HCoop / hcoop / zz_old / debian / hcoop-apache2-config.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a5861df)
Replace default apache vhost and restrict mod_status to hcoop members
authorClinton Ebadi <clinton@unknownlamer.org>
Fri, 2 May 2014 03:35:11 +0000 (23:35 -0400)
committerClinton Ebadi <clinton@unknownlamer.org>
Fri, 2 May 2014 03:35:11 +0000 (23:35 -0400)
* Generic "member has not yet configured their domain" page
* Move server-status to default ssl vhost and only permit hcoop
  members to access it

debian/hcoop-apache2-config.displace patch | blob | blame | history
debian/hcoop-apache2-config.install patch | blob | blame | history
files/index.html.hcoop [new file with mode: 0644] patch | blob
files/sites-available/default.hcoop [new file with mode: 0644] patch | blob

diff --git a/debian/hcoop-apache2-config.displace b/debian/hcoop-apache2-config.displace
index 115d7b4..dd0cdd1 100644 (file)
--- a/debian/hcoop-apache2-config.displace
+++ b/debian/hcoop-apache2-config.displace
@@ -3,3 +3,5 @@
 /etc/apache2/mods-available/suphp.conf.hcoop
 /etc/apache2/mods-available/status.conf.hcoop
 /etc/apache2/mods-available/disk_cache.conf.hcoop
 /etc/apache2/mods-available/suphp.conf.hcoop
 /etc/apache2/mods-available/status.conf.hcoop
 /etc/apache2/mods-available/disk_cache.conf.hcoop
+/etc/apache2/sites-available/default.hcoop
+/var/www/index.html
\ No newline at end of file
diff --git a/debian/hcoop-apache2-config.install b/debian/hcoop-apache2-config.install
index fffb209..75d065a 100644 (file)
--- a/debian/hcoop-apache2-config.install
+++ b/debian/hcoop-apache2-config.install
@@ -4,4 +4,5 @@ files/apache_out.rules etc/ferm/service.out.d
 files/www-data.hcoop etc/apache2/suexec
 files/suphp.conf.hcoop etc/suphp
 files/mods-available/* etc/apache2/mods-available
 files/www-data.hcoop etc/apache2/suexec
 files/suphp.conf.hcoop etc/suphp
 files/mods-available/* etc/apache2/mods-available
-files/sites-available/* etc/apache2/sites-available
\ No newline at end of file
+files/sites-available/* etc/apache2/sites-available
+files/index.html.hcoop /var/www
\ No newline at end of file
diff --git a/files/index.html.hcoop b/files/index.html.hcoop
new file mode 100644 (file)
index 0000000..2d01b5f
--- /dev/null
+++ b/files/index.html.hcoop
@@ -0,0 +1,12 @@
+<html><body><img src="http://hcoop.net/logo/front75.png" alt="hcoop" style="float: left;" />
+<h1>Unconfigured Member Virtual Host</h1>
+<p>This is the default web page for this <a href="http://hcoop.net">HCoop web server</a>.</p>
+
+
+<p>This domain has been pointed at the web server, but no host has
+been configured. See
+the <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites">HCoop
+Member Manual</a> for instructions on
+using <a href="http://wiki.hcoop.net/DomTool">Domtool</a> to configure
+a virtual host.</p>
+</body></html>
diff --git a/files/sites-available/default.hcoop b/files/sites-available/default.hcoop
new file mode 100644 (file)
index 0000000..f17fdeb
--- /dev/null
+++ b/files/sites-available/default.hcoop
@@ -0,0 +1,65 @@
+<VirtualHost *:80>
+        ServerAdmin webmaster@localhost
+
+        DocumentRoot /var/www
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride None
+        </Directory>
+        <Directory /var/www/>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride None
+                Order allow,deny
+                allow from all
+        </Directory>
+
+        ErrorLog ${APACHE_LOG_DIR}/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+
+<VirtualHost *:443>
+        SSLEngine on
+        SSLCertificateFile /etc/hcoop-ssl/hcoop.pem
+
+        ServerAdmin webmaster@localhost
+
+        DocumentRoot /var/www
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride None
+        </Directory>
+        <Directory /var/www/>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride None
+                Order allow,deny
+                allow from all
+        </Directory>
+
+       # HCoop members can check server status, but only over SSL
+       <Location /server-status>
+                 SetHandler server-status
+                 AuthType kerberos
+                 KrbServiceName apache2
+                 Krb5Keytab /etc/keytabs/service/apache
+                 KrbMethodNegotiate on
+                 KrbMethodK5Passwd on
+                 KrbVerifyKDC on
+                 KrbAuthRealms HCOOP.NET
+                 KrbSaveCredentials off
+                 AuthName "Server Status (HCoop login)"
+                 Require valid-user
+        </Location>
+
+        ErrorLog ${APACHE_LOG_DIR}/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
hcoop-apache2-config packaging