Index: /trunk/packages/sipb-xen-www/debian/control =================================================================== --- /trunk/packages/sipb-xen-www/debian/control (revision 882) +++ /trunk/packages/sipb-xen-www/debian/control (revision 883) @@ -3,5 +3,5 @@ Priority: extra Maintainer: SIPB Xen Project -Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), subversion +Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), subversion, sipb-xen-base Standards-Version: 3.7.2 Index: /trunk/packages/sipb-xen-www/debian/sipb-xen-www.init =================================================================== --- /trunk/packages/sipb-xen-www/debian/sipb-xen-www.init (revision 882) +++ /trunk/packages/sipb-xen-www/debian/sipb-xen-www.init (revision 883) @@ -16,140 +16,5 @@ gen_config() { - local errormail="$( invirt-getconf web.errormail )" \ - hostname="$( invirt-getconf web.hostname )" \ - tracuri="$( invirt-getconf trac.uri )" \ - svnpath="$( invirt-getconf svn.repopath )" - - cat > /etc/apache2/sites-available/ssl << EOF - - ServerAdmin $hostname - ServerName $trachost:443 - - DocumentRoot /var/www/sipb-xen-www - - Options Indexes FollowSymLinks MultiViews ExecCGI - AllowOverride None - Order allow,deny - allow from all - - - Require valid-user - AuthType SSLCert - AuthSSLCertVar SSL_CLIENT_S_DN_Email - AuthSSLCertStripSuffix "@MIT.EDU" - - - RewriteEngine On - RewriteRule ^/favicon.ico - [L] - RewriteRule ^/static(.*) - [L] - RewriteRule ^/overlord/static(.*) /static/\$1 [L] - RewriteRule ^/admin/static(.*) /static/\$1 [L] - RewriteRule ^/trac.fcgi(.*) - [L] - RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs\$1 [L] - RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi\$1 [L] - RewriteRule ^/var(.*) - [L] - RewriteRule ^/wiki(.*) - [L] - RewriteRule ^/kill.cgi - [L] - RewriteRule ^/~ - [L] - RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/\$1 [L] - - RewriteLog /var/log/apache2/rewrite.log - RewriteLogLevel 0 - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/ssl_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key - - SSLCACertificateFile ssl/mitCAclient.pem - SSLVerifyClient require - SSLVerifyDepth 10 - - SSLOptions +StdEnvVars - - SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - Redirect /wiki $tracuri - - - - ServerAdmin $errormail - ServerName $hostname:446 - - DocumentRoot /var/www/sipb-xen-www - - Options Indexes FollowSymLinks MultiViews ExecCGI - AllowOverride None - Order allow,deny - allow from all - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/ssl_nocert_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key - - SSLVerifyClient none - - SSLOptions +StdEnvVars - - SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - -EOF - - cat > /etc/apache2/sites-available/svn << EOF - - ServerAdmin $errormail - ServerName $hostname:1111 - - - Options FollowSymLinks - AllowOverride None - - - DAV svn - SVNPath $svnpath - AuthType Basic - AuthName "xvm.mit.edu subversion repository" - AuthUserFile /etc/apache2/dav_svn.passwd - - Require valid-user - - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/svn_access.log combined - ServerSignature On - - SSLEngine on - - SSLCertificateFile ssl/server.crt - SSLCertificateKeyFile ssl/server.key - -EOF + mako /etc/apache2/sites-available/{ssl,svn}.mako } Index: /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako =================================================================== --- /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako (revision 883) +++ /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako (revision 883) @@ -0,0 +1,98 @@ +<% +from invirt.config import structs as cfg +hostname = cfg.web.hostname +errmail = cfg.web.errormail +tracuri = cfg.trac.uri +%> + + ServerAdmin ${errmail} + ServerName ${hostname}:443 + + DocumentRoot /var/www/sipb-xen-www + + Options Indexes FollowSymLinks MultiViews ExecCGI + AllowOverride None + Order allow,deny + allow from all + + + Require valid-user + AuthType SSLCert + AuthSSLCertVar SSL_CLIENT_S_DN_Email + AuthSSLCertStripSuffix "@MIT.EDU" + + + RewriteEngine On + RewriteRule ^/favicon.ico - [L] + RewriteRule ^/static(.*) - [L] + RewriteRule ^/overlord/static(.*) /static/$1 [L] + RewriteRule ^/admin/static(.*) /static/$1 [L] + RewriteRule ^/trac.fcgi(.*) - [L] + RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs$1 [L] + RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi$1 [L] + RewriteRule ^/var(.*) - [L] + RewriteRule ^/wiki(.*) - [L] + RewriteRule ^/kill.cgi - [L] + RewriteRule ^/~ - [L] + RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/$1 [L] + + RewriteLog /var/log/apache2/rewrite.log + RewriteLogLevel 0 + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/ssl_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key + + SSLCACertificateFile ssl/mitCAclient.pem + SSLVerifyClient require + SSLVerifyDepth 10 + + SSLOptions +StdEnvVars + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + + Redirect /wiki ${tracuri} + + + + ServerAdmin ${errmail} + ServerName ${hostname}:446 + + DocumentRoot /var/www/sipb-xen-www + + Options Indexes FollowSymLinks MultiViews ExecCGI + AllowOverride None + Order allow,deny + allow from all + + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/ssl_nocert_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key + + SSLVerifyClient none + + SSLOptions +StdEnvVars + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + Index: /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/svn.mako =================================================================== --- /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/svn.mako (revision 883) +++ /trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/svn.mako (revision 883) @@ -0,0 +1,40 @@ +<% +from invirt.config import structs as cfg +hostname = cfg.web.hostname +errmail = cfg.web.errormail +svnpath = cfg.svn.repopath +%> + + + ServerAdmin ${errormail} + ServerName ${hostname}:1111 + + + Options FollowSymLinks + AllowOverride None + + + DAV svn + SVNPath ${svnpath} + AuthType Basic + AuthName "xvm.mit.edu subversion repository" + AuthUserFile /etc/apache2/dav_svn.passwd + + Require valid-user + + + + ErrorLog /var/log/apache2/error.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/svn_access.log combined + ServerSignature On + + SSLEngine on + + SSLCertificateFile ssl/server.crt + SSLCertificateKeyFile ssl/server.key +