Separate API from Manager vhost (#2109)
This commit is contained in:
parent
3289534549
commit
759de594bb
15
Makefile
15
Makefile
|
@ -60,6 +60,7 @@ PORTALTEMPLATESDIR=$(PORTALDIR)/templates
|
|||
|
||||
MANAGERDIR=$(DOCUMENTROOT)/manager
|
||||
MANAGERSITEDIR=$(MANAGERDIR)/htdocs
|
||||
MANAGERAPIDIR=$(MANAGERDIR)/api
|
||||
MANAGERSTATICDIR=$(MANAGERSITEDIR)/static
|
||||
MANAGERRELATIVESTATICDIR=/static
|
||||
MANAGERTEMPLATESDIR=$(MANAGERSITEDIR)/templates
|
||||
|
@ -156,6 +157,7 @@ RPORTALSTATICDIR=$(DESTDIR)/$(PORTALSTATICDIR)
|
|||
RPORTALTEMPLATESDIR=$(DESTDIR)/$(PORTALTEMPLATESDIR)
|
||||
RMANAGERDIR=$(DESTDIR)/$(MANAGERDIR)
|
||||
RMANAGERSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
|
||||
RMANAGERAPIDIR=$(DESTDIR)/$(MANAGERAPIDIR)
|
||||
RMANAGERSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
|
||||
RMANAGERTEMPLATESDIR=$(DESTDIR)/$(MANAGERTEMPLATESDIR)
|
||||
RDOCDIR=$(DESTDIR)/$(DOCDIR)
|
||||
|
@ -690,7 +692,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
fi
|
||||
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
|
||||
# Fix a lost of rights on the main directory
|
||||
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
|
||||
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RMANAGERAPIDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
|
||||
@echo
|
||||
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
|
||||
@echo " - System configuration: ${CONFDIR}"
|
||||
|
@ -702,6 +704,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
@echo " include ${CONFDIR}/portal-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/handler-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/manager-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/api-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/test-apache$(APACHEVERSION).conf"
|
||||
@echo
|
||||
@echo "2 - Restart Apache:"
|
||||
|
@ -725,10 +728,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
install_webserver_conf:
|
||||
@install -m 755 -v -d $(RCONFDIR)
|
||||
@if [ "$(ERASECONFIG)" -eq "1" ]; then \
|
||||
cp -f _example/etc/portal-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/handler-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/manager-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/test-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/*-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/*nginx*.conf $(RCONFDIR); \
|
||||
fi
|
||||
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g; \
|
||||
|
@ -736,6 +736,7 @@ install_webserver_conf:
|
|||
s#__PORTALSITEDIR__#$(PORTALSITEDIR)/#g; \
|
||||
s#__PORTALSTATICDIR__#$(PORTALSTATICDIR)/#g; \
|
||||
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
|
||||
s#__MANAGERAPIDIR__#$(MANAGERAPIDIR)/#g; \
|
||||
s#__MANAGERSITEDIR__#$(MANAGERSITEDIR)/#g; \
|
||||
s#__MANAGERSTATICDIR__#$(MANAGERSTATICDIR)/#g; \
|
||||
s#__TESTDIR__#$(TESTDIR)/#g; \
|
||||
|
@ -749,7 +750,8 @@ install_webserver_conf:
|
|||
install_manager_site: install_conf_dir
|
||||
# Manager install
|
||||
@install -v -d $(RMANAGERDIR) $(RMANAGERSTATICDIR) \
|
||||
$(RMANAGERTEMPLATESDIR)
|
||||
$(RMANAGERTEMPLATESDIR) $(RMANAGERAPIDIR)
|
||||
@cp -pR -f $(SRCMANAGERDIR)/site/api/* $(RMANAGERAPIDIR)
|
||||
@cp -pR -f $(SRCMANAGERDIR)/site/htdocs/manager.* $(RMANAGERSITEDIR)
|
||||
@cp -pR $(SRCMANAGERDIR)/site/htdocs/static/* $(RMANAGERSTATICDIR)
|
||||
@for f in $(SRCMANAGERDIR)/site/templates/*.tpl; do \
|
||||
|
@ -1061,6 +1063,7 @@ debian-dist: clean
|
|||
@cp lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/api-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/api-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/test-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/test-apache2.conf
|
||||
@rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
|
||||
@rm -rf lemonldap-ng-$(VERSION)/node_modules
|
||||
|
|
|
@ -0,0 +1,82 @@
|
|||
#===========================================
|
||||
# Apache configuration for LemonLDAP::NG API
|
||||
#===========================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/api.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
Require all denied
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,89 @@
|
|||
#====================================================================
|
||||
# Apache configuration for LemonLDAP::NG Manager
|
||||
#====================================================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
<IfVersion >= 2.3>
|
||||
Require all denied
|
||||
</IfVersion>
|
||||
<IfVersion < 2.3>
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
</IfVersion>
|
||||
Options +FollowSymLinks
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,83 @@
|
|||
#====================================================================
|
||||
# Apache configuration for LemonLDAP::NG Manager
|
||||
#====================================================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,50 @@
|
|||
server {
|
||||
listen __PORT__;
|
||||
server_name manager-api.__DNSDOMAIN__;
|
||||
root __MANAGERAPIDIR__;
|
||||
# Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
|
||||
#access_log /var/log/nginx/manager-api.log lm_app;
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
# As an alternative, you can use the PROXY protocol
|
||||
#
|
||||
#set_real_ip_from 127.0.0.1;
|
||||
#real_ip_header X-Forwarded-For;
|
||||
|
||||
rewrite ^/(.*)$ /api.psgi/$1 break;
|
||||
|
||||
location ~ ^(?<sc>/.*\.psgi)(?:$|/) {
|
||||
|
||||
# FastCGI configuration
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
|
||||
fastcgi_param LLTYPE psgi;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
|
||||
# OR TO USE uWSGI
|
||||
#include /etc/nginx/uwsgi_params;
|
||||
#uwsgi_pass 127.0.0.1:5000;
|
||||
#uwsgi_param LLTYPE psgi;
|
||||
#uwsgi_param SCRIPT_FILENAME $document_root$sc;
|
||||
#uwsgi_param SCRIPT_NAME $sc;
|
||||
|
||||
# Uncomment this if you use https only
|
||||
#add_header Strict-Transport-Security "max-age=15768000";
|
||||
|
||||
# Access control
|
||||
#allow 127.0.0.0/8;
|
||||
deny all;
|
||||
}
|
||||
|
||||
# DEBIAN
|
||||
# If install was made with USEDEBIANLIBS (official releases), uncomment this
|
||||
#location /javascript/ {
|
||||
# alias /usr/share/javascript/;
|
||||
#}
|
||||
|
||||
}
|
|
@ -99,76 +99,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
Require all denied
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -118,83 +118,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
<IfVersion >= 2.3>
|
||||
Require all denied
|
||||
</IfVersion>
|
||||
<IfVersion < 2.3>
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
</IfVersion>
|
||||
Options +FollowSymLinks
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -102,77 +102,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (api.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
/etc/lemonldap-ng/api-apache2.conf
|
||||
/etc/lemonldap-ng/api-nginx.conf
|
||||
/etc/lemonldap-ng/manager-apache2.conf
|
||||
/etc/lemonldap-ng/manager-nginx.conf
|
||||
/usr/share/man/man3/Lemonldap::NG::Manager*
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
/etc/lemonldap-ng/api-apache2.conf /etc/apache2/sites-available/api-apache2.conf
|
||||
/etc/lemonldap-ng/api-nginx.conf /etc/nginx/sites-available/api-nginx.conf
|
||||
/etc/lemonldap-ng/manager-apache2.conf /etc/apache2/sites-available/manager-apache2.conf
|
||||
/etc/lemonldap-ng/manager-nginx.conf /etc/nginx/sites-available/manager-nginx.conf
|
||||
|
|
|
@ -49,7 +49,7 @@ override_dh_auto_install:
|
|||
DEFDOCDIR=/usr/share/doc/lemonldap-ng-doc \
|
||||
UWSGIYAMLDIR=/etc/uwsgi/apps-available \
|
||||
PROD=yes
|
||||
for i in handler portal manager test; do \
|
||||
for i in handler portal manager api test; do \
|
||||
mv $(TMP)/etc/lemonldap-ng/$$i-apache2.X.conf $(TMP)/etc/lemonldap-ng/$$i-apache2.conf; \
|
||||
done
|
||||
|
||||
|
|
|
@ -46,7 +46,8 @@ site/coffee/notifications.coffee
|
|||
site/coffee/sessions.coffee
|
||||
site/coffee/viewDiff.coffee
|
||||
site/coffee/viewer.coffee
|
||||
site/htdocs/api.fcgi
|
||||
site/api/api.fcgi
|
||||
site/api/api.psgi
|
||||
site/htdocs/manager.fcgi
|
||||
site/htdocs/manager.psgi
|
||||
site/htdocs/static/bwr/angular-animate/angular-animate.js
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
use Lemonldap::NG::Manager;
|
||||
|
||||
Lemonldap::NG::Manager->run(
|
||||
{ enabledModules => "api", protection => "none" } );
|
|
@ -448,7 +448,7 @@ chmod 775 %{buildroot}%{lm_sbindir}/llng-fastcgi-server
|
|||
# Install httpd conf files
|
||||
# We use "z-lemonldap-ng-*" so that httpd read the files after "perl.conf"
|
||||
mkdir -p %{buildroot}%{apache_confdir}
|
||||
for i in handler manager portal test; do {
|
||||
for i in handler manager portal api test; do {
|
||||
mv %{buildroot}%{lm_confdir}/$i-apache%{apache_version}.conf \
|
||||
%{buildroot}%{apache_confdir}/z-lemonldap-ng-$i.conf
|
||||
}; done
|
||||
|
@ -471,6 +471,9 @@ sed -i 's:/etc/lemonldap-ng/nginx-lua-headers.conf:/etc/nginx/nginx-lua-headers.
|
|||
mv %{buildroot}%{lm_confdir}/for_etc_hosts .
|
||||
|
||||
# Fix shebang and perms
|
||||
sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
|
||||
%{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
|
||||
chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
|
||||
sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
|
||||
%{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
|
||||
chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
|
||||
|
@ -544,6 +547,7 @@ fi
|
|||
%config(noreplace) %attr(-,root,%{lm_apachegroup}) %{lm_storagefile}
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-handler.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-manager.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-api.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-portal.conf
|
||||
%{_mandir}/man1/convertConfig*
|
||||
%{_mandir}/man1/convertSessions*
|
||||
|
@ -618,6 +622,7 @@ fi
|
|||
%config(noreplace) %{_sysconfdir}/nginx/nginx-lmlog.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/nginx-lua-headers.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/portal-nginx.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/api-nginx.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/test-nginx.conf
|
||||
|
||||
%files -n perl-Lemonldap-NG-Common
|
||||
|
|
Loading…
Reference in New Issue