# Fix server root
#XXX: useless now ???
ServerRoot "/etc"

# Listen on port 80 and 443
Listen 80
Listen 443

# Server name
ServerName localhost

# Server admin
ServerAdmin root@localhost

# Fix user
User root
Group root

# Send charset
AddDefaultCharset UTF-8

# Allow file send
EnableSendfile on

# Set timeout
Timeout 600

# Set document root
DocumentRoot "/var/www/html"

<Directory />
	AllowOverride None
</Directory>
<Directory "/run/ihttpd/log">
	AllowOverride None
	Require all granted
</Directory>
<Directory "/var/www/html">
	AllowOverride None
	Options Indexes FollowSymLinks ExecCGI
	Require all granted
	DirectoryIndex index.bin
	AddHandler cgi-script .bin
</Directory>

# Fix mime type file location
TypesConfig /etc/mime.types

# Fix pid location
PidFile /run/ihttpd/ihttpd.pid

# Fix dir for rewrite map lock files
Mutex file:/run/ihttpd rewrite-map
Mutex file:/run/ihttpd mpm-accept

# Disable version info
ServerSignature Off
ServerTokens Prod

# SSL configuration
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLSessionCache shmcb:/run/ihttpd/ssl_scache(512000)
SSLProtocol all -SSLv3

# Enable rewrite
RewriteEngine On

# Redirect to https
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

# Redirect unexisting documents to script
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* /index.bin [L]

# SSL vhost
<VirtualHost *:443>
	# Enable ssl
	SSLEngine on
	SSLCertificateFile /etc/pki/tls/certs/ihttpd.pem
	SSLCertificateKeyFile /etc/pki/tls/private/ihttpd.pem

	# Inherit rewrite config
	RewriteEngine On
	RewriteOptions Inherit

	# Set custom log
	CustomLog "/run/ihttpd/log/https.log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

# Log section
ErrorLog "/run/ihttpd/log/error.log"
LogLevel warn

<IfModule log_config_module>
	CustomLog "/run/ihttpd/log/http.log" "%h %l %u %t \"%r\" %>s %b"
</IfModule>