1 files changed, 252 insertions, 0 deletions

diff --git a/sca-cpp/trunk/hosting/server/ssl-proxy-start b/sca-cpp/trunk/hosting/server/ssl-proxy-start
new file mode 100755
index 0000000000..e38f54055b
--- /dev/null
+++ b/sca-cpp/trunk/hosting/server/ssl-proxy-start
@@ -0,0 +1,252 @@
+#!/bin/sh
+
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#  
+#    http://www.apache.org/licenses/LICENSE-2.0
+#    
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+# For this module to work, add the www.example.com domain to your /etc/hosts as
+# follows:
+# 127.0.0.1 www.example.com
+
+here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
+
+# Configure and start logging
+if [ -x ../../components/log/scribe-cat ]; then
+    ../../components/log/scribed-central-conf tmp
+    ../../components/log/scribed-client-conf tmp localhost
+    ../../components/log/scribed-central-start tmp
+    ../../components/log/scribed-client-start tmp
+fi
+
+# Start memcached
+../../components/cache/memcached-start tmp 11211
+../../components/cache/memcached-start tmp 11212
+
+# Configure server
+../../modules/http/httpd-conf tmp www.example.com 9090 htdocs
+../../modules/http/httpd-event-conf tmp
+
+# Configure HTTP basic auth
+../../modules/http/basic-auth-conf tmp component
+
+# Configure OAuth authentication
+# Configure your OAuth app keys here
+../../modules/oauth/oauth-conf tmp component
+../../modules/oauth/oauth-memcached-conf tmp localhost 11212
+../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890
+../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890
+
+# Configure form-based authentication
+../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820
+
+# Configure authorized admins
+../../modules/http/passwd-auth-conf tmp admin admin
+
+# Configure Python component support
+../../modules/server/server-conf tmp
+../../modules/python/python-conf tmp
+
+# Configure server log streaming
+if [ -x ../../components/log/scribe-cat ]; then
+    cat >tmp/conf/log.conf <<EOF
+# Generated by: ssl-proxy-start $*
+LogLevel notice
+ErrorLog "|$here/../../components/log/scribe-cat localhost server"
+CustomLog "|$here/../../components/log/scribe-cat localhost server" combined
+
+EOF
+
+fi
+../../modules/http/httpd-loglevel-conf tmp debug
+
+# Configure error pages
+cat >>tmp/conf/svhost.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Error pages
+ErrorDocument 404 /public/notfound/
+ErrorDocument 401 /public/notauth/
+ErrorDocument 403 /public/notauth/
+ErrorDocument 400 /public/oops/
+ErrorDocument 405 /public/oops/
+ErrorDocument 500 /public/oops/
+ErrorDocument 502 /public/oops/
+ErrorDocument 503 /public/oops/
+
+EOF
+
+# Configure SCA contributions
+cat >>tmp/conf/httpd.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Configure SCA Composite
+SCAContribution $here/
+SCAComposite server.composite
+
+# Configure SCA Composite for mass dynamic virtual Hosting
+SCAVirtualContributor Composites
+
+# Configure SCA Authenticator component
+SCAAuthenticator Authenticator
+
+# Configure SCA wiring timeout
+SCAWiringTimeout 10
+
+EOF
+
+# Configure resource aliases
+cat >>tmp/conf/httpd.conf <<EOF
+# Generated by: ssl-proxy-start $*
+Alias /home/home.png $here/htdocs/home/home.png
+Alias /home/home.b64 $here/htdocs/home/home.b64
+Alias /proxy/public/config.js $here/htdocs/public/config.js
+Alias /proxy/public/config-min.js $here/public/config-min.js
+
+EOF
+
+# Configure app resource aliases
+cat >>tmp/conf/svhost-ssl.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Map /v/<app-name>/<path> to htdocs/app/<path>
+AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2
+
+EOF
+
+# Configure admin access to server status and info
+cat >tmp/conf/adminauth.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Allow the server admin to view the server status and info
+<Location /server-status>
+AuthType None
+Require all granted
+</Location>
+
+<Location /server-info>
+AuthType None
+Require all granted
+</Location>
+
+EOF
+
+# Configure admin access to components
+cat >>tmp/conf/locauth-ssl.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Allow the server admin to access all components
+<Location /c>
+Require user admin
+</Location>
+<Location /r>
+Require user admin
+</Location>
+<Location /r/Editor>
+Require valid-user
+</Location>
+<Location /r/App>
+Require valid-user
+</Location>
+EOF
+
+# Start server
+../../modules/http/httpd-start tmp
+sleep 2
+
+# Configure authorized users
+./put-auth tmp admin admin admin admin
+./put-auth tmp admin admin john john
+./put-auth tmp admin admin jane jane
+# Configure the email addresses associated with your OAuth ids here
+./put-auth tmp admin admin /oauth1/john@example.com password
+./put-auth tmp admin admin /oauth2/jane@example.com password
+
+# Clear document cache
+rm -rf tmp/proxy/cache
+
+# Create SSL certificates
+../../modules/http/ssl-ca-conf tmp/proxy www.example.com
+../../modules/http/ssl-cert-conf tmp/proxy www.example.com server
+
+# Configure proxy balancer
+../../modules/http/httpd-conf tmp/proxy www.example.com 8090 tmp/htdocs
+../../modules/http/alt-host-conf tmp/proxy ww1.example.com
+../../modules/http/alt-host-conf tmp/proxy ww2.example.com
+../../modules/http/proxy-conf tmp/proxy
+../../modules/js/js-conf tmp/proxy
+../../modules/http/httpd-event-conf tmp/proxy
+#../../modules/http/cache-conf tmp/proxy
+../../modules/http/httpd-ssl-conf tmp/proxy 8453
+../../modules/http/proxy-ssl-conf tmp/proxy
+#../../modules/http/cache-ssl-conf tmp/proxy
+
+# Configure password authentication
+../../modules/http/basic-auth-conf tmp/proxy file /balancer-manager
+../../modules/http/basic-auth-conf tmp/proxy file /server-status
+../../modules/http/passwd-auth-conf tmp/proxy file admin admin
+
+# Configure mod-security
+../../modules/http/mod-security-conf tmp/proxy
+#../../modules/http/mod-security-audit-conf tmp/proxy
+
+# Configure proxy balancer members
+../../modules/http/proxy-ssl-nossl-member-conf tmp/proxy localhost 9090
+
+# Configure proxy log streaming
+if [ -x ../../components/log/scribe-cat ]; then
+    cat >tmp/proxy/conf/log.conf <<EOF
+# Generated by: ssl-proxy-start $*
+ErrorLog "|$here/../../components/log/scribe-cat www.example.com proxy"
+CustomLog "|$here/../../components/log/scribe-cat www.example.com access" combined
+
+EOF
+
+    cat >tmp/proxy/conf/log-ssl.conf <<EOF
+# Generated by: ssl-proxy-start $*
+CustomLog "|$here/../../components/log/scribe-cat www.example.com access" sslcombined
+
+EOF
+
+#    cat >tmp/proxy/conf/mod-security-audit-log.conf <<EOF
+## Generated by: start $*
+#SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit secaudit"
+#
+#EOF
+
+fi
+../../modules/http/httpd-loglevel-conf tmp/proxy debug
+
+# Configure resource aliases
+cat >>tmp/proxy/conf/httpd.conf <<EOF
+# Generated by: ssl-proxy-start $*
+Alias /proxy/public/config.js $here/htdocs/public/config.js
+Alias /proxy/public/config-min.js $here/htdocs/public/config-min.js
+
+EOF
+
+# Configure error pages
+cat >>tmp/proxy/conf/vhost-ssl.conf <<EOF
+# Generated by: ssl-proxy-start $*
+# Error pages
+ErrorDocument 404 /proxy/public/oops/
+ErrorDocument 401 /proxy/public/oops/
+ErrorDocument 403 /proxy/public/oops/
+ErrorDocument 400 /proxy/public/oops/
+ErrorDocument 405 /proxy/public/oops/
+ErrorDocument 500 /proxy/public/oops/
+ErrorDocument 502 /proxy/public/oops/
+ErrorDocument 503 /proxy/public/oops/
+
+EOF
+
+# Start proxy balancer
+../../modules/http/httpd-start tmp/proxy
+