diff options
| author | giorgio <giorgio@13f79535-47bb-0310-9956-ffa450edef68> | 2012-09-05 08:31:30 +0000 |
|---|---|---|
| committer | giorgio <giorgio@13f79535-47bb-0310-9956-ffa450edef68> | 2012-09-05 08:31:30 +0000 |
| commit | c9bfccc35345ce58fb5774d4b0b6a9868b262c0a (patch) | |
| tree | fe84dd4b90f2acd0b933550b6978094926c1d733 /sca-cpp/branches/lightweight-sca/hosting/server/ssl-start | |
| parent | 5ddabdaf1ff856aae79dadc045ef2aeff08c7887 (diff) | |
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1381061 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
| -rwxr-xr-x | sca-cpp/branches/lightweight-sca/hosting/server/ssl-start | 208 |
1 files changed, 208 insertions, 0 deletions
diff --git a/sca-cpp/branches/lightweight-sca/hosting/server/ssl-start b/sca-cpp/branches/lightweight-sca/hosting/server/ssl-start new file mode 100755 index 0000000000..d699089847 --- /dev/null +++ b/sca-cpp/branches/lightweight-sca/hosting/server/ssl-start @@ -0,0 +1,208 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# For this module to work, add the www.example.com domain to your /etc/hosts as +# follows: +# 127.0.0.1 www.example.com + +here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here` +host=`hostname` + +# Create SSL certificates +../../modules/http/ssl-ca-conf tmp www.example.com +../../modules/http/ssl-cert-conf tmp www.example.com server + +# Configure and start logging +if [ -x ../../components/log/scribe-cat ]; then + ../../components/log/scribed-central-conf tmp + ../../components/log/scribed-client-conf tmp localhost + ../../components/log/scribed-central-start tmp + ../../components/log/scribed-client-start tmp +fi + +# Start memcached +../../components/cache/memcached-start tmp 11211 +../../components/cache/memcached-start tmp 11212 + +# Clear document cache +rm -rf tmp/cache + +# Configure server +../../modules/http/httpd-conf tmp www.example.com 8090 htdocs +../../modules/http/alt-host-conf tmp ww1.example.com +../../modules/http/alt-host-conf tmp ww2.example.com +../../modules/http/httpd-event-conf tmp +#../../modules/http/cache-conf tmp +../../modules/http/httpd-ssl-conf tmp 8453 +#../../modules/http/cache-ssl-conf tmp + +# Configure HTTP basic auth +../../modules/http/basic-auth-conf tmp component + +# Configure OAuth authentication +# Configure your OAuth app keys here +../../modules/oauth/oauth-conf tmp component +../../modules/oauth/oauth-memcached-conf tmp localhost 11212 +../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890 +../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890 + +# Configure form-based authentication +../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820 + +# Configure authorized admins +../../modules/http/passwd-auth-conf tmp admin admin + +# Configure mod-security +#../../modules/http/mod-security-conf tmp + +# Configure Python component support +../../modules/server/server-conf tmp +../../modules/python/python-conf tmp + +# Configure server log streaming +if [ -x ../../components/log/scribe-cat ]; then + cat >tmp/conf/log.conf <<EOF +# Generated by: ssl-start $* +ErrorLog "|$here/../../components/log/scribe-cat $host server" +CustomLog "|$here/../../components/log/scribe-cat $host server" combined + +EOF + + cat >tmp/conf/log-ssl.conf <<EOF +# Generated by: ssl-start $* +CustomLog "|$here/../../components/log/scribe-cat $host server" sslcombined + +EOF + + cat >tmp/conf/mod-security-log.conf <<EOF +# Generated by: ssl-start $* +SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit" + +EOF + +fi +#../../modules/http/httpd-loglevel-conf tmp debug + +# Configure certificate mime type +cat >>tmp/conf/svhost-ssl.conf <<EOF +# Generated by: ssl-start $* +# Certificate mime type +<Location /ca.crt> +ForceType application/x-x509-ca-cert +</Location> + +EOF + +# Configure error pages +cat >>tmp/conf/svhost-ssl.conf <<EOF +# Generated by: ssl-start $* +# Error pages +ErrorDocument 404 /public/notfound/ +ErrorDocument 401 /public/notauth/ +ErrorDocument 403 /public/notauth/ +ErrorDocument 400 /public/oops/ +ErrorDocument 405 /public/oops/ +ErrorDocument 500 /public/oops/ +ErrorDocument 502 /public/oops/ +ErrorDocument 503 /public/oops/ + +EOF + +# Configure SCA contributions +cat >>tmp/conf/httpd.conf <<EOF +# Generated by: ssl-start $* +# Configure SCA Composite +SCAContribution $here/ +SCAComposite server.composite + +# Configure SCA Composite for mass dynamic virtual Hosting +SCAVirtualContributor Composites + +# Configure SCA Authenticator component +SCAAuthenticator Authenticator + +# Configure SCA wiring timeout +SCAWiringTimeout 10 + +EOF + +# Configure resource aliases +cat >>tmp/conf/httpd.conf <<EOF +# Generated by: ssl-start $* +Alias /home/home.png $here/htdocs/home/home.png +Alias /home/home.b64 $here/htdocs/home/home.b64 +Alias /proxy/public/config.js $here/htdocs/public/config.js +Alias /proxy/public/config-min.js $here/public/config-min.js + +EOF + +# Configure app resource aliases +cat >>tmp/conf/svhost-ssl.conf <<EOF +# Generated by: ssl-start $* +# Map /v/<app-name>/<path> to htdocs/app/<path> +AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2 + +EOF + +# Configure admin access to server status and info +cat >tmp/conf/adminauth.conf <<EOF +# Generated by: ssl-start $* +# Allow the server admin to view the server status and info +<Location /server-status> +AuthType None +Require all granted +</Location> + +<Location /server-info> +AuthType None +Require all granted +</Location> + +EOF + +# Configure admin access to components +cat >>tmp/conf/locauth-ssl.conf <<EOF +# Generated by: ssl-start $* +# Allow the server admin to access all components +<Location /c> +Require user admin +</Location> +<Location /r> +Require user admin +</Location> +<Location /r/Editor> +Require valid-user +</Location> +<Location /r/App> +Require valid-user +</Location> +EOF + +# Start server +../../modules/http/httpd-start tmp +sleep 2 + +# Configure authorized users +./put-auth tmp admin admin admin admin +./put-auth tmp admin admin john john +./put-auth tmp admin admin jane jane +# Configure the email addresses associated with your OAuth ids here +./put-auth tmp admin admin /oauth1/john@example.com password +./put-auth tmp admin admin /oauth2/jane@example.com password + |