From: Yang Zhang Date: Fri, 8 Aug 2008 14:05:21 +0000 (-0400) Subject: more sipb-xen-www config X-Git-Tag: sipb-xen-www/3.11~10 X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/commitdiff_plain/423254751b03c40f840d335d9a842c1238a9c592 more sipb-xen-www config svn path=/trunk/packages/sipb-xen-www/; revision=880 --- diff --git a/config.todo b/config.todo index d888265..a6abc51 100644 --- a/config.todo +++ b/config.todo @@ -5,10 +5,6 @@ code/Makefile: base URI # may differ dev/prod? files/etc/apache2/sites-available/default: assumes trac -files/etc/apache2/sites-available/ssl: contact email -files/etc/apache2/sites-available/ssl: trac uri -files/etc/apache2/sites-available/svn: contact email -files/etc/apache2/sites-available/svn: svn repo path files/etc/init.d/apache2.invirt: afs cell (for svn?) code/templates/error.tmpl: xvm@mit.edu code/templates/help.tmpl: assumes trac diff --git a/debian/sipb-xen-www.init b/debian/sipb-xen-www.init new file mode 100755 index 0000000..2e1512a --- /dev/null +++ b/debian/sipb-xen-www.init @@ -0,0 +1,167 @@ +#!/bin/bash +### BEGIN INIT INFO +# Provides: sipb-xen-remctl-auto +# Required-Start: $local_fs $remote_fs +# Required-Stop: $local_fs $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: conserver config from invirt config for invirt host +# Description: +### END INIT INFO + +PACKAGE=sipb-xen-remctl-auto + +. /lib/lsb/init-functions + +gen_config() +{ + local errormail="$( invirt-getconf web.errormail )" \ + hostname="$( invirt-getconf web.hostname )" \ + tracuri="$( invirt-getconf trac.uri )" \ + svnpath="$( invirt-getconf svn.repopath )" + + cat > /etc/apache2/sites-available/ssl << EOF + + ServerAdmin $hostname + ServerName $trachost:443 + + DocumentRoot /var/www/sipb-xen-www + + Options Indexes FollowSymLinks MultiViews ExecCGI + AllowOverride None + Order allow,deny + allow from all + + + Require valid-user + AuthType SSLCert + AuthSSLCertVar SSL_CLIENT_S_DN_Email + AuthSSLCertStripSuffix "@MIT.EDU" + + + RewriteEngine On + RewriteRule ^/favicon.ico - [L] + RewriteRule ^/static(.*) - [L] + RewriteRule ^/overlord/static(.*) /static/\$1 [L] + RewriteRule ^/admin/static(.*) /static/\$1 [L] + RewriteRule ^/trac.fcgi(.*) - [L] + RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs\$1 [L] + RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi\$1 [L] + RewriteRule ^/var(.*) - [L] + RewriteRule ^/wiki(.*) - [L] + RewriteRule ^/kill.cgi - [L] + RewriteRule ^/~ - [L] + RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/\$1 [L] + + RewriteLog /var/log/apache2/rewrite.log + RewriteLogLevel 0 + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/ssl_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key + + SSLCACertificateFile ssl/mitCAclient.pem + SSLVerifyClient require + SSLVerifyDepth 10 + + SSLOptions +StdEnvVars + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + + Redirect /wiki $tracuri + + + + ServerAdmin $errormail + ServerName $hostname:446 + + DocumentRoot /var/www/sipb-xen-www + + Options Indexes FollowSymLinks MultiViews ExecCGI + AllowOverride None + Order allow,deny + allow from all + + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/ssl_nocert_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key + + SSLVerifyClient none + + SSLOptions +StdEnvVars + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + +EOF + + cat > /etc/apache2/sites-available/svn << EOF + + ServerAdmin $errormail + ServerName $hostname:1111 + + + Options FollowSymLinks + AllowOverride None + + + DAV svn + SVNPath $svnpath + AuthType Basic + AuthName "xvm.mit.edu subversion repository" + AuthUserFile /etc/apache2/dav_svn.passwd + + Require valid-user + + + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/svn_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key + +EOF +} + +case "$1" in + start|reload|force-reload|restart) + log_begin_msg "Reloading config for $PACKAGE" + gen_config + log_end_msg $? + ;; + stop) + ;; + *) + log_success_msg "Usage: /etc/init.d/$PACKAGE {start|reload|force-reload|restart|stop}" + ;; +esac diff --git a/files/etc/apache2/sites-available/ssl b/files/etc/apache2/sites-available/ssl deleted file mode 100644 index 848643c..0000000 --- a/files/etc/apache2/sites-available/ssl +++ /dev/null @@ -1,93 +0,0 @@ - - ServerAdmin xvm@mit.edu - ServerName xvm.mit.edu:443 - - DocumentRoot /var/www/sipb-xen-www - - Options Indexes FollowSymLinks MultiViews ExecCGI - AllowOverride None - Order allow,deny - allow from all - - - Require valid-user - AuthType SSLCert - AuthSSLCertVar SSL_CLIENT_S_DN_Email - AuthSSLCertStripSuffix "@MIT.EDU" - - - RewriteEngine On - RewriteRule ^/favicon.ico - [L] - RewriteRule ^/static(.*) - [L] - RewriteRule ^/overlord/static(.*) /static/$1 [L] - RewriteRule ^/admin/static(.*) /static/$1 [L] - RewriteRule ^/trac.fcgi(.*) - [L] - RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs$1 [L] - RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi$1 [L] - RewriteRule ^/var(.*) - [L] - RewriteRule ^/wiki(.*) - [L] - RewriteRule ^/kill.cgi - [L] - RewriteRule ^/~ - [L] - RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/$1 [L] - - RewriteLog /var/log/apache2/rewrite.log - RewriteLogLevel 0 - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/ssl_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key - - SSLCACertificateFile ssl/mitCAclient.pem - SSLVerifyClient require - SSLVerifyDepth 10 - - SSLOptions +StdEnvVars - - SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - Redirect /wiki https://xvm.mit.edu/trac/wiki - - - - ServerAdmin xvm@mit.edu - ServerName xvm.mit.edu:446 - - DocumentRoot /var/www/sipb-xen-www - - Options Indexes FollowSymLinks MultiViews ExecCGI - AllowOverride None - Order allow,deny - allow from all - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/ssl_nocert_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key - - SSLVerifyClient none - - SSLOptions +StdEnvVars - - SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - diff --git a/files/etc/apache2/sites-available/svn b/files/etc/apache2/sites-available/svn deleted file mode 100644 index b0e6e32..0000000 --- a/files/etc/apache2/sites-available/svn +++ /dev/null @@ -1,33 +0,0 @@ - - ServerAdmin xvm@mit.edu - ServerName xvm.mit.edu:1111 - - - Options FollowSymLinks - AllowOverride None - - - DAV svn - SVNPath /afs/sipb.mit.edu/project/xvm/svn - AuthType Basic - AuthName "xvm.mit.edu subversion repository" - AuthUserFile /etc/apache2/dav_svn.passwd - - Require valid-user - - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/svn_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key -