Created
February 7, 2011 14:20
-
-
Save roelven/814424 to your computer and use it in GitHub Desktop.
Roel.conf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Change this to your own folder | |
| ## /Users/Roel/Sites/soundcloud | |
| NameVirtualHost *:80 | |
| NameVirtualHost *:443 | |
| # | |
| # Pseudo Random Number Generator (PRNG): | |
| # Configure one or more sources to seed the PRNG of the SSL library. | |
| # The seed data should be of good random quality. | |
| # WARNING! On some platforms /dev/random blocks if not enough entropy | |
| # is available. This means you then cannot use the /dev/random device | |
| # because it would lead to very long connection times (as long as | |
| # it requires to make more entropy available). But usually those | |
| # platforms additionally provide a /dev/urandom device which doesn't | |
| # block. So, if available, use this one instead. Read the mod_ssl User | |
| # Manual for more details. | |
| # | |
| #SSLRandomSeed startup file:/dev/random 512 | |
| #SSLRandomSeed startup file:/dev/urandom 512 | |
| #SSLRandomSeed connect file:/dev/random 512 | |
| #SSLRandomSeed connect file:/dev/urandom 512 | |
| # | |
| # When we also provide SSL we have to listen to the | |
| # standard HTTP port (see above) and to the HTTPS port | |
| # | |
| # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two | |
| # Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" | |
| # | |
| Listen 443 | |
| ## | |
| ## SSL Global Context | |
| ## | |
| ## All SSL configuration in this context applies both to | |
| ## the main server and all SSL-enabled virtual hosts. | |
| ## | |
| # | |
| # Some MIME-types for downloading Certificates and CRLs | |
| # | |
| AddType application/x-x509-ca-cert .crt | |
| AddType application/x-pkcs7-crl .crl | |
| # Pass Phrase Dialog: | |
| # Configure the pass phrase gathering process. | |
| # The filtering dialog program ('builtin' is a internal | |
| # terminal dialog) has to provide the pass phrase on stdout. | |
| SSLPassPhraseDialog builtin | |
| # Inter-Process Session Cache: | |
| # Configure the SSL Session Cache: First the mechanism | |
| # to use and second the expiring timeout (in seconds). | |
| #SSLSessionCache "dbm:/private/var/run/ssl_scache" | |
| SSLSessionCache "shmcb:/private/var/run/ssl_scache(512000)" | |
| SSLSessionCacheTimeout 300 | |
| # Semaphore: | |
| # Configure the path to the mutual exclusion semaphore the | |
| # SSL engine uses internally for inter-process synchronization. | |
| SSLMutex "file:/private/var/run/ssl_mutex" | |
| <VirtualHost _default_:443> | |
| ServerName ssl.soundcloud.dev | |
| ServerAlias soundcloud.dev | |
| ServerAdmin [email protected] | |
| DocumentRoot /Users/Roel/Sites/soundcloud/public | |
| CustomLog /Users/Roel/Sites/soundcloud/log/https-override-access.log common | |
| SSLEngine on | |
| SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL | |
| SSLCertificateFile /Users/Roel/Sites/soundcloud/config/certs/soundcloud.dev/newcert.pem | |
| SSLCertificateKeyFile /Users/Roel/Sites/soundcloud/config/certs/soundcloud.dev/webserver.nopass.key | |
| SSLCACertificateFile /Users/Roel/Sites/soundcloud/config/certs/demoCA/cacert.pem | |
| SSLCARevocationPath /Users/Roel/Sites/soundcloud/config/certs/demoCA/crl | |
| <Location /> | |
| Order Allow,Deny | |
| Allow from all | |
| </Location> | |
| <DirectoryMatch "^/.*/\.svn/"> | |
| ErrorDocument 403 /404.html | |
| Order allow,deny | |
| Deny from all | |
| Satisfy All | |
| </DirectoryMatch> | |
| RewriteEngine On | |
| # static content dirs - add slash | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} -d | |
| RewriteRule ^(.+[^/])$ $1/ [R] | |
| # Check for maintenance file and redirect all requests | |
| # ( this is for use with Capistrano's disable_web task ) | |
| RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f | |
| RewriteCond %{SCRIPT_FILENAME} !maintenance.html | |
| RewriteRule ^.*$ /system/maintenance.html [L] | |
| # Rewrite index to check for static | |
| RewriteRule ^/$ /index.html [QSA] | |
| # Rewrite to check for Rails cached page | |
| RewriteRule ^([^.]+)$ $1.html [QSA] | |
| # Redirect all non-static requests to cluster | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
| RewriteRule ^/(.*)$ balancer://soundcloud_cluster%{REQUEST_URI} [P,QSA,L] | |
| # Make sure we let rails know we're SSL | |
| RequestHeader set X_FORWARDED_PROTO 'https' | |
| <Proxy balancer://soundcloud_cluster> | |
| BalancerMember http://127.0.0.1:3000 | |
| </Proxy> | |
| # Caching Header | |
| <IfModule mod_expires.c> | |
| <LocationMatch "/(javascripts|stylesheets|images|themes)/"> | |
| ExpiresActive on | |
| ExpiresDefault "access plus 3 days" | |
| </LocationMatch> | |
| </IfModule> | |
| # disable ETag | |
| FileETag none | |
| </VirtualHost> | |
| <VirtualHost *:80> | |
| ServerName soundcloud.dev | |
| ServerAlias waveforms.soundcloud.dev media.soundcloud.dev api.soundcloud.dev a0.soundcloud.dev a1.soundcloud.dev a2.soundcloud.dev a3.soundcloud.dev player.soundcloud.dev | |
| DocumentRoot /Users/Roel/Sites/soundcloud/public | |
| CustomLog /Users/Roel/Sites/soundcloud/log/http-access.log common | |
| CustomLog /Users/Roel/Sites/soundcloud/log/performance.log "%t %m %>s %c %T %{X-Runtime}o %B %U %q" | |
| ErrorLog /Users/Roel/Sites/soundcloud/log/http-error.log | |
| <Location /> | |
| Order Allow,Deny | |
| Allow from all | |
| </Location> | |
| <Directory "/Users/Roel/Sites/soundcloud/public"> | |
| Options FollowSymLinks | |
| AllowOverride None | |
| Order allow,deny | |
| Allow from all | |
| </Directory> | |
| <DirectoryMatch "^/.*/\.svn/"> | |
| ErrorDocument 403 /404.html | |
| Order allow,deny | |
| Deny from all | |
| Satisfy All | |
| </DirectoryMatch> | |
| RewriteEngine On | |
| # static content dirs - add slash | |
| #RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} -d | |
| #RewriteRule ^(.+[^/])$ $1/ [R] | |
| # Check for maintenance file and redirect all requests | |
| # ( this is for use with Capistrano's disable_web task ) | |
| RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f | |
| RewriteCond %{SCRIPT_FILENAME} !maintenance.html | |
| RewriteRule ^.*$ /system/maintenance.html [L] | |
| # Development mode asset redirection | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
| RewriteRule avatars/.*(large|thumb|badge|medium|mini|small|tiny)\.jpg$ /images/default_avatar_$1.png [L] | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
| RewriteRule artworks/.*(large|thumb|medium|badge|small|smaller|mini)\.jpg$ /images/default_artwork_$1.png [L] | |
| RewriteCond %{HTTP_HOST} waveforms.soundcloud.dev | |
| RewriteRule ^(.*)$ /Users/Roel/Sites/soundcloud/public/images/waveform-medium.png [L] | |
| # Rewrite index to check for static | |
| RewriteRule ^/$ /index.html [QSA] | |
| # Rewrite to check for Rails cached page | |
| RewriteRule ^([^.]+)$ $1.html [QSA] | |
| # Redirect all non-static requests to cluster | |
| RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f | |
| RewriteRule ^/(.*)$ balancer://soundcloud_cluster%{REQUEST_URI} [P,QSA,L] | |
| RewriteCond %{REQUEST_URI} /-/suggest | |
| RewriteRule ^/(.*)$ balancer://solr_cluster/solr/suggest?%{QUERY_STRING} [P,QSA,L] | |
| <Proxy balancer://solr_cluster> | |
| BalancerMember http://127.0.0.1:8983 | |
| ErrorDocument 503 /503 | |
| </Proxy> | |
| <Proxy balancer://soundcloud_cluster> | |
| BalancerMember http://127.0.0.1:3000 | |
| ErrorDocument 503 /503 | |
| </Proxy> | |
| # Caching Header | |
| <IfModule mod_expires.c> | |
| <LocationMatch "/(javascripts|stylesheets|images|themes)/"> | |
| ExpiresActive on | |
| ExpiresDefault "access plus 3 days" | |
| </LocationMatch> | |
| </IfModule> | |
| # disable ETag | |
| FileETag none | |
| </VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment