Index: package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/default.mako
===================================================================
--- package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/default.mako (revision 2915)
+++ (revision )
@@ -1,35 +1,0 @@
-<%
-from invirt.config import structs as cfg
-hostname = cfg.web.hostname
-errmail = cfg.web.errormail
-tracuri = cfg.trac.uri
-%>
-NameVirtualHost *:80
-
- ServerAdmin ${errmail}
- ServerName ${hostname}:80
-
- DocumentRoot /var/www/invirt-web
-
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
-
-
- RewriteEngine On
- RewriteRule ^/static(.*) - [L]
- RewriteRule ^/admin/static(.*) /static/$1 [L]
- RewriteRule ^/trac(.*) ${tracuri}$1 [R,L]
- RewriteRule ^/invirt - [L]
- RewriteRule ^/(.*) /var/www/invirt-web/unauth.fcgi/$1 [L]
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel notice
-
- CustomLog /var/log/apache2/access.log combined
- ServerSignature On
-
Index: package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/invirt.mako
===================================================================
--- package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/invirt.mako (revision 2916)
+++ package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/invirt.mako (revision 2916)
@@ -0,0 +1,59 @@
+### Master template
+<%!
+from invirt.config import structs as cfg
+from invirt.config import safestructs as safecfg
+%>
+<%def name="invirt_ssl()">
+ DocumentRoot /var/www/invirt-web
+
+ Options Indexes FollowSymLinks MultiViews ExecCGI
+ AllowOverride None
+ Order allow,deny
+ allow from all
+
+
+${caller.body()}
+
+
+ RewriteEngine On
+ RewriteRule ^/favicon.ico - [L]
+ RewriteRule ^/static(.*) - [L]
+ RewriteRule ^/overlord/static(.*) /static/$1 [L]
+ RewriteRule ^/admin/static(.*) /static/$1 [L]
+
+% for rewrite in safecfg.web.ssl.rewriterules:
+ RewriteRule ^/${rewrite.rule} ${rewrite.target} [${rewrite.type}]
+% endfor
+ RewriteRule ^/(.*) /var/www/invirt-web/auth.fcgi/$1 [L]
+
+ RewriteLog /var/log/apache2/rewrite.log
+ RewriteLogLevel 0
+
+ ErrorLog /var/log/apache2/error.log
+
+ # Possible values include: debug, info, notice, warn, error, crit,
+ # alert, emerg.
+ LogLevel warn
+
+ CustomLog /var/log/apache2/ssl_access.log combined
+ ServerSignature On
+
+ SSLEngine on
+
+ SSLCertificateFile ${cfg.web.ssl.cert}
+ SSLCertificateKeyFile ${cfg.web.ssl.key}
+
+ SSLCACertificateFile ${cfg.web.ssl.ca}
+ SSLVerifyDepth 10
+
+ SSLOptions +StdEnvVars
+
+ SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
+% for redirect in safecfg.web.ssl.redirects:
+ Redirect /${redirect.rule} ${redirect.target}
+% endfor
+
+
+% for site in cfg.web.sites:
+<%include file="../conf.invirt/${site}.mako" args="cfg=cfg, invirt_ssl=invirt_ssl" />
+% endfor
Index: package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/master.mako
===================================================================
--- package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/master.mako (revision 2915)
+++ (revision )
@@ -1,59 +1,0 @@
-### Master template
-<%!
-from invirt.config import structs as cfg
-from invirt.config import safestructs as safecfg
-%>
-<%def name="invirt_ssl()">
- DocumentRoot /var/www/invirt-web
-
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
-
-
-${caller.body()}
-
-
- RewriteEngine On
- RewriteRule ^/favicon.ico - [L]
- RewriteRule ^/static(.*) - [L]
- RewriteRule ^/overlord/static(.*) /static/$1 [L]
- RewriteRule ^/admin/static(.*) /static/$1 [L]
-
-% for rewrite in safecfg.web.ssl.rewriterules:
- RewriteRule ^/${rewrite.rule} ${rewrite.target} [${rewrite.type}]
-% endfor
- RewriteRule ^/(.*) /var/www/invirt-web/auth.fcgi/$1 [L]
-
- RewriteLog /var/log/apache2/rewrite.log
- RewriteLogLevel 0
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/ssl_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ${cfg.web.ssl.cert}
- SSLCertificateKeyFile ${cfg.web.ssl.key}
-
- SSLCACertificateFile ${cfg.web.ssl.ca}
- SSLVerifyDepth 10
-
- SSLOptions +StdEnvVars
-
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
-% for redirect in safecfg.web.ssl.redirects:
- Redirect /${redirect.rule} ${redirect.target}
-% endfor
-
-
-% for site in cfg.web.sites:
-<%include file="../conf.invirt/${site}.mako" args="cfg=cfg, invirt_ssl=invirt_ssl" />
-% endfor
Index: package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/ssl.mako
===================================================================
--- package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/ssl.mako (revision 2915)
+++ (revision )
@@ -1,114 +1,0 @@
-<%
-from invirt.config import structs as cfg
-hostname = cfg.web.hostname
-errmail = cfg.web.errormail
-tracuri = cfg.trac.uri
-%>
-Listen 442
-Listen 446
-
-<%def name="invirt_webinterface()">
- DocumentRoot /var/www/invirt-web
-
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
-
-
-${caller.body()}
-
-
- RewriteEngine On
- RewriteRule ^/favicon.ico - [L]
- RewriteRule ^/static(.*) - [L]
- RewriteRule ^/overlord/static(.*) /static/$1 [L]
- RewriteRule ^/admin/static(.*) /static/$1 [L]
- RewriteRule ^/trac(.*) ${tracuri}$1 [R,L]
- RewriteRule ^/(.*) /var/www/invirt-web/auth.fcgi/$1 [L]
-
- RewriteLog /var/log/apache2/rewrite.log
- RewriteLogLevel 0
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/ssl_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-
- SSLCACertificateFile /etc/ssl/certs/mitCAclient.pem
- SSLVerifyDepth 10
-
- SSLOptions +StdEnvVars
-
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
-
- Redirect /wiki ${tracuri}
-
-
- ServerAdmin ${errmail}
- ServerName ${hostname}:443
- <%call expr="invirt_webinterface()">
- Require valid-user
- AuthType SSLCert
- AuthSSLCertVar SSL_CLIENT_S_DN_Email
- AuthSSLCertStripSuffix "@MIT.EDU"
-
- SSLVerifyClient require
-
-
- ServerAdmin ${errmail}
- ServerName ${hostname}:442
- <%call expr="invirt_webinterface()">
- Require valid-user
- AuthType Kerberos
- KrbMethodNegotiate on
- KrbMethodK5Passwd off
- KrbAuthoritative off
- KrbAuthRealms ${cfg.kerberos.realm}
- Krb5Keytab /etc/invirt/keytab
- KrbSaveCredentials off
-
- SSLVerifyClient optional
-
-
-
- ServerAdmin ${errmail}
- ServerName ${hostname}:446
-
- DocumentRoot /var/www/invirt-web
-
- Options Indexes FollowSymLinks MultiViews ExecCGI
- AllowOverride None
- Order allow,deny
- allow from all
-
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/ssl_nocert_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-
- SSLVerifyClient none
-
- SSLOptions +StdEnvVars
-
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
-
Index: package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/svn.mako
===================================================================
--- package_branches/invirt-web/hvirt/files/etc/apache2/sites-available/svn.mako (revision 2915)
+++ (revision )
@@ -1,40 +1,0 @@
-<%
-from invirt.config import structs as cfg
-hostname = cfg.web.hostname
-errmail = cfg.web.errormail
-svnpath = cfg.svn.repopath
-%>
-Listen 1111
-
- ServerAdmin ${errmail}
- ServerName ${hostname}:1111
-
-
- Options FollowSymLinks
- AllowOverride None
-
-
- DAV svn
- SVNPath ${svnpath}
- AuthType Basic
- AuthName "xvm.mit.edu subversion repository"
- AuthUserFile /etc/apache2/dav_svn.passwd
-
- Require valid-user
-
-
-
- ErrorLog /var/log/apache2/error.log
-
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
-
- CustomLog /var/log/apache2/svn_access.log combined
- ServerSignature On
-
- SSLEngine on
-
- SSLCertificateFile ssl/server.crt
- SSLCertificateKeyFile ssl/server.key
-