puppet/data/nodes/tlp-ubuntu1464.yaml - infrastructure-puppet-kitchen - Git at Google

 ---
 classes:
   - apache
   - apache::mod::actions
   - apache::mod::autoindex
   - apache::mod::expires
   - apache::mod::negotiation
   - apache::mod::proxy
   - apache::mod::proxy_http
   - apache::mod::reqtimeout
   - apache::mod::rewrite
   - apache::mod::setenvif
   - apache::mod::speling
   - apache::mod::ssl
   - apache::mod::status
   - apache::mod::vhost_alias
   - apbackup
   - apmirror
   - rootbin_asf
   - svnwcsub
   - tlp_vhosts::compat
   - vhosts_asf::custom_config
   - vhosts_asf::modules
   - vhosts_asf::vhosts

 apache::keepalive:                           'On'
 apache::keepalive_timeout:                   '30'
 apache::default_vhost:                       false

 apache::default_ssl_cert:                    '/etc/ssl/certs/wildcard.apache.org.crt'
 apache::default_ssl_chain:                   '/etc/ssl/certs/wildcard.apache.org.chain'
 apache::default_ssl_key:                     '/etc/ssl/private/wildcard.apache.org.key'

 apache::logrotate_compressoptions:           '-9'
 apache::logrotate_rotate:                    5
 apache::logrotate_owner:                     'root'
 apache::logrotate_group:                     'apbackup'

 apache::mod::event::listenbacklog:           '1023'
 apache::mod::event::maxclients:              '750'
 apache::mod::event::maxconnectionsperchild:  '200000'
 apache::mod::event::maxrequestworkers:       '3750'
 apache::mod::event::maxsparethreads:         '750'
 apache::mod::event::minsparethreads:         '150'
 apache::mod::event::serverlimit:             '25'
 apache::mod::event::startservers:            '5'
 apache::mod::event::threadlimit:             '250'
 apache::mod::event::threadsperchild:         '150'
 apache::mod::status::allow_from:
   - 'All'
 apache::mod::status::apache_version:         '2.3' # Force module to use Allow from syntax and actually allow anyone to check

 apache::mpm_module:                          'event'
 apache::serveradmin:                         'infrastructure@apache.org'

 apmirror::uid:                               '508'
 apmirror::gid:                               '508'
 apmirror::groups:
   - 'svnwc'
   - 'apbackup'
 apmirror::svnwc_group:                       "%{hiera('svnwcsub::groupname')}"
 apmirror::svnwc_user:                        "%{hiera('svnwcsub::username')}"

 svnwcsub::gid:                               '9997'
 svnwcsub::uid:                               '9997'
 svnwcsub::conf_file:                         'svnwcsub.conf'
 svnwcsub:::conf_path:                        '/etc/'
 svnwcsub::groupname:                         'svnwc'
 svnwcsub::groups:
   - 'svnwc'
 svnwcsub::service_ensure:                    'stopped'
 svnwcsub::service_name:                      'svnwcsub'
 svnwcsub::shell:                             '/bin/bash'
 svnwcsub::source:                            'svnwcsub.conf.test'
 svnwcsub::username:                          'svnwc'

 rsync::package_ensure:                       'latest'
 rsync::server::use_xinetd:                   false
 rsync::server::gid:                  'nogroup' # group 'nobody' doesn't exist in ubuntu


 apache::custom_config:
   svn:
     content: |
       <Macro BlockSvn>
         <DirectoryMatch /\.svn>
           Order allow,deny
           Deny from all
         </DirectoryMatch>
       </Macro>

   tlp:
     content: |
       <Macro CatchAll>
         RewriteEngine On
         RewriteOptions inherit

         RewriteMap lowercase int:tolower

         # optionally enable per-project favicons
         RewriteCond %%{}{REQUEST_URI} ^/favicon\.ico$
         RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
         RewriteCond /var/www/%1.apache.org/favicon.ico -f
         RewriteRule ^/favicon\.ico$ /var/www/%1.apache.org/favicon.ico [L]

         # optionally enable per-project favicons for cms sites too
         RewriteCond %%{}{REQUEST_URI} ^/favicon\.ico$
         RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
         RewriteCond /var/www/%1.apache.org/content/favicon.ico -f
         RewriteRule ^/favicon\.ico$ /var/www/%1.apache.org/content/favicon.ico [L]

         # catchall
         RewriteRule ^/favicon\.ico$ /var/www/www.apache.org/content/favicon.ico [L]

         # Graduated podlings
         # ### TODO: this foo.incubator.a.o->foo.a.o redirect breaks if foo ever
         # ###       moves to the attic.
         RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)\.incubator(\.\w+)?\.apache\.org$
         RewriteCond /dist/%1 -d
         RewriteRule ^(.*)$ http://%1%2.apache.org$1 [R,L]

         # change the DocumentRoot to ${DocumentRoot}/content if it exists
         RewriteCond %%{}{REQUEST_URI}              !^/cgi-bin/
         RewriteCond %%{}{REQUEST_URI}              !^/[.]revision$
         RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
         RewriteCond /var/www/%1.apache.org/content -d
         RewriteRule ^(.*)$ ${lowercase:%%{}{SERVER_NAME}}$1 [C]
         RewriteRule ^(\w+)(?:\.\w+)?\.apache\.org/(.*) /var/www/$1.apache.org/content/$2
       </Macro>

   aoo:
     content: |
       <Macro OpenOffice $proto>
         DocumentRoot /var/www/ooo-site.apache.org/content
         ServerName www.openoffice.org
         ServerAlias ooo-site.apache.org
         ServerAlias *.openoffice.org
         ServerAlias openoffice.org
         UseCanonicalName On

         # Silence PROPFIND mod_allowmethods errors
         # for Apache OO update check requests
         <LocationMatch "/projects/update[^/]*/ProductUpdateService/check\.Update">
           LogLevel allowmethods:crit
         </LocationMatch>

         # Silence PROPFIND mod_allowmethods errors
         # for Apache OO accesses by "Microsoft-WebDAV-MiniRedir"
         # (typical URI is "/3")
         <If "%%{}{REQUEST_METHOD} == 'PROPFIND' && %%{}{HTTP_USER_AGENT} =~ /^Microsoft-WebDAV-MiniRedir/">
           LogLevel allowmethods:crit
         </If>

         <Location /projects>
           ErrorDocument 404 default
         </Location>

         ErrorDocument 404 /docs/custom_404.html

         RewriteEngine On
         RewriteOptions inherit
         RewriteRule ^/favicon\.ico$ /var/www/ooo-site.apache.org/content/favicon.ico [L]

         RewriteMap lowercase int:tolower

         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^openoffice.org$
         RewriteRule (.*) $proto://www.openoffice.org$1 [L]

         # kill update.services.openoffice.org
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^update.services.openoffice.org$
         RewriteRule (.*) - [G,L]


         # qa|www.openoffice.org
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?:qa|www)(?:\.\w+)?\.openoffice\.org$
         RewriteRule /issues/(.*) $proto://issues.apache.org/ooo/$1 [NE,L]

         # [registration2|survey].openoffice.org
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?:registration2|survey)(?:\.\w+)?\.openoffice\.org$
         RewriteRule (.*) $proto://www.openoffice.org/legacy/thankyou.html [NE,L]

         # contributing.openoffice.org
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^contributing(?:\.\w+)?\.openoffice\.org$
         RewriteRule (.*) $proto://openoffice.apache.org/get-involved.html [L]

         RewriteRule /contributing/(.*) $proto://openoffice.apache.org/get-involved.html [L]

         # security.openoffice.org
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^security(?:\.\w+)?\.openoffice\.org$
         RewriteRule (.*) $proto://openoffice.apache.org/security.html [L]

         # br-pt.openoffice.org typos
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^br-pt(?:\.\w+)?\.openoffice\.org$
         RewriteRule (.*) $proto://www.openoffice.org/pt-br$1 [L]

         # change foo.openoffice.org/... to www.openoffice.org/foo/... if foo dir exists
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(\w+)(?:\.\w+)?\.openoffice\.org$
         RewriteCond /var/www/ooo-site.apache.org/content/%1 -d
         RewriteRule ^(.*)$ ${lowercase:%%{}{HTTP_HOST}}$1 [C]
         RewriteRule ^(\w+)(?:\.\w+)?\.openoffice\.org/(.*) $proto://www.openoffice.org/$1/$2 [NE,L,R=permanent]

         # change *.openoffice.org/?lang=foo to www.openoffice.org/foo/
         RewriteCond ${lowercase:%%{}{QUERY_STRING}} lang=([a-z\-]+)
         RewriteCond /var/www/ooo-site.apache.org/content/%1 -d
         RewriteRule .* $proto://www.openoffice.org/%1? [NE,L,R=permanent]

         # fallback for proj.openoffice.org/... to openoffice.org/projects/proj/...
         # The most common case is redirecting
         #    $proto://updateXXX.services.openoffice.org/ProductUpdateService/check.Update
         # to $proto://www.openoffice.org/projects/updateXXX/ProductUpdateService/check.Update
         RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?!www)(\w+)(?:\.\w+)?\.openoffice\.org$
         RewriteRule ^(.*)$ ${lowercase:%%{}{HTTP_HOST}}$1 [C]
         RewriteRule ^(\w+)(?:\.\w+)?\.openoffice\.org/(.*) $proto://www.openoffice.org/projects/$1/$2 [NE,L]
       </Macro>

 vhosts_asf::modules::modules:
   allowmethods:
     name: 'allowmethods'
   asis:
     name: 'asis'
   cgi:
     name: 'cgi'
   cgid:
     name: 'cgid'
   headers:
     name: 'headers'
   include:
     name: 'include'
   macro:
     name: 'macro'
   unique_id:
     name: 'unique_id'

 vhosts_asf::vhosts::vhosts:
   apache:
     vhost_name: '*'
     port: 80
     servername: 'www.apache.org'
     docroot: '/var/www/www.apache.org/content'
     manage_docroot: false
     serveraliases:
       - 'apache.org'
       - 'apachegroup.org'
       - 'www.apachegroup.org'
       - 'www.*.apache.org'
     directories:
       -
         path: '/var/www/www.apache.org/content'
         options:
           - 'Indexes'
           - 'FollowSymLinks'
           - 'MultiViews'
           - 'ExecCGI'
         allow_override:
           - 'All'
         addhandlers:
         -
           handler: 'cgi-script'
           extensions:
             - '.cgi'
     serveradmin: 'infrastructure@apache.org'
     access_log_file: 'weblog.log'
     error_log_file: 'errorlog.log'
     custom_fragment: |
       Redirect permanent /docs/vif.info http://httpd.apache.org/docs/misc/vif-info
       Redirect permanent /docs/directives.html http://httpd.apache.org/docs/mod/directives.html
       Redirect permanent /docs/API.html http://httpd.apache.org/docs/misc/API.html
       Redirect permanent /docs/FAQ.html http://httpd.apache.org/docs/misc/FAQ.html
       Redirect permanent /manual-index.cgi/docs http://www.apache.org/search.html
       Redirect permanent /bugdb.cgi/ http://bugs.apache.org/index/
       Redirect permanent /bugdb.cgi http://bugs.apache.org/
       Redirect permanent /Conference1998 http://www.apachecon.com
       Redirect permanent /java http://archive.apache.org/dist/java/
       Redirect permanent /perl http://perl.apache.org
       Redirect permanent /docs/manual http://httpd.apache.org/docs
       Redirect permanent /docs http://httpd.apache.org/docs
       Redirect permanent /httpd http://httpd.apache.org
       Redirect permanent /httpd/ http://httpd.apache.org/
       Redirect permanent /httpd.html http://httpd.apache.org/
       Redirect permanent /index/full http://www.apache.org
       Redirect permanent /info/css-security http://httpd.apache.org/info/css-security
       Redirect permanent /websrc/ http://cvs.apache.org/
       Redirect permanent /from-cvs/ http://cvs.apache.org/snapshots/
       Redirect permanent /travel/application http://tac-apply.apache.org
       RedirectMatch permanent ^/LICENSE.* http://www.apache.org/licenses/
       RedirectMatch permanent /flyers(.*) http://www.apache.org/foundation/contributing.html

       RewriteEngine on
       RewriteOptions inherit
       RewriteRule /docs/mod_(.*)$ http://httpd.apache.org/docs/mod/mod_$1 [R=permanent]

       #/mail/* -> mail-archives.a.o/mod_mbox/*
       RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#asf-wide [R=301,L,NE]

       #/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
       RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/asf-wide-$1 [R=301,L]

       # Grab referals from www.apache.com and explain where
       # they landed.
       RewriteCond %%{}{HTTP_REFERER} ^http://([^/]*\.)?apache\.com/
       RewriteRule ^/dist/.* http://www.apache.org/info/referer-dotcom.html [R,L]

       # odd ddos coming from aouu.com
       RewriteCond %%{}{HTTP_REFERER} aouu.com
       RewriteRule ^ - [F,L]

       <IfModule mod_expires.c>
         ExpiresActive On
         ExpiresDefault A3600
       </IfModule>

       ## Set " Access-Control-Allow-Origin: *"  as per https://issues.apache.org/jira/browse/INFRA-2877
       <LocationMatch ^/dist/.*>
         Header set Access-Control-Allow-Origin "*"
       </LocationMatch>

       <Directory /var/www/www.apache.org/content/dist>
         IndexOptions FancyIndexing NameWidth=* FoldersFirst \
           ScanHTMLTitles DescriptionWidth=*
         HeaderName HEADER.html
         ReadmeName README.html
         AllowOverride FileInfo Indexes
         Options Indexes SymLinksIfOwnerMatch
       </Directory>

       <Directory /var/www/www.apache.org/dist/httpd>
         IndexOptions +FoldersFirst +ScanHTMLTitles +DescriptionWidth=*
       </Directory>

       <Location "/server-status">
         SetHandler server-status
       </Location>

       Use BlockSvn

   tlp:
     vhost_name: '*'
     priority: 99
     port: 80
     servername: 'www.apache.org'
     virtual_docroot: '/var/www/%1.0.apache.org'
     docroot: '/var/www'
     manage_docroot: false
     serveraliases:
       - '*.apache.org'
     directories:
       -
         path: '/var/www'
         options:
           - 'Indexes'
           - 'FollowSymLinks'
           - 'MultiViews'
           - 'ExecCGI'
         allow_override:
           - 'All'
         addhandlers:
           -
             handler: 'cgi-script'
             extensions:
               - '.cgi'
     serveradmin: 'infrastructure@apache.org'
     access_log_file: 'weblog.log'
     error_log_file: 'errorlog.log'
     custom_fragment: |
       VirtualScriptAlias /var/www/%1.0.apache.org/cgi-bin
       UseCanonicalName Off
       Use CatchAll
       Use BlockSvn
       <Directory /var/www/trafficserver.apache.org>
         Options +Includes
         AddOutputFilter INCLUDES .html
       </Directory>
       <Directory /var/www/subversion.apache.org>
         Options +Includes
         AddOutputFilter INCLUDES .html
       </Directory>
       AddType text/plain sha512
       RewriteEngine On

       #/mail -> mail-archives.a.o/mod_mbox/#tlp
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.apache.org$
       RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

       #/mail -> mail-archives.a.o/mod_mbox/#tlp
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.apache.org$
       RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

       #/mail -> mail-archives.a.o/mod_mbox/#tlp
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.ipv4.apache.org$
       RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

       #/mail -> mail-archives.a.o/mod_mbox/#tlp
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.ipv4.apache.org$
       RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

       #/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.apache.org$
       RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

       #/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.apache.org$
       RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

       #/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.ipv4.apache.org$
       RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

       #/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
       RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.ipv4.apache.org$
       RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]
	---
	classes:
	- apache
	- apache::mod::actions
	- apache::mod::autoindex
	- apache::mod::expires
	- apache::mod::negotiation
	- apache::mod::proxy
	- apache::mod::proxy_http
	- apache::mod::reqtimeout
	- apache::mod::rewrite
	- apache::mod::setenvif
	- apache::mod::speling
	- apache::mod::ssl
	- apache::mod::status
	- apache::mod::vhost_alias
	- apbackup
	- apmirror
	- rootbin_asf
	- svnwcsub
	- tlp_vhosts::compat
	- vhosts_asf::custom_config
	- vhosts_asf::modules
	- vhosts_asf::vhosts

	apache::keepalive: 'On'
	apache::keepalive_timeout: '30'
	apache::default_vhost: false

	apache::default_ssl_cert: '/etc/ssl/certs/wildcard.apache.org.crt'
	apache::default_ssl_chain: '/etc/ssl/certs/wildcard.apache.org.chain'
	apache::default_ssl_key: '/etc/ssl/private/wildcard.apache.org.key'

	apache::logrotate_compressoptions: '-9'
	apache::logrotate_rotate: 5
	apache::logrotate_owner: 'root'
	apache::logrotate_group: 'apbackup'

	apache::mod::event::listenbacklog: '1023'
	apache::mod::event::maxclients: '750'
	apache::mod::event::maxconnectionsperchild: '200000'
	apache::mod::event::maxrequestworkers: '3750'
	apache::mod::event::maxsparethreads: '750'
	apache::mod::event::minsparethreads: '150'
	apache::mod::event::serverlimit: '25'
	apache::mod::event::startservers: '5'
	apache::mod::event::threadlimit: '250'
	apache::mod::event::threadsperchild: '150'
	apache::mod::status::allow_from:
	- 'All'
	apache::mod::status::apache_version: '2.3' # Force module to use Allow from syntax and actually allow anyone to check

	apache::mpm_module: 'event'
	apache::serveradmin: 'infrastructure@apache.org'

	apmirror::uid: '508'
	apmirror::gid: '508'
	apmirror::groups:
	- 'svnwc'
	- 'apbackup'
	apmirror::svnwc_group: "%{hiera('svnwcsub::groupname')}"
	apmirror::svnwc_user: "%{hiera('svnwcsub::username')}"

	svnwcsub::gid: '9997'
	svnwcsub::uid: '9997'
	svnwcsub::conf_file: 'svnwcsub.conf'
	svnwcsub:::conf_path: '/etc/'
	svnwcsub::groupname: 'svnwc'
	svnwcsub::groups:
	- 'svnwc'
	svnwcsub::service_ensure: 'stopped'
	svnwcsub::service_name: 'svnwcsub'
	svnwcsub::shell: '/bin/bash'
	svnwcsub::source: 'svnwcsub.conf.test'
	svnwcsub::username: 'svnwc'

	rsync::package_ensure: 'latest'
	rsync::server::use_xinetd: false
	rsync::server::gid: 'nogroup' # group 'nobody' doesn't exist in ubuntu


	apache::custom_config:
	svn:
	content: \|
	<Macro BlockSvn>
	<DirectoryMatch /\.svn>
	Order allow,deny
	Deny from all
	</DirectoryMatch>
	</Macro>

	tlp:
	content: \|
	<Macro CatchAll>
	RewriteEngine On
	RewriteOptions inherit

	RewriteMap lowercase int:tolower

	# optionally enable per-project favicons
	RewriteCond %%{}{REQUEST_URI} ^/favicon\.ico$
	RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
	RewriteCond /var/www/%1.apache.org/favicon.ico -f
	RewriteRule ^/favicon\.ico$ /var/www/%1.apache.org/favicon.ico [L]

	# optionally enable per-project favicons for cms sites too
	RewriteCond %%{}{REQUEST_URI} ^/favicon\.ico$
	RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
	RewriteCond /var/www/%1.apache.org/content/favicon.ico -f
	RewriteRule ^/favicon\.ico$ /var/www/%1.apache.org/content/favicon.ico [L]

	# catchall
	RewriteRule ^/favicon\.ico$ /var/www/www.apache.org/content/favicon.ico [L]

	# Graduated podlings
	# ### TODO: this foo.incubator.a.o->foo.a.o redirect breaks if foo ever
	# ### moves to the attic.
	RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)\.incubator(\.\w+)?\.apache\.org$
	RewriteCond /dist/%1 -d
	RewriteRule ^(.*)$ http://%1%2.apache.org$1 [R,L]

	# change the DocumentRoot to ${DocumentRoot}/content if it exists
	RewriteCond %%{}{REQUEST_URI} !^/cgi-bin/
	RewriteCond %%{}{REQUEST_URI} !^/[.]revision$
	RewriteCond ${lowercase:%%{}{SERVER_NAME}} ^(\w+)(?:\.\w+)?\.apache\.org$
	RewriteCond /var/www/%1.apache.org/content -d
	RewriteRule ^(.*)$ ${lowercase:%%{}{SERVER_NAME}}$1 [C]
	RewriteRule ^(\w+)(?:\.\w+)?\.apache\.org/(.*) /var/www/$1.apache.org/content/$2
	</Macro>

	aoo:
	content: \|
	<Macro OpenOffice $proto>
	DocumentRoot /var/www/ooo-site.apache.org/content
	ServerName www.openoffice.org
	ServerAlias ooo-site.apache.org
	ServerAlias *.openoffice.org
	ServerAlias openoffice.org
	UseCanonicalName On

	# Silence PROPFIND mod_allowmethods errors
	# for Apache OO update check requests
	<LocationMatch "/projects/update[^/]*/ProductUpdateService/check\.Update">
	LogLevel allowmethods:crit
	</LocationMatch>

	# Silence PROPFIND mod_allowmethods errors
	# for Apache OO accesses by "Microsoft-WebDAV-MiniRedir"
	# (typical URI is "/3")
	<If "%%{}{REQUEST_METHOD} == 'PROPFIND' && %%{}{HTTP_USER_AGENT} =~ /^Microsoft-WebDAV-MiniRedir/">
	LogLevel allowmethods:crit
	</If>

	<Location /projects>
	ErrorDocument 404 default
	</Location>

	ErrorDocument 404 /docs/custom_404.html

	RewriteEngine On
	RewriteOptions inherit
	RewriteRule ^/favicon\.ico$ /var/www/ooo-site.apache.org/content/favicon.ico [L]

	RewriteMap lowercase int:tolower

	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^openoffice.org$
	RewriteRule (.*) $proto://www.openoffice.org$1 [L]

	# kill update.services.openoffice.org
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^update.services.openoffice.org$
	RewriteRule (.*) - [G,L]


	# qa\|www.openoffice.org
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?:qa\|www)(?:\.\w+)?\.openoffice\.org$
	RewriteRule /issues/(.*) $proto://issues.apache.org/ooo/$1 [NE,L]

	# [registration2\|survey].openoffice.org
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?:registration2\|survey)(?:\.\w+)?\.openoffice\.org$
	RewriteRule (.*) $proto://www.openoffice.org/legacy/thankyou.html [NE,L]

	# contributing.openoffice.org
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^contributing(?:\.\w+)?\.openoffice\.org$
	RewriteRule (.*) $proto://openoffice.apache.org/get-involved.html [L]

	RewriteRule /contributing/(.*) $proto://openoffice.apache.org/get-involved.html [L]

	# security.openoffice.org
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^security(?:\.\w+)?\.openoffice\.org$
	RewriteRule (.*) $proto://openoffice.apache.org/security.html [L]

	# br-pt.openoffice.org typos
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^br-pt(?:\.\w+)?\.openoffice\.org$
	RewriteRule (.*) $proto://www.openoffice.org/pt-br$1 [L]

	# change foo.openoffice.org/... to www.openoffice.org/foo/... if foo dir exists
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(\w+)(?:\.\w+)?\.openoffice\.org$
	RewriteCond /var/www/ooo-site.apache.org/content/%1 -d
	RewriteRule ^(.*)$ ${lowercase:%%{}{HTTP_HOST}}$1 [C]
	RewriteRule ^(\w+)(?:\.\w+)?\.openoffice\.org/(.*) $proto://www.openoffice.org/$1/$2 [NE,L,R=permanent]

	# change *.openoffice.org/?lang=foo to www.openoffice.org/foo/
	RewriteCond ${lowercase:%%{}{QUERY_STRING}} lang=([a-z\-]+)
	RewriteCond /var/www/ooo-site.apache.org/content/%1 -d
	RewriteRule .* $proto://www.openoffice.org/%1? [NE,L,R=permanent]

	# fallback for proj.openoffice.org/... to openoffice.org/projects/proj/...
	# The most common case is redirecting
	# $proto://updateXXX.services.openoffice.org/ProductUpdateService/check.Update
	# to $proto://www.openoffice.org/projects/updateXXX/ProductUpdateService/check.Update
	RewriteCond ${lowercase:%%{}{HTTP_HOST}} ^(?!www)(\w+)(?:\.\w+)?\.openoffice\.org$
	RewriteRule ^(.*)$ ${lowercase:%%{}{HTTP_HOST}}$1 [C]
	RewriteRule ^(\w+)(?:\.\w+)?\.openoffice\.org/(.*) $proto://www.openoffice.org/projects/$1/$2 [NE,L]
	</Macro>

	vhosts_asf::modules::modules:
	allowmethods:
	name: 'allowmethods'
	asis:
	name: 'asis'
	cgi:
	name: 'cgi'
	cgid:
	name: 'cgid'
	headers:
	name: 'headers'
	include:
	name: 'include'
	macro:
	name: 'macro'
	unique_id:
	name: 'unique_id'

	vhosts_asf::vhosts::vhosts:
	apache:
	vhost_name: '*'
	port: 80
	servername: 'www.apache.org'
	docroot: '/var/www/www.apache.org/content'
	manage_docroot: false
	serveraliases:
	- 'apache.org'
	- 'apachegroup.org'
	- 'www.apachegroup.org'
	- 'www.*.apache.org'
	directories:
	-
	path: '/var/www/www.apache.org/content'
	options:
	- 'Indexes'
	- 'FollowSymLinks'
	- 'MultiViews'
	- 'ExecCGI'
	allow_override:
	- 'All'
	addhandlers:
	-
	handler: 'cgi-script'
	extensions:
	- '.cgi'
	serveradmin: 'infrastructure@apache.org'
	access_log_file: 'weblog.log'
	error_log_file: 'errorlog.log'
	custom_fragment: \|
	Redirect permanent /docs/vif.info http://httpd.apache.org/docs/misc/vif-info
	Redirect permanent /docs/directives.html http://httpd.apache.org/docs/mod/directives.html
	Redirect permanent /docs/API.html http://httpd.apache.org/docs/misc/API.html
	Redirect permanent /docs/FAQ.html http://httpd.apache.org/docs/misc/FAQ.html
	Redirect permanent /manual-index.cgi/docs http://www.apache.org/search.html
	Redirect permanent /bugdb.cgi/ http://bugs.apache.org/index/
	Redirect permanent /bugdb.cgi http://bugs.apache.org/
	Redirect permanent /Conference1998 http://www.apachecon.com
	Redirect permanent /java http://archive.apache.org/dist/java/
	Redirect permanent /perl http://perl.apache.org
	Redirect permanent /docs/manual http://httpd.apache.org/docs
	Redirect permanent /docs http://httpd.apache.org/docs
	Redirect permanent /httpd http://httpd.apache.org
	Redirect permanent /httpd/ http://httpd.apache.org/
	Redirect permanent /httpd.html http://httpd.apache.org/
	Redirect permanent /index/full http://www.apache.org
	Redirect permanent /info/css-security http://httpd.apache.org/info/css-security
	Redirect permanent /websrc/ http://cvs.apache.org/
	Redirect permanent /from-cvs/ http://cvs.apache.org/snapshots/
	Redirect permanent /travel/application http://tac-apply.apache.org
	RedirectMatch permanent ^/LICENSE.* http://www.apache.org/licenses/
	RedirectMatch permanent /flyers(.*) http://www.apache.org/foundation/contributing.html

	RewriteEngine on
	RewriteOptions inherit
	RewriteRule /docs/mod_(.*)$ http://httpd.apache.org/docs/mod/mod_$1 [R=permanent]

	#/mail/* -> mail-archives.a.o/mod_mbox/*
	RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#asf-wide [R=301,L,NE]

	#/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
	RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/asf-wide-$1 [R=301,L]

	# Grab referals from www.apache.com and explain where
	# they landed.
	RewriteCond %%{}{HTTP_REFERER} ^http://([^/]*\.)?apache\.com/
	RewriteRule ^/dist/.* http://www.apache.org/info/referer-dotcom.html [R,L]

	# odd ddos coming from aouu.com
	RewriteCond %%{}{HTTP_REFERER} aouu.com
	RewriteRule ^ - [F,L]

	<IfModule mod_expires.c>
	ExpiresActive On
	ExpiresDefault A3600
	</IfModule>

	## Set " Access-Control-Allow-Origin: *" as per https://issues.apache.org/jira/browse/INFRA-2877
	<LocationMatch ^/dist/.*>
	Header set Access-Control-Allow-Origin "*"
	</LocationMatch>

	<Directory /var/www/www.apache.org/content/dist>
	IndexOptions FancyIndexing NameWidth=* FoldersFirst \
	ScanHTMLTitles DescriptionWidth=*
	HeaderName HEADER.html
	ReadmeName README.html
	AllowOverride FileInfo Indexes
	Options Indexes SymLinksIfOwnerMatch
	</Directory>

	<Directory /var/www/www.apache.org/dist/httpd>
	IndexOptions +FoldersFirst +ScanHTMLTitles +DescriptionWidth=*
	</Directory>

	<Location "/server-status">
	SetHandler server-status
	</Location>

	Use BlockSvn

	tlp:
	vhost_name: '*'
	priority: 99
	port: 80
	servername: 'www.apache.org'
	virtual_docroot: '/var/www/%1.0.apache.org'
	docroot: '/var/www'
	manage_docroot: false
	serveraliases:
	- '*.apache.org'
	directories:
	-
	path: '/var/www'
	options:
	- 'Indexes'
	- 'FollowSymLinks'
	- 'MultiViews'
	- 'ExecCGI'
	allow_override:
	- 'All'
	addhandlers:
	-
	handler: 'cgi-script'
	extensions:
	- '.cgi'
	serveradmin: 'infrastructure@apache.org'
	access_log_file: 'weblog.log'
	error_log_file: 'errorlog.log'
	custom_fragment: \|
	VirtualScriptAlias /var/www/%1.0.apache.org/cgi-bin
	UseCanonicalName Off
	Use CatchAll
	Use BlockSvn
	<Directory /var/www/trafficserver.apache.org>
	Options +Includes
	AddOutputFilter INCLUDES .html
	</Directory>
	<Directory /var/www/subversion.apache.org>
	Options +Includes
	AddOutputFilter INCLUDES .html
	</Directory>
	AddType text/plain sha512
	RewriteEngine On

	#/mail -> mail-archives.a.o/mod_mbox/#tlp
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.apache.org$
	RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

	#/mail -> mail-archives.a.o/mod_mbox/#tlp
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.apache.org$
	RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

	#/mail -> mail-archives.a.o/mod_mbox/#tlp
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.ipv4.apache.org$
	RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

	#/mail -> mail-archives.a.o/mod_mbox/#tlp
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.ipv4.apache.org$
	RewriteRule ^/mail/?$ http://mail-archives.apache.org/mod_mbox/#%1 [R=301,L,NE]

	#/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.apache.org$
	RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

	#/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.apache.org$
	RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

	#/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.ipv4.apache.org$
	RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]

	#/mail/* -> mail-archives.a.o/mod_mbox/tlp-list
	RewriteCond %%{}{HTTP_HOST} ^([^.]+)\.us.ipv4.apache.org$
	RewriteRule ^/mail/(.*)$ http://mail-archives.apache.org/mod_mbox/%1-$1 [R=301,L]