Browse Source

Ajout lien vers formulaire d'assistance MSE sur pages d'erreurs Apache

master
Teddy Cornaut 5 months ago
parent
commit
d1cb5d0ec3
3 changed files with 153 additions and 21 deletions
  1. 1
    0
      dicos/70_shibboleth_idp.xml
  2. 117
    0
      tmpl/error.html
  3. 35
    21
      tmpl/idp-default-ssl.conf

+ 1
- 0
dicos/70_shibboleth_idp.xml View File

@@ -10,6 +10,7 @@
10 10
         <file filelist='idp' name='/etc/apache2/sites-available/default-ssl.conf' source='idp-default-ssl.conf' mkdir='True' rm='True'/>
11 11
         <file filelist='idp' name='/etc/apache2/sites-available/idp.conf' source='apache-idp.conf' mkdir='True' rm='True'/>
12 12
         <file filelist='idp' name='/etc/apache2/mods-available/mpm_worker.conf' mkdir='True' rm='True'/>
13
+        <file filelist='idp' name='/var/www/html/error/index.html' source='error.html' mkdir='True' rm='True'/>
13 14
 
14 15
         <!-- Tomcat configuration -->
15 16
         <file filelist='idp' name='/etc/default/tomcat8' source='tomcat8.default' mkdir='True' rm='True'/>

+ 117
- 0
tmpl/error.html
File diff suppressed because it is too large
View File


+ 35
- 21
tmpl/idp-default-ssl.conf View File

@@ -1,31 +1,45 @@
1 1
 <IfModule mod_ssl.c>
2
-	<VirtualHost _default_:443>
3
-		ServerName %%nom_domaine_machine:443
4
-		ServerAdmin %%system_mail_to
2
+  <VirtualHost _default_:443>
3
+    ServerName %%nom_domaine_machine:443
4
+    ServerAdmin %%system_mail_to
5 5
 
6
-		DocumentRoot /var/www/html
6
+    DocumentRoot /var/www/html
7 7
 
8
-		ErrorLog ${APACHE_LOG_DIR}/error.log
9
-		CustomLog ${APACHE_LOG_DIR}/access.log combined
8
+    ErrorLog ${APACHE_LOG_DIR}/error.log
9
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
10 10
 
11
-		SSLEngine on
12
-		SSLProtocol all -SSLv2 -SSLv3 -TLSv1
13
-		SSLCipherSuite "kEDH+AESGCM:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-GCMSHA384:ECDHE-RSA-AES256-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSAAES256-SHA384:ECDHE-ECDSA-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSAAES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA256:AES256-GCM-SHA384:!3DES:!DES:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-SHA:!EDE3:!EDH-DSS-CBC-SHA:!EDH-DSSDES-CBC3-SHA:!EDH-RSA-DES-CBC-SHA:!EDH-RSA-DES-CBC3-SHA:!EXP-EDH-DSS-DES-CBCSHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXPORT:!MD5:!PSK:!RC4-SHA:!aNULL:!eNULL"
11
+    ErrorDocument 400 /error/
12
+    ErrorDocument 401 /error/
13
+    ErrorDocument 403 /error/
14
+    ErrorDocument 404 /error/
15
+    ErrorDocument 500 /error/
16
+    ErrorDocument 503 /error/
17
+    ErrorDocument 504 /error/
14 18
 
15
-		SSLHonorCipherOrder on
16
-		SSLCompression Off
17
-		Header always set Strict-Transport-Security "max-age=63072000;includeSubDomains"
19
+    SSLEngine on
20
+    SSLProtocol all -SSLv2 -SSLv3 -TLSv1
21
+    SSLCipherSuite "kEDH+AESGCM:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-GCMSHA384:ECDHE-RSA-AES256-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSAAES256-SHA384:ECDHE-ECDSA-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSAAES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA256:AES256-GCM-SHA384:!3DES:!DES:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-SHA:!EDE3:!EDH-DSS-CBC-SHA:!EDH-DSSDES-CBC3-SHA:!EDH-RSA-DES-CBC-SHA:!EDH-RSA-DES-CBC3-SHA:!EXP-EDH-DSS-DES-CBCSHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXPORT:!MD5:!PSK:!RC4-SHA:!aNULL:!eNULL"
18 22
 
19
-		SSLCertificateFile %%server_cert
20
-		SSLCertificateKeyFile %%server_key
23
+    SSLHonorCipherOrder on
24
+    SSLCompression Off
25
+    Header always set Strict-Transport-Security "max-age=63072000;includeSubDomains"
21 26
 
22
-		<FilesMatch "\.(cgi|shtml|phtml|php)$">
23
-				SSLOptions +StdEnvVars
24
-		</FilesMatch>
25
-		<Directory /usr/lib/cgi-bin>
26
-				SSLOptions +StdEnvVars
27
-		</Directory>
28
-	</VirtualHost>
27
+    SSLCertificateFile %%server_cert
28
+    SSLCertificateKeyFile %%server_key
29
+
30
+    <FilesMatch "\.(cgi|shtml|phtml|php)$">
31
+        SSLOptions +StdEnvVars
32
+    </FilesMatch>
33
+    <Directory /usr/lib/cgi-bin>
34
+        SSLOptions +StdEnvVars
35
+    </Directory>
36
+
37
+    <Location /error>
38
+      AllowOverride All
39
+      Options +Indexes
40
+      Require all granted
41
+    </Location>
42
+  </VirtualHost>
29 43
 </IfModule>
30 44
 
31 45
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Loading…
Cancel
Save