config-dir/conf-available/other-vhosts-access-log.conf @@ -0,0 +1,2 @@ +# Define an access log for VirtualHosts that don't define their own logfile +CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined diff --git a/debian/config-dir/conf-available/security.conf b/debian/config-dir/conf-available/security.conf new file mode 100644 index 0000000..cad7dc1 --- /dev/null +++ b/debian/config-dir/conf-available/security.conf @@ -0,0 +1,58 @@ +# Changing the following options will not really affect the security of the +# server, but might make attacks slightly more difficult in some cases. + +# +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minimal | Minor | Major | Prod +# where Full conveys the most information, and Prod the least. +#ServerTokens Minimal +ServerTokens OS +#ServerTokens Full + +# +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +#ServerSignature Off +ServerSignature On + +# +# Allow TRACE method +# +# Set to "extended" to also reflect the request body (only for testing and +# diagnostic purposes). +# +# Set to one of: On | Off | extended +TraceEnable Off +#TraceEnable On + +# +# Forbid access to version control directories +# +# If you use version control systems in your document root, you should +# probably deny access to their directories. +# +# Examples: +# +#RedirectMatch 404 /\.git +#RedirectMatch 404 /\.svn + +# +# Setting this header will prevent MSIE from interpreting files as something +# else than declared by the content type in the HTTP headers. +# Requires mod_headers to be enabled. +# +#Header set X-Content-Type-Options: "nosniff" + +# +# Setting this header will prevent other sites from embedding pages from this +# site as frames. This defends against clickjacking attacks. +# Requires mod_headers to be enabled. +# +#Header set Content-Security-Policy "frame-ancestors 'self';" diff --git a/debian/config-dir/conf-available/serve-cgi-bin.conf b/debian/config-dir/conf-available/serve-cgi-bin.conf new file mode 100644 index 0000000..ae660b1 --- /dev/null +++ b/debian/config-dir/conf-available/serve-cgi-bin.conf @@ -0,0 +1,18 @@ +<IfModule mod_alias.c> + <IfModule mod_cgi.c> + Define ENABLE_USR_LIB_CGI_BIN + </IfModule> + + <IfModule mod_cgid.c> + Define ENABLE_USR_LIB_CGI_BIN + </IfModule> + + <IfDefine ENABLE_USR_LIB_CGI_BIN> + ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ + <Directory "/usr/lib/cgi-bin"> + AllowOverride None + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch + Require all granted + </Directory> + </IfDefine> +</IfModule> diff --git a/debian/config-dir/envvars b/debian/config-dir/envvars new file mode 100644 index 0000000..708d170 --- /dev/null +++ b/debian/config-dir/envvars @@ -0,0 +1,47 @@ +# envvars - default environment variables for apache2ctl + +# this won't be correct after changing uid +unset HOME + +# for supporting multiple apache2 instances +if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then + SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}" +else + SUFFIX= +fi + +# Since there is no sane way to get the parsed apache2 config in scripts, some +# settings are defined via environment variables and then used in apache2ctl, +# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. +export APACHE_RUN_USER=www-data +export APACHE_RUN_GROUP=www-data +# temporary state file location. This might be changed to /run in Wheezy+1 +export APACHE_PID_FILE=/var/run/apache2$SUFFIX/apache2.pid +export APACHE_RUN_DIR=/var/run/apache2$SUFFIX +export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX +# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2. +export APACHE_LOG_DIR=/var/log/apache2$SUFFIX + +## The locale used by some modules like mod_dav +export LANG=C +## Uncomment the following line to use the system default locale instead: +#. /etc/default/locale + +export LANG + +## The command to get the status for 'apache2ctl status'. +## Some packages providing 'www-browser' need '--dump' instead of '-dump'. +#export APACHE_LYNX='www-browser -dump' + +## If you need a higher file descriptor limit, uncomment and adjust the +## following line (default is 8192): +#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536' + +## If you would like to pass arguments to the web server, add them below +## to the APACHE_ARGUMENTS environment. +#export APACHE_ARGUMENTS='' + +## Enable the debug mode for maintainer scripts. +## This will produce a verbose output on package installations of web server modules and web application +## installations which interact with Apache +#export APACHE2_MAINTSCRIPT_DEBUG=1 diff --git a/debian/config-dir/magic b/debian/config-dir/magic new file mode 100644 index 0000000..cdf9ac5 --- /dev/null +++ b/debian/config-dir/magic @@ -0,0 +1,935 @@ +# Magic data for mod_mime_magic (originally for file(1) command) +# +# The format is 4-5 columns: +# Column #1: byte number to begin checking from, ">" indicates continuation +# Column #2: type of data to match +# Column #3: contents of data to match +# Column #4: MIME type of result +# Column #5: MIME encoding of result (optional) + +#------------------------------------------------------------------------------ +# Localstuff: file(1) magic for locally observed files +# Add any locally observed files here. + +# Real Audio (Magic .ra\0375) +0 belong 0x2e7261fd audio/x-pn-realaudio +0 string .RMF application/vnd.rn-realmedia + +#video/x-pn-realvideo +#video/vnd.rn-realvideo +#application/vnd.rn-realmedia +# sigh, there are many mimes for that but the above are the most common. + +# Taken from magic, converted to magic.mime +# mime types according to http://www.geocities.com/nevilo/mod.htm: +# audio/it .it +# audio/x-zipped-it .itz +# audio/xm fasttracker modules +# audio/x-s3m screamtracker modules +# audio/s3m screamtracker modules +# audio/x-zipped-mod mdz +# audio/mod mod +# audio/x-mod All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z) + +# Taken from loader code from mikmod version 2.14 +# by Steve McIntyre (stevem@chiark.greenend.org.uk) +# <doj@cubic.org> added title printing on 2003-06-24 +0 string MAS_UTrack_V00 +>14 string >/0 audio/x-mod +#audio/x-tracker-module + +#0 string UN05 MikMod UNI format module sound data + +0 string Extended\ Module: audio/x-mod +#audio/x-tracker-module +##>17 string >\0 Title: "%s" + +21 string/c \!SCREAM! audio/x-mod +#audio/x-screamtracker-module +21 string BMOD2STM audio/x-mod +#audio/x-screamtracker-module +1080 string M.K. audio/x-mod +#audio/x-protracker-module +#>0 string >\0 Title: "%s" +1080 string M!K! audio/x-mod +#audio/x-protracker-module +#>0 string >\0 Title: "%s" +1080 string FLT4 audio/x-mod +#audio/x-startracker-module +#>0 string >\0 Title: "%s" +1080 string FLT8 audio/x-mod +#audio/x-startracker-module +#>0 string >\0 Title: "%s" +1080 string 4CHN audio/x-mod +#audio/x-fasttracker-module +#>0 string >\0 Title: "%s" +1080 string 6CHN audio/x-mod +#audio/x-fasttracker-module +#>0 string >\0 Title: "%s" +1080 string 8CHN audio/x-mod +#audio/x-fasttracker-module +#>0 string >\0 Title: "%s" +1080 string CD81 audio/x-mod +#audio/x-oktalyzer-tracker-module +#>0 string >\0 Title: "%s" +1080 string OKTA audio/x-mod +#audio/x-oktalyzer-tracker-module +#>0 string >\0 Title: "%s" +# Not good enough. +#1082 string CH +#>1080 string >/0 %.2s-channel Fasttracker "oktalyzer" module sound data +1080 string 16CN audio/x-mod +#audio/x-taketracker-module +#>0 string >\0 Title: "%s" +1080 string 32CN audio/x-mod +#audio/x-taketracker-module +#>0 string >\0 Title: "%s" + +# Impuse tracker module (it) +0 string IMPM audio/x-mod +#>4 string >\0 "%s" +#>40 leshort !0 compatible w/ITv%x +#>42 leshort !0 created w/ITv%x + +#------------------------------------------------------------------------------ +# end local stuff +#------------------------------------------------------------------------------ + +# xml based formats! + +# svg + +0 string \<?xml +# text/xml +>38 string \<\!DOCTYPE\040svg image/svg+xml + + +# xml +0 string \<?xml text/xml + + +#------------------------------------------------------------------------------ +# Java + +0 short 0xcafe +>2 short 0xbabe application/java + +#------------------------------------------------------------------------------ +# audio: file(1) magic for sound formats +# +# from Jan Nicolai Langfeldt <janl@ifi.uio.no>, +# + +# Sun/NeXT audio data +0 string .snd +>12 belong 1 audio/basic +>12 belong 2 audio/basic +>12 belong 3 audio/basic +>12 belong 4 audio/basic +>12 belong 5 audio/basic +>12 belong 6 audio/basic +>12 belong 7 audio/basic + +>12 belong 23 audio/x-adpcm + +# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format +# that uses little-endian encoding and has a different magic number +# (0x0064732E in little-endian encoding). +0 lelong 0x0064732E +>12 lelong 1 audio/x-dec-basic +>12 lelong 2 audio/x-dec-basic +>12 lelong 3 audio/x-dec-basic +>12 lelong 4 audio/x-dec-basic +>12 lelong 5 audio/x-dec-basic +>12 lelong 6 audio/x-dec-basic +>12 lelong 7 audio/x-dec-basic +# compressed (G.721 ADPCM) +>12 lelong 23 audio/x-dec-adpcm + +# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM" +# AIFF audio data +8 string AIFF audio/x-aiff +# AIFF-C audio data +8 string AIFC audio/x-aiff +# IFF/8SVX audio data +8 string 8SVX audio/x-aiff + + + +# Creative Labs AUDIO stuff +# Standard MIDI data +0 string MThd audio/unknown +#>9 byte >0 (format %d) +#>11 byte >1 using %d channels +# Creative Music (CMF) data +0 string CTMF audio/unknown +# SoundBlaster instrument data +0 string SBI audio/unknown +# Creative Labs voice data +0 string Creative\ Voice\ File audio/unknown +## is this next line right? it came this way... +#>19 byte 0x1A +#>23 byte >0 - version %d +#>22 byte >0 \b.%d + +# [GRR 950115: is this also Creative Labs? Guessing that first line +# should be string instead of unknown-endian long...] +#0 long 0x4e54524b MultiTrack sound data +#0 string NTRK MultiTrack sound data +#>4 long x - version %ld + +# Microsoft WAVE format (*.wav) +# [GRR 950115: probably all of the shorts and longs should be leshort/lelong] +# Microsoft RIFF +0 string RIFF +# - WAVE format +>8 string WAVE audio/x-wav +>8 string/B AVI video/x-msvideo +# +>8 string CDRA image/x-coreldraw + +# AAC (aka MPEG-2 NBC) +0 beshort&0xfff6 0xfff0 audio/X-HX-AAC-ADTS +0 string ADIF audio/X-HX-AAC-ADIF +0 beshort&0xffe0 0x56e0 audio/MP4A-LATM +0 beshort 0x4De1 audio/MP4A-LATM + +# MPEG Layer 3 sound files +0 beshort&0xfffe =0xfffa audio/mpeg +#MP3 with ID3 tag +0 string ID3 audio/mpeg +# Ogg/Vorbis +0 string OggS application/ogg + +#------------------------------------------------------------------------------ +# c-lang: file(1) magic for C programs or various scripts +# + +# XPM icons (Greg Roelofs, newt@uchicago.edu) +# ideally should go into "images", but entries below would tag XPM as C source +0 string /*\ XPM image/x-xpmi 7bit + +# 3DS (3d Studio files) +#16 beshort 0x3d3d image/x-3ds + +# this first will upset you if you're a PL/1 shop... (are there any left?) +# in which case rm it; ascmagic will catch real C programs +# C or REXX program text +#0 string /* text/x-c +# C++ program text +#0 string // text/x-c++ + +#------------------------------------------------------------------------------ +# commands: file(1) magic for various shells and interpreters +# +#0 string :\ shell archive or commands for antique kernel text +0 string #!/bin/sh application/x-shellscript +0 string #!\ /bin/sh application/x-shellscript +0 string #!/bin/csh application/x-shellscript +0 string #!\ /bin/csh application/x-shellscript +# korn shell magic, sent by George Wu, gwu@clyde.att.com +0 string #!/bin/ksh application/x-shellscript +0 string #!\ /bin/ksh application/x-shellscript +0 string #!/bin/tcsh application/x-shellscript +0 string #!\ /bin/tcsh application/x-shellscript +0 string #!/usr/local/tcsh application/x-shellscript +0 string #!\ /usr/local/tcsh application/x-shellscript +0 string #!/usr/local/bin/tcsh application/x-shellscript +0 string #!\ /usr/local/bin/tcsh application/x-shellscript +# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de) +0 string #!/bin/bash application/x-shellscript +0 string #!\ /bin/bash application/x-shellscript +0 string #!/usr/local/bin/bash application/x-shellscript +0 string #!\ /usr/local/bin/bash application/x-shellscript + +# +# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson) +0 string #!/bin/zsh application/x-shellscript +0 string #!/usr/bin/zsh application/x-shellscript +0 string #!/usr/local/bin/zsh application/x-shellscript +0 string #!\ /usr/local/bin/zsh application/x-shellscript +0 string #!/usr/local/bin/ash application/x-shellscript +0 string #!\ /usr/local/bin/ash application/x-shellscript +#0 string #!/usr/local/bin/ae Neil Brown's ae +#0 string #!\ /usr/local/bin/ae Neil Brown's ae +0 string #!/bin/nawk application/x-nawk +0 string #!\ /bin/nawk application/x-nawk +0 string #!/usr/bin/nawk application/x-nawk +0 string #!\ /usr/bin/nawk application/x-nawk +0 string #!/usr/local/bin/nawk application/x-nawk +0 string #!\ /usr/local/bin/nawk application/x-nawk +0 string #!/bin/gawk application/x-gawk +0 string #!\ /bin/gawk application/x-gawk +0 string #!/usr/bin/gawk application/x-gawk +0 string #!\ /usr/bin/gawk application/x-gawk +0 string #!/usr/local/bin/gawk application/x-gawk +0 string #!\ /usr/local/bin/gawk application/x-gawk +# +0 string #!/bin/awk application/x-awk +0 string #!\ /bin/awk application/x-awk +0 string #!/usr/bin/awk application/x-awk +0 string #!\ /usr/bin/awk application/x-awk +# update to distinguish from *.vcf files by Joerg Jenderek: joerg dot jenderek at web dot de +#0 regex BEGIN[[:space:]]*[{] application/x-awk + +# For Larry Wall's perl language. The ``eval'' line recognizes an +# outrageously clever hack for USG systems. +# Keith Waclena <keith@cerberus.uchicago.edu> +0 string #!/bin/perl application/x-perl +0 string #!\ /bin/perl application/x-perl +0 string eval\ "exec\ /bin/perl application/x-perl +0 string #!/usr/bin/perl application/x-perl +0 string #!\ /usr/bin/perl application/x-perl +0 string eval\ "exec\ /usr/bin/perl application/x-perl +0 string #!/usr/local/bin/perl application/x-perl +0 string #!\ /usr/local/bin/perl application/x-perl +0 string eval\ "exec\ /usr/local/bin/perl application/x-perl + +#------------------------------------------------------------------------------ +# compress: file(1) magic for pure-compression formats (no archives) +# +# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc. +# +# Formats for various forms of compressed data +# Formats for "compress" proper have been moved into "compress.c", +# because it tries to uncompress it to figure out what's inside. + +# standard unix compress +#0 string \037\235 application/x-compress + +# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver) +#0 string \037\213 application/x-gzip + +0 string PK\003\004 application/x-zip + +# RAR archiver (Greg Roelofs, newt@uchicago.edu) +0 string Rar! application/x-rar + +# According to gzip.h, this is the correct byte order for packed data. +0 string \037\036 application/octet-stream +# +# This magic number is byte-order-independent. +# +0 short 017437 application/octet-stream + +# XXX - why *two* entries for "compacted data", one of which is +# byte-order independent, and one of which is byte-order dependent? +# +# compacted data +0 short 0x1fff application/octet-stream +0 string \377\037 application/octet-stream +# huf output +0 short 0145405 application/octet-stream + +# Squeeze and Crunch... +# These numbers were gleaned from the Unix versions of the programs to +# handle these formats. Note that I can only uncrunch, not crunch, and +# I didn't have a crunched file handy, so the crunch number is untested. +# Keith Waclena <keith@cerberus.uchicago.edu> +#0 leshort 0x76FF squeezed data (CP/M, DOS) +#0 leshort 0x76FE crunched data (CP/M, DOS) + +# Freeze +#0 string \037\237 Frozen file 2.1 +#0 string \037\236 Frozen file 1.0 (or gzip 0.5) + +# lzh? +#0 string \037\240 LZH compressed data + +257 string ustar\0 application/x-tar posix +257 string ustar\040\040\0 application/x-tar gnu + +0 short 070707 application/x-cpio +0 short 0143561 application/x-cpio swapped + +0 string =<ar> application/x-archive +0 string \!<arch> application/x-archive +>8 string debian application/x-debian-package + +#------------------------------------------------------------------------------ +# +# RPM: file(1) magic for Red Hat Packages Erik Troan (ewt@redhat.com) +# +0 beshort 0xedab +>2 beshort 0xeedb application/x-rpm + +0 lelong&0x8080ffff 0x0000081a application/x-arc lzw +0 lelong&0x8080ffff 0x0000091a application/x-arc squashed +0 lelong&0x8080ffff 0x0000021a application/x-arc uncompressed +0 lelong&0x8080ffff 0x0000031a application/x-arc packed +0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed +0 lelong&0x8080ffff 0x0000061a application/x-arc crunched + +0 leshort 0xea60 application/x-arj + +# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu) +2 string -lh0- application/x-lharc lh0 +2 string -lh1- application/x-lharc lh1 +2 string -lz4- application/x-lharc lz4 +2 string -lz5- application/x-lharc lz5 +# [never seen any but the last; -lh4- reported in comp.compression:] +2 string -lzs- application/x-lha lzs +2 string -lh\ - application/x-lha lh +2 string -lhd- application/x-lha lhd +2 string -lh2- application/x-lha lh2 +2 string -lh3- application/x-lha lh3 +2 string -lh4- application/x-lha lh4 +2 string -lh5- application/x-lha lh5 +2 string -lh6- application/x-lha lh6 +2 string -lh7- application/x-lha lh7 +# Shell archives +10 string #\ This\ is\ a\ shell\ archive application/octet-stream x-shell + +#------------------------------------------------------------------------------ +# frame: file(1) magic for FrameMaker files +# +# This stuff came on a FrameMaker demo tape, most of which is +# copyright, but this file is "published" as witness the following: +# +0 string \<MakerFile application/x-frame +0 string \<MIFFile application/x-frame +0 string \<MakerDictionary application/x-frame +0 string \<MakerScreenFon application/x-frame +0 string \<MML application/x-frame +0 string \<Book application/x-frame +0 string \<Maker application/x-frame + +#------------------------------------------------------------------------------ +# html: file(1) magic for HTML (HyperText Markup Language) docs +# +# from Daniel Quinlan <quinlan@yggdrasil.com> +# +0 string/cB \<!DOCTYPE\ html text/html +0 string/cb \<head text/html +0 string/cb \<title text/html +0 string/bc \<html text/html +0 string \<!-- text/html +0 string/c \<h1 text/html + +0 string \<?xml text/xml + +#------------------------------------------------------------------------------ +# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps) +# +# originally from jef@helios.ee.lbl.gov (Jef Poskanzer), +# additions by janl@ifi.uio.no as well as others. Jan also suggested +# merging several one- and two-line files into here. +# +# XXX - byte order for GIF and TIFF fields? +# [GRR: TIFF allows both byte orders; GIF is probably little-endian] +# + +# [GRR: what the hell is this doing in here?] +#0 string xbtoa btoa'd file + +# PBMPLUS +# PBM file +0 string P1 image/x-portable-bitmap 7bit +# PGM file +0 string P2 image/x-portable-greymap 7bit +# PPM file +0 string P3 image/x-portable-pixmap 7bit +# PBM "rawbits" file +0 string P4 image/x-portable-bitmap +# PGM "rawbits" file +0 string P5 image/x-portable-greymap +# PPM "rawbits" file +0 string P6 image/x-portable-pixmap + +# NIFF (Navy Interchange File Format, a modification of TIFF) +# [GRR: this *must* go before TIFF] +0 string IIN1 image/x-niff + +# TIFF and friends +# TIFF file, big-endian +0 string MM image/tiff +# TIFF file, little-endian +0 string II image/tiff + +# possible GIF replacements; none yet released! +# (Greg Roelofs, newt@uchicago.edu) +# +# GRR 950115: this was mine ("Zip GIF"): +# ZIF image (GIF+deflate alpha) +0 string GIF94z image/unknown +# +# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better): +# FGF image (GIF+deflate beta) +0 string FGF95a image/unknown +# +# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal +# (best; not yet implemented): +# PBF image (deflate compression) +0 string PBF image/unknown + +# GIF +0 string GIF image/gif + +# JPEG images +0 beshort 0xffd8 image/jpeg + +# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu) +0 string BM image/x-ms-bmp +#>14 byte 12 (OS/2 1.x format) +#>14 byte 64 (OS/2 2.x format) +#>14 byte 40 (Windows 3.x format) +#0 string IC icon +#0 string PI pointer +#0 string CI color icon +#0 string CP color pointer +#0 string BA bitmap array + +# CDROM Filesystems +32769 string CD001 application/x-iso9660 + +# Newer StuffIt archives (grant@netbsd.org) +0 string StuffIt application/x-stuffit +#>162 string >0 : %s + +# BinHex is the Macintosh ASCII-encoded file format (see also "apple") +# Daniel Quinlan, quinlan@yggdrasil.com +11 string must\ be\ converted\ with\ BinHex\ 4 application/mac-binhex40 +##>41 string x \b, version %.3s + + +#------------------------------------------------------------------------------ +# lisp: file(1) magic for lisp programs +# +# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string ;; text/plain 8bit +# Emacs 18 - this is always correct, but not very magical. +0 string \012( application/x-elc +# Emacs 19 +0 string ;ELC\023\000\000\000 application/x-elc + +#------------------------------------------------------------------------------ +# mail.news: file(1) magic for mail and news +# +# There are tests to ascmagic.c to cope with mail and news. +0 string Relay-Version: message/rfc822 7bit +0 string #!\ rnews message/rfc822 7bit +0 string N#!\ rnews message/rfc822 7bit +0 string Forward\ to message/rfc822 7bit +0 string Pipe\ to message/rfc822 7bit +0 string Return-Path: message/rfc822 7bit +0 string Received: message/rfc822 +0 string Path: message/news 8bit +0 string Xref: message/news 8bit +0 string From: message/rfc822 7bit +0 string Article message/news 8bit +#------------------------------------------------------------------------------ +# msword: file(1) magic for MS Word files +# +# Contributor claims: +# Reversed-engineered MS Word magic numbers +# + +0 string \376\067\0\043 application/msword +0 string \320\317\021\340\241\261 application/msword +0 string \333\245-\0\0\0 application/msword + + + +#------------------------------------------------------------------------------ +# printer: file(1) magic for printer-formatted files +# + +# PostScript +0 string %! application/postscript +0 string \004%! application/postscript + +# Acrobat +# (due to clamen@cs.cmu.edu) +0 string %PDF- application/pdf + +#------------------------------------------------------------------------------ +# sc: file(1) magic for "sc" spreadsheet +# +38 string Spreadsheet application/x-sc + +#------------------------------------------------------------------------------ +# tex: file(1) magic for TeX files +# +# XXX - needs byte-endian stuff (big-endian and little-endian DVI?) +# +# From <conklin@talisman.kaleida.com> + +# Although we may know the offset of certain text fields in TeX DVI +# and font files, we can't use them reliably because they are not +# zero terminated. [but we do anyway, christos] +0 string \367\002 application/x-dvi +#0 string \367\203 TeX generic font data +#0 string \367\131 TeX packed font data +#0 string \367\312 TeX virtual font data +#0 string This\ is\ TeX, TeX transcript text +#0 string This\ is\ METAFONT, METAFONT transcript text + +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +2 string \000\021 application/x-tex-tfm +2 string \000\022 application/x-tex-tfm +#>34 string >\0 (%s) + +# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com) +0 string \\input\ texinfo text/x-texinfo +0 string This\ is\ Info\ file text/x-info + +# correct TeX magic for Linux (and maybe more) +# from Peter Tobias (tobias@server.et-inf.fho-emden.de) +# +0 leshort 0x02f7 application/x-dvi + +# RTF - Rich Text Format +0 string {\\rtf text/rtf + +#------------------------------------------------------------------------------ +# animation: file(1) magic for animation/movie formats +# +# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8) +# MPEG file +# MPEG sequences +0 belong 0x000001BA +>4 byte &0x40 video/mp2p +>4 byte ^0x40 video/mpeg +0 belong 0x000001BB video/mpeg +0 belong 0x000001B0 video/mp4v-es +0 belong 0x000001B5 video/mp4v-es +0 belong 0x000001B3 video/mpv +0 belong&0xFF5FFF1F 0x47400010 video/mp2t +0 belong 0x00000001 +>4 byte&0x1F 0x07 video/h264 + +# FLI animation format +0 leshort 0xAF11 video/fli +# FLC animation format +0 leshort 0xAF12 video/flc +# +# SGI and Apple formats +# Added ISO mimes +0 string MOVI video/sgi +4 string moov video/quicktime +4 string mdat video/quicktime +4 string wide video/quicktime +4 string skip video/quicktime +4 string free video/quicktime +4 string idsc image/x-quicktime +4 string idat image/x-quicktime +4 string pckg application/x-quicktime +4 string/B jP image/jp2 +4 string ftyp +>8 string isom video/mp4 +>8 string mp41 video/mp4 +>8 string mp42 video/mp4 +>8 string/B jp2 image/jp2 +>8 string 3gp video/3gpp +>8 string avc1 video/3gpp +>8 string mmp4 video/mp4 +>8 string/B M4A audio/mp4 +>8 string/B qt video/quicktime +# The contributor claims: +# I couldn't find a real magic number for these, however, this +# -appears- to work. Note that it might catch other files, too, +# so BE CAREFUL! +# +# Note that title and author appear in the two 20-byte chunks +# at decimal offsets 2 and 22, respectively, but they are XOR'ed with +# 255 (hex FF)! DL format SUCKS BIG ROCKS. +# +# DL file version 1 , medium format (160x100, 4 images/screen) +0 byte 1 video/unknown +0 byte 2 video/unknown +# +# Databases +# +# GDBM magic numbers +# Will be maintained as part of the GDBM distribution in the future. +# <downsj@teeny.org> +0 belong 0x13579ace application/x-gdbm +0 lelong 0x13579ace application/x-gdbm +0 string GDBM application/x-gdbm +# +0 belong 0x061561 application/x-dbm +# +# Executables +# +0 string \177ELF +>16 leshort 0 application/octet-stream +>16 leshort 1 application/x-object +>16 leshort 2 application/x-executable +>16 leshort 3 application/x-sharedlib +>16 leshort 4 application/x-coredump +>16 beshort 0 application/octet-stream +>16 beshort 1 application/x-object +>16 beshort 2 application/x-executable +>16 beshort 3 application/x-sharedlib +>16 beshort 4 application/x-coredump +# +# DOS +0 string MZ application/x-dosexec +# +# KDE +0 string [KDE\ Desktop\ Entry] application/x-kdelnk +0 string \#\ KDE\ Config\ File application/x-kdelnk +# xmcd database file for kscd +0 string \#\ xmcd text/xmcd + +#------------------------------------------------------------------------------ +# pkgadd: file(1) magic for SysV R4 PKG Datastreams +# +0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package + +#PNG Image Format +0 string \x89PNG image/png + +# MNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/> +0 string \x8aMNG video/x-mng +0 string \x8aJNG video/x-jng + +#------------------------------------------------------------------------------ +# Hierarchical Data Format, used to facilitate scientific data exchange +# specifications at http://hdf.ncsa.uiuc.edu/ +#Hierarchical Data Format (version 4) data +0 belong 0x0e031301 application/x-hdf +#Hierarchical Data Format (version 5) data +0 string \211HDF\r\n\032 application/x-hdf + +# Adobe Photoshop +0 string 8BPS image/x-photoshop + +# Felix von Leitner <felix-file@fefe.de> +0 string d8:announce application/x-bittorrent + + +# lotus 1-2-3 document +0 belong 0x00001a00 application/x-123 +0 belong 0x00000200 application/x-123 + +# MS Access database +4 string Standard\ Jet\ DB application/msaccess + +## magic for XBase files +#0 byte 0x02 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x03 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x04 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x05 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x30 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x43 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x7b +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x83 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x8b +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x8e +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0xb3 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0xf5 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 leshort 0x0006 application/x-dbt + +# Debian has entries for the old PGP formats: +# pgp: file(1) magic for Pretty Good Privacy +# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html +#text/PGP key public ring +0 beshort 0x9900 application/pgp +#text/PGP key security ring +0 beshort 0x9501 application/pgp +#text/PGP key security ring +0 beshort 0x9500 application/pgp +#text/PGP encrypted data +0 beshort 0xa600 application/pgp-encrypted +#text/PGP armored data +##public key block +2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- application/pgp-keys +0 string -----BEGIN\040PGP\40MESSAGE- application/pgp +0 string -----BEGIN\040PGP\40SIGNATURE- application/pgp-signature +# +# GnuPG Magic: +# +# +#text/GnuPG key public ring +0 beshort 0x9901 application/pgp +#text/OpenPGP data +0 beshort 0x8501 application/pgp-encrypted + +# flash: file(1) magic for Macromedia Flash file format +# +# See +# +# http://www.macromedia.com/software/flash/open/ +# +0 string FWS +>3 byte x application/x-shockwave-flash + +# The following paramaters are created for Namazu. +# <http://www.namazu.org/> +# +# 1999/08/13 +#0 string \<!--\ MHonArc text/html; x-type=mhonarc +0 string BZh application/x-bzip2 + +# 1999/09/09 +# VRML (suggested by Masao Takaku) +0 string #VRML\ V1.0\ ascii model/vrml +0 string #VRML\ V2.0\ utf8 model/vrml + +#------------------------------------------------------------------------------ +# ichitaro456: file(1) magic for Just System Word Processor Ichitaro +# +# Contributor kenzo-: +# Reversed-engineered JS Ichitaro magic numbers +# + +0 string DOC +>43 byte 0x14 application/ichitaro4 +>144 string JDASH application/ichitaro4 + +0 string DOC +>43 byte 0x15 application/ichitaro5 + +0 string DOC +>43 byte 0x16 application/ichitaro6 + +#------------------------------------------------------------------------------ +# office97: file(1) magic for MicroSoft Office files +# +# Contributor kenzo-: +# Reversed-engineered MS Office magic numbers +# + +#0 string \320\317\021\340\241\261\032\341 +#>48 byte 0x1B application/excel + +2080 string Microsoft\ Excel\ 5.0\ Worksheet application/excel +2114 string Biff5 application/excel + +0 string \224\246\056 application/msword + +0 belong 0x31be0000 application/msword + +0 string PO^Q` application/msword + +0 string \320\317\021\340\241\261\032\341 +>546 string bjbj application/msword +>546 string jbjb application/msword + +512 string R\0o\0o\0t\0\ \0E\0n\0t\0r\0y application/msword + +2080 string Microsoft\ Word\ 6.0\ Document application/msword +2080 string Documento\ Microsoft\ Word\ 6 application/msword +2112 string MSWordDoc application/msword + +#0 string \320\317\021\340\241\261\032\341 application/powerpoint +0 string \320\317\021\340\241\261\032\341 application/msword + +0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package + + +# WinNT/WinCE PE files (Warner Losh, imp@village.org) +# +128 string PE\000\000 application/octet-stream +0 string PE\000\000 application/octet-stream + +# miscellaneous formats +0 string LZ application/octet-stream + + +# .EXE formats (Greg Roelofs, newt@uchicago.edu) +# +0 string MZ +>24 string @ application/octet-stream + +0 string MZ +>30 string Copyright\ 1989-1990\ PKWARE\ Inc. application/x-zip + +0 string MZ +>30 string PKLITE\ Copr. application/x-zip + +0 string MZ +>36 string LHa's\ SFX application/x-lha + +0 string MZ application/octet-stream + +# LHA archiver +2 string -lh +>6 string - application/x-lha + + +# Zoo archiver +20 lelong 0xfdc4a7dc application/x-zoo + +# ARC archiver +0 lelong&0x8080ffff 0x0000081a application/x-arc +0 lelong&0x8080ffff 0x0000091a application/x-arc +0 lelong&0x8080ffff 0x0000021a application/x-arc +0 lelong&0x8080ffff 0x0000031a application/x-arc +0 lelong&0x8080ffff 0x0000041a application/x-arc +0 lelong&0x8080ffff 0x0000061a application/x-arc + +# Microsoft Outlook's Transport Neutral Encapsulation Format (TNEF) +0 lelong 0x223e9f78 application/ms-tnef + +# From: stephane.loeuillet@tiscali.f +# http://www.djvuzone.org/ +0 string AT&TFORM image/x.djvu + +# Danny Milosavljevic <danny.milo@gmx.net> +# this are adrift (adventure game standard) game files, extension .taf +# depending on version magic continues with 0x93453E6139FA (V 4.0) +# 0x9445376139FA (V 3.90) +# 0x9445366139FA (V 3.80) +# this is from source (http://www.adrift.org.uk/) and I have some taf +# files, and checked them. +#0 belong 0x3C423FC9 +#>4 belong 0x6A87C2CF application/x-adrift +#0 string \000\000\001\000 image/x-ico + +# Quark Xpress 3 Files: +# (made the mimetype up) +0 string \0\0MMXPR3\0 application/x-quark-xpress-3 + +# EET archive +# From: Tilman Sauerbeck <tilman@code-monkey.de> +0 belong 0x1ee7ff00 application/x-eet + +# From: Denis Knauf, via gentoo. +0 string fLaC audio/x-flac +0 string CWS application/x-shockwave-flash + +# Gnumeric spreadsheet +# This entry is only semi-helpful, as Gnumeric compresses its files, so +# they will ordinarily reported as "compressed", but at least -z helps +39 string =<gmr:Workbook application/x-gnumeric + diff --git a/debian/config-dir/mods-available/access_compat.load b/debian/config-dir/mods-available/access_compat.load new file mode 100644 index 0000000..83273df --- /dev/null +++ b/debian/config-dir/mods-available/access_compat.load @@ -0,0 +1,2 @@ +# Depends: authn_core +LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so diff --git a/debian/config-dir/mods-available/actions.conf b/debian/config-dir/mods-available/actions.conf new file mode 100644 index 0000000..22e6f9f --- /dev/null +++ b/debian/config-dir/mods-available/actions.conf @@ -0,0 +1,9 @@ +# a2enmod-note: needs-configuration + +# +# Action lets you define media types that will execute a script whenever +# a matching file is called. This eliminates the need for repeated URL +# pathnames for oft-used CGI file processors. +# Format: Action media/type /cgi-script/location +# Format: Action handler-name /cgi-script/location +# diff --git a/debian/config-dir/mods-available/actions.load b/debian/config-dir/mods-available/actions.load new file mode 100644 index 0000000..4207df3 --- /dev/null +++ b/debian/config-dir/mods-available/actions.load @@ -0,0 +1 @@ +LoadModule actions_module /usr/lib/apache2/modules/mod_actions.so diff --git a/debian/config-dir/mods-available/alias.conf b/debian/config-dir/mods-available/alias.conf new file mode 100644 index 0000000..ed12b2b --- /dev/null +++ b/debian/config-dir/mods-available/alias.conf @@ -0,0 +1,19 @@ +# Aliases: Add here as many aliases as you need (with no limit). The format is +# Alias fakename realname +# +# Note that if you include a trailing / on fakename then the server will +# require it to be present in the URL. So "/icons" isn't aliased in this +# example, only "/icons/". If the fakename is slash-terminated, then the +# realname must also be slash terminated, and if the fakename omits the +# trailing slash, the realname must also omit it. +# +# We include the /icons/ alias for FancyIndexed directory listings. If +# you do not use FancyIndexing, you may comment this out. + +Alias /icons/ "/usr/share/apache2/icons/" + +<Directory "/usr/share/apache2/icons"> + Options FollowSymlinks + AllowOverride None + Require all granted +</Directory> diff --git a/debian/config-dir/mods-available/alias.load b/debian/config-dir/mods-available/alias.load new file mode 100644 index 0000000..4cb7385 --- /dev/null +++ b/debian/config-dir/mods-available/alias.load @@ -0,0 +1 @@ +LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so diff --git a/debian/config-dir/mods-available/allowmethods.load b/debian/config-dir/mods-available/allowmethods.load new file mode 100644 index 0000000..e5bbe59 --- /dev/null +++ b/debian/config-dir/mods-available/allowmethods.load @@ -0,0 +1 @@ +LoadModule allowmethods_module /usr/lib/apache2/modules/mod_allowmethods.so diff --git a/debian/config-dir/mods-available/asis.load b/debian/config-dir/mods-available/asis.load new file mode 100644 index 0000000..6b73c45 --- /dev/null +++ b/debian/config-dir/mods-available/asis.load @@ -0,0 +1,2 @@ +# Depends: mime +LoadModule asis_module /usr/lib/apache2/modules/mod_asis.so diff --git a/debian/config-dir/mods-available/auth_basic.load b/debian/config-dir/mods-available/auth_basic.load new file mode 100644 index 0000000..5f3cd1c --- /dev/null +++ b/debian/config-dir/mods-available/auth_basic.load @@ -0,0 +1,2 @@ +# Depends: authn_core +LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so diff --git a/debian/config-dir/mods-available/auth_digest.load b/debian/config-dir/mods-available/auth_digest.load new file mode 100644 index 0000000..4fa7a3e --- /dev/null +++ b/debian/config-dir/mods-available/auth_digest.load @@ -0,0 +1,2 @@ +# Depends: authn_core +LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so diff --git a/debian/config-dir/mods-available/auth_form.load b/debian/config-dir/mods-available/auth_form.load new file mode 100644 index 0000000..91e9507 --- /dev/null +++ b/debian/config-dir/mods-available/auth_form.load @@ -0,0 +1,2 @@ +# Depends: session authn_core +LoadModule auth_form_module /usr/lib/apache2/modules/mod_auth_form.so diff --git a/debian/config-dir/mods-available/authn_anon.load b/debian/config-dir/mods-available/authn_anon.load new file mode 100644 index 0000000..331922a --- /dev/null +++ b/debian/config-dir/mods-available/authn_anon.load @@ -0,0 +1 @@ +LoadModule authn_anon_module /usr/lib/apache2/modules/mod_authn_anon.so diff --git a/debian/config-dir/mods-available/authn_core.load b/debian/config-dir/mods-available/authn_core.load new file mode 100644 index 0000000..446074f --- /dev/null +++ b/debian/config-dir/mods-available/authn_core.load @@ -0,0 +1 @@ +LoadModule authn_core_module /usr/lib/apache2/modules/mod_authn_core.so diff --git a/debian/config-dir/mods-available/authn_dbd.load b/debian/config-dir/mods-available/authn_dbd.load new file mode 100644 index 0000000..d517af3 --- /dev/null +++ b/debian/config-dir/mods-available/authn_dbd.load @@ -0,0 +1,2 @@ +# Depends: dbd +LoadModule authn_dbd_module /usr/lib/apache2/modules/mod_authn_dbd.so diff --git a/debian/config-dir/mods-available/authn_dbm.load b/debian/config-dir/mods-available/authn_dbm.load new file mode 100644 index 0000000..c39d41b --- /dev/null +++ b/debian/config-dir/mods-available/authn_dbm.load @@ -0,0 +1 @@ +LoadModule authn_dbm_module /usr/lib/apache2/modules/mod_authn_dbm.so diff --git a/debian/config-dir/mods-available/authn_file.load b/debian/config-dir/mods-available/authn_file.load new file mode 100644 index 0000000..9f13b35 --- /dev/null +++ b/debian/config-dir/mods-available/authn_file.load @@ -0,0 +1 @@ +LoadModule authn_file_module /usr/lib/apache2/modules/mod_authn_file.so diff --git a/debian/config-dir/mods-available/authn_socache.load b/debian/config-dir/mods-available/authn_socache.load new file mode 100644 index 0000000..786232d --- /dev/null +++ b/debian/config-dir/mods-available/authn_socache.load @@ -0,0 +1 @@ +LoadModule authn_socache_module /usr/lib/apache2/modules/mod_authn_socache.so diff --git a/debian/config-dir/mods-available/authnz_fcgi.load b/debian/config-dir/mods-available/authnz_fcgi.load new file mode 100644 index 0000000..69d757c --- /dev/null +++ b/debian/config-dir/mods-available/authnz_fcgi.load @@ -0,0 +1 @@ +LoadModule authnz_fcgi_module /usr/lib/apache2/modules/mod_authnz_fcgi.so diff --git a/debian/config-dir/mods-available/authnz_ldap.load b/debian/config-dir/mods-available/authnz_ldap.load new file mode 100644 index 0000000..c56d4dc --- /dev/null +++ b/debian/config-dir/mods-available/authnz_ldap.load @@ -0,0 +1,2 @@ +# Depends: ldap +LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so diff --git a/debian/config-dir/mods-available/authz_core.load b/debian/config-dir/mods-available/authz_core.load new file mode 100644 index 0000000..5499bf3 --- /dev/null +++ b/debian/config-dir/mods-available/authz_core.load @@ -0,0 +1 @@ +LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so diff --git a/debian/config-dir/mods-available/authz_dbd.load b/debian/config-dir/mods-available/authz_dbd.load new file mode 100644 index 0000000..cf82cae --- /dev/null +++ b/debian/config-dir/mods-available/authz_dbd.load @@ -0,0 +1,2 @@ +# Depends: dbd authz_core +LoadModule authz_dbd_module /usr/lib/apache2/modules/mod_authz_dbd.so diff --git a/debian/config-dir/mods-available/authz_dbm.load b/debian/config-dir/mods-available/authz_dbm.load new file mode 100644 index 0000000..6db4831 --- /dev/null +++ b/debian/config-dir/mods-available/authz_dbm.load @@ -0,0 +1,2 @@ +# Depends: authz_core +LoadModule authz_dbm_module /usr/lib/apache2/modules/mod_authz_dbm.so diff --git a/debian/config-dir/mods-available/authz_groupfile.load b/debian/config-dir/mods-available/authz_groupfile.load new file mode 100644 index 0000000..eda3d21 --- /dev/null +++ b/debian/config-dir/mods-available/authz_groupfile.load @@ -0,0 +1,2 @@ +# Depends: authz_core +LoadModule authz_groupfile_module /usr/lib/apache2/modules/mod_authz_groupfile.so diff --git a/debian/config-dir/mods-available/authz_host.load b/debian/config-dir/mods-available/authz_host.load new file mode 100644 index 0000000..f8cf87a --- /dev/null +++ b/debian/config-dir/mods-available/authz_host.load @@ -0,0 +1,2 @@ +# Depends: authz_core +LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so diff --git a/debian/config-dir/mods-available/authz_owner.load b/debian/config-dir/mods-available/authz_owner.load new file mode 100644 index 0000000..cbad3b5 --- /dev/null +++ b/debian/config-dir/mods-available/authz_owner.load @@ -0,0 +1 @@ +LoadModule authz_owner_module /usr/lib/apache2/modules/mod_authz_owner.so diff --git a/debian/config-dir/mods-available/authz_user.load b/debian/config-dir/mods-available/authz_user.load new file mode 100644 index 0000000..e47c40c --- /dev/null +++ b/debian/config-dir/mods-available/authz_user.load @@ -0,0 +1,2 @@ +# Depends: authz_core +LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.so diff --git a/debian/config-dir/mods-available/autoindex.conf b/debian/config-dir/mods-available/autoindex.conf new file mode 100644 index 0000000..e53c391 --- /dev/null +++ b/debian/config-dir/mods-available/autoindex.conf @@ -0,0 +1,91 @@ +# Directives controlling the display of server-generated directory listings. + +# +# IndexOptions: Controls the appearance of server-generated directory +# listings. +# Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames. +IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8 + +# +# AddIcon* directives tell the server which icon to show for different +# files or filename extensions. These are only displayed for +# FancyIndexed directories. +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2 + +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* + +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +# It's a suffix rule, so simply matching "core" matches "score" as well ! +AddIcon /icons/bomb.gif /core +AddIcon (SND,/icons/sound2.gif) .ogg +AddIcon (VID,/icons/movie.gif) .ogm + +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ + +# Default icons for OpenDocument format +AddIcon /icons/odf6odt-20x22.png .odt +AddIcon /icons/odf6ods-20x22.png .ods +AddIcon /icons/odf6odp-20x22.png .odp +AddIcon /icons/odf6odg-20x22.png .odg +AddIcon /icons/odf6odc-20x22.png .odc +AddIcon /icons/odf6odf-20x22.png .odf +AddIcon /icons/odf6odb-20x22.png .odb +AddIcon /icons/odf6odi-20x22.png .odi +AddIcon /icons/odf6odm-20x22.png .odm + +AddIcon /icons/odf6ott-20x22.png .ott +AddIcon /icons/odf6ots-20x22.png .ots +AddIcon /icons/odf6otp-20x22.png .otp +AddIcon /icons/odf6otg-20x22.png .otg +AddIcon /icons/odf6otc-20x22.png .otc +AddIcon /icons/odf6otf-20x22.png .otf +AddIcon /icons/odf6oti-20x22.png .oti +AddIcon /icons/odf6oth-20x22.png .oth + +# +# DefaultIcon is which icon to show for files which do not have an icon +# explicitly set. +DefaultIcon /icons/unknown.gif + +# +# AddDescription allows you to place a short description after a file in +# server-generated indexes. These are only displayed for FancyIndexed +# directories. +# Format: AddDescription "description" filename +#AddDescription "GZIP compressed document" .gz +#AddDescription "tar archive" .tar +#AddDescription "GZIP compressed tar archive" .tgz + +# +# ReadmeName is the name of the README file the server will look for by +# default, and append to directory listings. +# +# HeaderName is the name of a file which should be prepended to +# directory indexes +ReadmeName README.html +HeaderName HEADER.html + +# +# IndexIgnore is a set of filenames which directory indexing should ignore +# and not include in the listing. Shell-style wildcarding is permitted. +IndexIgnore .??* *~ *# RCS CVS *,v *,t diff --git a/debian/config-dir/mods-available/autoindex.load b/debian/config-dir/mods-available/autoindex.load new file mode 100644 index 0000000..82328b9 --- /dev/null +++ b/debian/config-dir/mods-available/autoindex.load @@ -0,0 +1 @@ +LoadModule autoindex_module /usr/lib/apache2/modules/mod_autoindex.so diff --git a/debian/config-dir/mods-available/brotli.load b/debian/config-dir/mods-available/brotli.load new file mode 100644 index 0000000..ebd48ed --- /dev/null +++ b/debian/config-dir/mods-available/brotli.load @@ -0,0 +1 @@ +LoadModule brotli_module /usr/lib/apache2/modules/mod_brotli.so diff --git a/debian/config-dir/mods-available/buffer.load b/debian/config-dir/mods-available/buffer.load new file mode 100644 index 0000000..f5e7423 --- /dev/null +++ b/debian/config-dir/mods-available/buffer.load @@ -0,0 +1 @@ +LoadModule buffer_module /usr/lib/apache2/modules/mod_buffer.so diff --git a/debian/config-dir/mods-available/cache.load b/debian/config-dir/mods-available/cache.load new file mode 100644 index 0000000..e3189a0 --- /dev/null +++ b/debian/config-dir/mods-available/cache.load @@ -0,0 +1 @@ +LoadModule cache_module /usr/lib/apache2/modules/mod_cache.so diff --git a/debian/config-dir/mods-available/cache_disk.conf b/debian/config-dir/mods-available/cache_disk.conf new file mode 100644 index 0000000..8625539 --- /dev/null +++ b/debian/config-dir/mods-available/cache_disk.conf @@ -0,0 +1,21 @@ +# cache cleaning is done by htcacheclean, which can be configured in +# /etc/default/apache2 +# +# For further information, see the comments in that file, +# /usr/share/doc/apache2/README.Debian, and the htcacheclean(8) +# man page. + +# This path must be the same as the one in /etc/default/apache2 +CacheRoot /var/cache/apache2/mod_cache_disk + +# This will also cache local documents. It usually makes more sense to +# put this into the configuration for just one virtual host. +#CacheEnable disk / + + +# The result of CacheDirLevels * CacheDirLength must not be higher than +# 20. Moreover, pay attention on file system limits. Some file systems +# do not support more than a certain number of inodes and +# subdirectories (e.g. 32000 for ext3) +CacheDirLevels 2 +CacheDirLength 1 diff --git a/debian/config-dir/mods-available/cache_disk.load b/debian/config-dir/mods-available/cache_disk.load new file mode 100644 index 0000000..3b641a1 --- /dev/null +++ b/debian/config-dir/mods-available/cache_disk.load @@ -0,0 +1,2 @@ +# Depends: cache +LoadModule cache_disk_module /usr/lib/apache2/modules/mod_cache_disk.so diff --git a/debian/config-dir/mods-available/cache_socache.load b/debian/config-dir/mods-available/cache_socache.load new file mode 100644 index 0000000..47a3dcb --- /dev/null +++ b/debian/config-dir/mods-available/cache_socache.load @@ -0,0 +1,2 @@ +# Depends: cache +LoadModule cache_socache_module /usr/lib/apache2/modules/mod_cache_socache.so diff --git a/debian/config-dir/mods-available/cern_meta.load b/debian/config-dir/mods-available/cern_meta.load new file mode 100644 index 0000000..bcc7546 --- /dev/null +++ b/debian/config-dir/mods-available/cern_meta.load @@ -0,0 +1 @@ +LoadModule cern_meta_module /usr/lib/apache2/modules/mod_cern_meta.so diff --git a/debian/config-dir/mods-available/cgi.load b/debian/config-dir/mods-available/cgi.load new file mode 100644 index 0000000..1be9048 --- /dev/null +++ b/debian/config-dir/mods-available/cgi.load @@ -0,0 +1 @@ +LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so diff --git a/debian/config-dir/mods-available/cgid.conf b/debian/config-dir/mods-available/cgid.conf new file mode 100644 index 0000000..2f22b70 --- /dev/null +++ b/debian/config-dir/mods-available/cgid.conf @@ -0,0 +1,2 @@ +# Socket for cgid communication +ScriptSock ${APACHE_RUN_DIR}/socks/cgisock diff --git a/debian/config-dir/mods-available/cgid.load b/debian/config-dir/mods-available/cgid.load new file mode 100644 index 0000000..e036f7d --- /dev/null +++ b/debian/config-dir/mods-available/cgid.load @@ -0,0 +1 @@ +LoadModule cgid_module /usr/lib/apache2/modules/mod_cgid.so diff --git a/debian/config-dir/mods-available/charset_lite.load b/debian/config-dir/mods-available/charset_lite.load new file mode 100644 index 0000000..f137a57 --- /dev/null +++ b/debian/config-dir/mods-available/charset_lite.load @@ -0,0 +1 @@ +LoadModule charset_lite_module /usr/lib/apache2/modules/mod_charset_lite.so diff --git a/debian/config-dir/mods-available/data.load b/debian/config-dir/mods-available/data.load new file mode 100644 index 0000000..ef488a4 --- /dev/null +++ b/debian/config-dir/mods-available/data.load @@ -0,0 +1 @@ +LoadModule data_module /usr/lib/apache2/modules/mod_data.so diff --git a/debian/config-dir/mods-available/dav.load b/debian/config-dir/mods-available/dav.load new file mode 100644 index 0000000..a5867ff --- /dev/null +++ b/debian/config-dir/mods-available/dav.load @@ -0,0 +1,3 @@ +<IfModule !mod_dav.c> + LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so +</IfModule> diff --git a/debian/config-dir/mods-available/dav_fs.conf b/debian/config-dir/mods-available/dav_fs.conf new file mode 100644 index 0000000..c7130c2 --- /dev/null +++ b/debian/config-dir/mods-available/dav_fs.conf @@ -0,0 +1 @@ +DAVLockDB ${APACHE_LOCK_DIR}/DAVLock diff --git a/debian/config-dir/mods-available/dav_fs.load b/debian/config-dir/mods-available/dav_fs.load new file mode 100644 index 0000000..ba2a3f8 --- /dev/null +++ b/debian/config-dir/mods-available/dav_fs.load @@ -0,0 +1,2 @@ +# Depends: dav +LoadModule dav_fs_module /usr/lib/apache2/modules/mod_dav_fs.so diff --git a/debian/config-dir/mods-available/dav_lock.load b/debian/config-dir/mods-available/dav_lock.load new file mode 100644 index 0000000..ba0703e --- /dev/null +++ b/debian/config-dir/mods-available/dav_lock.load @@ -0,0 +1 @@ +LoadModule dav_lock_module /usr/lib/apache2/modules/mod_dav_lock.so diff --git a/debian/config-dir/mods-available/dbd.load b/debian/config-dir/mods-available/dbd.load new file mode 100644 index 0000000..5495f2a --- /dev/null +++ b/debian/config-dir/mods-available/dbd.load @@ -0,0 +1 @@ +LoadModule dbd_module /usr/lib/apache2/modules/mod_dbd.so diff --git a/debian/config-dir/mods-available/deflate.conf b/debian/config-dir/mods-available/deflate.conf new file mode 100644 index 0000000..440a68b --- /dev/null +++ b/debian/config-dir/mods-available/deflate.conf @@ -0,0 +1,7 @@ +<IfModule mod_filter.c> + AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript + AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript + AddOutputFilterByType DEFLATE application/rss+xml + AddOutputFilterByType DEFLATE application/wasm + AddOutputFilterByType DEFLATE application/xml +</IfModule> diff --git a/debian/config-dir/mods-available/deflate.load b/debian/config-dir/mods-available/deflate.load new file mode 100644 index 0000000..3873ffc --- /dev/null +++ b/debian/config-dir/mods-available/deflate.load @@ -0,0 +1,2 @@ +# Depends: filter +LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so diff --git a/debian/config-dir/mods-available/dialup.load b/debian/config-dir/mods-available/dialup.load new file mode 100644 index 0000000..3c4a636 --- /dev/null +++ b/debian/config-dir/mods-available/dialup.load @@ -0,0 +1 @@ +LoadModule dialup_module /usr/lib/apache2/modules/mod_dialup.so diff --git a/debian/config-dir/mods-available/dir.conf b/debian/config-dir/mods-available/dir.conf new file mode 100644 index 0000000..c0a462b --- /dev/null +++ b/debian/config-dir/mods-available/dir.conf @@ -0,0 +1 @@ +DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm diff --git a/debian/config-dir/mods-available/dir.load b/debian/config-dir/mods-available/dir.load new file mode 100644 index 0000000..e5b5d92 --- /dev/null +++ b/debian/config-dir/mods-available/dir.load @@ -0,0 +1 @@ +LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so diff --git a/debian/config-dir/mods-available/dump_io.load b/debian/config-dir/mods-available/dump_io.load new file mode 100644 index 0000000..561c24b --- /dev/null +++ b/debian/config-dir/mods-available/dump_io.load @@ -0,0 +1 @@ +LoadModule dumpio_module /usr/lib/apache2/modules/mod_dumpio.so diff --git a/debian/config-dir/mods-available/echo.load b/debian/config-dir/mods-available/echo.load new file mode 100644 index 0000000..42cae85 --- /dev/null +++ b/debian/config-dir/mods-available/echo.load @@ -0,0 +1 @@ +LoadModule echo_module /usr/lib/apache2/modules/mod_echo.so diff --git a/debian/config-dir/mods-available/env.load b/debian/config-dir/mods-available/env.load new file mode 100644 index 0000000..8bf608d --- /dev/null +++ b/debian/config-dir/mods-available/env.load @@ -0,0 +1 @@ +LoadModule env_module /usr/lib/apache2/modules/mod_env.so diff --git a/debian/config-dir/mods-available/expires.load b/debian/config-dir/mods-available/expires.load new file mode 100644 index 0000000..092acab --- /dev/null +++ b/debian/config-dir/mods-available/expires.load @@ -0,0 +1 @@ +LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so diff --git a/debian/config-dir/mods-available/ext_filter.load b/debian/config-dir/mods-available/ext_filter.load new file mode 100644 index 0000000..b3a1596 --- /dev/null +++ b/debian/config-dir/mods-available/ext_filter.load @@ -0,0 +1 @@ +LoadModule ext_filter_module /usr/lib/apache2/modules/mod_ext_filter.so diff --git a/debian/config-dir/mods-available/file_cache.load b/debian/config-dir/mods-available/file_cache.load new file mode 100644 index 0000000..32c0a56 --- /dev/null +++ b/debian/config-dir/mods-available/file_cache.load @@ -0,0 +1,2 @@ +# Depends: cache +LoadModule file_cache_module /usr/lib/apache2/modules/mod_file_cache.so diff --git a/debian/config-dir/mods-available/filter.load b/debian/config-dir/mods-available/filter.load new file mode 100644 index 0000000..94c4270 --- /dev/null +++ b/debian/config-dir/mods-available/filter.load @@ -0,0 +1 @@ +LoadModule filter_module /usr/lib/apache2/modules/mod_filter.so diff --git a/debian/config-dir/mods-available/headers.load b/debian/config-dir/mods-available/headers.load new file mode 100644 index 0000000..e4497e5 --- /dev/null +++ b/debian/config-dir/mods-available/headers.load @@ -0,0 +1 @@ +LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so diff --git a/debian/config-dir/mods-available/heartbeat.load b/debian/config-dir/mods-available/heartbeat.load new file mode 100644 index 0000000..208686c --- /dev/null +++ b/debian/config-dir/mods-available/heartbeat.load @@ -0,0 +1,3 @@ +# This module depends on mod_watchdog to be loaded before. In Debian, this +# module is statically linked. +LoadModule heartbeat_module /usr/lib/apache2/modules/mod_heartbeat.so diff --git a/debian/config-dir/mods-available/heartmonitor.load b/debian/config-dir/mods-available/heartmonitor.load new file mode 100644 index 0000000..e5deba7 --- /dev/null +++ b/debian/config-dir/mods-available/heartmonitor.load @@ -0,0 +1,3 @@ +# This module depends on mod_watchdog to be loaded before. In Debian, this +# module is statically linked. +LoadModule heartmonitor_module /usr/lib/apache2/modules/mod_heartmonitor.so diff --git a/debian/config-dir/mods-available/http2.conf b/debian/config-dir/mods-available/http2.conf new file mode 100644 index 0000000..612baa5 --- /dev/null +++ b/debian/config-dir/mods-available/http2.conf @@ -0,0 +1,30 @@ +Protocols h2 h2c http/1.1 + +# # HTTP/2 push configuration +# +# H2Push on +# +# # Default Priority Rule +# +# H2PushPriority * After 16 +# +# # More complex ruleset: +# +# H2PushPriority * after +# H2PushPriority text/css before +# H2PushPriority image/jpeg after 32 +# H2PushPriority image/png after 32 +# H2PushPriority application/javascript interleaved +# +# # Configure some stylesheet and script to be pushed by the webserver +# +# <FilesMatch "\.html$"> +# Header add Link "</style.css>; rel=preload; as=style" +# Header add Link "</script.js>; rel=preload; as=script" +# </FilesMatch> +# Since mod_http2 doesn't support the mod_logio module (which provide the %O format), +# you may want to change your LogFormat directive as follow: +# +# LogFormat "%v:%p %h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +# LogFormat "%h %l %u %t \"%r\" %>s %B \"%{Referer}i\" \"%{User-Agent}i\"" combined +# LogFormat "%h %l %u %t \"%r\" %>s %B" common diff --git a/debian/config-dir/mods-available/http2.load b/debian/config-dir/mods-available/http2.load new file mode 100644 index 0000000..e5c769f --- /dev/null +++ b/debian/config-dir/mods-available/http2.load @@ -0,0 +1 @@ +LoadModule http2_module /usr/lib/apache2/modules/mod_http2.so diff --git a/debian/config-dir/mods-available/ident.load b/debian/config-dir/mods-available/ident.load new file mode 100644 index 0000000..f7c4c3c --- /dev/null +++ b/debian/config-dir/mods-available/ident.load @@ -0,0 +1 @@ +LoadModule ident_module /usr/lib/apache2/modules/mod_ident.so diff --git a/debian/config-dir/mods-available/imagemap.load b/debian/config-dir/mods-available/imagemap.load new file mode 100644 index 0000000..0fd55f8 --- /dev/null +++ b/debian/config-dir/mods-available/imagemap.load @@ -0,0 +1 @@ +LoadModule imagemap_module /usr/lib/apache2/modules/mod_imagemap.so diff --git a/debian/config-dir/mods-available/include.load b/debian/config-dir/mods-available/include.load new file mode 100644 index 0000000..dc4359a --- /dev/null +++ b/debian/config-dir/mods-available/include.load @@ -0,0 +1,2 @@ +# Depends: mime +LoadModule include_module /usr/lib/apache2/modules/mod_include.so diff --git a/debian/config-dir/mods-available/info.conf b/debian/config-dir/mods-available/info.conf new file mode 100644 index 0000000..cf79351 --- /dev/null +++ b/debian/config-dir/mods-available/info.conf @@ -0,0 +1,9 @@ +# Allow remote server configuration reports, with the URL of +# http://servername/server-info (requires that mod_info.c be loaded). +# Uncomment and change the "192.0.2.0/24" to allow access from other hosts. +# +<Location /server-info> + SetHandler server-info + Require local + #Require ip 192.0.2.0/24 +</Location> diff --git a/debian/config-dir/mods-available/info.load b/debian/config-dir/mods-available/info.load new file mode 100644 index 0000000..c71efcc --- /dev/null +++ b/debian/config-dir/mods-available/info.load @@ -0,0 +1 @@ +LoadModule info_module /usr/lib/apache2/modules/mod_info.so diff --git a/debian/config-dir/mods-available/lbmethod_bybusyness.load b/debian/config-dir/mods-available/lbmethod_bybusyness.load new file mode 100644 index 0000000..cf894a3 --- /dev/null +++ b/debian/config-dir/mods-available/lbmethod_bybusyness.load @@ -0,0 +1,2 @@ +# Depends: proxy_balancer +LoadModule lbmethod_bybusyness_module /usr/lib/apache2/modules/mod_lbmethod_bybusyness.so diff --git a/debian/config-dir/mods-available/lbmethod_byrequests.load b/debian/config-dir/mods-available/lbmethod_byrequests.load new file mode 100644 index 0000000..cdd8fc5 --- /dev/null +++ b/debian/config-dir/mods-available/lbmethod_byrequests.load @@ -0,0 +1,2 @@ +# Depends: proxy_balancer +LoadModule lbmethod_byrequests_module /usr/lib/apache2/modules/mod_lbmethod_byrequests.so diff --git a/debian/config-dir/mods-available/lbmethod_bytraffic.load b/debian/config-dir/mods-available/lbmethod_bytraffic.load new file mode 100644 index 0000000..dabbe72 --- /dev/null +++ b/debian/config-dir/mods-available/lbmethod_bytraffic.load @@ -0,0 +1,2 @@ +# Depends: proxy_balancer +LoadModule lbmethod_bytraffic_module /usr/lib/apache2/modules/mod_lbmethod_bytraffic.so diff --git a/debian/config-dir/mods-available/lbmethod_heartbeat.load b/debian/config-dir/mods-available/lbmethod_heartbeat.load new file mode 100644 index 0000000..2200f3a --- /dev/null +++ b/debian/config-dir/mods-available/lbmethod_heartbeat.load @@ -0,0 +1,2 @@ +# Depends: proxy_balancer +LoadModule lbmethod_heartbeat_module /usr/lib/apache2/modules/mod_lbmethod_heartbeat.so diff --git a/debian/config-dir/mods-available/ldap.conf b/debian/config-dir/mods-available/ldap.conf new file mode 100644 index 0000000..470d5c8 --- /dev/null +++ b/debian/config-dir/mods-available/ldap.conf @@ -0,0 +1,4 @@ +<Location /ldap-status> + SetHandler ldap-status + Require local +</Location> diff --git a/debian/config-dir/mods-available/ldap.load b/debian/config-dir/mods-available/ldap.load new file mode 100644 index 0000000..f9d38a3 --- /dev/null +++ b/debian/config-dir/mods-available/ldap.load @@ -0,0 +1 @@ +LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so diff --git a/debian/config-dir/mods-available/log_debug.load b/debian/config-dir/mods-available/log_debug.load new file mode 100644 index 0000000..1a27fa8 --- /dev/null +++ b/debian/config-dir/mods-available/log_debug.load @@ -0,0 +1 @@ +LoadModule log_debug_module /usr/lib/apache2/modules/mod_log_debug.so diff --git a/debian/config-dir/mods-available/log_forensic.load b/debian/config-dir/mods-available/log_forensic.load new file mode 100644 index 0000000..9116a3d --- /dev/null +++ b/debian/config-dir/mods-available/log_forensic.load @@ -0,0 +1 @@ +LoadModule log_forensic_module /usr/lib/apache2/modules/mod_log_forensic.so diff --git a/debian/config-dir/mods-available/lua.load b/debian/config-dir/mods-available/lua.load new file mode 100644 index 0000000..0b639f5 --- /dev/null +++ b/debian/config-dir/mods-available/lua.load @@ -0,0 +1 @@ +LoadModule lua_module /usr/lib/apache2/modules/mod_lua.so diff --git a/debian/config-dir/mods-available/macro.load b/debian/config-dir/mods-available/macro.load new file mode 100644 index 0000000..3a72864 --- /dev/null +++ b/debian/config-dir/mods-available/macro.load @@ -0,0 +1 @@ +LoadModule macro_module /usr/lib/apache2/modules/mod_macro.so diff --git a/debian/config-dir/mods-available/md.load b/debian/config-dir/mods-available/md.load new file mode 100644 index 0000000..812a6a6 --- /dev/null +++ b/debian/config-dir/mods-available/md.load @@ -0,0 +1 @@ +LoadModule md_module /usr/lib/apache2/modules/mod_md.so diff --git a/debian/config-dir/mods-available/mime.conf b/debian/config-dir/mods-available/mime.conf new file mode 100644 index 0000000..1f593b9 --- /dev/null +++ b/debian/config-dir/mods-available/mime.conf @@ -0,0 +1,246 @@ +# +# TypesConfig points to the file containing the list of mappings from +# filename extension to MIME-type. +# +TypesConfig /etc/mime.types + +# +# AddType allows you to add to or override the MIME configuration +# file mime.types for specific file types. +# +#AddType application/x-gzip .tgz +# +# AddEncoding allows you to have certain browsers uncompress +# information on the fly. Note: Not all browsers support this. +# Despite the name similarity, the following Add* directives have +# nothing to do with the FancyIndexing customization directives above. +# +#AddEncoding x-compress .Z +#AddEncoding x-gzip .gz .tgz +#AddEncoding x-bzip2 .bz2 +# +# If the AddEncoding directives above are commented-out, then you +# probably should define those extensions to indicate media types: +# +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType application/x-bzip2 .bz2 + +# +# DefaultLanguage and AddLanguage allows you to specify the language of +# a document. You can then use content negotiation to give a browser a +# file in a language the user can understand. +# +# Specify a default language. This means that all data +# going out without a specific language tag (see below) will +# be marked with this one. You probably do NOT want to set +# this unless you are sure it is correct for all cases. +# +# * It is generally better to not mark a page as +# * being a certain language than marking it with the wrong +# * language! +# +# DefaultLanguage nl +# +# Note 1: The suffix does not have to be the same as the language +# keyword --- those with documents in Polish (whose net-standard +# language code is pl) may wish to use "AddLanguage pl .po" to +# avoid the ambiguity with the common suffix for perl scripts. +# +# Note 2: The example entries below illustrate that in some cases +# the two character 'Language' abbreviation is not identical to +# the two character 'Country' code for its country, +# E.g. 'Danmark/dk' versus 'Danish/da'. +# +# Note 3: In the case of 'ltz' we violate the RFC by using a three char +# specifier. There is 'work in progress' to fix this and get +# the reference data for rfc1766 cleaned up. +# +# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) +# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) +# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) +# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) +# Norwegian (no) - Polish (pl) - Portugese (pt) +# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) +# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) +# +AddLanguage am .amh +AddLanguage ar .ara +AddLanguage be .be +AddLanguage bg .bg +AddLanguage bn .bn +AddLanguage br .br +AddLanguage bs .bs +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage cy .cy +AddLanguage da .da +AddLanguage da .dk +AddLanguage de .de +AddLanguage dz .dz +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +# es is ecmascript in /etc/mime.types +RemoveType es +AddLanguage es .es +AddLanguage et .et +AddLanguage eu .eu +AddLanguage fa .fa +AddLanguage fi .fi +AddLanguage fr .fr +AddLanguage ga .ga +AddLanguage gl .glg +AddLanguage gu .gu +AddLanguage he .he +AddLanguage hi .hi +AddLanguage hr .hr +AddLanguage hu .hu +AddLanguage hy .hy +AddLanguage id .id +AddLanguage is .is +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ka .ka +AddLanguage kk .kk +AddLanguage km .km +AddLanguage kn .kn +AddLanguage ko .ko +AddLanguage ku .ku +AddLanguage lo .lo +AddLanguage lt .lt +AddLanguage ltz .ltz +AddLanguage lv .lv +AddLanguage mg .mg +AddLanguage mk .mk +AddLanguage ml .ml +AddLanguage mr .mr +AddLanguage ms .msa +AddLanguage nb .nob +AddLanguage ne .ne +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pa .pa +AddLanguage pl .po +AddLanguage pt-BR .pt-br +AddLanguage pt .pt +AddLanguage ro .ro +AddLanguage ru .ru +AddLanguage sa .sa +AddLanguage se .se +AddLanguage si .si +AddLanguage sk .sk +AddLanguage sl .sl +AddLanguage sq .sq +AddLanguage sr .sr +AddLanguage sv .sv +AddLanguage ta .ta +AddLanguage te .te +AddLanguage th .th +AddLanguage tl .tl +RemoveType tr +# tr is troff in /etc/mime.types +AddLanguage tr .tr +AddLanguage uk .uk +AddLanguage ur .ur +AddLanguage vi .vi +AddLanguage wo .wo +AddLanguage xh .xh +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw + +# +# Commonly used filename extensions to character sets. You probably +# want to avoid clashes with the language extensions, unless you +# are good at carefully testing your setup after each change. +# See http://www.iana.org/assignments/character-sets for the +# official list of charset names and their respective RFCs. +# +AddCharset us-ascii .ascii .us-ascii +AddCharset ISO-8859-1 .iso8859-1 .latin1 +AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen +AddCharset ISO-8859-3 .iso8859-3 .latin3 +AddCharset ISO-8859-4 .iso8859-4 .latin4 +AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru +AddCharset ISO-8859-6 .iso8859-6 .arb .arabic +AddCharset ISO-8859-7 .iso8859-7 .grk .greek +AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew +AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk +AddCharset ISO-8859-10 .iso8859-10 .latin6 +AddCharset ISO-8859-13 .iso8859-13 +AddCharset ISO-8859-14 .iso8859-14 .latin8 +AddCharset ISO-8859-15 .iso8859-15 .latin9 +AddCharset ISO-8859-16 .iso8859-16 .latin10 +AddCharset ISO-2022-JP .iso2022-jp .jis +AddCharset ISO-2022-KR .iso2022-kr .kis +AddCharset ISO-2022-CN .iso2022-cn .cis +AddCharset Big5 .Big5 .big5 .b5 +AddCharset cn-Big5 .cn-big5 +# For russian, more than one charset is used (depends on client, mostly): +AddCharset WINDOWS-1251 .cp-1251 .win-1251 +AddCharset CP866 .cp866 +AddCharset KOI8 .koi8 +AddCharset KOI8-E .koi8-e +AddCharset KOI8-r .koi8-r .koi8-ru +AddCharset KOI8-U .koi8-u +AddCharset KOI8-ru .koi8-uk .ua +AddCharset ISO-10646-UCS-2 .ucs2 +AddCharset ISO-10646-UCS-4 .ucs4 +AddCharset UTF-7 .utf7 +AddCharset UTF-8 .utf8 +AddCharset UTF-16 .utf16 +AddCharset UTF-16BE .utf16be +AddCharset UTF-16LE .utf16le +AddCharset UTF-32 .utf32 +AddCharset UTF-32BE .utf32be +AddCharset UTF-32LE .utf32le +AddCharset euc-cn .euc-cn +AddCharset euc-gb .euc-gb +AddCharset euc-jp .euc-jp +AddCharset euc-kr .euc-kr +#Not sure how euc-tw got in - IANA doesn't list it??? +AddCharset EUC-TW .euc-tw +AddCharset gb2312 .gb2312 .gb +AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2 +AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4 +AddCharset shift_jis .shift_jis .sjis +AddCharset BRF .brf + +# +# AddHandler allows you to map certain file extensions to "handlers": +# actions unrelated to filetype. These can be either built into the server +# or added with the Action directive (see below) +# +# To use CGI scripts outside of ScriptAliased directories: +# (You will also need to add "ExecCGI" to the "Options" directive.) +# +#AddHandler cgi-script .cgi + +# +# For files that include their own HTTP headers: +# +#AddHandler send-as-is asis + +# +# For server-parsed imagemap files: +# +#AddHandler imap-file map + +# +# For type maps (negotiated resources): +# (This is enabled by default to allow the Apache "It Worked" page +# to be distributed in multiple languages.) +# +AddHandler type-map var + +# +# Filters allow you to process content before it is sent to the client. +# +# To parse .shtml files for server-side includes (SSI): +# (You will also need to add "Includes" to the "Options" directive.) +# +AddType text/html .shtml +<IfModule mod_include.c> + AddOutputFilter INCLUDES .shtml +</IfModule> diff --git a/debian/config-dir/mods-available/mime.load b/debian/config-dir/mods-available/mime.load new file mode 100644 index 0000000..d908fd6 --- /dev/null +++ b/debian/config-dir/mods-available/mime.load @@ -0,0 +1 @@ +LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so diff --git a/debian/config-dir/mods-available/mime_magic.conf b/debian/config-dir/mods-available/mime_magic.conf new file mode 100644 index 0000000..0658c3d --- /dev/null +++ b/debian/config-dir/mods-available/mime_magic.conf @@ -0,0 +1 @@ +MIMEMagicFile /etc/apache2/magic diff --git a/debian/config-dir/mods-available/mime_magic.load b/debian/config-dir/mods-available/mime_magic.load new file mode 100644 index 0000000..42357db --- /dev/null +++ b/debian/config-dir/mods-available/mime_magic.load @@ -0,0 +1 @@ +LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so diff --git a/debian/config-dir/mods-available/mpm_event.conf b/debian/config-dir/mods-available/mpm_event.conf new file mode 100644 index 0000000..b1f712f --- /dev/null +++ b/debian/config-dir/mods-available/mpm_event.conf @@ -0,0 +1,14 @@ +# event MPM +# StartServers: initial number of server processes to start +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# ThreadsPerChild: constant number of worker threads in each server process +# MaxRequestWorkers: maximum number of worker threads +# MaxConnectionsPerChild: maximum number of requests a server process serves +StartServers 2 +MinSpareThreads 25 +MaxSpareThreads 75 +ThreadLimit 64 +ThreadsPerChild 25 +MaxRequestWorkers 150 +MaxConnectionsPerChild 0 diff --git a/debian/config-dir/mods-available/mpm_event.load b/debian/config-dir/mods-available/mpm_event.load new file mode 100644 index 0000000..00d970b --- /dev/null +++ b/debian/config-dir/mods-available/mpm_event.load @@ -0,0 +1,2 @@ +# Conflicts: mpm_worker mpm_prefork +LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so diff --git a/debian/config-dir/mods-available/mpm_prefork.conf b/debian/config-dir/mods-available/mpm_prefork.conf new file mode 100644 index 0000000..0035e9e --- /dev/null +++ b/debian/config-dir/mods-available/mpm_prefork.conf @@ -0,0 +1,12 @@ +# prefork MPM +# StartServers: number of server processes to start +# MinSpareServers: minimum number of server processes which are kept spare +# MaxSpareServers: maximum number of server processes which are kept spare +# MaxRequestWorkers: maximum number of server processes allowed to start +# MaxConnectionsPerChild: maximum number of requests a server process serves + +StartServers 5 +MinSpareServers 5 +MaxSpareServers 10 +MaxRequestWorkers 150 +MaxConnectionsPerChild 0 diff --git a/debian/config-dir/mods-available/mpm_prefork.load b/debian/config-dir/mods-available/mpm_prefork.load new file mode 100644 index 0000000..05da7a3 --- /dev/null +++ b/debian/config-dir/mods-available/mpm_prefork.load @@ -0,0 +1,2 @@ +# Conflicts: mpm_event mpm_worker +LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so diff --git a/debian/config-dir/mods-available/mpm_worker.conf b/debian/config-dir/mods-available/mpm_worker.conf new file mode 100644 index 0000000..109cf64 --- /dev/null +++ b/debian/config-dir/mods-available/mpm_worker.conf @@ -0,0 +1,18 @@ +# worker MPM +# StartServers: initial number of server processes to start +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a +# graceful restart. ThreadLimit can only be changed by stopping +# and starting Apache. +# ThreadsPerChild: constant number of worker threads in each server process +# MaxRequestWorkers: maximum number of threads +# MaxConnectionsPerChild: maximum number of requests a server process serves + +StartServers 2 +MinSpareThreads 25 +MaxSpareThreads 75 +ThreadLimit 64 +ThreadsPerChild 25 +MaxRequestWorkers 150 +MaxConnectionsPerChild 0 diff --git a/debian/config-dir/mods-available/mpm_worker.load b/debian/config-dir/mods-available/mpm_worker.load new file mode 100644 index 0000000..f9d0c4d --- /dev/null +++ b/debian/config-dir/mods-available/mpm_worker.load @@ -0,0 +1,2 @@ +# Conflicts: mpm_event mpm_prefork +LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so diff --git a/debian/config-dir/mods-available/negotiation.conf b/debian/config-dir/mods-available/negotiation.conf new file mode 100644 index 0000000..3e6c713 --- /dev/null +++ b/debian/config-dir/mods-available/negotiation.conf @@ -0,0 +1,14 @@ +# LanguagePriority allows you to give precedence to some languages +# in case of a tie during content negotiation. +# +# Just list the languages in decreasing order of preference. We have +# more or less alphabetized them here. You probably want to change this. +# +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW + +# +# ForceLanguagePriority allows you to serve a result page rather than +# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) +# [in case no accepted languages matched the available variants] +# +ForceLanguagePriority Prefer Fallback diff --git a/debian/config-dir/mods-available/negotiation.load b/debian/config-dir/mods-available/negotiation.load new file mode 100644 index 0000000..8df5711 --- /dev/null +++ b/debian/config-dir/mods-available/negotiation.load @@ -0,0 +1 @@ +LoadModule negotiation_module /usr/lib/apache2/modules/mod_negotiation.so diff --git a/debian/config-dir/mods-available/proxy.conf b/debian/config-dir/mods-available/proxy.conf new file mode 100644 index 0000000..ac763f1 --- /dev/null +++ b/debian/config-dir/mods-available/proxy.conf @@ -0,0 +1,21 @@ +# If you want to use apache2 as a forward proxy, uncomment the +# 'ProxyRequests On' line and the <Proxy *> block below. +# WARNING: Be careful to restrict access inside the <Proxy *> block. +# Open proxy servers are dangerous both to your network and to the +# Internet at large. +# +# If you only want to use apache2 as a reverse proxy/gateway in +# front of some web application server, you DON'T need +# 'ProxyRequests On'. + +#ProxyRequests On +#<Proxy *> +# AddDefaultCharset off +# Require all denied +# #Require local +#</Proxy> + +# Enable/disable the handling of HTTP/1.1 "Via:" headers. +# ("Full" adds the server version; "Block" removes all outgoing Via: headers) +# Set to one of: Off | On | Full | Block +#ProxyVia Off diff --git a/debian/config-dir/mods-available/proxy.load b/debian/config-dir/mods-available/proxy.load new file mode 100644 index 0000000..8828205 --- /dev/null +++ b/debian/config-dir/mods-available/proxy.load @@ -0,0 +1 @@ +LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so diff --git a/debian/config-dir/mods-available/proxy_ajp.load b/debian/config-dir/mods-available/proxy_ajp.load new file mode 100644 index 0000000..adc0c86 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_ajp.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_ajp_module /usr/lib/apache2/modules/mod_proxy_ajp.so diff --git a/debian/config-dir/mods-available/proxy_balancer.conf b/debian/config-dir/mods-available/proxy_balancer.conf new file mode 100644 index 0000000..6b62ec2 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_balancer.conf @@ -0,0 +1,9 @@ +# Balancer manager enables dynamic update of balancer members +# (needs mod_status). Uncomment to enable. +# +#<IfModule mod_status.c> +# <Location /balancer-manager> +# SetHandler balancer-manager +# Require local +# </Location> +#</IfModule> diff --git a/debian/config-dir/mods-available/proxy_balancer.load b/debian/config-dir/mods-available/proxy_balancer.load new file mode 100644 index 0000000..2baa546 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_balancer.load @@ -0,0 +1,2 @@ +# Depends: proxy alias slotmem_shm +LoadModule proxy_balancer_module /usr/lib/apache2/modules/mod_proxy_balancer.so diff --git a/debian/config-dir/mods-available/proxy_connect.load b/debian/config-dir/mods-available/proxy_connect.load new file mode 100644 index 0000000..df81372 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_connect.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_connect_module /usr/lib/apache2/modules/mod_proxy_connect.so diff --git a/debian/config-dir/mods-available/proxy_express.load b/debian/config-dir/mods-available/proxy_express.load new file mode 100644 index 0000000..81d3a2f --- /dev/null +++ b/debian/config-dir/mods-available/proxy_express.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_express_module /usr/lib/apache2/modules/mod_proxy_express.so diff --git a/debian/config-dir/mods-available/proxy_fcgi.load b/debian/config-dir/mods-available/proxy_fcgi.load new file mode 100644 index 0000000..067c87e --- /dev/null +++ b/debian/config-dir/mods-available/proxy_fcgi.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_fcgi_module /usr/lib/apache2/modules/mod_proxy_fcgi.so diff --git a/debian/config-dir/mods-available/proxy_fdpass.load b/debian/config-dir/mods-available/proxy_fdpass.load new file mode 100644 index 0000000..b27bcdb --- /dev/null +++ b/debian/config-dir/mods-available/proxy_fdpass.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_fdpass_module /usr/lib/apache2/modules/mod_proxy_fdpass.so diff --git a/debian/config-dir/mods-available/proxy_ftp.conf b/debian/config-dir/mods-available/proxy_ftp.conf new file mode 100644 index 0000000..103a4bb --- /dev/null +++ b/debian/config-dir/mods-available/proxy_ftp.conf @@ -0,0 +1,2 @@ +# Define the character set for proxied FTP listings. Default is ISO-8859-1 +ProxyFtpDirCharset UTF-8 diff --git a/debian/config-dir/mods-available/proxy_ftp.load b/debian/config-dir/mods-available/proxy_ftp.load new file mode 100644 index 0000000..8f2a197 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_ftp.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_ftp_module /usr/lib/apache2/modules/mod_proxy_ftp.so diff --git a/debian/config-dir/mods-available/proxy_hcheck.load b/debian/config-dir/mods-available/proxy_hcheck.load new file mode 100644 index 0000000..b70f421 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_hcheck.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_hcheck_module /usr/lib/apache2/modules/mod_proxy_hcheck.so diff --git a/debian/config-dir/mods-available/proxy_html.conf b/debian/config-dir/mods-available/proxy_html.conf new file mode 100644 index 0000000..a6b40df --- /dev/null +++ b/debian/config-dir/mods-available/proxy_html.conf @@ -0,0 +1,76 @@ +# Configuration example. +# +# For detailed information about these directives see +# <URL:http://httpd.apache.org/docs/2.4/mod/mod_proxy_html.html> +# and for mod_xml2enc see +# <URL:http://httpd.apache.org/docs/2.4/mod/mod_xml2enc.html> +# + +# All knowledge of HTML links has been removed from the mod_proxy_html +# code itself, and is instead read from httpd.conf (or included file) +# at server startup. So you MUST declare it. This will normally be +# at top level, but can also be used in a <Location>. +# +# Here's the declaration for W3C HTML 4.01 and XHTML 1.0 + +ProxyHTMLLinks a href +ProxyHTMLLinks area href +ProxyHTMLLinks link href +ProxyHTMLLinks img src longdesc usemap +ProxyHTMLLinks object classid codebase data usemap +ProxyHTMLLinks q cite +ProxyHTMLLinks blockquote cite +ProxyHTMLLinks ins cite +ProxyHTMLLinks del cite +ProxyHTMLLinks form action +ProxyHTMLLinks input src usemap +ProxyHTMLLinks head profile +ProxyHTMLLinks base href +ProxyHTMLLinks script src for + +# To support scripting events (with ProxyHTMLExtended On), +# you'll need to declare them too. + +ProxyHTMLEvents \ + onclick ondblclick \ + onmousedown onmouseup onmouseover onmousemove onmouseout \ + onkeypress onkeydown onkeyup onfocus onblur \ + onload onunload onsubmit onreset onselect onchange + +# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML, +# you'll need to uncomment the following deprecated link attributes. +# Note that these are enabled in earlier mod_proxy_html versions +# +# ProxyHTMLLinks frame src longdesc +# ProxyHTMLLinks iframe src longdesc +# ProxyHTMLLinks body background +# ProxyHTMLLinks applet codebase +# +# If you're dealing with proprietary HTML variants, +# declare your own URL attributes here as required. +# +# ProxyHTMLLinks myelement myattr otherattr +# +########### +# EXAMPLE # +########### +# +# To define the URL /my-gateway/ as a gateway to an appserver with address +# http://some.app.intranet/ on a private network, after loading the +# modules and including this configuration file: +# +# ProxyRequests Off <-- this is an important security setting +# ProxyPass /my-gateway/ http://some.app.intranet/ +# <Location /my-gateway/> +# ProxyPassReverse / +# ProxyHTMLEnable On +# ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/ +# ProxyHTMLURLMap / /my-gateway/ +# </Location> +# +# Many (though not all) real-life setups are more complex. +# +# See the documentation at +# http://apache.webthing.com/mod_proxy_html/ +# and the tutorial at +# http://www.apachetutor.org/admin/reverseproxies diff --git a/debian/config-dir/mods-available/proxy_html.load b/debian/config-dir/mods-available/proxy_html.load new file mode 100644 index 0000000..50f1a2c --- /dev/null +++ b/debian/config-dir/mods-available/proxy_html.load @@ -0,0 +1,2 @@ +# Depends: proxy xml2enc +LoadModule proxy_html_module /usr/lib/apache2/modules/mod_proxy_html.so diff --git a/debian/config-dir/mods-available/proxy_http.load b/debian/config-dir/mods-available/proxy_http.load new file mode 100644 index 0000000..a3ffe02 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_http.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so diff --git a/debian/config-dir/mods-available/proxy_http2.load b/debian/config-dir/mods-available/proxy_http2.load new file mode 100644 index 0000000..b251d0c --- /dev/null +++ b/debian/config-dir/mods-available/proxy_http2.load @@ -0,0 +1,2 @@ +# Depends: proxy http2 +LoadModule proxy_http2_module /usr/lib/apache2/modules/mod_proxy_http2.so diff --git a/debian/config-dir/mods-available/proxy_scgi.load b/debian/config-dir/mods-available/proxy_scgi.load new file mode 100644 index 0000000..fb6b0d7 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_scgi.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_scgi_module /usr/lib/apache2/modules/mod_proxy_scgi.so diff --git a/debian/config-dir/mods-available/proxy_uwsgi.load b/debian/config-dir/mods-available/proxy_uwsgi.load new file mode 100644 index 0000000..79ebd42 --- /dev/null +++ b/debian/config-dir/mods-available/proxy_uwsgi.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_uwsgi_module /usr/lib/apache2/modules/mod_proxy_uwsgi.so diff --git a/debian/config-dir/mods-available/proxy_wstunnel.load b/debian/config-dir/mods-available/proxy_wstunnel.load new file mode 100644 index 0000000..fe6589d --- /dev/null +++ b/debian/config-dir/mods-available/proxy_wstunnel.load @@ -0,0 +1,2 @@ +# Depends: proxy +LoadModule proxy_wstunnel_module /usr/lib/apache2/modules/mod_proxy_wstunnel.so diff --git a/debian/config-dir/mods-available/ratelimit.load b/debian/config-dir/mods-available/ratelimit.load new file mode 100644 index 0000000..fc933d7 --- /dev/null +++ b/debian/config-dir/mods-available/ratelimit.load @@ -0,0 +1,2 @@ +# Depends: env +LoadModule ratelimit_module /usr/lib/apache2/modules/mod_ratelimit.so diff --git a/debian/config-dir/mods-available/reflector.load b/debian/config-dir/mods-available/reflector.load new file mode 100644 index 0000000..91701d8 --- /dev/null +++ b/debian/config-dir/mods-available/reflector.load @@ -0,0 +1 @@ +LoadModule reflector_module /usr/lib/apache2/modules/mod_reflector.so diff --git a/debian/config-dir/mods-available/remoteip.load b/debian/config-dir/mods-available/remoteip.load new file mode 100644 index 0000000..a771554 --- /dev/null +++ b/debian/config-dir/mods-available/remoteip.load @@ -0,0 +1 @@ +LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so diff --git a/debian/config-dir/mods-available/reqtimeout.conf b/debian/config-dir/mods-available/reqtimeout.conf new file mode 100644 index 0000000..8b5f551 --- /dev/null +++ b/debian/config-dir/mods-available/reqtimeout.conf @@ -0,0 +1,21 @@ +# mod_reqtimeout limits the time waiting on the client to prevent an +# attacker from causing a denial of service by opening many connections +# but not sending requests. This file tries to give a sensible default +# configuration, but it may be necessary to tune the timeout values to +# the actual situation. Note that it is also possible to configure +# mod_reqtimeout per virtual host. + + +# Wait max 20 seconds for the first byte of the request line+headers +# From then, require a minimum data rate of 500 bytes/s, but don't +# wait longer than 40 seconds in total. +# Note: Lower timeouts may make sense on non-ssl virtual hosts but can +# cause problem with ssl enabled virtual hosts: This timeout includes +# the time a browser may need to fetch the CRL for the certificate. If +# the CRL server is not reachable, it may take more than 10 seconds +# until the browser gives up. +RequestReadTimeout header=20-40,minrate=500 + +# Wait max 10 seconds for the first byte of the request body (if any) +# From then, require a minimum data rate of 500 bytes/s +RequestReadTimeout body=10,minrate=500 diff --git a/debian/config-dir/mods-available/reqtimeout.load b/debian/config-dir/mods-available/reqtimeout.load new file mode 100644 index 0000000..8b2c5e6 --- /dev/null +++ b/debian/config-dir/mods-available/reqtimeout.load @@ -0,0 +1 @@ +LoadModule reqtimeout_module /usr/lib/apache2/modules/mod_reqtimeout.so diff --git a/debian/config-dir/mods-available/request.load b/debian/config-dir/mods-available/request.load new file mode 100644 index 0000000..6727f5a --- /dev/null +++ b/debian/config-dir/mods-available/request.load @@ -0,0 +1 @@ +LoadModule request_module /usr/lib/apache2/modules/mod_request.so diff --git a/debian/config-dir/mods-available/rewrite.load b/debian/config-dir/mods-available/rewrite.load new file mode 100644 index 0000000..b32f162 --- /dev/null +++ b/debian/config-dir/mods-available/rewrite.load @@ -0,0 +1 @@ +LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so diff --git a/debian/config-dir/mods-available/sed.load b/debian/config-dir/mods-available/sed.load new file mode 100644 index 0000000..cf5d9af --- /dev/null +++ b/debian/config-dir/mods-available/sed.load @@ -0,0 +1 @@ +LoadModule sed_module /usr/lib/apache2/modules/mod_sed.so diff --git a/debian/config-dir/mods-available/session.load b/debian/config-dir/mods-available/session.load new file mode 100644 index 0000000..f518c96 --- /dev/null +++ b/debian/config-dir/mods-available/session.load @@ -0,0 +1 @@ +LoadModule session_module /usr/lib/apache2/modules/mod_session.so diff --git a/debian/config-dir/mods-available/session_cookie.load b/debian/config-dir/mods-available/session_cookie.load new file mode 100644 index 0000000..8cffd89 --- /dev/null +++ b/debian/config-dir/mods-available/session_cookie.load @@ -0,0 +1,2 @@ +# Depends: session +LoadModule session_cookie_module /usr/lib/apache2/modules/mod_session_cookie.so diff --git a/debian/config-dir/mods-available/session_crypto.load b/debian/config-dir/mods-available/session_crypto.load new file mode 100644 index 0000000..b3f7a95 --- /dev/null +++ b/debian/config-dir/mods-available/session_crypto.load @@ -0,0 +1,2 @@ +# Depends: session +LoadModule session_crypto_module /usr/lib/apache2/modules/mod_session_crypto.so diff --git a/debian/config-dir/mods-available/session_dbd.load b/debian/config-dir/mods-available/session_dbd.load new file mode 100644 index 0000000..18fa4a4 --- /dev/null +++ b/debian/config-dir/mods-available/session_dbd.load @@ -0,0 +1,2 @@ +# Depends: session +LoadModule session_dbd_module /usr/lib/apache2/modules/mod_session_dbd.so diff --git a/debian/config-dir/mods-available/setenvif.conf b/debian/config-dir/mods-available/setenvif.conf new file mode 100644 index 0000000..8bba04c --- /dev/null +++ b/debian/config-dir/mods-available/setenvif.conf @@ -0,0 +1,26 @@ +# +# The following directives modify normal HTTP response behavior to +# handle known problems with browser implementations. +# +BrowserMatch "Mozilla/2" nokeepalive +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 +BrowserMatch "RealPlayer 4\.0" force-response-1.0 +BrowserMatch "Java/1\.0" force-response-1.0 +BrowserMatch "JDK/1\.0" force-response-1.0 + +# +# The following directive disables redirects on non-GET requests for +# a directory that does not include the trailing slash. This fixes a +# problem with Microsoft WebFolders which does not appropriately handle +# redirects for folders with DAV methods. +# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. +# +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1\.[012]" redirect-carefully +BrowserMatch "^gnome-vfs/1\.0" redirect-carefully +BrowserMatch "^gvfs/1" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully +BrowserMatch " Konqueror/4" redirect-carefully diff --git a/debian/config-dir/mods-available/setenvif.load b/debian/config-dir/mods-available/setenvif.load new file mode 100644 index 0000000..bcb5c52 --- /dev/null +++ b/debian/config-dir/mods-available/setenvif.load @@ -0,0 +1 @@ +LoadModule setenvif_module /usr/lib/apache2/modules/mod_setenvif.so diff --git a/debian/config-dir/mods-available/slotmem_plain.load b/debian/config-dir/mods-available/slotmem_plain.load new file mode 100644 index 0000000..0a68121 --- /dev/null +++ b/debian/config-dir/mods-available/slotmem_plain.load @@ -0,0 +1 @@ +LoadModule slotmem_plain_module /usr/lib/apache2/modules/mod_slotmem_plain.so diff --git a/debian/config-dir/mods-available/slotmem_shm.load b/debian/config-dir/mods-available/slotmem_shm.load new file mode 100644 index 0000000..48ba402 --- /dev/null +++ b/debian/config-dir/mods-available/slotmem_shm.load @@ -0,0 +1 @@ +LoadModule slotmem_shm_module /usr/lib/apache2/modules/mod_slotmem_shm.so diff --git a/debian/config-dir/mods-available/socache_dbm.load b/debian/config-dir/mods-available/socache_dbm.load new file mode 100644 index 0000000..c759d35 --- /dev/null +++ b/debian/config-dir/mods-available/socache_dbm.load @@ -0,0 +1 @@ +LoadModule socache_dbm_module /usr/lib/apache2/modules/mod_socache_dbm.so diff --git a/debian/config-dir/mods-available/socache_memcache.load b/debian/config-dir/mods-available/socache_memcache.load new file mode 100644 index 0000000..15d1ad0 --- /dev/null +++ b/debian/config-dir/mods-available/socache_memcache.load @@ -0,0 +1 @@ +LoadModule socache_memcache_module /usr/lib/apache2/modules/mod_socache_memcache.so diff --git a/debian/config-dir/mods-available/socache_redis.load b/debian/config-dir/mods-available/socache_redis.load new file mode 100644 index 0000000..b1a8de2 --- /dev/null +++ b/debian/config-dir/mods-available/socache_redis.load @@ -0,0 +1 @@ +LoadModule socache_redis_module /usr/lib/apache2/modules/mod_socache_redis.so diff --git a/debian/config-dir/mods-available/socache_shmcb.load b/debian/config-dir/mods-available/socache_shmcb.load new file mode 100644 index 0000000..542a2b2 --- /dev/null +++ b/debian/config-dir/mods-available/socache_shmcb.load @@ -0,0 +1 @@ +LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so diff --git a/debian/config-dir/mods-available/speling.load b/debian/config-dir/mods-available/speling.load new file mode 100644 index 0000000..423e401 --- /dev/null +++ b/debian/config-dir/mods-available/speling.load @@ -0,0 +1 @@ +LoadModule speling_module /usr/lib/apache2/modules/mod_speling.so diff --git a/debian/config-dir/mods-available/ssl.conf b/debian/config-dir/mods-available/ssl.conf new file mode 100644 index 0000000..83ca99e --- /dev/null +++ b/debian/config-dir/mods-available/ssl.conf @@ -0,0 +1,83 @@ +# Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the SSL library. +# The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. +# +SSLRandomSeed startup builtin +SSLRandomSeed startup file:/dev/urandom 512 +SSLRandomSeed connect builtin +SSLRandomSeed connect file:/dev/urandom 512 + +## +## SSL Global Context +## +## All SSL configuration in this context applies both to +## the main server and all SSL-enabled virtual hosts. +## + +# +# Some MIME-types for downloading Certificates and CRLs +# +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl + +# Pass Phrase Dialog: +# Configure the pass phrase gathering process. +# The filtering dialog program (`builtin' is a internal +# terminal dialog) has to provide the pass phrase on stdout. +SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase + +# Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism +# to use and second the expiring timeout (in seconds). +# (The mechanism dbm has known memory leaks and should not be used). +#SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache +SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000) +SSLSessionCacheTimeout 300 + +# Semaphore: +# Configure the path to the mutual exclusion semaphore the +# SSL engine uses internally for inter-process synchronization. +# (Disabled by default, the global Mutex directive consolidates by default +# this) +#Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache + + +# SSL Cipher Suite: +# List the ciphers that the client is permitted to negotiate. See the +# ciphers(1) man page from the openssl package for list of all available +# options. +# Enable only secure ciphers: +SSLCipherSuite HIGH:!aNULL + +# SSL server cipher order preference: +# Use server priorities for cipher algorithm choice. +# Clients may prefer lower grade encryption. You should enable this +# option if you want to enforce stronger encryption, and can afford +# the CPU cost, and did not override SSLCipherSuite in a way that puts +# insecure ciphers first. +# Default: Off +#SSLHonorCipherOrder on + +# The protocols to enable. +# Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2 +# SSL v2 is no longer supported +SSLProtocol all -SSLv3 + +# Allow insecure renegotiation with clients which do not yet support the +# secure renegotiation protocol. Default: Off +#SSLInsecureRenegotiation on + +# Whether to forbid non-SNI clients to access name based virtual hosts. +# Default: Off +#SSLStrictSNIVHostCheck On + +# Warning: Session Tickets require regular reloading of the server! +# Make sure you do this (e.g. via logrotate) before changing this setting! +SSLSessionTickets off diff --git a/debian/config-dir/mods-available/ssl.load b/debian/config-dir/mods-available/ssl.load new file mode 100644 index 0000000..3d2336a --- /dev/null +++ b/debian/config-dir/mods-available/ssl.load @@ -0,0 +1,2 @@ +# Depends: setenvif mime socache_shmcb +LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so diff --git a/debian/config-dir/mods-available/status.conf b/debian/config-dir/mods-available/status.conf new file mode 100644 index 0000000..cd7dd58 --- /dev/null +++ b/debian/config-dir/mods-available/status.conf @@ -0,0 +1,23 @@ +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status +# Uncomment and change the "192.0.2.0/24" to allow access from other hosts. + +<Location /server-status> + SetHandler server-status + Require local + #Require ip 192.0.2.0/24 +</Location> + +# Keep track of extended status information for each request +ExtendedStatus On + +# Determine if mod_status displays the first 63 characters of a request or +# the last 63, assuming the request itself is greater than 63 chars. +# Default: Off +#SeeRequestTail On + + +<IfModule mod_proxy.c> + # Show Proxy LoadBalancer status in mod_status + ProxyStatus On +</IfModule> diff --git a/debian/config-dir/mods-available/status.load b/debian/config-dir/mods-available/status.load new file mode 100644 index 0000000..9efd636 --- /dev/null +++ b/debian/config-dir/mods-available/status.load @@ -0,0 +1 @@ +LoadModule status_module /usr/lib/apache2/modules/mod_status.so diff --git a/debian/config-dir/mods-available/substitute.load b/debian/config-dir/mods-available/substitute.load new file mode 100644 index 0000000..df361cd --- /dev/null +++ b/debian/config-dir/mods-available/substitute.load @@ -0,0 +1 @@ +LoadModule substitute_module /usr/lib/apache2/modules/mod_substitute.so diff --git a/debian/config-dir/mods-available/suexec.load b/debian/config-dir/mods-available/suexec.load new file mode 100644 index 0000000..116858b --- /dev/null +++ b/debian/config-dir/mods-available/suexec.load @@ -0,0 +1 @@ +LoadModule suexec_module /usr/lib/apache2/modules/mod_suexec.so diff --git a/debian/config-dir/mods-available/unique_id.load b/debian/config-dir/mods-available/unique_id.load new file mode 100644 index 0000000..2d0c9eb --- /dev/null +++ b/debian/config-dir/mods-available/unique_id.load @@ -0,0 +1 @@ +LoadModule unique_id_module /usr/lib/apache2/modules/mod_unique_id.so diff --git a/debian/config-dir/mods-available/userdir.conf b/debian/config-dir/mods-available/userdir.conf new file mode 100644 index 0000000..16cf53c --- /dev/null +++ b/debian/config-dir/mods-available/userdir.conf @@ -0,0 +1,8 @@ +UserDir public_html +UserDir disabled root + +<Directory /home/*/public_html> + AllowOverride FileInfo AuthConfig Limit Indexes + Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec + Require method GET POST OPTIONS +</Directory> diff --git a/debian/config-dir/mods-available/userdir.load b/debian/config-dir/mods-available/userdir.load new file mode 100644 index 0000000..0cfc621 --- /dev/null +++ b/debian/config-dir/mods-available/userdir.load @@ -0,0 +1 @@ +LoadModule userdir_module /usr/lib/apache2/modules/mod_userdir.so diff --git a/debian/config-dir/mods-available/usertrack.load b/debian/config-dir/mods-available/usertrack.load new file mode 100644 index 0000000..25918b5 --- /dev/null +++ b/debian/config-dir/mods-available/usertrack.load @@ -0,0 +1 @@ +LoadModule usertrack_module /usr/lib/apache2/modules/mod_usertrack.so diff --git a/debian/config-dir/mods-available/vhost_alias.load b/debian/config-dir/mods-available/vhost_alias.load new file mode 100644 index 0000000..4fe4cb6 --- /dev/null +++ b/debian/config-dir/mods-available/vhost_alias.load @@ -0,0 +1 @@ +LoadModule vhost_alias_module /usr/lib/apache2/modules/mod_vhost_alias.so diff --git a/debian/config-dir/mods-available/xml2enc.load b/debian/config-dir/mods-available/xml2enc.load new file mode 100644 index 0000000..98cfa18 --- /dev/null +++ b/debian/config-dir/mods-available/xml2enc.load @@ -0,0 +1 @@ +LoadModule xml2enc_module /usr/lib/apache2/modules/mod_xml2enc.so diff --git a/debian/config-dir/ports.conf b/debian/config-dir/ports.conf new file mode 100644 index 0000000..f41641b --- /dev/null +++ b/debian/config-dir/ports.conf @@ -0,0 +1,13 @@ +# If you just change the port or add more ports here, you will likely also +# have to change the VirtualHost statement in +# /etc/apache2/sites-enabled/000-default.conf + +Listen 80 + +<IfModule ssl_module> + Listen 443 +</IfModule> + +<IfModule mod_gnutls.c> + Listen 443 +</IfModule> diff --git a/debian/config-dir/sites-available/000-default.conf b/debian/config-dir/sites-available/000-default.conf new file mode 100644 index 0000000..e69ed8b --- /dev/null +++ b/debian/config-dir/sites-available/000-default.conf @@ -0,0 +1,29 @@ +<VirtualHost *:80> + # The ServerName directive sets the request scheme, hostname and port that + # the server uses to identify itself. This is used when creating + # redirection URLs. In the context of virtual hosts, the ServerName + # specifies what hostname must appear in the request's Host: header to + # match this virtual host. For the default virtual host (this file) this + # value is not decisive as it is used as a last resort host regardless. + # However, you must set it for any further virtual host explicitly. + #ServerName www.example.com + + ServerAdmin webmaster@localhost + DocumentRoot /var/www/html + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf +</VirtualHost> diff --git a/debian/config-dir/sites-available/default-ssl.conf b/debian/config-dir/sites-available/default-ssl.conf new file mode 100644 index 0000000..330280d --- /dev/null +++ b/debian/config-dir/sites-available/default-ssl.conf @@ -0,0 +1,130 @@ +<VirtualHost *:443> + ServerAdmin webmaster@localhost + + DocumentRoot /var/www/html + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf + + # SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + # A self-signed (snakeoil) certificate can be created by installing + # the ssl-cert package. See + # /usr/share/doc/apache2/README.Debian.gz for more info. + # If both key and certificate are stored in the same file, only the + # SSLCertificateFile directive is needed. + SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem + SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + + # Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the + # concatenation of PEM encoded CA certificates which form the + # certificate chain for the server certificate. Alternatively + # the referenced file can be the same as SSLCertificateFile + # when the CA certificates are directly appended to the server + # certificate for convinience. + #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt + + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath /etc/ssl/certs/ + #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt + + # Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client + # authentication or alternatively one huge file containing all + # of them (file must be PEM encoded) + # Note: Inside SSLCARevocationPath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCARevocationPath /etc/apache2/ssl.crl/ + #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl + + # Client Authentication (Type): + # Client certificate verification type and depth. Types are + # none, optional, require and optional_no_ca. Depth is a + # number which specifies how deeply to verify the certificate + # issuer chain before deciding the certificate is not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + # SSL Engine Options: + # Set various options for the SSL engine. + # o FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that + # the standard Auth/DBMAuth methods can be used for access control. The + # user name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + # o ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the + # server (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates + # into CGI scripts. + # o StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the + # exportation for CGI and SSI requests only. + # o OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + <FilesMatch "\.(?:cgi|shtml|phtml|php)$"> + SSLOptions +StdEnvVars + </FilesMatch> + <Directory /usr/lib/cgi-bin> + SSLOptions +StdEnvVars + </Directory> + + # SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait for + # the close notify alert from client. When you need a different shutdown + # approach you can use one of the following variables: + # o ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates + # the SSL/TLS standard but is needed for some brain-dead browsers. Use + # this when you receive I/O errors because of the standard approach where + # mod_ssl sends the close notify alert. + # o ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation + # works correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + # BrowserMatch "MSIE [2-6]" \ + # nokeepalive ssl-unclean-shutdown \ + # downgrade-1.0 force-response-1.0 + +</VirtualHost> |