python-scripttease/scripttease/data/inventory/matomo/templates/https.conf

# The port 80 host is required for renewing Let's Encrypt certificates. By default document root is shared by all sites
# requiring SSL support, but this may be changed to {{ deploy.shared_path }}/maint/www in the deployment template if
# a custom maintenance site is required.
<VirtualHost *:80>
    ServerName {{ domain_name }}
    ServerAlias *.{{ domain_name }}
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteCond %{REQUEST_URI} !^/.well-known [NC]
    RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
    DocumentRoot /var/www/maint/www
</VirtualHost>

# The 443 host is where the application is actually served.
<VirtualHost *:443>
    ServerName {{ domain_name }}
    DocumentRoot {{ install_path }}/{{ domain_tld }}

    <Directory {{ install_path }}/{{ domain_tld }}>
        Options FollowSymLinks
        Allowoverride All
        Require all granted
    </Directory>

    <Files "console">
        Options None
        Require all denied
    </Files>

    <Directory {{ install_path }}/{{ domain_tld }}/misc/user>
        Options None
        Required all granted
    </Directory>

    <Directory {{ install_path }}/{{ domain_tld }}/misc>
        Options None
        Required all granted
    </Directory>

    <Directory {{ install_path }}/{{ domain_tld }}/vendor>
        Options None
        Required all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/matomo_error.log
    CustomLog ${APACHE_LOG_DIR}/matomo_access.log combined

    SSLEngine on
    SSLCertificateKeyFile /etc/letsencrypt/live/{{ domain_name }}/privkey.pem
    SSLCertificateFile /etc/letsencrypt/live/{{ domain_name }}/fullchain.pem

</VirtualHost>
Finished initial inventory for Matomo installer. 10 months ago			`# The port 80 host is required for renewing Let's Encrypt certificates. By default document root is shared by all sites`
			`# requiring SSL support, but this may be changed to {{ deploy.shared_path }}/maint/www in the deployment template if`
			`# a custom maintenance site is required.`
			`<VirtualHost *:80>`
			`ServerName {{ domain_name }}`
			`ServerAlias *.{{ domain_name }}`
			`RewriteEngine On`
			`RewriteCond %{HTTPS} off`
			`RewriteCond %{REQUEST_URI} !^/.well-known [NC]`
			`RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]`
			`DocumentRoot /var/www/maint/www`
			`</VirtualHost>`

			`# The 443 host is where the application is actually served.`
			`<VirtualHost *:443>`
			`ServerName {{ domain_name }}`
			`DocumentRoot {{ install_path }}/{{ domain_tld }}`

			`<Directory {{ install_path }}/{{ domain_tld }}>`
			`Options FollowSymLinks`
			`Allowoverride All`
			`Require all granted`
			`</Directory>`

			`<Files "console">`
			`Options None`
			`Require all denied`
			`</Files>`

			`<Directory {{ install_path }}/{{ domain_tld }}/misc/user>`
			`Options None`
			`Required all granted`
			`</Directory>`

			`<Directory {{ install_path }}/{{ domain_tld }}/misc>`
			`Options None`
			`Required all granted`
			`</Directory>`

			`<Directory {{ install_path }}/{{ domain_tld }}/vendor>`
			`Options None`
			`Required all granted`
			`</Directory>`

			`ErrorLog ${APACHE_LOG_DIR}/matomo_error.log`
			`CustomLog ${APACHE_LOG_DIR}/matomo_access.log combined`

			`SSLEngine on`
			`SSLCertificateKeyFile /etc/letsencrypt/live/{{ domain_name }}/privkey.pem`
			`SSLCertificateFile /etc/letsencrypt/live/{{ domain_name }}/fullchain.pem`

			`</VirtualHost>`