12 files changed, 1061 insertions, 0 deletions
diff --git a/docs/conf/extra/httpd-autoindex.conf.in b/docs/conf/extra/httpd-autoindex.conf.in
new file mode 100644
index 0000000..51b02ed
--- /dev/null
+++ b/docs/conf/extra/httpd-autoindex.conf.in
@@ -0,0 +1,93 @@
+#
+# Directives controlling the display of server-generated directory listings.
+#
+# Required modules: mod_authz_core, mod_authz_host,
+#                   mod_autoindex, mod_alias
+#
+# To see the listing of a directory, the Options directive for the
+# directory must include "Indexes", and the directory must not contain
+# a file matching those listed in the DirectoryIndex directive.
+#
+
+#
+# IndexOptions: Controls the appearance of server-generated directory
+# listings.
+#
+IndexOptions FancyIndexing HTMLTable VersionSort
+
+# We include the /icons/ alias for FancyIndexed directory listings.  If
+# you do not use FancyIndexing, you may comment this out.
+#
+Alias /icons/ "@exp_iconsdir@/"
+
+<Directory "@exp_iconsdir@">
+    Options Indexes MultiViews
+    AllowOverride None
+    Require all granted
+</Directory>
+
+#
+# AddIcon* directives tell the server which icon to show for different
+# files or filename extensions.  These are only displayed for
+# FancyIndexed directories.
+#
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+#
+# DefaultIcon is which icon to show for files which do not have an icon
+# explicitly set.
+#
+DefaultIcon /icons/unknown.gif
+
+#
+# AddDescription allows you to place a short description after a file in
+# server-generated indexes.  These are only displayed for FancyIndexed
+# directories.
+# Format: AddDescription "description" filename
+#
+#AddDescription "GZIP compressed document" .gz
+#AddDescription "tar archive" .tar
+#AddDescription "GZIP compressed tar archive" .tgz
+
+#
+# ReadmeName is the name of the README file the server will look for by
+# default, and append to directory listings.
+#
+# HeaderName is the name of a file which should be prepended to
+# directory indexes. 
+ReadmeName README.html
+HeaderName HEADER.html
+
+#
+# IndexIgnore is a set of filenames which directory indexing should ignore
+# and not include in the listing.  Shell-style wildcarding is permitted.
+#
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+
diff --git a/docs/conf/extra/httpd-dav.conf.in b/docs/conf/extra/httpd-dav.conf.in
new file mode 100644
index 0000000..f1d35e0
--- /dev/null
+++ b/docs/conf/extra/httpd-dav.conf.in
@@ -0,0 +1,50 @@
+#
+# Distributed authoring and versioning (WebDAV)
+#
+# Required modules: mod_alias, mod_auth_digest, mod_authn_core, mod_authn_file,
+#                   mod_authz_core, mod_authz_user, mod_dav, mod_dav_fs,
+#                   mod_setenvif
+
+# The following example gives DAV write access to a directory called
+# "uploads" under the ServerRoot directory.
+#
+# The User/Group specified in httpd.conf needs to have write permissions
+# on the directory where the DavLockDB is placed and on any directory where
+# "Dav On" is specified.
+
+DavLockDB "@@ServerRoot@@/var/DavLock"
+
+Alias /uploads "@@ServerRoot@@/uploads"
+
+<Directory "@@ServerRoot@@/uploads">
+    Dav On
+
+    AuthType Digest
+    AuthName DAV-upload
+    # You can use the htdigest program to create the password database:
+    #   htdigest -c "@@ServerRoot@@/user.passwd" DAV-upload admin
+    AuthUserFile "@@ServerRoot@@/user.passwd"
+    AuthDigestProvider file
+
+    # Allow universal read-access, but writes are restricted
+    # to the admin user.
+    <RequireAny>
+        Require method GET POST OPTIONS
+        Require user admin
+    </RequireAny>
+</Directory>
+
+#
+# The following directives disable redirects on non-GET requests for
+# a directory that does not include the trailing slash.  This fixes a 
+# problem with several clients that do not appropriately handle 
+# redirects for folders with DAV methods.
+#
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "MS FrontPage" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+BrowserMatch "^XML Spy" redirect-carefully
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+BrowserMatch " Konqueror/4" redirect-carefully
diff --git a/docs/conf/extra/httpd-default.conf.in b/docs/conf/extra/httpd-default.conf.in
new file mode 100644
index 0000000..7196922
--- /dev/null
+++ b/docs/conf/extra/httpd-default.conf.in
@@ -0,0 +1,90 @@
+#
+# This configuration file reflects default settings for Apache HTTP Server.
+#
+# You may change these, but chances are that you may not need to.
+#
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 60
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+#
+# UseCanonicalName: Determines how Apache constructs self-referencing 
+# URLs and the SERVER_NAME and SERVER_PORT variables.
+# When set "Off", Apache will use the Hostname and Port supplied
+# by the client.  When set "On", Apache will use the value of the
+# ServerName directive.
+#
+UseCanonicalName Off
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives.  See also the AllowOverride 
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory 
+# listings, mod_status and mod_info output etc., but not CGI generated 
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of:  On | Off | EMail
+#
+ServerSignature Off
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+#
+# Set a timeout for how long the client may take to send the request header
+# and body.
+# The default for the headers is header=20-40,MinRate=500, which means wait
+# for the first byte of headers for 20 seconds. If some data arrives,
+# increase the timeout corresponding to a data rate of 500 bytes/s, but not
+# above 40 seconds.
+# The default for the request body is body=20,MinRate=500, which is the same
+# but has no upper limit for the timeout.
+# To disable, set to header=0 body=0
+#
+<IfModule reqtimeout_module>
+  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
+</IfModule>
diff --git a/docs/conf/extra/httpd-info.conf.in b/docs/conf/extra/httpd-info.conf.in
new file mode 100644
index 0000000..5cfdf69
--- /dev/null
+++ b/docs/conf/extra/httpd-info.conf.in
@@ -0,0 +1,36 @@
+#
+# Get information about the requests being processed by the server
+# and the configuration of the server.
+#
+# Required modules: mod_authz_core, mod_authz_host,
+#                   mod_info (for the server-info handler),
+#                   mod_status (for the server-status handler)
+
+#
+# Allow server status reports generated by mod_status,
+# with the URL of http://servername/server-status
+# Change the ".example.com" to match your domain to enable.
+
+<Location /server-status>
+    SetHandler server-status
+    Require host .example.com
+    Require ip 127
+</Location>
+
+#
+# ExtendedStatus controls whether Apache will generate "full" status
+# information (ExtendedStatus On) or just basic information (ExtendedStatus
+# Off) when the "server-status" handler is called. The default is Off.
+#
+#ExtendedStatus On
+
+#
+# Allow remote server configuration reports, with the URL of
+#  http://servername/server-info (requires that mod_info.c be loaded).
+# Change the ".example.com" to match your domain to enable.
+#
+<Location /server-info>
+    SetHandler server-info
+    Require host .example.com
+    Require ip 127
+</Location>
diff --git a/docs/conf/extra/httpd-languages.conf.in b/docs/conf/extra/httpd-languages.conf.in
new file mode 100644
index 0000000..7f66461
--- /dev/null
+++ b/docs/conf/extra/httpd-languages.conf.in
@@ -0,0 +1,141 @@
+#
+# Settings for hosting different languages.
+#
+# Required modules: mod_mime, mod_negotiation
+
+# DefaultLanguage and AddLanguage allows you to specify the language of 
+# a document. You can then use content negotiation to give a browser a 
+# file in a language the user can understand.
+#
+# Specify a default language. This means that all data
+# going out without a specific language tag (see below) will 
+# be marked with this one. You probably do NOT want to set
+# this unless you are sure it is correct for all cases.
+#
+# * It is generally better to not mark a page as 
+# * being a certain language than marking it with the wrong
+# * language!
+#
+# DefaultLanguage nl
+#
+# Note 1: The suffix does not have to be the same as the language
+# keyword --- those with documents in Polish (whose net-standard
+# language code is pl) may wish to use "AddLanguage pl .po" to
+# avoid the ambiguity with the common suffix for perl scripts.
+#
+# Note 2: The example entries below illustrate that in some cases 
+# the two character 'Language' abbreviation is not identical to 
+# the two character 'Country' code for its country,
+# E.g. 'Danmark/dk' versus 'Danish/da'.
+#
+# Note 3: In the case of 'ltz' we violate the RFC by using a three char
+# specifier. There is 'work in progress' to fix this and get
+# the reference data for rfc1766 cleaned up.
+#
+# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+# Norwegian (no) - Polish (pl) - Portugese (pt)
+# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
+# Traditional Chinese (zh-TW)
+#
+AddLanguage ca .ca
+AddLanguage cs .cz .cs
+AddLanguage da .dk
+AddLanguage de .de
+AddLanguage el .el
+AddLanguage en .en
+AddLanguage eo .eo
+AddLanguage es .es
+AddLanguage et .et
+AddLanguage fr .fr
+AddLanguage he .he
+AddLanguage hr .hr
+AddLanguage it .it
+AddLanguage ja .ja
+AddLanguage ko .ko
+AddLanguage ltz .ltz
+AddLanguage nl .nl
+AddLanguage nn .nn
+AddLanguage no .no
+AddLanguage pl .po
+AddLanguage pt .pt
+AddLanguage pt-BR .pt-br
+AddLanguage ru .ru
+AddLanguage sv .sv
+AddLanguage tr .tr
+AddLanguage zh-CN .zh-cn
+AddLanguage zh-TW .zh-tw
+
+# LanguagePriority allows you to give precedence to some languages
+# in case of a tie during content negotiation.
+#
+# Just list the languages in decreasing order of preference. We have
+# more or less alphabetized them here. You probably want to change this.
+#
+LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
+
+#
+# ForceLanguagePriority allows you to serve a result page rather than
+# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+# [in case no accepted languages matched the available variants]
+#
+ForceLanguagePriority Prefer Fallback
+
+#
+# Commonly used filename extensions to character sets. You probably
+# want to avoid clashes with the language extensions, unless you
+# are good at carefully testing your setup after each change.
+# See http://www.iana.org/assignments/character-sets for the
+# official list of charset names and their respective RFCs.
+#
+AddCharset us-ascii.ascii .us-ascii
+AddCharset ISO-8859-1  .iso8859-1  .latin1
+AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
+AddCharset ISO-8859-3  .iso8859-3  .latin3
+AddCharset ISO-8859-4  .iso8859-4  .latin4
+AddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru
+AddCharset ISO-8859-6  .iso8859-6  .arb .arabic
+AddCharset ISO-8859-7  .iso8859-7  .grk .greek
+AddCharset ISO-8859-8  .iso8859-8  .heb .hebrew
+AddCharset ISO-8859-9  .iso8859-9  .latin5 .trk
+AddCharset ISO-8859-10  .iso8859-10  .latin6
+AddCharset ISO-8859-13  .iso8859-13
+AddCharset ISO-8859-14  .iso8859-14  .latin8
+AddCharset ISO-8859-15  .iso8859-15  .latin9
+AddCharset ISO-8859-16  .iso8859-16  .latin10
+AddCharset ISO-2022-JP .iso2022-jp .jis
+AddCharset ISO-2022-KR .iso2022-kr .kis
+AddCharset ISO-2022-CN .iso2022-cn .cis
+AddCharset Big5.Big5   .big5 .b5
+AddCharset cn-Big5 .cn-big5
+# For russian, more than one charset is used (depends on client, mostly):
+AddCharset WINDOWS-1251 .cp-1251   .win-1251
+AddCharset CP866   .cp866
+AddCharset KOI8  .koi8
+AddCharset KOI8-E  .koi8-e
+AddCharset KOI8-r  .koi8-r .koi8-ru
+AddCharset KOI8-U  .koi8-u
+AddCharset KOI8-ru .koi8-uk .ua
+AddCharset ISO-10646-UCS-2 .ucs2
+AddCharset ISO-10646-UCS-4 .ucs4
+AddCharset UTF-7   .utf7
+AddCharset UTF-8   .utf8
+AddCharset UTF-16  .utf16
+AddCharset UTF-16BE .utf16be
+AddCharset UTF-16LE .utf16le
+AddCharset UTF-32  .utf32
+AddCharset UTF-32BE .utf32be
+AddCharset UTF-32LE .utf32le
+AddCharset euc-cn  .euc-cn
+AddCharset euc-gb  .euc-gb
+AddCharset euc-jp  .euc-jp
+AddCharset euc-kr  .euc-kr
+#Not sure how euc-tw got in - IANA doesn't list it???
+AddCharset EUC-TW  .euc-tw
+AddCharset gb2312  .gb2312 .gb
+AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+AddCharset shift_jis   .shift_jis .sjis
diff --git a/docs/conf/extra/httpd-manual.conf.in b/docs/conf/extra/httpd-manual.conf.in
new file mode 100644
index 0000000..e8222a9
--- /dev/null
+++ b/docs/conf/extra/httpd-manual.conf.in
@@ -0,0 +1,38 @@
+#
+# Provide access to the documentation on your server as
+#  http://yourserver.example.com/manual/
+# The documentation is always available at
+#  http://httpd.apache.org/docs/2.4/
+#
+# Required modules: mod_alias, mod_authz_core, mod_authz_host,
+#                   mod_setenvif, mod_negotiation
+#
+
+AliasMatch ^/manual(?:/(?:da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn))?(/.*)?$ "@exp_manualdir@$1"
+
+<Directory "@exp_manualdir@">
+    Options Indexes
+    AllowOverride None
+    Require all granted
+
+    <Files *.html>
+        SetHandler type-map
+    </Files>
+
+    # .tr is text/troff in mime.types!
+    RemoveType tr
+
+    # Traditionally, used .dk filename extension for da language
+    AddLanguage da .da
+
+    SetEnvIf Request_URI ^/manual/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)/ prefer-language=$1
+    RedirectMatch 301 ^/manual(?:/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)){2,}(/.*)?$ /manual/$1$2
+
+    # Reflect the greatest effort in translation (most content available),
+    # inferring greater attention to detail (potentially false assumption,
+    # counting translations presently in-sync would be more helpful.)
+    # Use caution counting; safest pattern is '*.xml.XX'. Recent .xml source
+    # document count: 266 214 110 94 82 25 22    18     4  1  1
+    LanguagePriority   en  fr  ko ja tr es de zh-cn pt-br da ru
+    ForceLanguagePriority Prefer Fallback
+</Directory>
diff --git a/docs/conf/extra/httpd-mpm.conf.in b/docs/conf/extra/httpd-mpm.conf.in
new file mode 100644
index 0000000..bf29faf
--- /dev/null
+++ b/docs/conf/extra/httpd-mpm.conf.in
@@ -0,0 +1,119 @@
+#
+# Server-Pool Management (MPM specific)
+# 
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+# Note that this is the default PidFile for most MPMs.
+#
+<IfModule !mpm_netware_module>
+    PidFile "@rel_runtimedir@/httpd.pid"
+</IfModule>
+
+#
+# Only one of the below sections will be relevant on your
+# installed httpd.  Use "apachectl -l" to find out the
+# active mpm.
+#
+
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxRequestWorkers: maximum number of server processes allowed to start
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
+<IfModule mpm_prefork_module>
+    StartServers             5
+    MinSpareServers          5
+    MaxSpareServers         10
+    MaxRequestWorkers      250
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestWorkers: maximum number of worker threads
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
+<IfModule mpm_worker_module>
+    StartServers             3
+    MinSpareThreads         75
+    MaxSpareThreads        250 
+    ThreadsPerChild         25
+    MaxRequestWorkers      400
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# event MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestWorkers: maximum number of worker threads
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
+<IfModule mpm_event_module>
+    StartServers             3
+    MinSpareThreads         75
+    MaxSpareThreads        250
+    ThreadsPerChild         25
+    MaxRequestWorkers      400
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# NetWare MPM
+# ThreadStackSize: Stack size allocated for each worker thread
+# StartThreads: Number of worker threads launched at server startup
+# MinSpareThreads: Minimum number of idle threads, to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads
+# MaxThreads: Maximum number of worker threads alive at the same time
+# MaxConnectionsPerChild: Maximum  number of connections a thread serves. It
+#                         is recommended that the default value of 0 be set
+#                         for this directive on NetWare.  This will allow the
+#                         thread to continue to service requests indefinitely.
+<IfModule mpm_netware_module>
+    ThreadStackSize      65536
+    StartThreads           250
+    MinSpareThreads         25
+    MaxSpareThreads        250
+    MaxThreads            1000
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# OS/2 MPM
+# StartServers: Number of server processes to maintain
+# MinSpareThreads: Minimum number of idle threads per process, 
+#                  to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads per process
+# MaxConnectionsPerChild: Maximum number of connections per server process
+<IfModule mpm_mpmt_os2_module>
+    StartServers             2
+    MinSpareThreads          5
+    MaxSpareThreads         10
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# WinNT MPM
+# ThreadsPerChild: constant number of worker threads in the server process
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+<IfModule mpm_winnt_module>
+    ThreadsPerChild        150
+    MaxConnectionsPerChild   0
+</IfModule>
+
+# The maximum number of free Kbytes that every allocator is allowed
+# to hold without calling free(). In threaded MPMs, every thread has its own
+# allocator. When not set, or when set to zero, the threshold will be set to
+# unlimited.
+<IfModule !mpm_netware_module>
+    MaxMemFree            2048
+</IfModule>
+<IfModule mpm_netware_module>
+    MaxMemFree             100
+</IfModule>
diff --git a/docs/conf/extra/httpd-multilang-errordoc.conf.in b/docs/conf/extra/httpd-multilang-errordoc.conf.in
new file mode 100644
index 0000000..3da3bf2
--- /dev/null
+++ b/docs/conf/extra/httpd-multilang-errordoc.conf.in
@@ -0,0 +1,52 @@
+#
+# The configuration below implements multi-language error documents through
+# content-negotiation.
+#
+# Required modules: mod_alias, mod_authz_core, mod_authz_host,
+#                   mod_include, mod_negotiation
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections.  We use 
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+#   Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# @exp_errordir@/include/ files and copying them to /your/include/path/, 
+# even on a per-VirtualHost basis.  The default include files will display
+# your Apache version number and your ServerAdmin email address regardless
+# of the setting of ServerSignature.
+
+Alias /error/ "@exp_errordir@/"
+
+<Directory "@exp_errordir@">
+    AllowOverride None
+    Options IncludesNoExec
+    AddOutputFilter Includes html
+    AddHandler type-map var
+    Require all granted
+    LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
+    ForceLanguagePriority Prefer Fallback
+</Directory>
+
+ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+ErrorDocument 410 /error/HTTP_GONE.html.var
+ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+
diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in
new file mode 100644
index 0000000..6a3c67a
--- /dev/null
+++ b/docs/conf/extra/httpd-ssl.conf.in
@@ -0,0 +1,290 @@
+#
+# This is the Apache server configuration file providing SSL support.
+# It contains the configuration directives to instruct the server how to
+# serve pages over an https connection. For detailed information about these 
+# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
+# 
+# Do NOT simply read the instructions in here without understanding
+# what they do.  They're here only as hints or reminders.  If you are unsure
+# consult the online docs. You have been warned.  
+#
+# Required modules: mod_log_config, mod_setenvif, mod_ssl,
+#          socache_shmcb_module (for default value of SSLSessionCache)
+
+#
+# Pseudo Random Number Generator (PRNG):
+# Configure one or more sources to seed the PRNG of the SSL library.
+# The seed data should be of good random quality.
+# WARNING! On some platforms /dev/random blocks if not enough entropy
+# is available. This means you then cannot use the /dev/random device
+# because it would lead to very long connection times (as long as
+# it requires to make more entropy available). But usually those
+# platforms additionally provide a /dev/urandom device which doesn't
+# block. So, if available, use this one instead. Read the mod_ssl User
+# Manual for more details.
+#
+#SSLRandomSeed startup file:/dev/random  512
+#SSLRandomSeed startup file:/dev/urandom 512
+#SSLRandomSeed connect file:/dev/random  512
+#SSLRandomSeed connect file:/dev/urandom 512
+
+
+#
+# When we also provide SSL we have to listen to the 
+# standard HTTP port (see above) and to the HTTPS port
+#
+Listen @@SSLPort@@
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+#   SSL Cipher Suite:
+#   List the ciphers that the client is permitted to negotiate,
+#   and that httpd will negotiate as the client of a proxied server.
+#   See the OpenSSL documentation for a complete list of ciphers, and
+#   ensure these follow appropriate best practices for this deployment.
+#   httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
+#   while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
+SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
+SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
+
+#  By the end of 2016, only TLSv1.2 ciphers should remain in use.
+#  Older ciphers should be disallowed as soon as possible, while the
+#  kRSA ciphers do not offer forward secrecy.  These changes inhibit
+#  older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy
+#  non-browser tooling) from successfully connecting.  
+#
+#  To restrict mod_ssl to use only TLSv1.2 ciphers, and disable
+#  those protocols which do not support forward secrecy, replace
+#  the SSLCipherSuite and SSLProxyCipherSuite directives above with
+#  the following two directives, as soon as practical.
+# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
+# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
+
+#   User agents such as web browsers are not configured for the user's
+#   own preference of either security or performance, therefore this
+#   must be the prerogative of the web server administrator who manages
+#   cpu load versus confidentiality, so enforce the server's cipher order.
+SSLHonorCipherOrder on 
+
+#   SSL Protocol support:
+#   List the protocol versions which clients are allowed to connect with.
+#   Disable SSLv3 by default (cf. RFC 7525 3.1.1).  TLSv1 (1.0) should be
+#   disabled as quickly as practical.  By the end of 2016, only the TLSv1.2
+#   protocol or later should remain in use.
+SSLProtocol all -SSLv3
+SSLProxyProtocol all -SSLv3
+
+#   Pass Phrase Dialog:
+#   Configure the pass phrase gathering process.
+#   The filtering dialog program (`builtin' is an internal
+#   terminal dialog) has to provide the pass phrase on stdout.
+SSLPassPhraseDialog  builtin
+
+#   Inter-Process Session Cache:
+#   Configure the SSL Session Cache: First the mechanism 
+#   to use and second the expiring timeout (in seconds).
+#SSLSessionCache         "dbm:@exp_runtimedir@/ssl_scache"
+SSLSessionCache        "shmcb:@exp_runtimedir@/ssl_scache(512000)"
+SSLSessionCacheTimeout  300
+
+#   OCSP Stapling (requires OpenSSL 0.9.8h or later)
+#
+#   This feature is disabled by default and requires at least
+#   the two directives SSLUseStapling and SSLStaplingCache.
+#   Refer to the documentation on OCSP Stapling in the SSL/TLS
+#   How-To for more information.
+#
+#   Enable stapling for all SSL-enabled servers:
+#SSLUseStapling On
+
+#   Define a relatively small cache for OCSP Stapling using
+#   the same mechanism that is used for the SSL session cache
+#   above.  If stapling is used with more than a few certificates,
+#   the size may need to be increased.  (AH01929 will be logged.)
+#SSLStaplingCache "shmcb:@exp_runtimedir@/ssl_stapling(32768)"
+
+#   Seconds before valid OCSP responses are expired from the cache
+#SSLStaplingStandardCacheTimeout 3600
+
+#   Seconds before invalid OCSP responses are expired from the cache
+#SSLStaplingErrorCacheTimeout 600
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:@@SSLPort@@>
+
+#   General setup for the virtual host
+DocumentRoot "@exp_htdocsdir@"
+ServerName www.example.com:@@SSLPort@@
+ServerAdmin you@example.com
+ErrorLog "@exp_logfiledir@/error_log"
+TransferLog "@exp_logfiledir@/access_log"
+
+#   SSL Engine Switch:
+#   Enable/Disable SSL for this virtual host.
+SSLEngine on
+
+#   Server Certificate:
+#   Point SSLCertificateFile at a PEM encoded certificate.  If
+#   the certificate is encrypted, then you will be prompted for a
+#   pass phrase.  Note that a kill -HUP will prompt again.  Keep
+#   in mind that if you have both an RSA and a DSA certificate you
+#   can configure both in parallel (to also allow the use of DSA
+#   ciphers, etc.)
+#   Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
+#   require an ECC certificate which can also be configured in
+#   parallel.
+SSLCertificateFile "@exp_sysconfdir@/server.crt"
+#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt"
+#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt"
+
+#   Server Private Key:
+#   If the key is not combined with the certificate, use this
+#   directive to point at the key file.  Keep in mind that if
+#   you've both a RSA and a DSA private key you can configure
+#   both in parallel (to also allow the use of DSA ciphers, etc.)
+#   ECC keys, when in use, can also be configured in parallel
+SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
+#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key"
+#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key"
+
+#   Server Certificate Chain:
+#   Point SSLCertificateChainFile at a file containing the
+#   concatenation of PEM encoded CA certificates which form the
+#   certificate chain for the server certificate. Alternatively
+#   the referenced file can be the same as SSLCertificateFile
+#   when the CA certificates are directly appended to the server
+#   certificate for convenience.
+#SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt"
+
+#   Certificate Authority (CA):
+#   Set the CA certificate verification path where to find CA
+#   certificates for client authentication or alternatively one
+#   huge file containing all of them (file must be PEM encoded)
+#   Note: Inside SSLCACertificatePath you need hash symlinks
+#         to point to the certificate files. Use the provided
+#         Makefile to update the hash symlinks after changes.
+#SSLCACertificatePath "@exp_sysconfdir@/ssl.crt"
+#SSLCACertificateFile "@exp_sysconfdir@/ssl.crt/ca-bundle.crt"
+
+#   Certificate Revocation Lists (CRL):
+#   Set the CA revocation path where to find CA CRLs for client
+#   authentication or alternatively one huge file containing all
+#   of them (file must be PEM encoded).
+#   The CRL checking mode needs to be configured explicitly
+#   through SSLCARevocationCheck (defaults to "none" otherwise).
+#   Note: Inside SSLCARevocationPath you need hash symlinks
+#         to point to the certificate files. Use the provided
+#         Makefile to update the hash symlinks after changes.
+#SSLCARevocationPath "@exp_sysconfdir@/ssl.crl"
+#SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl"
+#SSLCARevocationCheck chain
+
+#   Client Authentication (Type):
+#   Client certificate verification type and depth.  Types are
+#   none, optional, require and optional_no_ca.  Depth is a
+#   number which specifies how deeply to verify the certificate
+#   issuer chain before deciding the certificate is not valid.
+#SSLVerifyClient require
+#SSLVerifyDepth  10
+
+#   TLS-SRP mutual authentication:
+#   Enable TLS-SRP and set the path to the OpenSSL SRP verifier
+#   file (containing login information for SRP user accounts). 
+#   Requires OpenSSL 1.0.1 or newer. See the mod_ssl FAQ for
+#   detailed instructions on creating this file. Example:
+#   "openssl srp -srpvfile @exp_sysconfdir@/passwd.srpv -add username"
+#SSLSRPVerifierFile "@exp_sysconfdir@/passwd.srpv"
+
+#   Access Control:
+#   With SSLRequire you can do per-directory access control based
+#   on arbitrary complex boolean expressions containing server
+#   variable checks and other lookup directives.  The syntax is a
+#   mixture between C and Perl.  See the mod_ssl documentation
+#   for more details.
+#<Location />
+#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
+#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
+#            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
+#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
+#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
+#           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
+#</Location>
+
+#   SSL Engine Options:
+#   Set various options for the SSL engine.
+#   o FakeBasicAuth:
+#     Translate the client X.509 into a Basic Authorisation.  This means that
+#     the standard Auth/DBMAuth methods can be used for access control.  The
+#     user name is the `one line' version of the client's X.509 certificate.
+#     Note that no password is obtained from the user. Every entry in the user
+#     file needs this password: `xxj31ZMTZzkVA'.
+#   o ExportCertData:
+#     This exports two additional environment variables: SSL_CLIENT_CERT and
+#     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+#     server (always existing) and the client (only existing when client
+#     authentication is used). This can be used to import the certificates
+#     into CGI scripts.
+#   o StdEnvVars:
+#     This exports the standard SSL/TLS related `SSL_*' environment variables.
+#     Per default this exportation is switched off for performance reasons,
+#     because the extraction step is an expensive operation and is usually
+#     useless for serving static content. So one usually enables the
+#     exportation for CGI and SSI requests only.
+#   o StrictRequire:
+#     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
+#     under a "Satisfy any" situation, i.e. when it applies access is denied
+#     and no other module can change it.
+#   o OptRenegotiate:
+#     This enables optimized SSL connection renegotiation handling when SSL
+#     directives are used in per-directory context. 
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+<FilesMatch "\.(cgi|shtml|phtml|php)$">
+    SSLOptions +StdEnvVars
+</FilesMatch>
+<Directory "@exp_cgidir@">
+    SSLOptions +StdEnvVars
+</Directory>
+
+#   SSL Protocol Adjustments:
+#   The safe and default but still SSL/TLS standard compliant shutdown
+#   approach is that mod_ssl sends the close notify alert but doesn't wait for
+#   the close notify alert from client. When you need a different shutdown
+#   approach you can use one of the following variables:
+#   o ssl-unclean-shutdown:
+#     This forces an unclean shutdown when the connection is closed, i.e. no
+#     SSL close notify alert is sent or allowed to be received.  This violates
+#     the SSL/TLS standard but is needed for some brain-dead browsers. Use
+#     this when you receive I/O errors because of the standard approach where
+#     mod_ssl sends the close notify alert.
+#   o ssl-accurate-shutdown:
+#     This forces an accurate shutdown when the connection is closed, i.e. a
+#     SSL close notify alert is send and mod_ssl waits for the close notify
+#     alert of the client. This is 100% SSL/TLS standard compliant, but in
+#     practice often causes hanging connections with brain-dead browsers. Use
+#     this only for browsers where you know that their SSL implementation
+#     works correctly. 
+#   Notice: Most problems of broken clients are also related to the HTTP
+#   keep-alive facility, so you usually additionally want to disable
+#   keep-alive for those clients, too. Use variable "nokeepalive" for this.
+#   Similarly, one has to force some clients to use HTTP/1.0 to workaround
+#   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
+#   "force-response-1.0" for this.
+BrowserMatch "MSIE [2-5]" \
+         nokeepalive ssl-unclean-shutdown \
+         downgrade-1.0 force-response-1.0
+
+#   Per-Server Logging:
+#   The home of a custom SSL log file. Use this when you want a
+#   compact non-error SSL logfile on a virtual host basis.
+CustomLog "@exp_logfiledir@/ssl_request_log" \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
diff --git a/docs/conf/extra/httpd-userdir.conf.in b/docs/conf/extra/httpd-userdir.conf.in
new file mode 100644
index 0000000..a744322
--- /dev/null
+++ b/docs/conf/extra/httpd-userdir.conf.in
@@ -0,0 +1,21 @@
+# Settings for user home directories
+#
+# Required module: mod_authz_core, mod_authz_host, mod_userdir
+
+#
+# UserDir: The name of the directory that is appended onto a user's home
+# directory if a ~user request is received.  Note that you must also set
+# the default access control for these directories, as in the example below.
+#
+UserDir public_html
+
+#
+# Control access to UserDir directories.  The following is an example
+# for a site where these directories are restricted to read-only.
+#
+<Directory "/home/*/public_html">
+    AllowOverride FileInfo AuthConfig Limit Indexes
+    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+    Require method GET POST OPTIONS
+</Directory>
+
diff --git a/docs/conf/extra/httpd-vhosts.conf.in b/docs/conf/extra/httpd-vhosts.conf.in
new file mode 100644
index 0000000..fbd2df4
--- /dev/null
+++ b/docs/conf/extra/httpd-vhosts.conf.in
@@ -0,0 +1,41 @@
+# Virtual Hosts
+#
+# Required modules: mod_log_config
+
+# If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them. Most configurations
+# use only name-based virtual hosts so the server doesn't need to worry about
+# IP addresses. This is indicated by the asterisks in the directives below.
+#
+# Please see the documentation at 
+# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
+# for further details before you try to setup virtual hosts.
+#
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+
+#
+# VirtualHost example:
+# Almost any Apache directive may go into a VirtualHost container.
+# The first VirtualHost section is used for all requests that do not
+# match a ServerName or ServerAlias in any <VirtualHost> block.
+#
+<VirtualHost *:@@Port@@>
+    ServerAdmin webmaster@dummy-host.example.com
+    DocumentRoot "@@ServerRoot@@/docs/dummy-host.example.com"
+    ServerName dummy-host.example.com
+    ServerAlias www.dummy-host.example.com
+    ErrorLog "@rel_logfiledir@/dummy-host.example.com-error_log"
+    CustomLog "@rel_logfiledir@/dummy-host.example.com-access_log" common
+</VirtualHost>
+
+<VirtualHost *:@@Port@@>
+    ServerAdmin webmaster@dummy-host2.example.com
+    DocumentRoot "@@ServerRoot@@/docs/dummy-host2.example.com"
+    ServerName dummy-host2.example.com
+    ErrorLog "@rel_logfiledir@/dummy-host2.example.com-error_log"
+    CustomLog "@rel_logfiledir@/dummy-host2.example.com-access_log" common
+</VirtualHost>
+
+
+
diff --git a/docs/conf/extra/proxy-html.conf.in b/docs/conf/extra/proxy-html.conf.in
new file mode 100644
index 0000000..683a091
--- /dev/null
+++ b/docs/conf/extra/proxy-html.conf.in
@@ -0,0 +1,90 @@
+# Configuration example.
+#
+# For detailed information about these directives see
+# <URL:http://httpd.apache.org/docs/2.4/mod/mod_proxy_html.html>
+# and for mod_xml2enc see
+# <URL:http://httpd.apache.org/docs/2.4/mod/mod_xml2enc.html>
+#
+# First, to load the module with its prerequisites.  Note: mod_xml2enc
+# is not always necessary, but without it mod_proxy_html is likely to
+# mangle pages in encodings other than ASCII or Unicode (utf-8).
+#
+# For Unix-family systems:
+# LoadFile	/usr/lib/libxml2.so
+# LoadModule	proxy_html_module	modules/mod_proxy_html.so
+# LoadModule	xml2enc_module		modules/mod_xml2enc.so
+#
+# For Windows (I don't know if there's a standard path for the libraries)
+# LoadFile	C:/path/zlib.dll
+# LoadFile	C:/path/iconv.dll
+# LoadFile	C:/path/libxml2.dll
+# LoadModule	proxy_html_module	modules/mod_proxy_html.so
+# LoadModule	xml2enc_module		modules/mod_xml2enc.so
+# 
+# All knowledge of HTML links has been removed from the mod_proxy_html
+# code itself, and is instead read from httpd.conf (or included file)
+# at server startup.  So you MUST declare it.  This will normally be
+# at top level, but can also be used in a <Location>.
+#
+# Here's the declaration for W3C HTML 4.01 and XHTML 1.0
+
+ProxyHTMLLinks	a		href
+ProxyHTMLLinks	area		href
+ProxyHTMLLinks	link		href
+ProxyHTMLLinks	img		src longdesc usemap
+ProxyHTMLLinks	object		classid codebase data usemap
+ProxyHTMLLinks	q		cite
+ProxyHTMLLinks	blockquote	cite
+ProxyHTMLLinks	ins		cite
+ProxyHTMLLinks	del		cite
+ProxyHTMLLinks	form		action
+ProxyHTMLLinks	input		src usemap
+ProxyHTMLLinks	head		profile
+ProxyHTMLLinks	base		href
+ProxyHTMLLinks	script		src for
+
+# To support scripting events (with ProxyHTMLExtended On),
+# you'll need to declare them too.
+
+ProxyHTMLEvents	onclick ondblclick onmousedown onmouseup \
+		onmouseover onmousemove onmouseout onkeypress \
+		onkeydown onkeyup onfocus onblur onload \
+		onunload onsubmit onreset onselect onchange
+
+# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML,
+# you'll need to uncomment the following deprecated link attributes.
+# Note that these are enabled in earlier mod_proxy_html versions
+#
+# ProxyHTMLLinks	frame		src longdesc
+# ProxyHTMLLinks	iframe		src longdesc
+# ProxyHTMLLinks	body		background
+# ProxyHTMLLinks	applet		codebase
+#
+# If you're dealing with proprietary HTML variants,
+# declare your own URL attributes here as required.
+#
+# ProxyHTMLLinks	myelement	myattr otherattr
+#
+###########
+# EXAMPLE #
+###########
+#
+# To define the URL /my-gateway/ as a gateway to an appserver with address
+# http://some.app.intranet/ on a private network, after loading the
+# modules and including this configuration file:
+#
+# ProxyRequests Off  <-- this is an important security setting
+# ProxyPass /my-gateway/ http://some.app.intranet/
+# <Location /my-gateway/>
+#	ProxyPassReverse /
+#	ProxyHTMLEnable On
+#	ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/
+#	ProxyHTMLURLMap / /my-gateway/
+# </Location>
+#
+# Many (though not all) real-life setups are more complex.
+#
+# See the documentation at
+# http://apache.webthing.com/mod_proxy_html/
+# and the tutorial at
+# http://www.apachetutor.org/admin/reverseproxies