certbot/letsencrypt-apache/letsencrypt_apache/constants.py

"""Apache plugin constants."""
import pkg_resources


CLI_DEFAULTS = dict(
    server_root="/etc/apache2",
    ctl="apache2ctl",
    enmod="a2enmod",
    dismod="a2dismod",
    le_vhost_ext="-le-ssl.conf",
)
"""CLI defaults."""

MOD_SSL_CONF_DEST = "options-ssl-apache.conf"
"""Name of the mod_ssl config file as saved in `IConfig.config_dir`."""

MOD_SSL_CONF_SRC = pkg_resources.resource_filename(
    "letsencrypt_apache", "options-ssl-apache.conf")
"""Path to the Apache mod_ssl config file found in the Let's Encrypt
distribution."""

AUGEAS_LENS_DIR = pkg_resources.resource_filename(
    "letsencrypt_apache", "augeas_lens")
"""Path to the Augeas lens directory"""

REWRITE_HTTPS_ARGS = [
    "^", "https://%{SERVER_NAME}%{REQUEST_URI}", "[L,QSA,R=permanent]"]
"""Apache rewrite rule arguments used for redirections to https vhost"""


HSTS_ARGS = ["always", "set", "Strict-Transport-Security",
    "\"max-age=31536000; includeSubDomains\""]
"""Apache header arguments for HSTS"""

UIR_ARGS = ["always", "set", "Content-Security-Policy",
    "upgrade-insecure-requests"]

HEADER_ARGS = {"Strict-Transport-Security": HSTS_ARGS,
        "Upgrade-Insecure-Requests": UIR_ARGS}
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00			`"""Apache plugin constants."""`
			`import pkg_resources`


Use CLI_DEFAULTS in plugins 2015-05-08 17:32:13 -04:00			`CLI_DEFAULTS = dict(`
			`server_root="/etc/apache2",`
			`ctl="apache2ctl",`
			`enmod="a2enmod",`
Use a2enmod and update reverter 2015-07-30 02:40:07 -04:00			`dismod="a2dismod",`
--le-vhost-ext -> --apache-le-vhost-ext 2015-05-22 03:28:21 -04:00			`le_vhost_ext="-le-ssl.conf",`
Use CLI_DEFAULTS in plugins 2015-05-08 17:32:13 -04:00			`)`
			`"""CLI defaults."""`
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00
Don't allow user supplied mod_ssl conf destination (fixes #451). 2015-06-01 20:14:10 -04:00			`MOD_SSL_CONF_DEST = "options-ssl-apache.conf"`
			"""Name of the mod_ssl config file as saved in `IConfig.config_dir`."""
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00
Don't allow user supplied mod_ssl conf destination (fixes #451). 2015-06-01 20:14:10 -04:00			`MOD_SSL_CONF_SRC = pkg_resources.resource_filename(`
Rename the apache config file to match the nginx one Since both config files end up in /etc/letsencrypt/, if we want the two plugins be to installable at the same time, their config files need different names. 2015-06-07 04:31:50 -04:00			`"letsencrypt_apache", "options-ssl-apache.conf")`
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00			`"""Path to the Apache mod_ssl config file found in the Let's Encrypt`
			`distribution."""`

constants.AUGEAS_LENS_DIR 2015-11-04 15:12:39 -05:00			`AUGEAS_LENS_DIR = pkg_resources.resource_filename(`
			`"letsencrypt_apache", "augeas_lens")`
			`"""Path to the Augeas lens directory"""`
load augeas httpd lens from inside of lets encrypt 2015-11-02 19:22:58 -05:00
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00			`REWRITE_HTTPS_ARGS = [`
Convert to servername/serveralias 2015-07-21 20:16:46 -04:00			`"^", "https://%{SERVER_NAME}%{REQUEST_URI}", "[L,QSA,R=permanent]"]`
Move apache constants/args/IConfig to its subdirectory 2015-04-22 04:32:34 -04:00			`"""Apache rewrite rule arguments used for redirections to https vhost"""`
Add HSTS header enhancement to Apache 2015-11-06 17:31:30 -05:00
Generalized http-header enhancement 2015-11-07 23:37:57 -05:00
			`HSTS_ARGS = ["always", "set", "Strict-Transport-Security",`
Add HSTS header enhancement to Apache 2015-11-06 17:31:30 -05:00			`"\"max-age=31536000; includeSubDomains\""]`
			`"""Apache header arguments for HSTS"""`

Generalized http-header enhancement 2015-11-07 23:37:57 -05:00			`UIR_ARGS = ["always", "set", "Content-Security-Policy",`
Add tests and comments 2015-11-08 10:21:36 -05:00			`"upgrade-insecure-requests"]`
Generalized http-header enhancement 2015-11-07 23:37:57 -05:00
Add tests and comments 2015-11-08 10:21:36 -05:00			`HEADER_ARGS = {"Strict-Transport-Security": HSTS_ARGS,`
			`"Upgrade-Insecure-Requests": UIR_ARGS}`
Generalized http-header enhancement 2015-11-07 23:37:57 -05:00