Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:jnaous:expedient
python-optin-manager
vhost-optinmgr.conf
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File vhost-optinmgr.conf of Package python-optin-manager
# Written by Jad Naous <IfModule !mod_wsgi.c> Error Missing mod_wsgi! Please install it. </IfModule> # set the port to listen to. Listen 8443 <VirtualHost *:8443> ########################################################## # Setup locations DocumentRoot "/usr/share/optin_manager/static/openflow/optin_manager" Alias /static /usr/share/optin_manager/static/openflow/optin_manager Alias /admin/media /usr/lib/python2.6/site-packages/django/contrib/admin/media ########################################################## # Setup WSGI applications and locations WSGIScriptAlias / /etc/optin_manager/wsgi/optin_manager.wsgi WSGIScriptAlias /admin /etc/optin_manager/wsgi/optin_manager.wsgi WSGIDaemonProcess optin_manager processes=6 threads=6 WSGIProcessGroup optin_manager WSGIReloadMechanism Process ########################################################## # Setup logging LogLevel info ErrorLog /var/log/apache2/optin_manager_error_log TransferLog /var/log/apache2/optin_manager_access_log CustomLog /var/log/apache2/optin_manager_ssl_request_log ssl_combined ########################################################## # Setup Authentication # Require authentication to access xmlrpc locations <LocationMatch ".*[^(/open)]/xmlrpc/$"> AuthType Basic AuthName "RPC Auth" AuthBasicProvider wsgi WSGIAuthUserScript /etc/optin_manager/wsgi/optin_manager_auth.wsgi require valid-user </LocationMatch> # No authentication needed for static content <Location /static> Order deny,allow Allow from all </Location> # No authenticaiton needed for admin static content <Location /admin/media> Order deny,allow Allow from all </Location> # Anything coming from wsgi applications needs authentication <Directory /etc/optin_manager/wsgi> Order allow,deny Allow from all # Require SSL be used SSLOptions +StrictRequire </Directory> ########################################################## # Setup SSL # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # Only use safe SSL SSLProtocol ALL -SSLv2 SSLProxyProtocol ALL -SSLv2 # Get SSL vars such as REMOTE_USER SSLOptions +StdEnvVars # Get the certs too SSLOptions +ExportCertData # Get the username from the client ceritificate when present SSLUserName SSL_CLIENT_S_DN_CN # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. Keep # in mind that if you have both an RSA and a DSA certificate you # can configure both in parallel (to also allow the use of DSA # ciphers, etc.) SSLCertificateFile /etc/apache2/ssl.crt/server.crt # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) SSLCertificateKeyFile /etc/apache2/ssl.key/server.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convenience. SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. SSLCACertificatePath /etc/optin_manager/apache/ca-certs # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. SSLCARevocationPath /etc/apache2/ssl.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. SSLVerifyClient optional SSLVerifyDepth 10 SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor