source: trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako @ 983

Last change on this file since 983 was 883, checked in by y_z, 16 years ago

converted two of the generated config files to use mako

File size: 2.3 KB
Line 
1<%
2from invirt.config import structs as cfg
3hostname = cfg.web.hostname
4errmail  = cfg.web.errormail
5tracuri  = cfg.trac.uri
6%>
7<VirtualHost *:443>
8        ServerAdmin ${errmail}
9        ServerName ${hostname}:443
10       
11        DocumentRoot /var/www/sipb-xen-www
12        <Directory /var/www/sipb-xen-www>
13                Options Indexes FollowSymLinks MultiViews ExecCGI
14                AllowOverride None
15                Order allow,deny
16                allow from all
17        </Directory>
18        <Location />
19                Require valid-user
20                AuthType SSLCert
21                AuthSSLCertVar SSL_CLIENT_S_DN_Email
22                AuthSSLCertStripSuffix "@MIT.EDU"
23        </Location>
24
25        RewriteEngine On
26        RewriteRule ^/favicon.ico - [L]
27        RewriteRule ^/static(.*) - [L]
28        RewriteRule ^/overlord/static(.*) /static/$1 [L]
29        RewriteRule ^/admin/static(.*) /static/$1 [L]
30        RewriteRule ^/trac.fcgi(.*) - [L]
31        RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs$1 [L]
32        RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi$1 [L]
33        RewriteRule ^/var(.*) - [L]
34        RewriteRule ^/wiki(.*) - [L]
35        RewriteRule ^/kill.cgi - [L]
36        RewriteRule ^/~ - [L]
37        RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/$1 [L]
38
39        RewriteLog /var/log/apache2/rewrite.log
40        RewriteLogLevel 0
41
42        ErrorLog /var/log/apache2/error.log
43
44        # Possible values include: debug, info, notice, warn, error, crit,
45        # alert, emerg.
46        LogLevel warn
47
48        CustomLog /var/log/apache2/ssl_access.log combined
49        ServerSignature On
50
51        SSLEngine on
52
53        SSLCertificateFile ssl/server.crt
54        SSLCertificateKeyFile ssl/server.key
55       
56        SSLCACertificateFile ssl/mitCAclient.pem
57        SSLVerifyClient require
58        SSLVerifyDepth 10
59
60        SSLOptions +StdEnvVars
61       
62        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
63
64        Redirect /wiki ${tracuri}       
65</VirtualHost>
66
67<VirtualHost *:446>
68        ServerAdmin ${errmail}
69        ServerName ${hostname}:446
70       
71        DocumentRoot /var/www/sipb-xen-www
72        <Directory />
73                Options Indexes FollowSymLinks MultiViews ExecCGI
74                AllowOverride None
75                Order allow,deny
76                allow from all
77        </Directory>
78
79        ErrorLog /var/log/apache2/error.log
80
81        # Possible values include: debug, info, notice, warn, error, crit,
82        # alert, emerg.
83        LogLevel warn
84
85        CustomLog /var/log/apache2/ssl_nocert_access.log combined
86        ServerSignature On
87
88        SSLEngine on
89
90        SSLCertificateFile ssl/server.crt
91        SSLCertificateKeyFile ssl/server.key
92       
93        SSLVerifyClient none
94
95        SSLOptions +StdEnvVars
96       
97        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0       
98</VirtualHost>
Note: See TracBrowser for help on using the repository browser.