Adding Apache server configurations + Django conf templates

Author: Tikam02

Servers/Apache/Readme.md

@@ -0,0 +1,6 @@
+# Apahe2 Server
+
+- Deployment
+- Configurations
+- Mods
+- Security 

Servers/Apache/configs/templates/deploy-django.md

@@ -0,0 +1 @@
+## Deploy Django 

Servers/Apache/configs/templates/deploy-node-server.md

@@ -0,0 +1 @@
+## Deploy Node server

Servers/Apache/configs/templates/deploy-static-sites.md

@@ -0,0 +1 @@
+## Deploy Static Websites

Servers/Apache/configs/templates/django.no-ssl.domain.conf

@@ -0,0 +1,44 @@
+# -----------------------------------------------------------------------
+# | Config file for example.com host to deploy django server via apache2 |
+# -----------------------------------------------------------------------
+# When you use daemon mode, the number of processes and threads is static. This is one of the immediate benefits of using daemon mode. 
+# Specifically, that process management is more predictable. One of the big problems with using embedded mode is that Apache can decide to create additional processes or kill off existing ones. 
+# For a web application with large startup costs this is not a good idea as you could suddenly see increased CPU usage due to more processes being started right at the time you don't need it such as when a throughput spike occurs. 
+# This can actually cause performance to degrade in the short term rather than improve.
+
+#Use Daemon Mode by Restricting WSGIRestrictEmbedded On
+WSGIRestrictEmbedded On
+
+<VirtualHost *:80>
+
+    ServerName example.com
+    ServerAlias www.example.com
+
+    # Path for Django Project /home/DJANGO_PROJECT/
+    DocumentRoot /home/DJANGO_PROJECT/
+
+    WSGIDaemonProcess DJANGO_PROJECT python-path=/home/DJANGO_PROJECT/:/home/env/lib/python2.7/site-packages
+    WSGIProcessGroup DJANGO_PROJECT
+    WSGIScriptAlias / /home/DJANGO_PROJECT/WSGI_RELATIVE_PATH
+
+    <Directory $DJANGO_PROJECT_DIR/$DJANGO_PROJECT>
+            <Files wsgi.py>
+            Require all granted
+            </Files>
+    </Directory>
+
+
+    # Include the basic DevOpsGuide Apache Config set
+    Include dgac/basic.conf
+    # Include Required configs from /dgac/ 
+    Include dgac/tls/ssl_engine.conf
+    Include dgac/tls/certificate_files.conf
+    Include dgac/rewrites/rewrite_nowww.conf
+
+
+
+    <Directory "/var/www/example.com/public">
+        Require all granted
+    </Directory>
+
+</VirtualHost>

Servers/Apache/configs/templates/django.ssl.domain.conf

@@ -0,0 +1,44 @@
+# -----------------------------------------------------------------------
+# | Config file for example.com host to deploy django server via apache2 |
+# -----------------------------------------------------------------------
+# When you use daemon mode, the number of processes and threads is static. This is one of the immediate benefits of using daemon mode. 
+# Specifically, that process management is more predictable. One of the big problems with using embedded mode is that Apache can decide to create additional processes or kill off existing ones. 
+# For a web application with large startup costs this is not a good idea as you could suddenly see increased CPU usage due to more processes being started right at the time you don't need it such as when a throughput spike occurs. 
+# This can actually cause performance to degrade in the short term rather than improve.
+
+#Use Daemon Mode by Restricting WSGIRestrictEmbedded On
+WSGIRestrictEmbedded On
+
+<VirtualHost *:443>
+
+    ServerName example.com
+    ServerAlias www.example.com
+
+    # Path for Django Project /home/DJANGO_PROJECT/
+    DocumentRoot /home/DJANGO_PROJECT/
+
+    WSGIDaemonProcess DJANGO_PROJECT python-path=/home/DJANGO_PROJECT/:/home/env/lib/python2.7/site-packages
+    WSGIProcessGroup DJANGO_PROJECT
+    WSGIScriptAlias / /home/DJANGO_PROJECT/WSGI_RELATIVE_PATH
+
+    <Directory $DJANGO_PROJECT_DIR/$DJANGO_PROJECT>
+            <Files wsgi.py>
+            Require all granted
+            </Files>
+    </Directory>
+
+
+    # Include the basic DevOpsGuide Apache Config set
+    Include dgac/basic.conf
+    # Include Required configs from /dgac/ 
+    Include dgac/tls/ssl_engine.conf
+    Include dgac/tls/certificate_files.conf
+    Include dgac/rewrites/rewrite_nowww.conf
+
+
+
+    <Directory "/var/www/example.com/public">
+        Require all granted
+    </Directory>
+
+</VirtualHost>

Servers/Apache/deployment.md

@@ -0,0 +1 @@
+# Apache2 Server Deployment

Servers/Apache/dgac/basic.conf

@@ -0,0 +1,6 @@
+
+Include dgac/security/referrer-policy.conf
+Include dgac/security/x-content-type-options.conf
+Include dgac/security/x-frame-options.conf
+Include dgac/cross-origin/images.conf
+Include dgac/cross-origin/web_fonts.conf

Servers/Apache/dgac/cross-origin/images.conf

@@ -0,0 +1,17 @@
+# ----------------------------------------------------------------------
+# | Cross-origin images                                                |
+# ----------------------------------------------------------------------
+
+# Send the CORS header for images when browsers request it.
+#
+# https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_enabled_image
+# https://blog.chromium.org/2011/07/using-cross-domain-images-in-webgl-and.html
+
+<IfModule mod_setenvif.c>
+    <IfModule mod_headers.c>
+        <FilesMatch "\.(avifs?|bmp|cur|gif|ico|jpe?g|jxl|a?png|svgz?|webp)$">
+            SetEnvIf Origin ":" IS_CORS
+            Header set Access-Control-Allow-Origin "*" env=IS_CORS
+        </FilesMatch>
+    </IfModule>
+</IfModule>

Servers/Apache/dgac/cross-origin/requests.conf

@@ -0,0 +1,26 @@
+# ----------------------------------------------------------------------
+# | Cross-origin requests                                              |
+# ----------------------------------------------------------------------
+
+# Allow cross-origin requests.
+#
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
+# https://enable-cors.org/
+# https://www.w3.org/TR/cors/
+
+# (!) Do not use this without understanding the consequences.
+#     This will permit access from any other website.
+#     Instead of using this file, consider using a specific rule such as
+#     allowing access based on (sub)domain:
+#
+#         Header set Access-Control-Allow-Origin "subdomain.example.com"
+#
+# (1) When `Access-Control-Allow-Origin` points to a specific rule rather
+#     than `*`, then `Vary: Origin` should be sent along with the response.
+
+<IfModule mod_headers.c>
+    Header set Access-Control-Allow-Origin "*"
+
+    # (1)
+    # Header append Vary Origin
+</IfModule>