Bring all templates to Fedora 42 baseline
This commit is contained in:
@@ -37,6 +37,7 @@ AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
AddIconByType /icons/bomb.gif application/x-coredump
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
@@ -53,7 +54,6 @@ AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core.
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
|
||||
@@ -19,8 +19,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# Redirect to local php-fpm (no mod_php in default configuration)
|
||||
#
|
||||
<IfModule !mod_php5.c>
|
||||
<IfModule !mod_php7.c>
|
||||
<IfModule !mod_php.c>
|
||||
# Enable http authorization headers
|
||||
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
|
||||
|
||||
@@ -28,7 +27,6 @@ DirectoryIndex index.php
|
||||
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
|
||||
</FilesMatch>
|
||||
</IfModule>
|
||||
</IfModule>
|
||||
|
||||
#
|
||||
# mod_php is deprecated as FPM is now used by default with httpd in event mode
|
||||
@@ -36,7 +34,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# mod_php options
|
||||
#
|
||||
<IfModule mod_php7.c>
|
||||
<IfModule mod_php.c>
|
||||
#
|
||||
# Cause the PHP interpreter to handle files with a .php extension.
|
||||
#
|
||||
|
||||
@@ -15,6 +15,7 @@ LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||
LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||
@@ -23,7 +24,6 @@ LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
LoadModule cache_module modules/mod_cache.so
|
||||
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
@@ -151,7 +151,7 @@ DocumentRoot "/var/www/html"
|
||||
#
|
||||
# AllowOverride controls what directives may be placed in .htaccess files.
|
||||
# It can be "All", "None", or any combination of the keywords:
|
||||
# Options FileInfo AuthConfig Limit
|
||||
# AllowOverride FileInfo AuthConfig Limit
|
||||
#
|
||||
AllowOverride None
|
||||
|
||||
@@ -263,6 +263,15 @@ LogLevel warn
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
<IfModule headers_module>
|
||||
#
|
||||
# Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
|
||||
# backend servers which have lingering "httpoxy" defects.
|
||||
# 'Proxy' request header is undefined by the IETF, not listed by IANA
|
||||
#
|
||||
RequestHeader unset Proxy early
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_module>
|
||||
#
|
||||
# TypesConfig points to the file containing the list of mappings from
|
||||
@@ -340,6 +349,13 @@ AddDefaultCharset UTF-8
|
||||
#ErrorDocument 402 http://www.example.com/subscription_info.html
|
||||
#
|
||||
|
||||
#
|
||||
# MaxRanges: Maximum number of Ranges in a request before
|
||||
# returning the entire resource, or one of the special
|
||||
# values 'default', 'none' or 'unlimited'.
|
||||
# Default setting is to accept 200 Ranges.
|
||||
#MaxRanges unlimited
|
||||
|
||||
#
|
||||
# EnableMMAP and EnableSendfile: On systems that support it,
|
||||
# memory-mapping or the sendfile syscall may be used to deliver
|
||||
|
||||
@@ -383,3 +383,15 @@
|
||||
4 string moov video/quicktime
|
||||
4 string mdat video/quicktime
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# application/x-coredump for LE/BE ELF
|
||||
#
|
||||
0 string \177ELF
|
||||
>5 byte 1
|
||||
>16 leshort 4 application/x-coredump
|
||||
|
||||
0 string \177ELF
|
||||
>5 byte 2
|
||||
>16 beshort 4 application/x-coredump
|
||||
|
||||
|
||||
@@ -5,11 +5,6 @@
|
||||
; All relative paths in this configuration file are relative to PHP's install
|
||||
; prefix.
|
||||
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
; Global Options ;
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
@@ -133,5 +128,8 @@ daemonize = yes
|
||||
; used in logs and stats. There is no limitation on the number of pools which
|
||||
; FPM can handle. Your system will tell you anyway :)
|
||||
|
||||
; See /etc/php-fpm.d/*.conf
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
|
||||
@@ -42,6 +42,11 @@ opcache.enable_cli=1
|
||||
; size of the optimized code.
|
||||
;opcache.save_comments=1
|
||||
|
||||
; If enabled, compilation warnings (including notices and deprecations) will
|
||||
; be recorded and replayed each time a file is included. Otherwise, compilation
|
||||
; warnings will only be emitted when the file is first cached.
|
||||
;opcache.record_warnings=0
|
||||
|
||||
; Allow file existence override (file_exists, etc.) performance feature.
|
||||
;opcache.enable_file_override=0
|
||||
|
||||
@@ -62,10 +67,6 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
; are cached.
|
||||
;opcache.max_file_size=0
|
||||
|
||||
; Check the cache checksum each N requests.
|
||||
; The default value of "0" means that the checks are disabled.
|
||||
;opcache.consistency_checks=0
|
||||
|
||||
; How long to wait (in seconds) for a scheduled restart to begin if the cache
|
||||
; is not being accessed.
|
||||
;opcache.force_restart_timeout=180
|
||||
@@ -110,7 +111,12 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
;opcache.file_cache_fallback=1
|
||||
|
||||
; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
|
||||
; This should improve performance, but requires appropriate OS configuration.
|
||||
; Under certain circumstances (if only a single global PHP process is
|
||||
; started from which all others fork), this can increase performance
|
||||
; by a tiny amount because TLB misses are reduced. On the other hand, this
|
||||
; delays PHP startup, increases memory usage and degrades performance
|
||||
; under memory pressure - use with care.
|
||||
; Requires appropriate OS configuration.
|
||||
opcache.huge_code_pages=0
|
||||
|
||||
; Validate cached file permissions.
|
||||
@@ -131,12 +137,12 @@ opcache.huge_code_pages=0
|
||||
|
||||
; Specifies a PHP script that is going to be compiled and executed at server
|
||||
; start-up.
|
||||
; http://php.net/opcache.preload
|
||||
; https://php.net/opcache.preload
|
||||
;opcache.preload=
|
||||
|
||||
; Preloading code as root is not allowed for security reasons. This directive
|
||||
; facilitates to let the preloading to be run as another user.
|
||||
; http://php.net/opcache.preload_user
|
||||
; https://php.net/opcache.preload_user
|
||||
;opcache.preload_user=
|
||||
|
||||
; Prevents caching files that are less than this number of seconds old. It
|
||||
|
||||
+243
-291
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=One-time temporary TLS key generation for httpd.service
|
||||
Documentation=man:httpd-init.service(8)
|
||||
|
||||
ConditionPathExists=|!/etc/pki/tls/certs/localhost.crt
|
||||
ConditionPathExists=|!/etc/pki/tls/private/localhost.key
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=no
|
||||
PrivateTmp=true
|
||||
|
||||
ExecStart=/usr/libexec/httpd-ssl-gencerts
|
||||
@@ -0,0 +1,5 @@
|
||||
# This file is part of mod_ssl. It enables listening on port 443 when
|
||||
# socket activation is used.
|
||||
|
||||
[Socket]
|
||||
ListenStream=443
|
||||
@@ -37,6 +37,7 @@ AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
AddIconByType /icons/bomb.gif application/x-coredump
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
@@ -53,7 +54,6 @@ AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core.
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
|
||||
@@ -19,8 +19,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# Redirect to local php-fpm (no mod_php in default configuration)
|
||||
#
|
||||
<IfModule !mod_php5.c>
|
||||
<IfModule !mod_php7.c>
|
||||
<IfModule !mod_php.c>
|
||||
# Enable http authorization headers
|
||||
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
|
||||
|
||||
@@ -28,7 +27,6 @@ DirectoryIndex index.php
|
||||
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
|
||||
</FilesMatch>
|
||||
</IfModule>
|
||||
</IfModule>
|
||||
|
||||
#
|
||||
# mod_php is deprecated as FPM is now used by default with httpd in event mode
|
||||
@@ -36,7 +34,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# mod_php options
|
||||
#
|
||||
<IfModule mod_php7.c>
|
||||
<IfModule mod_php.c>
|
||||
#
|
||||
# Cause the PHP interpreter to handle files with a .php extension.
|
||||
#
|
||||
|
||||
@@ -15,6 +15,7 @@ LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||
LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||
@@ -23,7 +24,6 @@ LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
LoadModule cache_module modules/mod_cache.so
|
||||
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
@@ -151,7 +151,7 @@ DocumentRoot "/var/www/html"
|
||||
#
|
||||
# AllowOverride controls what directives may be placed in .htaccess files.
|
||||
# It can be "All", "None", or any combination of the keywords:
|
||||
# Options FileInfo AuthConfig Limit
|
||||
# AllowOverride FileInfo AuthConfig Limit
|
||||
#
|
||||
AllowOverride None
|
||||
|
||||
@@ -263,6 +263,15 @@ LogLevel warn
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
<IfModule headers_module>
|
||||
#
|
||||
# Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
|
||||
# backend servers which have lingering "httpoxy" defects.
|
||||
# 'Proxy' request header is undefined by the IETF, not listed by IANA
|
||||
#
|
||||
RequestHeader unset Proxy early
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_module>
|
||||
#
|
||||
# TypesConfig points to the file containing the list of mappings from
|
||||
@@ -340,6 +349,13 @@ AddDefaultCharset UTF-8
|
||||
#ErrorDocument 402 http://www.example.com/subscription_info.html
|
||||
#
|
||||
|
||||
#
|
||||
# MaxRanges: Maximum number of Ranges in a request before
|
||||
# returning the entire resource, or one of the special
|
||||
# values 'default', 'none' or 'unlimited'.
|
||||
# Default setting is to accept 200 Ranges.
|
||||
#MaxRanges unlimited
|
||||
|
||||
#
|
||||
# EnableMMAP and EnableSendfile: On systems that support it,
|
||||
# memory-mapping or the sendfile syscall may be used to deliver
|
||||
|
||||
@@ -383,3 +383,15 @@
|
||||
4 string moov video/quicktime
|
||||
4 string mdat video/quicktime
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# application/x-coredump for LE/BE ELF
|
||||
#
|
||||
0 string \177ELF
|
||||
>5 byte 1
|
||||
>16 leshort 4 application/x-coredump
|
||||
|
||||
0 string \177ELF
|
||||
>5 byte 2
|
||||
>16 beshort 4 application/x-coredump
|
||||
|
||||
|
||||
@@ -5,11 +5,6 @@
|
||||
; All relative paths in this configuration file are relative to PHP's install
|
||||
; prefix.
|
||||
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
; Global Options ;
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
@@ -133,5 +128,8 @@ daemonize = yes
|
||||
; used in logs and stats. There is no limitation on the number of pools which
|
||||
; FPM can handle. Your system will tell you anyway :)
|
||||
|
||||
; See /etc/php-fpm.d/*.conf
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
|
||||
@@ -42,6 +42,11 @@ opcache.enable_cli=1
|
||||
; size of the optimized code.
|
||||
;opcache.save_comments=1
|
||||
|
||||
; If enabled, compilation warnings (including notices and deprecations) will
|
||||
; be recorded and replayed each time a file is included. Otherwise, compilation
|
||||
; warnings will only be emitted when the file is first cached.
|
||||
;opcache.record_warnings=0
|
||||
|
||||
; Allow file existence override (file_exists, etc.) performance feature.
|
||||
;opcache.enable_file_override=0
|
||||
|
||||
@@ -62,10 +67,6 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
; are cached.
|
||||
;opcache.max_file_size=0
|
||||
|
||||
; Check the cache checksum each N requests.
|
||||
; The default value of "0" means that the checks are disabled.
|
||||
;opcache.consistency_checks=0
|
||||
|
||||
; How long to wait (in seconds) for a scheduled restart to begin if the cache
|
||||
; is not being accessed.
|
||||
;opcache.force_restart_timeout=180
|
||||
@@ -110,7 +111,12 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
;opcache.file_cache_fallback=1
|
||||
|
||||
; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
|
||||
; This should improve performance, but requires appropriate OS configuration.
|
||||
; Under certain circumstances (if only a single global PHP process is
|
||||
; started from which all others fork), this can increase performance
|
||||
; by a tiny amount because TLB misses are reduced. On the other hand, this
|
||||
; delays PHP startup, increases memory usage and degrades performance
|
||||
; under memory pressure - use with care.
|
||||
; Requires appropriate OS configuration.
|
||||
opcache.huge_code_pages=0
|
||||
|
||||
; Validate cached file permissions.
|
||||
@@ -131,12 +137,12 @@ opcache.huge_code_pages=0
|
||||
|
||||
; Specifies a PHP script that is going to be compiled and executed at server
|
||||
; start-up.
|
||||
; http://php.net/opcache.preload
|
||||
; https://php.net/opcache.preload
|
||||
;opcache.preload=
|
||||
|
||||
; Preloading code as root is not allowed for security reasons. This directive
|
||||
; facilitates to let the preloading to be run as another user.
|
||||
; http://php.net/opcache.preload_user
|
||||
; https://php.net/opcache.preload_user
|
||||
;opcache.preload_user=
|
||||
|
||||
; Prevents caching files that are less than this number of seconds old. It
|
||||
|
||||
+243
-291
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=One-time temporary TLS key generation for httpd.service
|
||||
Documentation=man:httpd-init.service(8)
|
||||
|
||||
ConditionPathExists=|!/etc/pki/tls/certs/localhost.crt
|
||||
ConditionPathExists=|!/etc/pki/tls/private/localhost.key
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=no
|
||||
PrivateTmp=true
|
||||
|
||||
ExecStart=/usr/libexec/httpd-ssl-gencerts
|
||||
@@ -0,0 +1,5 @@
|
||||
# This file is part of mod_ssl. It enables listening on port 443 when
|
||||
# socket activation is used.
|
||||
|
||||
[Socket]
|
||||
ListenStream=443
|
||||
@@ -37,6 +37,7 @@ AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
AddIconByType /icons/bomb.gif application/x-coredump
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
@@ -53,7 +54,6 @@ AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core.
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
|
||||
@@ -19,8 +19,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# Redirect to local php-fpm (no mod_php in default configuration)
|
||||
#
|
||||
<IfModule !mod_php5.c>
|
||||
<IfModule !mod_php7.c>
|
||||
<IfModule !mod_php.c>
|
||||
# Enable http authorization headers
|
||||
SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
|
||||
|
||||
@@ -28,7 +27,6 @@ DirectoryIndex index.php
|
||||
SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost"
|
||||
</FilesMatch>
|
||||
</IfModule>
|
||||
</IfModule>
|
||||
|
||||
#
|
||||
# mod_php is deprecated as FPM is now used by default with httpd in event mode
|
||||
@@ -36,7 +34,7 @@ DirectoryIndex index.php
|
||||
#
|
||||
# mod_php options
|
||||
#
|
||||
<IfModule mod_php7.c>
|
||||
<IfModule mod_php.c>
|
||||
#
|
||||
# Cause the PHP interpreter to handle files with a .php extension.
|
||||
#
|
||||
|
||||
@@ -15,6 +15,7 @@ LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||
LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||
@@ -23,7 +24,6 @@ LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
LoadModule cache_module modules/mod_cache.so
|
||||
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
LoadModule brotli_module modules/mod_brotli.so
|
||||
@@ -151,7 +151,7 @@ DocumentRoot "/var/www/html"
|
||||
#
|
||||
# AllowOverride controls what directives may be placed in .htaccess files.
|
||||
# It can be "All", "None", or any combination of the keywords:
|
||||
# Options FileInfo AuthConfig Limit
|
||||
# AllowOverride FileInfo AuthConfig Limit
|
||||
#
|
||||
AllowOverride None
|
||||
|
||||
@@ -263,6 +263,15 @@ LogLevel warn
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
<IfModule headers_module>
|
||||
#
|
||||
# Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
|
||||
# backend servers which have lingering "httpoxy" defects.
|
||||
# 'Proxy' request header is undefined by the IETF, not listed by IANA
|
||||
#
|
||||
RequestHeader unset Proxy early
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_module>
|
||||
#
|
||||
# TypesConfig points to the file containing the list of mappings from
|
||||
@@ -340,6 +349,13 @@ AddDefaultCharset UTF-8
|
||||
#ErrorDocument 402 http://www.example.com/subscription_info.html
|
||||
#
|
||||
|
||||
#
|
||||
# MaxRanges: Maximum number of Ranges in a request before
|
||||
# returning the entire resource, or one of the special
|
||||
# values 'default', 'none' or 'unlimited'.
|
||||
# Default setting is to accept 200 Ranges.
|
||||
#MaxRanges unlimited
|
||||
|
||||
#
|
||||
# EnableMMAP and EnableSendfile: On systems that support it,
|
||||
# memory-mapping or the sendfile syscall may be used to deliver
|
||||
|
||||
@@ -383,3 +383,15 @@
|
||||
4 string moov video/quicktime
|
||||
4 string mdat video/quicktime
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# application/x-coredump for LE/BE ELF
|
||||
#
|
||||
0 string \177ELF
|
||||
>5 byte 1
|
||||
>16 leshort 4 application/x-coredump
|
||||
|
||||
0 string \177ELF
|
||||
>5 byte 2
|
||||
>16 beshort 4 application/x-coredump
|
||||
|
||||
|
||||
@@ -5,11 +5,6 @@
|
||||
; All relative paths in this configuration file are relative to PHP's install
|
||||
; prefix.
|
||||
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
; Global Options ;
|
||||
;;;;;;;;;;;;;;;;;;
|
||||
@@ -133,5 +128,8 @@ daemonize = yes
|
||||
; used in logs and stats. There is no limitation on the number of pools which
|
||||
; FPM can handle. Your system will tell you anyway :)
|
||||
|
||||
; See /etc/php-fpm.d/*.conf
|
||||
; Include one or more files. If glob(3) exists, it is used to include a bunch of
|
||||
; files from a glob(3) pattern. This directive can be used everywhere in the
|
||||
; file.
|
||||
include=/etc/php-fpm.d/*.conf
|
||||
|
||||
|
||||
@@ -42,6 +42,11 @@ opcache.enable_cli=1
|
||||
; size of the optimized code.
|
||||
;opcache.save_comments=1
|
||||
|
||||
; If enabled, compilation warnings (including notices and deprecations) will
|
||||
; be recorded and replayed each time a file is included. Otherwise, compilation
|
||||
; warnings will only be emitted when the file is first cached.
|
||||
;opcache.record_warnings=0
|
||||
|
||||
; Allow file existence override (file_exists, etc.) performance feature.
|
||||
;opcache.enable_file_override=0
|
||||
|
||||
@@ -62,10 +67,6 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
; are cached.
|
||||
;opcache.max_file_size=0
|
||||
|
||||
; Check the cache checksum each N requests.
|
||||
; The default value of "0" means that the checks are disabled.
|
||||
;opcache.consistency_checks=0
|
||||
|
||||
; How long to wait (in seconds) for a scheduled restart to begin if the cache
|
||||
; is not being accessed.
|
||||
;opcache.force_restart_timeout=180
|
||||
@@ -110,7 +111,12 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
|
||||
;opcache.file_cache_fallback=1
|
||||
|
||||
; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
|
||||
; This should improve performance, but requires appropriate OS configuration.
|
||||
; Under certain circumstances (if only a single global PHP process is
|
||||
; started from which all others fork), this can increase performance
|
||||
; by a tiny amount because TLB misses are reduced. On the other hand, this
|
||||
; delays PHP startup, increases memory usage and degrades performance
|
||||
; under memory pressure - use with care.
|
||||
; Requires appropriate OS configuration.
|
||||
opcache.huge_code_pages=0
|
||||
|
||||
; Validate cached file permissions.
|
||||
@@ -131,12 +137,12 @@ opcache.huge_code_pages=0
|
||||
|
||||
; Specifies a PHP script that is going to be compiled and executed at server
|
||||
; start-up.
|
||||
; http://php.net/opcache.preload
|
||||
; https://php.net/opcache.preload
|
||||
;opcache.preload=
|
||||
|
||||
; Preloading code as root is not allowed for security reasons. This directive
|
||||
; facilitates to let the preloading to be run as another user.
|
||||
; http://php.net/opcache.preload_user
|
||||
; https://php.net/opcache.preload_user
|
||||
;opcache.preload_user=
|
||||
|
||||
; Prevents caching files that are less than this number of seconds old. It
|
||||
|
||||
+243
-291
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=One-time temporary TLS key generation for httpd.service
|
||||
Documentation=man:httpd-init.service(8)
|
||||
|
||||
ConditionPathExists=|!/etc/pki/tls/certs/localhost.crt
|
||||
ConditionPathExists=|!/etc/pki/tls/private/localhost.key
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=no
|
||||
PrivateTmp=true
|
||||
|
||||
ExecStart=/usr/libexec/httpd-ssl-gencerts
|
||||
@@ -0,0 +1,5 @@
|
||||
# This file is part of mod_ssl. It enables listening on port 443 when
|
||||
# socket activation is used.
|
||||
|
||||
[Socket]
|
||||
ListenStream=443
|
||||
@@ -110,6 +110,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-base.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-dav.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -195,6 +200,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket'
|
||||
- dest: '/usr/lib/systemd/system/httpd-init.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd-init.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd-reload.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -210,3 +220,10 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd@.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
...
|
||||
|
||||
|
||||
@@ -110,6 +110,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-base.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-dav.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -195,6 +200,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket'
|
||||
- dest: '/usr/lib/systemd/system/httpd-init.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd-init.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd-reload.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -210,3 +220,10 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd@.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
...
|
||||
|
||||
|
||||
@@ -110,6 +110,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-base.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/etc/httpd/conf.modules.d/00-brotli.conf'
|
||||
- dest: '/etc/httpd/conf.modules.d/00-dav.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -195,6 +200,11 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket'
|
||||
- dest: '/usr/lib/systemd/system/httpd-init.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd-init.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd-reload.service'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
@@ -210,3 +220,10 @@ template_list:
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd@.service'
|
||||
- dest: '/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
group: 'root'
|
||||
mode: '0644'
|
||||
owner: 'root'
|
||||
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
|
||||
...
|
||||
|
||||
|
||||
Reference in New Issue
Block a user