- local errormail="$( invirt-getconf web.errormail )" \
- hostname="$( invirt-getconf web.hostname )" \
- tracuri="$( invirt-getconf trac.uri )" \
- svnpath="$( invirt-getconf svn.repopath )"
-
- cat > /etc/apache2/sites-available/ssl << EOF
-<VirtualHost *:443>
- ServerAdmin $hostname
- ServerName $trachost:443
-
- DocumentRoot /var/www/sipb-xen-www
- <Directory /var/www/sipb-xen-www>
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
- </Directory>
- <Location />
- Require valid-user
- AuthType SSLCert
- AuthSSLCertVar SSL_CLIENT_S_DN_Email
- AuthSSLCertStripSuffix "@MIT.EDU"
- </Location>
-
- RewriteEngine On
- RewriteRule ^/favicon.ico - [L]
- RewriteRule ^/static(.*) - [L]
- RewriteRule ^/overlord/static(.*) /static/\$1 [L]
- RewriteRule ^/admin/static(.*) /static/\$1 [L]
- RewriteRule ^/trac.fcgi(.*) - [L]
- RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs\$1 [L]
- RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi\$1 [L]
- RewriteRule ^/var(.*) - [L]
- RewriteRule ^/wiki(.*) - [L]
- RewriteRule ^/kill.cgi - [L]
- RewriteRule ^/~ - [L]
- RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/\$1 [L]
-
- RewriteLog /var/log/apache2/rewrite.log
- RewriteLogLevel 0
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/ssl_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-
- SSLCACertificateFile ssl/mitCAclient.pem
- SSLVerifyClient require
- SSLVerifyDepth 10
-
- SSLOptions +StdEnvVars
-
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
-
-
- Redirect /wiki $tracuri
-</VirtualHost>
-
-<VirtualHost *:446>
- ServerAdmin $errormail
- ServerName $hostname:446
-
- DocumentRoot /var/www/sipb-xen-www
- <Directory />
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
- </Directory>
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/ssl_nocert_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-
- SSLVerifyClient none
-
- SSLOptions +StdEnvVars
-
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
-</VirtualHost>
-EOF
-
- cat > /etc/apache2/sites-available/svn << EOF
-<VirtualHost *:1111>
- ServerAdmin $errormail
- ServerName $hostname:1111
-
- <Directory />
- Options FollowSymLinks
- AllowOverride None
- </Directory>
- <Location />
- DAV svn
- SVNPath $svnpath
- AuthType Basic
- AuthName "xvm.mit.edu subversion repository"
- AuthUserFile /etc/apache2/dav_svn.passwd
- <LimitExcept GET PROPFIND OPTIONS REPORT>
- Require valid-user
- </LimitExcept>
- </Location>
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/svn_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-</VirtualHost>
-EOF
projects / invirt/packages/invirt-web.git / blobdiff