source: trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako @ 1124

Last change on this file since 1124 was 1028, checked in by broder, 16 years ago

Don't add another Listen 443 directive - apache gets angry

File size: 2.3 KB
Line 
1<%
2from invirt.config import structs as cfg
3hostname = cfg.web.hostname
4errmail  = cfg.web.errormail
5tracuri  = cfg.trac.uri
6%>
7Listen 446
8
9<VirtualHost *:443>
10        ServerAdmin ${errmail}
11        ServerName ${hostname}:443
12       
13        DocumentRoot /var/www/sipb-xen-www
14        <Directory /var/www/sipb-xen-www>
15                Options Indexes FollowSymLinks MultiViews ExecCGI
16                AllowOverride None
17                Order allow,deny
18                allow from all
19        </Directory>
20        <Location />
21                Require valid-user
22                AuthType SSLCert
23                AuthSSLCertVar SSL_CLIENT_S_DN_Email
24                AuthSSLCertStripSuffix "@MIT.EDU"
25        </Location>
26
27        RewriteEngine On
28        RewriteRule ^/favicon.ico - [L]
29        RewriteRule ^/static(.*) - [L]
30        RewriteRule ^/overlord/static(.*) /static/$1 [L]
31        RewriteRule ^/admin/static(.*) /static/$1 [L]
32        RewriteRule ^/trac.fcgi(.*) - [L]
33        RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs$1 [L]
34        RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi$1 [L]
35        RewriteRule ^/var(.*) - [L]
36        RewriteRule ^/wiki(.*) - [L]
37        RewriteRule ^/kill.cgi - [L]
38        RewriteRule ^/~ - [L]
39        RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/$1 [L]
40
41        RewriteLog /var/log/apache2/rewrite.log
42        RewriteLogLevel 0
43
44        ErrorLog /var/log/apache2/error.log
45
46        # Possible values include: debug, info, notice, warn, error, crit,
47        # alert, emerg.
48        LogLevel warn
49
50        CustomLog /var/log/apache2/ssl_access.log combined
51        ServerSignature On
52
53        SSLEngine on
54
55        SSLCertificateFile ssl/server.crt
56        SSLCertificateKeyFile ssl/server.key
57       
58        SSLCACertificateFile ssl/mitCAclient.pem
59        SSLVerifyClient require
60        SSLVerifyDepth 10
61
62        SSLOptions +StdEnvVars
63       
64        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
65
66        Redirect /wiki ${tracuri}       
67</VirtualHost>
68
69<VirtualHost *:446>
70        ServerAdmin ${errmail}
71        ServerName ${hostname}:446
72       
73        DocumentRoot /var/www/sipb-xen-www
74        <Directory />
75                Options Indexes FollowSymLinks MultiViews ExecCGI
76                AllowOverride None
77                Order allow,deny
78                allow from all
79        </Directory>
80
81        ErrorLog /var/log/apache2/error.log
82
83        # Possible values include: debug, info, notice, warn, error, crit,
84        # alert, emerg.
85        LogLevel warn
86
87        CustomLog /var/log/apache2/ssl_nocert_access.log combined
88        ServerSignature On
89
90        SSLEngine on
91
92        SSLCertificateFile ssl/server.crt
93        SSLCertificateKeyFile ssl/server.key
94       
95        SSLVerifyClient none
96
97        SSLOptions +StdEnvVars
98       
99        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0       
100</VirtualHost>
Note: See TracBrowser for help on using the repository browser.