koozali/smeserver-webapps-common
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Allow access to acme challenge even when restricted

Browse Source
This commit is contained in:
Daniel Berteaud 2016-06-06 11:44:17 +02:00
parent 57aeaa5cf1
commit adf314984c
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
View File

@ -84,7 +84,7 @@ if ($allow ne ''){
else{ else{
$allow =~ s/[,;]/ /g; $allow =~ s/[,;]/ /g;
} }
$OUT .=<<"EOF" $OUT .=<<"EOF";
<Location /> <Location />
Order deny,allow Order deny,allow
@ -92,6 +92,10 @@ if ($allow ne ''){
Allow from $allow Allow from $allow
</Location> </Location>
<Location /.well-known/acme-challenge/>
Allow from all
</Location>
EOF EOF
} }
@ -101,9 +105,13 @@ if ($auth =~ m/^Basic$/i){
$require = "Require ldap-group "; $require = "Require ldap-group ";
$require .= "cn=$_,ou=Groups,$base " foreach(@groups); $require .= "cn=$_,ou=Groups,$base " foreach(@groups);
} }
$OUT .=<<"EOF"; SetEnvIf %{Request_URI} "^/\.well\-known/acme\-challenge" granted=1
<Location /> <Location />
Order deny,allow
Satisfy any
Deny from all
Allow from env=granted
AuthType basic AuthType basic
AuthName "$name" AuthName "$name"
AuthBasicProvider ldap AuthBasicProvider ldap