ServerName <%= domain %> <%- 4.times do |counter| -%> ServerAlias <%= domain.sub(/.*?\./, "assets#{counter}.") %> <%- end %> DocumentRoot <%= "#{current_path}/public" %> ErrorLog <%= apache_log_dir %>/<%= domain %>-error_log CustomLog <%= apache_log_dir %>/<%= domain %>-access_log combined > Options FollowSymLinks AllowOverride None Order allow,deny Allow from all Order deny,allow Allow from all # Configure mongrel_cluster > <%- mongrel_servers.times do |counter| -%> BalancerMember http://<%= "127.0.0.1:#{mongrel_port+counter}" %> <%- end -%> RewriteEngine On <%- if apache_ssl_enabled && apache_ssl_forward_all -%> RewriteRule ^(.*)$ https://<%= domain %>$1 <%- else -%> # Prevent access to .svn directories RewriteRule ^(.*/)?\.svn/ - [F,L] ErrorDocument 403 "Access Forbidden" # Check for maintenance file and redirect all requests RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$ RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteRule ^.*$ /system/maintenance.html [L] # Rewrite index to check for static RewriteRule ^/$ /index.html [QSA] # Rewrite to check for Rails cached page RewriteRule ^([^.]+)$ $1.html [QSA] # Redirect all non-static requests to cluster RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteRule ^/(.*)$ balancer://<%= "#{application}_cluster" %>%{REQUEST_URI} [P,QSA,L] # Deflate AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html <%- end -%> <% if apache_ssl_enabled %> :443> ServerName <%= domain %> <%- 4.times do |counter| -%> ServerAlias <%= domain.sub(/.*?\./, "assets#{counter}.") %> <%- end %> DocumentRoot <%= "#{current_path}/public" %> ErrorLog <%= apache_log_dir %>/<%= domain %>-error_log CustomLog <%= apache_log_dir %>/<%= domain %>-access_log combined CustomLog <%= apache_log_dir %>/<%= domain %>-ssl_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" > Options FollowSymLinks AllowOverride None Order allow,deny Allow from all Order deny,allow Allow from all # Configure mongrel_cluster > <%- mongrel_servers.times do |counter| -%> BalancerMember http://<%= "127.0.0.1:#{mongrel_port+counter}" %> <%- end -%> RewriteEngine On # Prevent access to .svn directories RewriteRule ^(.*/)?\.svn/ - [F,L] ErrorDocument 403 "Access Forbidden" # Prevent access to .git directories RewriteRule ^(.*/)?\.git/ - [F,L] ErrorDocument 403 "Access Forbidden" # Check for maintenance file and redirect all requests RewriteCond %{REQUEST_URI} !\.(css|jpg|png|gif)$ RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteRule ^.*$ /system/maintenance.html [L] # Rewrite index to check for static RewriteRule ^/$ /index.html [QSA] # Rewrite to check for Rails cached page RewriteRule ^([^.]+)$ $1.html [QSA] # Redirect all non-static requests to cluster RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f # Add header for Mongrel to set HTTPS environment for Rails RequestHeader set X-Forwarded-Proto "https" RewriteRule ^/(.*)$ balancer://<%= "#{application}_cluster" %>%{REQUEST_URI} [P,QSA,L] # Deflate AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # SSL Engine Switch SSLEngine on # SSL Cipher Suite: SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL # Server Certificate SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem # Server Private Key SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key <% if apache_ssl_chainfile %> # Intermediate keys SSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/<%= domain %>-chainfile.crt <% end %> BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 <% end %>