2020-11-24 15:15:17 -06:00
|
|
|
# VERSION 7 - DO NOT REMOVE THIS LINE
|
2008-05-07 08:33:00 -05:00
|
|
|
|
2008-02-21 15:25:09 -06:00
|
|
|
RewriteEngine on
|
|
|
|
|
2008-03-24 14:54:55 -05:00
|
|
|
# By default forward all requests to /ipa. If you don't want IPA
|
2010-10-29 08:38:17 -05:00
|
|
|
# to be the default on your web server comment this line out.
|
2011-08-16 12:34:04 -05:00
|
|
|
${AUTOREDIR}RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301]
|
2008-03-24 14:54:55 -05:00
|
|
|
|
2008-02-21 15:25:09 -06:00
|
|
|
# Redirect to the fully-qualified hostname. Not redirecting to secure
|
|
|
|
# port so configuration files can be retrieved without requiring SSL.
|
|
|
|
RewriteCond %{HTTP_HOST} !^$FQDN$$ [NC]
|
2020-11-24 15:15:17 -06:00
|
|
|
RewriteCond %{HTTP_HOST} !^ipa-ca.$DOMAIN$$ [NC]
|
2008-08-20 14:33:45 -05:00
|
|
|
RewriteRule ^/ipa/(.*) http://$FQDN/ipa/$$1 [L,R=301]
|
2008-02-21 15:25:09 -06:00
|
|
|
|
|
|
|
# Redirect to the secure port if not displaying an error or retrieving
|
|
|
|
# configuration.
|
|
|
|
RewriteCond %{SERVER_PORT} !^443$$
|
2013-06-20 03:55:39 -05:00
|
|
|
RewriteCond %{REQUEST_URI} !^/ipa/(errors|config|crl)
|
2013-06-24 10:44:15 -05:00
|
|
|
RewriteCond %{REQUEST_URI} !^/ipa/[^\?]+(\.js|\.css|\.png|\.gif|\.ico|\.woff|\.svg|\.ttf|\.eot)$$
|
2008-08-20 14:33:45 -05:00
|
|
|
RewriteRule ^/ipa/(.*) https://$FQDN/ipa/$$1 [L,R=301,NC]
|
2013-04-23 12:54:21 -05:00
|
|
|
|
2020-11-24 15:15:17 -06:00
|
|
|
RewriteCond %{HTTP_HOST} ^ipa-ca.$DOMAIN$$ [NC]
|
|
|
|
RewriteCond %{REQUEST_URI} !^/ipa/crl
|
|
|
|
RewriteCond %{REQUEST_URI} !^/(ca|kra|pki|acme)
|
|
|
|
RewriteRule ^/(.*) https://$FQDN/$$1 [L,R=301]
|
|
|
|
|
2013-04-23 12:54:21 -05:00
|
|
|
# Rewrite for plugin index, make it like it's a static file
|
|
|
|
RewriteRule ^/ipa/ui/js/freeipa/plugins.js$$ /ipa/wsgi/plugins.py [PT]
|