(* HCoop Domtool (http://hcoop.sourceforge.net/)
- * Copyright (c) 2006, Adam Chlipala
+ * Copyright (c) 2006-2007, Adam Chlipala
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
val localRewriteEnabled = ref false
val currentVhost = ref ""
val currentVhostId = ref ""
+val sslEnabled = ref false
val pre = ref (fn _ : {user : string, nodes : string list, id : string, hostname : string} => ())
fun registerPre f =
in
currentVhost := fullHost;
currentVhostId := vhostId;
+ sslEnabled := Option.isSome ssl;
rewriteEnabled := false;
localRewriteEnabled := false;
TextIO.output (file, ".");
TextIO.output (file, dom)))
(Domain.currentAliasDomains ());
+
if suexec then
if isVersion1 node then
(TextIO.output (file, "\n\tUser ");
TextIO.output (file, group))
else
();
+
if isWaklog node then
- (TextIO.output (file, "\n\tWaklogProtected on\n\tWaklogPrincipal ");
+ (TextIO.output (file, "\n\tWaklogEnabled on\n\tWaklogLocationPrincipal ");
TextIO.output (file, user);
- TextIO.output (file, "/cgi@HCOOP.NET /etc/keytabs/cgi/");
+ TextIO.output (file, "/daemon@HCOOP.NET /etc/keytabs/user.daemon/");
TextIO.output (file, user))
else
();
+
+ TextIO.output (file, "\n\tDAVLockDB /var/lock/apache2/dav.");
+ TextIO.output (file, user);
+ TextIO.output (file, "/DAVLock");
+
(ld, file)
end)
nodes;
write "]");
write "\n"))
+val () = Env.action_one "rewriteBase"
+ ("prefix", Env.string)
+ (fn prefix =>
+ (checkRewrite ();
+ write "\tRewriteBase\t";
+ write prefix;
+ write "\n"))
+
val () = Env.action_one "rewriteLogLevel"
("level", Env.int)
(fn level =>
val authType = fn (EVar "basic", _) => SOME "basic"
| (EVar "digest", _) => SOME "digest"
+ | (EVar "kerberos", _) => SOME "kerberos"
| _ => NONE
+fun allowAuthType "kerberos" = !sslEnabled
+ | allowAuthType _ = true
+
val () = Env.action_one "authType"
("type", authType)
(fn ty =>
- (write "\tAuthType ";
- write ty;
- write "\n"))
+ if allowAuthType ty then
+ (write "\tAuthType ";
+ write ty;
+ write "\n";
+ case ty of
+ "kerberos" =>
+ write "\tKrbMethodNegotiate off\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC off\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n"
+ | _ => ())
+ else
+ print "WARNING: Skipped Kerberos authType because this isn't an SSL vhost.\n")
val () = Env.action_one "authName"
("name", Env.string)
write name;
write "\n"))
+val () = Env.action_two "setEnv"
+ ("key", Env.string, "value", Env.string)
+ (fn (key, value) => (write "\tSetEnv \"";
+ write key;
+ write "\" \"";
+ write value;
+ write "\"\n"))
+
val () = Domain.registerResetLocal (fn () =>
ignore (OS.Process.system (Config.rm ^ " -rf /var/domtool/vhosts/*")))