#========================================================================
# Apache configuration for LemonLDAP::NG Handler
#========================================================================
# This file implements the reload virtualhost that permits to reload
# configuration without restarting server, and some common instructions.
# You need then to declare this vhost in reloadUrls (in the manager
# interface if this server doesn't host the manager itself):
#
#         KEY       :               VALUE
#   host-or-IP:port :  http://reload.domscribe.ac-test.fr/reload
#
# IMPORTANT:
# To protect applications, see test-apache.conf template in example files

# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost "*:80"

# Load LemonLDAP::NG Handler
PerlOptions +GlobalRequest
PerlModule Lemonldap::NG::Handler::ApacheMP2

# Common error page and security parameters
ErrorDocument 403 https://%%authWebName/lmerror/403
ErrorDocument 404 https://%%authWebName/lmerror/404
ErrorDocument 500 https://%%authWebName/lmerror/500
ErrorDocument 502 https://%%authWebName/lmerror/502
ErrorDocument 503 https://%%authWebName/lmerror/503

<VirtualHost %%adresse_ip_eth0:443>
    ServerName %%reloadWebName

    SSLEngine on
    SSLCertificateFile   %%server_cert
    SSLCertificateKeyFile %%server_key
    SSLCertificateChainFile /etc/ssl/certs/ca_local.crt
    SSLProtocol all -SSLv3 -SSLv2
    SSLProxyEngine on

    LogLevel %%lm_loglevel

    ErrorLog /var/log/apache2/handler_error.log
    CustomLog /var/log/apache2/handler_access.log common
    # Configuration reload mechanism (only 1 per physical server is
    # needed): choose your URL to avoid restarting Apache when
    # configuration change
    <Location /reload>
        <IfVersion >= 2.3>
            Require ip 127 ::1
        </IfVersion>
        <IfVersion < 2.3>
            Order Deny,Allow
            Deny from all
            Allow from 127.0.0.0/8 ::1
        </IfVersion>
        SetHandler perl-script
        PerlResponseHandler Lemonldap::NG::Handler::ApacheMP2->reload
    </Location>

    # Uncomment this to activate status module
    #<Location /status>
    #    <IfVersion >= 2.3>
    #        Require ip 127 ::1
    #    </IfVersion>
    #    <IfVersion < 2.3>
    #        Order Deny,Allow
    #        Deny from all
    #        Allow from 127.0.0.0/8 ::1
    #    </IfVersion>
    #    SetHandler perl-script
    #    PerlResponseHandler Lemonldap::NG::Handler::ApacheMP2->status
    #    # You may have to uncomment the next directive to skip
    #    # an upper PerlHeaderParserHandler directive
    #    #PerlHeaderParserHandler Apache2::Const::DECLINED
    #</Location>

    # Uncomment this if site if you use SSL only
    #Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>