diff options
Diffstat (limited to 'sca-cpp/branches/lightweight-sca/hosting/server/ssl-proxy-start')
-rwxr-xr-x | sca-cpp/branches/lightweight-sca/hosting/server/ssl-proxy-start | 252 |
1 files changed, 252 insertions, 0 deletions
diff --git a/sca-cpp/branches/lightweight-sca/hosting/server/ssl-proxy-start b/sca-cpp/branches/lightweight-sca/hosting/server/ssl-proxy-start new file mode 100755 index 0000000000..e38f54055b --- /dev/null +++ b/sca-cpp/branches/lightweight-sca/hosting/server/ssl-proxy-start @@ -0,0 +1,252 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# For this module to work, add the www.example.com domain to your /etc/hosts as +# follows: +# 127.0.0.1 www.example.com + +here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here` + +# Configure and start logging +if [ -x ../../components/log/scribe-cat ]; then + ../../components/log/scribed-central-conf tmp + ../../components/log/scribed-client-conf tmp localhost + ../../components/log/scribed-central-start tmp + ../../components/log/scribed-client-start tmp +fi + +# Start memcached +../../components/cache/memcached-start tmp 11211 +../../components/cache/memcached-start tmp 11212 + +# Configure server +../../modules/http/httpd-conf tmp www.example.com 9090 htdocs +../../modules/http/httpd-event-conf tmp + +# Configure HTTP basic auth +../../modules/http/basic-auth-conf tmp component + +# Configure OAuth authentication +# Configure your OAuth app keys here +../../modules/oauth/oauth-conf tmp component +../../modules/oauth/oauth-memcached-conf tmp localhost 11212 +../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890 +../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890 + +# Configure form-based authentication +../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820 + +# Configure authorized admins +../../modules/http/passwd-auth-conf tmp admin admin + +# Configure Python component support +../../modules/server/server-conf tmp +../../modules/python/python-conf tmp + +# Configure server log streaming +if [ -x ../../components/log/scribe-cat ]; then + cat >tmp/conf/log.conf <<EOF +# Generated by: ssl-proxy-start $* +LogLevel notice +ErrorLog "|$here/../../components/log/scribe-cat localhost server" +CustomLog "|$here/../../components/log/scribe-cat localhost server" combined + +EOF + +fi +../../modules/http/httpd-loglevel-conf tmp debug + +# Configure error pages +cat >>tmp/conf/svhost.conf <<EOF +# Generated by: ssl-proxy-start $* +# Error pages +ErrorDocument 404 /public/notfound/ +ErrorDocument 401 /public/notauth/ +ErrorDocument 403 /public/notauth/ +ErrorDocument 400 /public/oops/ +ErrorDocument 405 /public/oops/ +ErrorDocument 500 /public/oops/ +ErrorDocument 502 /public/oops/ +ErrorDocument 503 /public/oops/ + +EOF + +# Configure SCA contributions +cat >>tmp/conf/httpd.conf <<EOF +# Generated by: ssl-proxy-start $* +# Configure SCA Composite +SCAContribution $here/ +SCAComposite server.composite + +# Configure SCA Composite for mass dynamic virtual Hosting +SCAVirtualContributor Composites + +# Configure SCA Authenticator component +SCAAuthenticator Authenticator + +# Configure SCA wiring timeout +SCAWiringTimeout 10 + +EOF + +# Configure resource aliases +cat >>tmp/conf/httpd.conf <<EOF +# Generated by: ssl-proxy-start $* +Alias /home/home.png $here/htdocs/home/home.png +Alias /home/home.b64 $here/htdocs/home/home.b64 +Alias /proxy/public/config.js $here/htdocs/public/config.js +Alias /proxy/public/config-min.js $here/public/config-min.js + +EOF + +# Configure app resource aliases +cat >>tmp/conf/svhost-ssl.conf <<EOF +# Generated by: ssl-proxy-start $* +# Map /v/<app-name>/<path> to htdocs/app/<path> +AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2 + +EOF + +# Configure admin access to server status and info +cat >tmp/conf/adminauth.conf <<EOF +# Generated by: ssl-proxy-start $* +# Allow the server admin to view the server status and info +<Location /server-status> +AuthType None +Require all granted +</Location> + +<Location /server-info> +AuthType None +Require all granted +</Location> + +EOF + +# Configure admin access to components +cat >>tmp/conf/locauth-ssl.conf <<EOF +# Generated by: ssl-proxy-start $* +# Allow the server admin to access all components +<Location /c> +Require user admin +</Location> +<Location /r> +Require user admin +</Location> +<Location /r/Editor> +Require valid-user +</Location> +<Location /r/App> +Require valid-user +</Location> +EOF + +# Start server +../../modules/http/httpd-start tmp +sleep 2 + +# Configure authorized users +./put-auth tmp admin admin admin admin +./put-auth tmp admin admin john john +./put-auth tmp admin admin jane jane +# Configure the email addresses associated with your OAuth ids here +./put-auth tmp admin admin /oauth1/john@example.com password +./put-auth tmp admin admin /oauth2/jane@example.com password + +# Clear document cache +rm -rf tmp/proxy/cache + +# Create SSL certificates +../../modules/http/ssl-ca-conf tmp/proxy www.example.com +../../modules/http/ssl-cert-conf tmp/proxy www.example.com server + +# Configure proxy balancer +../../modules/http/httpd-conf tmp/proxy www.example.com 8090 tmp/htdocs +../../modules/http/alt-host-conf tmp/proxy ww1.example.com +../../modules/http/alt-host-conf tmp/proxy ww2.example.com +../../modules/http/proxy-conf tmp/proxy +../../modules/js/js-conf tmp/proxy +../../modules/http/httpd-event-conf tmp/proxy +#../../modules/http/cache-conf tmp/proxy +../../modules/http/httpd-ssl-conf tmp/proxy 8453 +../../modules/http/proxy-ssl-conf tmp/proxy +#../../modules/http/cache-ssl-conf tmp/proxy + +# Configure password authentication +../../modules/http/basic-auth-conf tmp/proxy file /balancer-manager +../../modules/http/basic-auth-conf tmp/proxy file /server-status +../../modules/http/passwd-auth-conf tmp/proxy file admin admin + +# Configure mod-security +../../modules/http/mod-security-conf tmp/proxy +#../../modules/http/mod-security-audit-conf tmp/proxy + +# Configure proxy balancer members +../../modules/http/proxy-ssl-nossl-member-conf tmp/proxy localhost 9090 + +# Configure proxy log streaming +if [ -x ../../components/log/scribe-cat ]; then + cat >tmp/proxy/conf/log.conf <<EOF +# Generated by: ssl-proxy-start $* +ErrorLog "|$here/../../components/log/scribe-cat www.example.com proxy" +CustomLog "|$here/../../components/log/scribe-cat www.example.com access" combined + +EOF + + cat >tmp/proxy/conf/log-ssl.conf <<EOF +# Generated by: ssl-proxy-start $* +CustomLog "|$here/../../components/log/scribe-cat www.example.com access" sslcombined + +EOF + +# cat >tmp/proxy/conf/mod-security-audit-log.conf <<EOF +## Generated by: start $* +#SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit secaudit" +# +#EOF + +fi +../../modules/http/httpd-loglevel-conf tmp/proxy debug + +# Configure resource aliases +cat >>tmp/proxy/conf/httpd.conf <<EOF +# Generated by: ssl-proxy-start $* +Alias /proxy/public/config.js $here/htdocs/public/config.js +Alias /proxy/public/config-min.js $here/htdocs/public/config-min.js + +EOF + +# Configure error pages +cat >>tmp/proxy/conf/vhost-ssl.conf <<EOF +# Generated by: ssl-proxy-start $* +# Error pages +ErrorDocument 404 /proxy/public/oops/ +ErrorDocument 401 /proxy/public/oops/ +ErrorDocument 403 /proxy/public/oops/ +ErrorDocument 400 /proxy/public/oops/ +ErrorDocument 405 /proxy/public/oops/ +ErrorDocument 500 /proxy/public/oops/ +ErrorDocument 502 /proxy/public/oops/ +ErrorDocument 503 /proxy/public/oops/ + +EOF + +# Start proxy balancer +../../modules/http/httpd-start tmp/proxy + |