Listen [{{ parameter_dict['ip'] }}]:{{ parameter_dict['port'] }}

LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule proxy_module      modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
LoadModule env_module modules/mod_env.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so

ServerAdmin admin@
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

ServerTokens Prod
ServerSignature Off
TraceEnable Off

PidFile "{{ parameter_dict['pid-file'] }}"
ErrorLog "{{ parameter_dict['error-log'] }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
CustomLog "{{ parameter_dict['access-log'] }}" combined

# SSL Configuration
Define SSLConfigured
SSLCertificateFile {{ parameter_dict['cert-file'] }}
SSLCertificateKeyFile {{ parameter_dict['key-file'] }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on

SSLEngine   On


<Directory />
  Options FollowSymLinks
  AllowOverride None
  Allow from all
</Directory>

<VirtualHost *:{{ parameter_dict['port'] }}>

  DavLockDB {{ parameter_dict['dav-lock'] }}

  SSLVerifyClient require
  RequestHeader set REMOTE_USER %{SSL_CLIENT_S_DN_CN}s
  SSLCACertificateFile {{ parameter_dict['ca-cert'] }}
  {% if parameter_dict['crl'] -%}
  SSLCARevocationCheck chain
  SSLCARevocationFile {{ parameter_dict['crl'] }}
  {%- endif %}

  Alias / {{ parameter_dict['private'] }}/
  <Directory {{ parameter_dict['private'] }}>
    DirectoryIndex disabled
    DAV On
    Options Indexes FollowSymLinks
    Order Allow,Deny
    Allow from all
  </Directory>

</VirtualHost>

{% if parameter_dict.get('httpd-include-file', '') -%}
# Custom apache configuration here
Include {{ parameter_dict['httpd-include-file'] }}
{% endif -%}