diff options
Diffstat (limited to 'sca-cpp/trunk/hosting/server/ssl-start')
| -rwxr-xr-x | sca-cpp/trunk/hosting/server/ssl-start | 113 |
1 files changed, 64 insertions, 49 deletions
diff --git a/sca-cpp/trunk/hosting/server/ssl-start b/sca-cpp/trunk/hosting/server/ssl-start index b80b2adf40..d699089847 100755 --- a/sca-cpp/trunk/hosting/server/ssl-start +++ b/sca-cpp/trunk/hosting/server/ssl-start @@ -22,7 +22,6 @@ # 127.0.0.1 www.example.com here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here` -jsprefix=`echo "import os; print os.path.realpath('$here/../../modules/js')" | python` host=`hostname` # Create SSL certificates @@ -41,39 +40,33 @@ fi ../../components/cache/memcached-start tmp 11211 ../../components/cache/memcached-start tmp 11212 +# Clear document cache +rm -rf tmp/cache + # Configure server ../../modules/http/httpd-conf tmp www.example.com 8090 htdocs +../../modules/http/alt-host-conf tmp ww1.example.com +../../modules/http/alt-host-conf tmp ww2.example.com ../../modules/http/httpd-event-conf tmp +#../../modules/http/cache-conf tmp ../../modules/http/httpd-ssl-conf tmp 8453 +#../../modules/http/cache-ssl-conf tmp # Configure HTTP basic auth -../../modules/http/basic-auth-conf tmp +../../modules/http/basic-auth-conf tmp component # Configure OAuth authentication # Configure your OAuth app keys here -../../modules/oauth/oauth-conf tmp +../../modules/oauth/oauth-conf tmp component ../../modules/oauth/oauth-memcached-conf tmp localhost 11212 ../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890 ../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890 -# Configure password authentication -../../modules/http/open-auth-conf tmp -../../modules/http/passwd-auth-conf tmp john john -../../modules/http/passwd-auth-conf tmp jane jane -../../modules/http/passwd-auth-conf tmp admin admin - -# Configure OpenID step2 authentication -../../modules/openid/openid-conf tmp -../../modules/openid/openid-step2-conf tmp -../../modules/openid/openid-memcached-conf tmp localhost 11212 +# Configure form-based authentication +../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820 -# Configure authorized users -../../modules/http/group-auth-conf tmp john -../../modules/http/group-auth-conf tmp jane -../../modules/http/group-auth-conf tmp admin -# Configure the email addresses associated with your OpenID and OAuth ids here -../../modules/http/group-auth-conf tmp john@example.com -../../modules/http/group-auth-conf tmp jane@example.com +# Configure authorized admins +../../modules/http/passwd-auth-conf tmp admin admin # Configure mod-security #../../modules/http/mod-security-conf tmp @@ -103,26 +96,6 @@ SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit" EOF -else - cat >tmp/conf/log.conf <<EOF -# Generated by: ssl=start $* -ErrorLog $here/tmp/logs/error_log -CustomLog $here/tmp/logs/access_log combined - -EOF - - cat >tmp/conf/log-ssl.conf <<EOF -# Generated by: ssl-start $* -CustomLog $here/tmp/logs/ssl_access_log sslcombined - -EOF - - cat >tmp/conf/mod-security-log.conf <<EOF -# Generated by: ssl-start $* -SecAuditLog $here/tmp/logs/secaudit_log - -EOF - fi #../../modules/http/httpd-loglevel-conf tmp debug @@ -143,10 +116,11 @@ cat >>tmp/conf/svhost-ssl.conf <<EOF ErrorDocument 404 /public/notfound/ ErrorDocument 401 /public/notauth/ ErrorDocument 403 /public/notauth/ +ErrorDocument 400 /public/oops/ +ErrorDocument 405 /public/oops/ ErrorDocument 500 /public/oops/ ErrorDocument 502 /public/oops/ ErrorDocument 503 /public/oops/ -ErrorDocument 405 /public/oops/ EOF @@ -160,6 +134,12 @@ SCAComposite server.composite # Configure SCA Composite for mass dynamic virtual Hosting SCAVirtualContributor Composites +# Configure SCA Authenticator component +SCAAuthenticator Authenticator + +# Configure SCA wiring timeout +SCAWiringTimeout 10 + EOF # Configure resource aliases @@ -172,14 +152,6 @@ Alias /proxy/public/config-min.js $here/public/config-min.js EOF -# Create app implementation resource links -if [ ! -e "nuvem" ]; then - ln -s "../../../nuvem/nuvem-parallel/nuvem" "nuvem" -fi -if [ ! -e "lib" ]; then - ln -s "../../components" "lib" -fi - # Configure app resource aliases cat >>tmp/conf/svhost-ssl.conf <<EOF # Generated by: ssl-start $* @@ -188,6 +160,49 @@ AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2 EOF +# Configure admin access to server status and info +cat >tmp/conf/adminauth.conf <<EOF +# Generated by: ssl-start $* +# Allow the server admin to view the server status and info +<Location /server-status> +AuthType None +Require all granted +</Location> + +<Location /server-info> +AuthType None +Require all granted +</Location> + +EOF + +# Configure admin access to components +cat >>tmp/conf/locauth-ssl.conf <<EOF +# Generated by: ssl-start $* +# Allow the server admin to access all components +<Location /c> +Require user admin +</Location> +<Location /r> +Require user admin +</Location> +<Location /r/Editor> +Require valid-user +</Location> +<Location /r/App> +Require valid-user +</Location> +EOF + # Start server ../../modules/http/httpd-start tmp +sleep 2 + +# Configure authorized users +./put-auth tmp admin admin admin admin +./put-auth tmp admin admin john john +./put-auth tmp admin admin jane jane +# Configure the email addresses associated with your OAuth ids here +./put-auth tmp admin admin /oauth1/john@example.com password +./put-auth tmp admin admin /oauth2/jane@example.com password |