[evolvis-commits] r6664: split off https/ ssl configuration into only one file↵
Thorsten Glaser
t.glaser at tarent.de
Tue Jun 1 17:44:48 CEST 2010
Author: Thorsten Glaser <t.glaser at tarent.de>
Date: 2010-06-01 17:44:48 +0200 (Tue, 01 Jun 2010)
New Revision: 6664
Added:
trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl0.inc
trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl1.inc
Modified:
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/06maindirhttp
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/07maindirhttp.ssl
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/20list
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/21list.ssl
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/40virtualhost
trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/41virtualhost.ssl
trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.vhosts
trunk/gforge_base/evolvisforge/gforge/setup
Log:
split off https/ssl configuration into only one file
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/06maindirhttp
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/06maindirhttp 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/06maindirhttp 2010-06-01 15:44:48 UTC (rev 6664)
@@ -53,11 +53,6 @@
# allow from all
# </Directory>
- # Ensure that we don't try to use SSL on SSL Servers
- <IfModule apache_ssl.c>
- SSLDisable
- </IfModule>
-
Alias /fckeditor/ /usr/share/fckeditor/
<Directory "/usr/share/fckeditor/">
Options Indexes MultiViews FollowSymLinks
@@ -74,5 +69,7 @@
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
+
+ Include /etc/gforge/httpd.ssl0.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/07maindirhttp.ssl
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/07maindirhttp.ssl 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/07maindirhttp.ssl 2010-06-01 15:44:48 UTC (rev 6664)
@@ -42,25 +42,6 @@
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- <IfModule mod_ssl.c>
- SSLEngine on
- SSLCertificateFile {sys_sslcrt}
- SSLCertificateKeyFile {sys_sslkey}
- {sys_ssl_apache_extra_cmd}
- <Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory "/usr/lib/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
-
- <IfModule apache_ssl.c>
- SSLEnable
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
-
Alias /fckeditor/ /usr/share/fckeditor/
<Directory "/usr/share/fckeditor/">
Options Indexes MultiViews FollowSymLinks
@@ -77,5 +58,7 @@
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
+
+ Include /etc/gforge/httpd.ssl1.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/20list
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/20list 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/20list 2010-06-01 15:44:48 UTC (rev 6664)
@@ -26,12 +26,10 @@
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/gforge.log" gforge
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- # Ensure that we don't try to use SSL on SSL Servers
- <IfModule apache_ssl.c>
- SSLDisable
- </IfModule>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
+
+ Include /etc/gforge/httpd.ssl0.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/21list.ssl
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/21list.ssl 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/21list.ssl 2010-06-01 15:44:48 UTC (rev 6664)
@@ -6,24 +6,6 @@
ServerName {lists_host}
AddHandler cgi-script .cgi
- <IfModule mod_ssl.c>
- SSLEngine on
- SSLCertificateFile {sys_sslcrt}
- SSLCertificateKeyFile {sys_sslkey}
- {sys_ssl_apache_extra_cmd}
- <Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory "/usr/lib/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
-
- <IfModule apache_ssl.c>
- SSLEnable
- </IfModule>
-
ScriptAlias /cgi-bin/mailman/ /var/lib/mailman/cgi-bin/
ScriptAlias /mailman/ /var/lib/mailman/cgi-bin/
@@ -48,5 +30,7 @@
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
+
+ Include /etc/gforge/httpd.ssl1.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/40virtualhost
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/40virtualhost 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/40virtualhost 2010-06-01 15:44:48 UTC (rev 6664)
@@ -21,8 +21,6 @@
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/gforge.log" gforge
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|/usr/bin/cronolog {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- # Ensure that we don't try to use SSL on SSL Servers
- <IfModule apache_ssl.c>
- SSLDisable
- </IfModule>
+
+ Include /etc/gforge/httpd.ssl0.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/41virtualhost.ssl
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/41virtualhost.ssl 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/httpd.d/41virtualhost.ssl 2010-06-01 15:44:48 UTC (rev 6664)
@@ -19,21 +19,5 @@
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|/usr/bin/cronolog {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- <IfModule mod_ssl.c>
- SSLEngine on
- SSLCertificateFile {sys_sslcrt}
- SSLCertificateKeyFile {sys_sslkey}
- {sys_ssl_apache_extra_cmd}
- <Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory "/usr/lib/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
- <IfModule apache_ssl.c>
- SSLEnable
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
+ Include /etc/gforge/httpd.ssl1.inc
</VirtualHost>
Added: trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl0.inc
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl0.inc (rev 0)
+++ trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl0.inc 2010-06-01 15:44:48 UTC (rev 6664)
@@ -0,0 +1,6 @@
+# vhost include fragment for port-80 vhosts
+
+# Ensure that we don’t try to use SSL on SSL servers
+<IfModule apache_ssl.c>
+ SSLDisable
+</IfModule>
Added: trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl1.inc
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl1.inc (rev 0)
+++ trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.ssl1.inc 2010-06-01 15:44:48 UTC (rev 6664)
@@ -0,0 +1,25 @@
+# vhost include fragment for port-443 vhosts
+
+<IfModule mod_ssl.c>
+ SSLEngine on
+
+ SSLCertificateFile {sys_sslcrt}
+ SSLCertificateKeyFile {sys_sslkey}
+ {sys_ssl_apache_extra_cmd}
+
+ <Files ~ "\.(cgi|shtml)$">
+ SSLOptions +StdEnvVars
+ </Files>
+
+ <Directory "/usr/lib/cgi-bin">
+ SSLOptions +StdEnvVars
+ </Directory>
+
+ SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
+
+<IfModule apache_ssl.c>
+ SSLEnable
+
+ SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</IfModule>
Modified: trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.vhosts
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.vhosts 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/etc/templates/httpd.vhosts 2010-06-01 15:44:48 UTC (rev 6664)
@@ -12,10 +12,8 @@
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/gforge.log" gforge
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- # Ensure that we don't try to use SSL on SSL Servers
- <IfModule apache_ssl.c>
- SSLDisable
- </IfModule>
+
+ Include /etc/gforge/httpd.ssl0.inc
</VirtualHost>
<VirtualHost {ip_address}:443>
ServerName {vhost_name}
@@ -32,21 +30,5 @@
LogFormat "%{Host}i %h %l %u %t %{SSL_PROTOCOL}x:%{SSL_CIPHER}x \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhssl
CustomLog "|{cronolog_path} {var_log_gforge}/%Y/%m/%d/awstats.log" combinedvhssl
- <IfModule mod_ssl.c>
- SSLEngine on
- SSLCertificateFile {sys_sslcrt}
- SSLCertificateKeyFile {sys_sslkey}
- {sys_ssl_apache_extra_cmd}
- <Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory "/usr/lib/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
- <IfModule apache_ssl.c>
- SSLEnable
- SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
- </IfModule>
+ Include /etc/gforge/httpd.ssl1.inc
</VirtualHost>
Modified: trunk/gforge_base/evolvisforge/gforge/setup
===================================================================
--- trunk/gforge_base/evolvisforge/gforge/setup 2010-06-01 15:44:45 UTC (rev 6663)
+++ trunk/gforge_base/evolvisforge/gforge/setup 2010-06-01 15:44:48 UTC (rev 6664)
@@ -360,7 +360,7 @@
done
chmod 600 $HTTPDSECRETS $CONFFILEIN $CONFFILEOUT
chmod 640 $CONFFILEOUTDIR/local.pl $CONFFILEOUTDIR/database.inc
- chmod 644 $CONFFILEOUTDIR/shell.inc
+ chmod 644 $CONFFILEOUTDIR/shell.inc $CONFFILEOUTDIR/httpd.*.inc
chown gforge:gforge $CONFFILEOUTDIR/local.pl $CONFFILEOUTDIR/database.inc
}
More information about the evolvis-commits
mailing list