diff --git a/Makefile b/Makefile
index 8698a47f9..1a1032650 100644
--- a/Makefile
+++ b/Makefile
@@ -60,6 +60,7 @@ PORTALTEMPLATESDIR=$(PORTALDIR)/templates
MANAGERDIR=$(DOCUMENTROOT)/manager
MANAGERSITEDIR=$(MANAGERDIR)/htdocs
+MANAGERAPIDIR=$(MANAGERDIR)/api
MANAGERSTATICDIR=$(MANAGERSITEDIR)/static
MANAGERRELATIVESTATICDIR=/static
MANAGERTEMPLATESDIR=$(MANAGERSITEDIR)/templates
@@ -156,6 +157,7 @@ RPORTALSTATICDIR=$(DESTDIR)/$(PORTALSTATICDIR)
RPORTALTEMPLATESDIR=$(DESTDIR)/$(PORTALTEMPLATESDIR)
RMANAGERDIR=$(DESTDIR)/$(MANAGERDIR)
RMANAGERSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
+RMANAGERAPIDIR=$(DESTDIR)/$(MANAGERAPIDIR)
RMANAGERSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
RMANAGERTEMPLATESDIR=$(DESTDIR)/$(MANAGERTEMPLATESDIR)
RDOCDIR=$(DESTDIR)/$(DOCDIR)
@@ -690,7 +692,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
# Fix a lost of rights on the main directory
- @chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
+ @chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RMANAGERAPIDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
@echo
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
@echo " - System configuration: ${CONFDIR}"
@@ -702,6 +704,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
@echo " include ${CONFDIR}/portal-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/handler-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/manager-apache$(APACHEVERSION).conf"
+ @echo " include ${CONFDIR}/api-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/test-apache$(APACHEVERSION).conf"
@echo
@echo "2 - Restart Apache:"
@@ -725,10 +728,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
install_webserver_conf:
@install -m 755 -v -d $(RCONFDIR)
@if [ "$(ERASECONFIG)" -eq "1" ]; then \
- cp -f _example/etc/portal-apache$(APACHEVERSION).conf $(RCONFDIR); \
- cp -f _example/etc/handler-apache$(APACHEVERSION).conf $(RCONFDIR); \
- cp -f _example/etc/manager-apache$(APACHEVERSION).conf $(RCONFDIR); \
- cp -f _example/etc/test-apache$(APACHEVERSION).conf $(RCONFDIR); \
+ cp -f _example/etc/*-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/*nginx*.conf $(RCONFDIR); \
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g; \
@@ -736,6 +736,7 @@ install_webserver_conf:
s#__PORTALSITEDIR__#$(PORTALSITEDIR)/#g; \
s#__PORTALSTATICDIR__#$(PORTALSTATICDIR)/#g; \
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
+ s#__MANAGERAPIDIR__#$(MANAGERAPIDIR)/#g; \
s#__MANAGERSITEDIR__#$(MANAGERSITEDIR)/#g; \
s#__MANAGERSTATICDIR__#$(MANAGERSTATICDIR)/#g; \
s#__TESTDIR__#$(TESTDIR)/#g; \
@@ -749,7 +750,8 @@ install_webserver_conf:
install_manager_site: install_conf_dir
# Manager install
@install -v -d $(RMANAGERDIR) $(RMANAGERSTATICDIR) \
- $(RMANAGERTEMPLATESDIR)
+ $(RMANAGERTEMPLATESDIR) $(RMANAGERAPIDIR)
+ @cp -pR -f $(SRCMANAGERDIR)/site/api/* $(RMANAGERAPIDIR)
@cp -pR -f $(SRCMANAGERDIR)/site/htdocs/manager.* $(RMANAGERSITEDIR)
@cp -pR $(SRCMANAGERDIR)/site/htdocs/static/* $(RMANAGERSTATICDIR)
@for f in $(SRCMANAGERDIR)/site/templates/*.tpl; do \
@@ -1061,6 +1063,7 @@ debian-dist: clean
@cp lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.conf
+ @cp lemonldap-ng-$(VERSION)/_example/etc/api-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/api-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/test-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/test-apache2.conf
@rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
@rm -rf lemonldap-ng-$(VERSION)/node_modules
diff --git a/_example/etc/api-apache2.4.conf b/_example/etc/api-apache2.4.conf
new file mode 100644
index 000000000..bb6306f63
--- /dev/null
+++ b/_example/etc/api-apache2.4.conf
@@ -0,0 +1,82 @@
+#===========================================
+# Apache configuration for LemonLDAP::NG API
+#===========================================
+
+# Uncomment this if no previous NameVirtualHost declaration
+#NameVirtualHost __VHOSTLISTEN__
+
+# To insert LLNG user id in Apache logs, declare this format and use it in
+# CustomLog directive
+#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
+
+# Manager virtual host (manager.__DNSDOMAIN__)
+
+ ServerName manager-api.__DNSDOMAIN__
+ LogLevel notice
+ # See above to set LLNG user id in Apache logs
+ #CustomLog __APACHELOGDIR__/manager-api.log llng
+ #ErrorLog __APACHELOGDIR__/lm_err.log
+
+ # Uncomment this if you are running behind a reverse proxy and want
+ # LemonLDAP::NG to see the real IP address of the end user
+ # Adjust the settings to match the IP address of your reverse proxy
+ # and the header containing the original IP address
+ #
+ #RemoteIPHeader X-Forwarded-For
+ #RemoteIPInternalProxy 127.0.0.1
+
+
+ # FASTCGI CONFIGURATION
+ # ---------------------
+
+ # 1) URI management
+ RewriteEngine on
+
+ # For performances, you can delete the previous RewriteRule line after
+ # puttings html files: simply put the HTML results of differents modules
+ # (configuration, sessions, notifications) as manager.html, sessions.html,
+ # notifications.html and uncomment the 2 following lines:
+ # DirectoryIndex manager.html
+ # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
+
+ # REST URLs
+ RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
+
+ # 2) FastCGI engine
+
+ # You can choose any FastCGI system. Here is an example using mod_fcgid
+ # mod_fcgid configuration
+ FcgidMaxRequestLen 2000000
+
+ SetHandler fcgid-script
+ Options +ExecCGI
+ header unset Lm-Remote-User
+
+
+ # If you want to use mod_fastcgi, replace lines below by:
+ #FastCgiServer __MANAGERAPIDIR__/api.fcgi
+
+ # GLOBAL CONFIGURATION
+ # --------------------
+
+ DocumentRoot __MANAGERAPIDIR__
+
+
+ Require all denied
+
+
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
+ SetOutputFilter DEFLATE
+ BrowserMatch ^Mozilla/4 gzip-only-text/html
+ BrowserMatch ^Mozilla/4\.0[678] no-gzip
+ BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+ SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
+
+
+ Header append Vary User-Agent env=!dont-vary
+
+
+
+ # Uncomment this if site if you use SSL only
+ #Header set Strict-Transport-Security "max-age=15768000"
+
diff --git a/_example/etc/api-apache2.X.conf b/_example/etc/api-apache2.X.conf
new file mode 100644
index 000000000..3d2ed04b6
--- /dev/null
+++ b/_example/etc/api-apache2.X.conf
@@ -0,0 +1,89 @@
+#====================================================================
+# Apache configuration for LemonLDAP::NG Manager
+#====================================================================
+
+# Uncomment this if no previous NameVirtualHost declaration
+#NameVirtualHost __VHOSTLISTEN__
+
+# To insert LLNG user id in Apache logs, declare this format and use it in
+# CustomLog directive
+#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
+
+# Manager virtual host (manager.__DNSDOMAIN__)
+
+ ServerName manager-api.__DNSDOMAIN__
+ LogLevel notice
+ # See above to set LLNG user id in Apache logs
+ #CustomLog __APACHELOGDIR__/manager-api.log llng
+ #ErrorLog __APACHELOGDIR__/lm_err.log
+
+ # Uncomment this if you are running behind a reverse proxy and want
+ # LemonLDAP::NG to see the real IP address of the end user
+ # Adjust the settings to match the IP address of your reverse proxy
+ # and the header containing the original IP address
+ #
+ #RemoteIPHeader X-Forwarded-For
+ #RemoteIPInternalProxy 127.0.0.1
+
+
+ # FASTCGI CONFIGURATION
+ # ---------------------
+
+ # 1) URI management
+ RewriteEngine on
+
+ # For performances, you can delete the previous RewriteRule line after
+ # puttings html files: simply put the HTML results of differents modules
+ # (configuration, sessions, notifications) as manager.html, sessions.html,
+ # notifications.html and uncomment the 2 following lines:
+ # DirectoryIndex manager.html
+ # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
+
+ # REST URLs
+ RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
+
+ # 2) FastCGI engine
+
+ # You can choose any FastCGI system. Here is an example using mod_fcgid
+ # mod_fcgid configuration
+ FcgidMaxRequestLen 2000000
+
+ SetHandler fcgid-script
+ Options +ExecCGI
+ header unset Lm-Remote-User
+
+
+ # If you want to use mod_fastcgi, replace lines below by:
+ #FastCgiServer __MANAGERAPIDIR__/manager.fcgi
+
+ # GLOBAL CONFIGURATION
+ # --------------------
+
+ DocumentRoot __MANAGERAPIDIR__
+
+
+ = 2.3>
+ Require all denied
+
+
+ Order Deny,Allow
+ Deny from all
+
+ Options +FollowSymLinks
+
+
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
+ SetOutputFilter DEFLATE
+ BrowserMatch ^Mozilla/4 gzip-only-text/html
+ BrowserMatch ^Mozilla/4\.0[678] no-gzip
+ BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+ SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
+
+
+ Header append Vary User-Agent env=!dont-vary
+
+
+
+ # Uncomment this if site if you use SSL only
+ #Header set Strict-Transport-Security "max-age=15768000"
+
diff --git a/_example/etc/api-apache2.conf b/_example/etc/api-apache2.conf
new file mode 100644
index 000000000..b03907679
--- /dev/null
+++ b/_example/etc/api-apache2.conf
@@ -0,0 +1,83 @@
+#====================================================================
+# Apache configuration for LemonLDAP::NG Manager
+#====================================================================
+
+# Uncomment this if no previous NameVirtualHost declaration
+#NameVirtualHost __VHOSTLISTEN__
+
+# To insert LLNG user id in Apache logs, declare this format and use it in
+# CustomLog directive
+#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
+
+# Manager virtual host (manager.__DNSDOMAIN__)
+
+ ServerName manager-api.__DNSDOMAIN__
+ LogLevel notice
+ # See above to set LLNG user id in Apache logs
+ #CustomLog __APACHELOGDIR__/manager-api.log llng
+ #ErrorLog __APACHELOGDIR__/lm_err.log
+
+ # Uncomment this if you are running behind a reverse proxy and want
+ # LemonLDAP::NG to see the real IP address of the end user
+ # Adjust the settings to match the IP address of your reverse proxy
+ # and the header containing the original IP address
+ #
+ #RemoteIPHeader X-Forwarded-For
+ #RemoteIPInternalProxy 127.0.0.1
+
+
+ # FASTCGI CONFIGURATION
+ # ---------------------
+
+ # 1) URI management
+ RewriteEngine on
+
+ # For performances, you can delete the previous RewriteRule line after
+ # puttings html files: simply put the HTML results of differents modules
+ # (configuration, sessions, notifications) as manager.html, sessions.html,
+ # notifications.html and uncomment the 2 following lines:
+ # DirectoryIndex manager.html
+ # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
+
+ # REST URLs
+ RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
+
+ # 2) FastCGI engine
+
+ # You can choose any FastCGI system. Here is an example using mod_fcgid
+ # mod_fcgid configuration
+ FcgidMaxRequestLen 2000000
+
+ SetHandler fcgid-script
+ Options +ExecCGI
+ header unset Lm-Remote-User
+
+
+ # If you want to use mod_fastcgi, replace lines below by:
+ #FastCgiServer __MANAGERAPIDIR__/manager.fcgi
+
+ # GLOBAL CONFIGURATION
+ # --------------------
+
+ DocumentRoot __MANAGERAPIDIR__
+
+
+ Order Deny,Allow
+ Deny from all
+
+
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
+ SetOutputFilter DEFLATE
+ BrowserMatch ^Mozilla/4 gzip-only-text/html
+ BrowserMatch ^Mozilla/4\.0[678] no-gzip
+ BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+ SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
+
+
+ Header append Vary User-Agent env=!dont-vary
+
+
+
+ # Uncomment this if site if you use SSL only
+ #Header set Strict-Transport-Security "max-age=15768000"
+
diff --git a/_example/etc/api-nginx.conf b/_example/etc/api-nginx.conf
new file mode 100644
index 000000000..782a39f73
--- /dev/null
+++ b/_example/etc/api-nginx.conf
@@ -0,0 +1,50 @@
+server {
+ listen __PORT__;
+ server_name manager-api.__DNSDOMAIN__;
+ root __MANAGERAPIDIR__;
+ # Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
+ #access_log /var/log/nginx/manager-api.log lm_app;
+
+ # Uncomment this if you are running behind a reverse proxy and want
+ # LemonLDAP::NG to see the real IP address of the end user
+ # Adjust the settings to match the IP address of your reverse proxy
+ # and the header containing the original IP address
+ # As an alternative, you can use the PROXY protocol
+ #
+ #set_real_ip_from 127.0.0.1;
+ #real_ip_header X-Forwarded-For;
+
+ rewrite ^/(.*)$ /api.psgi/$1 break;
+
+ location ~ ^(?/.*\.psgi)(?:$|/) {
+
+ # FastCGI configuration
+ include /etc/nginx/fastcgi_params;
+ fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
+ fastcgi_param LLTYPE psgi;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+
+ # OR TO USE uWSGI
+ #include /etc/nginx/uwsgi_params;
+ #uwsgi_pass 127.0.0.1:5000;
+ #uwsgi_param LLTYPE psgi;
+ #uwsgi_param SCRIPT_FILENAME $document_root$sc;
+ #uwsgi_param SCRIPT_NAME $sc;
+
+ # Uncomment this if you use https only
+ #add_header Strict-Transport-Security "max-age=15768000";
+
+ # Access control
+ #allow 127.0.0.0/8;
+ deny all;
+ }
+
+ # DEBIAN
+ # If install was made with USEDEBIANLIBS (official releases), uncomment this
+ #location /javascript/ {
+ # alias /usr/share/javascript/;
+ #}
+
+}
diff --git a/_example/etc/manager-apache2.4.conf b/_example/etc/manager-apache2.4.conf
index 20608ea08..62841e33d 100644
--- a/_example/etc/manager-apache2.4.conf
+++ b/_example/etc/manager-apache2.4.conf
@@ -99,76 +99,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
-
-# API virtual host (manager.__DNSDOMAIN__)
-
- ServerName api.__DNSDOMAIN__
- LogLevel notice
- # See above to set LLNG user id in Apache logs
- #CustomLog __APACHELOGDIR__/manager.log llng
- #ErrorLog __APACHELOGDIR__/lm_err.log
-
- # Uncomment this if you are running behind a reverse proxy and want
- # LemonLDAP::NG to see the real IP address of the end user
- # Adjust the settings to match the IP address of your reverse proxy
- # and the header containing the original IP address
- #
- #RemoteIPHeader X-Forwarded-For
- #RemoteIPInternalProxy 127.0.0.1
-
-
- # FASTCGI CONFIGURATION
- # ---------------------
-
- # 1) URI management
- RewriteEngine on
-
- # For performances, you can delete the previous RewriteRule line after
- # puttings html files: simply put the HTML results of differents modules
- # (configuration, sessions, notifications) as manager.html, sessions.html,
- # notifications.html and uncomment the 2 following lines:
- # DirectoryIndex manager.html
- # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
-
- # REST URLs
- RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
- RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
-
- # 2) FastCGI engine
-
- # You can choose any FastCGI system. Here is an example using mod_fcgid
- # mod_fcgid configuration
- FcgidMaxRequestLen 2000000
-
- SetHandler fcgid-script
- Options +ExecCGI
- header unset Lm-Remote-User
-
-
- # If you want to use mod_fastcgi, replace lines below by:
- #FastCgiServer __MANAGERSITEDIR__/manager.fcgi
-
- # GLOBAL CONFIGURATION
- # --------------------
-
- DocumentRoot __MANAGERSITEDIR__
-
-
- Require all denied
-
-
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
- SetOutputFilter DEFLATE
- BrowserMatch ^Mozilla/4 gzip-only-text/html
- BrowserMatch ^Mozilla/4\.0[678] no-gzip
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
- SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
-
-
- Header append Vary User-Agent env=!dont-vary
-
-
-
- # Uncomment this if site if you use SSL only
- #Header set Strict-Transport-Security "max-age=15768000"
-
diff --git a/_example/etc/manager-apache2.X.conf b/_example/etc/manager-apache2.X.conf
index a87605fc5..614c311f7 100644
--- a/_example/etc/manager-apache2.X.conf
+++ b/_example/etc/manager-apache2.X.conf
@@ -118,83 +118,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
-
-# API virtual host (manager.__DNSDOMAIN__)
-
- ServerName api.__DNSDOMAIN__
- LogLevel notice
- # See above to set LLNG user id in Apache logs
- #CustomLog __APACHELOGDIR__/manager.log llng
- #ErrorLog __APACHELOGDIR__/lm_err.log
-
- # Uncomment this if you are running behind a reverse proxy and want
- # LemonLDAP::NG to see the real IP address of the end user
- # Adjust the settings to match the IP address of your reverse proxy
- # and the header containing the original IP address
- #
- #RemoteIPHeader X-Forwarded-For
- #RemoteIPInternalProxy 127.0.0.1
-
-
- # FASTCGI CONFIGURATION
- # ---------------------
-
- # 1) URI management
- RewriteEngine on
-
- # For performances, you can delete the previous RewriteRule line after
- # puttings html files: simply put the HTML results of differents modules
- # (configuration, sessions, notifications) as manager.html, sessions.html,
- # notifications.html and uncomment the 2 following lines:
- # DirectoryIndex manager.html
- # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
-
- # REST URLs
- RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
- RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
-
- # 2) FastCGI engine
-
- # You can choose any FastCGI system. Here is an example using mod_fcgid
- # mod_fcgid configuration
- FcgidMaxRequestLen 2000000
-
- SetHandler fcgid-script
- Options +ExecCGI
- header unset Lm-Remote-User
-
-
- # If you want to use mod_fastcgi, replace lines below by:
- #FastCgiServer __MANAGERSITEDIR__/manager.fcgi
-
- # GLOBAL CONFIGURATION
- # --------------------
-
- DocumentRoot __MANAGERSITEDIR__
-
-
- = 2.3>
- Require all denied
-
-
- Order Deny,Allow
- Deny from all
-
- Options +FollowSymLinks
-
-
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
- SetOutputFilter DEFLATE
- BrowserMatch ^Mozilla/4 gzip-only-text/html
- BrowserMatch ^Mozilla/4\.0[678] no-gzip
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
- SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
-
-
- Header append Vary User-Agent env=!dont-vary
-
-
-
- # Uncomment this if site if you use SSL only
- #Header set Strict-Transport-Security "max-age=15768000"
-
diff --git a/_example/etc/manager-apache2.conf b/_example/etc/manager-apache2.conf
index fe8003430..540557cbc 100644
--- a/_example/etc/manager-apache2.conf
+++ b/_example/etc/manager-apache2.conf
@@ -102,77 +102,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
-
-# API virtual host (api.__DNSDOMAIN__)
-
- ServerName api.__DNSDOMAIN__
- LogLevel notice
- # See above to set LLNG user id in Apache logs
- #CustomLog __APACHELOGDIR__/manager.log llng
- #ErrorLog __APACHELOGDIR__/lm_err.log
-
- # Uncomment this if you are running behind a reverse proxy and want
- # LemonLDAP::NG to see the real IP address of the end user
- # Adjust the settings to match the IP address of your reverse proxy
- # and the header containing the original IP address
- #
- #RemoteIPHeader X-Forwarded-For
- #RemoteIPInternalProxy 127.0.0.1
-
-
- # FASTCGI CONFIGURATION
- # ---------------------
-
- # 1) URI management
- RewriteEngine on
-
- # For performances, you can delete the previous RewriteRule line after
- # puttings html files: simply put the HTML results of differents modules
- # (configuration, sessions, notifications) as manager.html, sessions.html,
- # notifications.html and uncomment the 2 following lines:
- # DirectoryIndex manager.html
- # RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
-
- # REST URLs
- RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
- RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
-
- # 2) FastCGI engine
-
- # You can choose any FastCGI system. Here is an example using mod_fcgid
- # mod_fcgid configuration
- FcgidMaxRequestLen 2000000
-
- SetHandler fcgid-script
- Options +ExecCGI
- header unset Lm-Remote-User
-
-
- # If you want to use mod_fastcgi, replace lines below by:
- #FastCgiServer __MANAGERSITEDIR__/manager.fcgi
-
- # GLOBAL CONFIGURATION
- # --------------------
-
- DocumentRoot __MANAGERSITEDIR__
-
-
- Order Deny,Allow
- Deny from all
-
-
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
- SetOutputFilter DEFLATE
- BrowserMatch ^Mozilla/4 gzip-only-text/html
- BrowserMatch ^Mozilla/4\.0[678] no-gzip
- BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
- SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
-
-
- Header append Vary User-Agent env=!dont-vary
-
-
-
- # Uncomment this if site if you use SSL only
- #Header set Strict-Transport-Security "max-age=15768000"
-
diff --git a/debian/liblemonldap-ng-manager-perl.install b/debian/liblemonldap-ng-manager-perl.install
index a1bca1c19..a4fef39a4 100644
--- a/debian/liblemonldap-ng-manager-perl.install
+++ b/debian/liblemonldap-ng-manager-perl.install
@@ -1,3 +1,5 @@
+/etc/lemonldap-ng/api-apache2.conf
+/etc/lemonldap-ng/api-nginx.conf
/etc/lemonldap-ng/manager-apache2.conf
/etc/lemonldap-ng/manager-nginx.conf
/usr/share/man/man3/Lemonldap::NG::Manager*
diff --git a/debian/liblemonldap-ng-manager-perl.links b/debian/liblemonldap-ng-manager-perl.links
index 16da1d0c4..d33e0f92d 100644
--- a/debian/liblemonldap-ng-manager-perl.links
+++ b/debian/liblemonldap-ng-manager-perl.links
@@ -1,2 +1,4 @@
+/etc/lemonldap-ng/api-apache2.conf /etc/apache2/sites-available/api-apache2.conf
+/etc/lemonldap-ng/api-nginx.conf /etc/nginx/sites-available/api-nginx.conf
/etc/lemonldap-ng/manager-apache2.conf /etc/apache2/sites-available/manager-apache2.conf
/etc/lemonldap-ng/manager-nginx.conf /etc/nginx/sites-available/manager-nginx.conf
diff --git a/debian/rules b/debian/rules
index 4a0b958ce..35d6e28eb 100755
--- a/debian/rules
+++ b/debian/rules
@@ -49,7 +49,7 @@ override_dh_auto_install:
DEFDOCDIR=/usr/share/doc/lemonldap-ng-doc \
UWSGIYAMLDIR=/etc/uwsgi/apps-available \
PROD=yes
- for i in handler portal manager test; do \
+ for i in handler portal manager api test; do \
mv $(TMP)/etc/lemonldap-ng/$$i-apache2.X.conf $(TMP)/etc/lemonldap-ng/$$i-apache2.conf; \
done
diff --git a/lemonldap-ng-manager/MANIFEST b/lemonldap-ng-manager/MANIFEST
index c73256dd7..b8209c036 100644
--- a/lemonldap-ng-manager/MANIFEST
+++ b/lemonldap-ng-manager/MANIFEST
@@ -46,7 +46,8 @@ site/coffee/notifications.coffee
site/coffee/sessions.coffee
site/coffee/viewDiff.coffee
site/coffee/viewer.coffee
-site/htdocs/api.fcgi
+site/api/api.fcgi
+site/api/api.psgi
site/htdocs/manager.fcgi
site/htdocs/manager.psgi
site/htdocs/static/bwr/angular-animate/angular-animate.js
diff --git a/lemonldap-ng-manager/site/htdocs/api.fcgi b/lemonldap-ng-manager/site/api/api.fcgi
similarity index 100%
rename from lemonldap-ng-manager/site/htdocs/api.fcgi
rename to lemonldap-ng-manager/site/api/api.fcgi
diff --git a/lemonldap-ng-manager/site/api/api.psgi b/lemonldap-ng-manager/site/api/api.psgi
new file mode 100755
index 000000000..376277f98
--- /dev/null
+++ b/lemonldap-ng-manager/site/api/api.psgi
@@ -0,0 +1,6 @@
+#!/usr/bin/perl
+
+use Lemonldap::NG::Manager;
+
+Lemonldap::NG::Manager->run(
+ { enabledModules => "api", protection => "none" } );
diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec
index 792870629..0a88d87a4 100644
--- a/rpm/lemonldap-ng.spec
+++ b/rpm/lemonldap-ng.spec
@@ -448,7 +448,7 @@ chmod 775 %{buildroot}%{lm_sbindir}/llng-fastcgi-server
# Install httpd conf files
# We use "z-lemonldap-ng-*" so that httpd read the files after "perl.conf"
mkdir -p %{buildroot}%{apache_confdir}
-for i in handler manager portal test; do {
+for i in handler manager portal api test; do {
mv %{buildroot}%{lm_confdir}/$i-apache%{apache_version}.conf \
%{buildroot}%{apache_confdir}/z-lemonldap-ng-$i.conf
}; done
@@ -471,6 +471,9 @@ sed -i 's:/etc/lemonldap-ng/nginx-lua-headers.conf:/etc/nginx/nginx-lua-headers.
mv %{buildroot}%{lm_confdir}/for_etc_hosts .
# Fix shebang and perms
+sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
+ %{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
+chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
%{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
@@ -544,6 +547,7 @@ fi
%config(noreplace) %attr(-,root,%{lm_apachegroup}) %{lm_storagefile}
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-handler.conf
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-manager.conf
+%config(noreplace) %{apache_confdir}/z-lemonldap-ng-api.conf
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-portal.conf
%{_mandir}/man1/convertConfig*
%{_mandir}/man1/convertSessions*
@@ -618,6 +622,7 @@ fi
%config(noreplace) %{_sysconfdir}/nginx/nginx-lmlog.conf
%config(noreplace) %{_sysconfdir}/nginx/nginx-lua-headers.conf
%config(noreplace) %{_sysconfdir}/nginx/conf.d/portal-nginx.conf
+%config(noreplace) %{_sysconfdir}/nginx/conf.d/api-nginx.conf
%config(noreplace) %{_sysconfdir}/nginx/conf.d/test-nginx.conf
%files -n perl-Lemonldap-NG-Common