Fixing some typo and deleting old conf files
This commit is contained in:
parent
53d0c05751
commit
b6ebaa9bc9
|
@ -1,73 +0,0 @@
|
||||||
#========================================================================
|
|
||||||
# Apache configuration for LemonLDAP::NG Handler
|
|
||||||
#========================================================================
|
|
||||||
# This file implements the reload virtualhost that permits to reload
|
|
||||||
# configuration without restarting server, and some common instructions.
|
|
||||||
# You need then to declare this vhost in reloadUrls (in the manager
|
|
||||||
# interface if this server doesn't host the manager itself):
|
|
||||||
#
|
|
||||||
# KEY : VALUE
|
|
||||||
# host-or-IP:port : http://reload.example.com/reload
|
|
||||||
#
|
|
||||||
# IMPORTANT:
|
|
||||||
# To protect applications, see test-apache.conf template in example files
|
|
||||||
|
|
||||||
# Uncomment this if no previous NameVirtualHost declaration
|
|
||||||
#NameVirtualHost "*:80"
|
|
||||||
|
|
||||||
# Load LemonLDAP::NG Handler
|
|
||||||
PerlOptions +GlobalRequest
|
|
||||||
PerlModule Lemonldap::NG::Handler
|
|
||||||
|
|
||||||
# Common error page and security parameters
|
|
||||||
ErrorDocument 403 http://%%authWebName/?lmError=403
|
|
||||||
ErrorDocument 404 http://%%authWebName/?lmError=404
|
|
||||||
ErrorDocument 500 http://%%authWebName/?lmError=500
|
|
||||||
ErrorDocument 502 http://%%authWebName/?lmError=502
|
|
||||||
ErrorDocument 503 http://%%authWebName/?lmError=503
|
|
||||||
|
|
||||||
<VirtualHost "*:443">
|
|
||||||
ServerName %%reloadWebName
|
|
||||||
|
|
||||||
# Configuration reload mechanism (only 1 per physical server is
|
|
||||||
# needed): choose your URL to avoid restarting Apache when
|
|
||||||
# configuration change
|
|
||||||
<Location /reload>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require ip 127 ::1
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
Allow from 127.0.0.0/8 ::1
|
|
||||||
</IfVersion>
|
|
||||||
SetHandler perl-script
|
|
||||||
PerlResponseHandler Lemonldap::NG::Handler->reload
|
|
||||||
</Location>
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile %%apache_cert
|
|
||||||
SSLCertificateKeyFile %%server_key
|
|
||||||
SSLProtocol all -SSLv3 -SSLv2
|
|
||||||
|
|
||||||
# Uncomment this to activate status module
|
|
||||||
#<Location /status>
|
|
||||||
# <IfVersion >= 2.3>
|
|
||||||
# Require ip 127 ::1
|
|
||||||
# </IfVersion>
|
|
||||||
# <IfVersion < 2.3>
|
|
||||||
# Order Deny,Allow
|
|
||||||
# Deny from all
|
|
||||||
# Allow from 127.0.0.0/8 ::1
|
|
||||||
# </IfVersion>
|
|
||||||
# SetHandler perl-script
|
|
||||||
# PerlResponseHandler Lemonldap::NG::Handler->status
|
|
||||||
# # You may have to uncomment the next directive to skip
|
|
||||||
# # an upper PerlHeaderParserHandler directive
|
|
||||||
# #PerlHeaderParserHandler Apache2::Const::DECLINED
|
|
||||||
#</Location>
|
|
||||||
|
|
||||||
# Uncomment this if site if you use SSL only
|
|
||||||
#Header set Strict-Transport-Security 15768000
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
|
|
|
@ -11,8 +11,8 @@
|
||||||
ServerName %%managerWebName
|
ServerName %%managerWebName
|
||||||
LogLevel notice
|
LogLevel notice
|
||||||
# See above to set LLNG user id in Apache logs
|
# See above to set LLNG user id in Apache logs
|
||||||
#CustomLog $(APACHE_LOG_DIR)/manager.log llng
|
#CustomLog ${APACHE_LOG_DIR}/manager.log llng
|
||||||
#ErrorLog $(APACHE_LOG_DIR)/lm_err.log
|
#ErrorLog ${APACHE_LOG_DIR}/lm_err.log
|
||||||
SSLEngine on
|
SSLEngine on
|
||||||
SSLCertificateFile %%apache_cert
|
SSLCertificateFile %%apache_cert
|
||||||
SSLCertificateKeyFile %%server_key
|
SSLCertificateKeyFile %%server_key
|
||||||
|
|
|
@ -1,130 +0,0 @@
|
||||||
#====================================================================
|
|
||||||
# Apache configuration for LemonLDAP::NG Manager
|
|
||||||
#====================================================================
|
|
||||||
|
|
||||||
# Uncomment this if no previous NameVirtualHost declaration
|
|
||||||
#NameVirtualHost "*:80"
|
|
||||||
|
|
||||||
# Manager virtual host (manager.example.com)
|
|
||||||
<VirtualHost "*:443">
|
|
||||||
ServerName %%managerWebName
|
|
||||||
LogLevel notice
|
|
||||||
#ErrorLog ${APACHE_LOG_DIR}/lm_err.log
|
|
||||||
#CustomLog ${APACHE_LOG_DIR}/lm.log combined
|
|
||||||
|
|
||||||
# FASTCGI CONFIGURATION
|
|
||||||
# ---------------------
|
|
||||||
|
|
||||||
# 1) URI management
|
|
||||||
RewriteEngine on
|
|
||||||
|
|
||||||
RewriteRule "^/$" "/psgi/manager-server.fcgi" [PT]
|
|
||||||
# For performances, you can delete the previous RewriteRule line after
|
|
||||||
# puttings html files: simply put the HTML results of differents modules
|
|
||||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
|
||||||
# notifications.html and uncomment the 2 following lines:
|
|
||||||
# DirectoryIndex manager.html
|
|
||||||
# RewriteCond "%{REQUEST_FILENAME}" "!\.html$"
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile %%apache_cert
|
|
||||||
SSLCertificateKeyFile %%server_key
|
|
||||||
SSLProtocol all -SSLv3 -SSLv2
|
|
||||||
|
|
||||||
# REST URLs
|
|
||||||
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|fr-doc|lib|javascript|favicon).*"
|
|
||||||
RewriteRule "^/(.+)$" "/psgi/manager-server.fcgi/$1" [PT]
|
|
||||||
|
|
||||||
Alias /psgi/ /usr/share/lemonldap-ng/manager/psgi//
|
|
||||||
|
|
||||||
# 2) FastCGI engine
|
|
||||||
|
|
||||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
|
||||||
# mod_fcgid configuration
|
|
||||||
FcgidMaxRequestLen 2000000
|
|
||||||
<Directory /usr/share/lemonldap-ng/manager/psgi/>
|
|
||||||
SetHandler fcgid-script
|
|
||||||
Options +ExecCGI
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# If you want to use mod_fastcgi, replace lines below by:
|
|
||||||
#FastCgiServer /usr/share/lemonldap-ng/manager/psgi/manager-server.fcgi
|
|
||||||
|
|
||||||
# Or if you prefer to use CGI, use /psgi/manager-server.cgi instead of
|
|
||||||
# /psgi/manager-server.fcgi and adapt the rewrite rules.
|
|
||||||
|
|
||||||
# GLOBAL CONFIGURATION
|
|
||||||
# --------------------
|
|
||||||
|
|
||||||
DocumentRoot /usr/share/lemonldap-ng/manager/
|
|
||||||
|
|
||||||
<Location />
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all granted
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Allow from all
|
|
||||||
</IfVersion>
|
|
||||||
Options +FollowSymLinks
|
|
||||||
|
|
||||||
<IfModule mod_deflate.c>
|
|
||||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
|
||||||
SetOutputFilter DEFLATE
|
|
||||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
|
||||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
|
||||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
|
||||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
|
||||||
</IfModule>
|
|
||||||
<IfModule mod_headers.c>
|
|
||||||
Header append Vary User-Agent env=!dont-vary
|
|
||||||
</IfModule>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# Static files (javascripts, HTML forms,...)
|
|
||||||
|
|
||||||
Alias /static/ /usr/share/lemonldap-ng/manager/static//
|
|
||||||
<Directory /usr/share/lemonldap-ng/manager/static/>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all granted
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Allow from all
|
|
||||||
</IfVersion>
|
|
||||||
Options +FollowSymLinks
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# On-line documentation
|
|
||||||
Alias /doc/ /usr/share/doc/lemonldap-ng-doc/
|
|
||||||
Alias /lib/ /usr/share/doc/lemonldap-ng-doc/pages/documentation/current/lib/
|
|
||||||
<Directory /usr/share/doc/lemonldap-ng-doc/>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all granted
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Allow from all
|
|
||||||
</IfVersion>
|
|
||||||
ErrorDocument 404 /notfound.html
|
|
||||||
Options +FollowSymLinks
|
|
||||||
DirectoryIndex index.html start.html
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# French version (needs fr-doc installation)
|
|
||||||
Alias /fr-doc/ /usr/share/doc/lemonldap-ng-fr-doc/
|
|
||||||
<Directory /usr/share/doc/lemonldap-ng-fr-doc/>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all granted
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Allow from all
|
|
||||||
</IfVersion>
|
|
||||||
ErrorDocument 404 /notfoundfr.html
|
|
||||||
Options +FollowSymLinks
|
|
||||||
DirectoryIndex index.html start.html
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
# Uncomment this if site if you use SSL only
|
|
||||||
#Header set Strict-Transport-Security 15768000
|
|
||||||
</VirtualHost>
|
|
|
@ -8,9 +8,9 @@
|
||||||
|
|
||||||
# Portal Virtual Host (auth.__DNSDOMAIN__)
|
# Portal Virtual Host (auth.__DNSDOMAIN__)
|
||||||
<VirtualHost *:443>
|
<VirtualHost *:443>
|
||||||
ServerName auth.__DNSDOMAIN__
|
ServerName %%authWebName
|
||||||
# See above to set LLNG user id in Apache logs
|
# See above to set LLNG user id in Apache logs
|
||||||
#CustomLog $(APACHE_LOG_DIR)/portal.log llng
|
#CustomLog ${APACHE_LOG_DIR}/portal.log llng
|
||||||
|
|
||||||
# Uncomment this if you are running behind a reverse proxy and want
|
# Uncomment this if you are running behind a reverse proxy and want
|
||||||
# LemonLDAP::NG to see the real IP address of the end user
|
# LemonLDAP::NG to see the real IP address of the end user
|
||||||
|
|
|
@ -1,161 +0,0 @@
|
||||||
#====================================================================
|
|
||||||
# Apache configuration for LemonLDAP::NG Portal
|
|
||||||
#====================================================================
|
|
||||||
|
|
||||||
# Uncomment this if no previous NameVirtualHost declaration
|
|
||||||
#NameVirtualHost "*:80"
|
|
||||||
|
|
||||||
# Portal Virtual Host (auth.example.com)
|
|
||||||
<VirtualHost "*:443">
|
|
||||||
ServerName %%authWebName
|
|
||||||
|
|
||||||
# DocumentRoot
|
|
||||||
DocumentRoot /var/lib/lemonldap-ng/portal/
|
|
||||||
<Directory /var/lib/lemonldap-ng/portal/>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all granted
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Allow from all
|
|
||||||
</IfVersion>
|
|
||||||
Options +ExecCGI +FollowSymLinks
|
|
||||||
</Directory>
|
|
||||||
SSLEngine on
|
|
||||||
SSLCertificateFile %%apache_cert
|
|
||||||
SSLCertificateKeyFile %%server_key
|
|
||||||
SSLProtocol all -SSLv3 -SSLv2
|
|
||||||
|
|
||||||
# Perl script
|
|
||||||
<Files *.pl>
|
|
||||||
SetHandler perl-script
|
|
||||||
PerlResponseHandler ModPerl::Registry
|
|
||||||
#CGIPassAuth on
|
|
||||||
</Files>
|
|
||||||
|
|
||||||
<IfModule mod_dir.c>
|
|
||||||
DirectoryIndex index.pl index.html
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# SOAP functions for sessions management (disabled by default)
|
|
||||||
<Location /index.pl/adminSessions>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all denied
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
</IfVersion>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# SOAP functions for sessions access (disabled by default)
|
|
||||||
<Location /index.pl/sessions>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all denied
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
</IfVersion>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# SOAP functions for configuration access (disabled by default)
|
|
||||||
<Location /index.pl/config>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all denied
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
</IfVersion>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# SOAP functions for notification insertion (disabled by default)
|
|
||||||
<Location /index.pl/notification>
|
|
||||||
<IfVersion >= 2.3>
|
|
||||||
Require all denied
|
|
||||||
</IfVersion>
|
|
||||||
<IfVersion < 2.3>
|
|
||||||
Order Deny,Allow
|
|
||||||
Deny from all
|
|
||||||
</IfVersion>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# SAML2 Issuer
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteRule ^/saml/metadata /metadata.pl
|
|
||||||
RewriteRule ^/saml/.* /index.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# CAS Issuer
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteRule ^/cas/.* /index.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# OpenID Issuer
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteRule ^/openidserver/.* /index.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# OpenID Connect Issuer
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
#RewriteCond %{HTTP:Authorization} .
|
|
||||||
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
||||||
RewriteRule ^/oauth2/.* /index.pl
|
|
||||||
RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# Get Issuer
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteRule ^/get/.* /index.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
# Public pages
|
|
||||||
<IfModule mod_rewrite.c>
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteRule ^/public* /public.pl
|
|
||||||
</IfModule>
|
|
||||||
|
|
||||||
<Location />
|
|
||||||
<IfModule mod_deflate.c>
|
|
||||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
|
||||||
SetOutputFilter DEFLATE
|
|
||||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
|
||||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
|
||||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
|
||||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
|
||||||
</IfModule>
|
|
||||||
<IfModule mod_headers.c>
|
|
||||||
Header append Vary User-Agent env=!dont-vary
|
|
||||||
</IfModule>
|
|
||||||
</Location>
|
|
||||||
<Location /skins/>
|
|
||||||
<IfModule mod_expires.c>
|
|
||||||
ExpiresActive On
|
|
||||||
ExpiresDefault "access plus 1 month"
|
|
||||||
</IfModule>
|
|
||||||
</Location>
|
|
||||||
|
|
||||||
# Uncomment this if site if you use SSL only
|
|
||||||
#Header set Strict-Transport-Security 15768000
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
##############################################
|
|
||||||
## Best performance under ModPerl::Registry ##
|
|
||||||
##############################################
|
|
||||||
|
|
||||||
# Uncomment this to increase performance of Portal:
|
|
||||||
<Perl>
|
|
||||||
#require Lemonldap::NG::Portal::SharedConf;
|
|
||||||
#Lemonldap::NG::Portal::SharedConf->compile(
|
|
||||||
# qw(delete header cache read_from_client cookie redirect unescapeHTML));
|
|
||||||
# Uncomment this line if you use Lemonldap::NG menu
|
|
||||||
#require Lemonldap::NG::Portal::Menu;
|
|
||||||
# Uncomment this line if you use portal SOAP capabilities
|
|
||||||
#require SOAP::Lite;
|
|
||||||
</Perl>
|
|
Loading…
Reference in New Issue