{
    # vim: ft=perl:

    $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';

    $OUT = '';
    if ((${'freepbx'}{'status'} || 'disabled') eq 'enabled' &&
	(${'httpd-fpbx'}{'status'} || 'disabled') eq 'enabled'){

        if (($port eq "80") && ($haveSSL eq 'yes')){
            $OUT .= "    RewriteRule ^/freepbx(/.*|\$)    https://%{HTTP_HOST}/freepbx\$1 [L,R]\n";
            $OUT .= "    RewriteRule ^/ucp(/.*|\$)    https://%{HTTP_HOST}/ucp\$1 [L,R]\n";
        }
        else{
            $OUT .= "    ProxyPass /freepbx http://127.0.0.1:${'httpd-fpbx'}{TCPPort}/freepbx\n";
            $OUT .= "    ProxyPassReverse /freepbx http://127.0.0.1:${'httpd-fpbx'}{TCPPort}/freepbx\n";
            $OUT .= "    ProxyPass /ucp http://127.0.0.1:${'httpd-fpbx'}{TCPPort}/ucp\n";
            $OUT .= "    ProxyPassReverse /ucp http://127.0.0.1:${'httpd-fpbx'}{TCPPort}/ucp\n";
        }
        foreach my $url qw(recordings){
	    $OUT .= "    RewriteRule ^/$url(.*|\$) /freepbx/$url\$1 [L,R]\n";
        }

        $OUT .=<<"HERE";

    <Location /freepbx>
	SSLRequireSSL on
        order deny,allow
	deny from all
	allow from $localAccess $externalSSLAccess
    </Location>

    <Location /freepbx/admin>
	order deny,allow
	deny from all
	allow from $localAccess $externalSSLAccess
    </Location>

    <Location /freepbx/recordings>
	order deny,allow
	deny from all
	allow from all
    </Location>

    <Location /ucp>
	SSLRequireSSL on
	order deny,allow
	deny from all
	allow from $localAccess $externalSSLAccess
    </Location>

HERE
    }
}

