Commit c4ebfc34 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files

Merge branch 'v2.0'

parents a394dfbe 40fb55f3
......@@ -60,6 +60,7 @@ PORTALTEMPLATESDIR=$(PORTALDIR)/templates
MANAGERDIR=$(DOCUMENTROOT)/manager
MANAGERSITEDIR=$(MANAGERDIR)/htdocs
MANAGERAPIDIR=$(MANAGERDIR)/api
MANAGERSTATICDIR=$(MANAGERSITEDIR)/static
MANAGERRELATIVESTATICDIR=/static
MANAGERTEMPLATESDIR=$(MANAGERSITEDIR)/templates
......@@ -156,6 +157,7 @@ RPORTALSTATICDIR=$(DESTDIR)/$(PORTALSTATICDIR)
RPORTALTEMPLATESDIR=$(DESTDIR)/$(PORTALTEMPLATESDIR)
RMANAGERDIR=$(DESTDIR)/$(MANAGERDIR)
RMANAGERSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
RMANAGERAPIDIR=$(DESTDIR)/$(MANAGERAPIDIR)
RMANAGERSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
RMANAGERTEMPLATESDIR=$(DESTDIR)/$(MANAGERTEMPLATESDIR)
RDOCDIR=$(DESTDIR)/$(DOCDIR)
......@@ -409,7 +411,7 @@ nox_e2e_test:
prepare_test_server:
-@mkdir -p e2e-tests/conf/sessions/lock e2e-tests/conf/persistents/lock
-@mkdir e2e-tests/conf/manager e2e-tests/conf/portal
-@mkdir e2e-tests/conf/manager e2e-tests/conf/portal e2e-tests/conf/api
$(MAKE) install_webserver_conf install_test_site install_fastcgi_server \
CONFDIR=`pwd`/e2e-tests/conf \
RCONFDIR=e2e-tests/conf \
......@@ -428,7 +430,7 @@ prepare_test_server:
ETCDEFAULTDIR=`pwd`/e2e-tests/conf/def
#@cp -f e2e-tests/index.* e2e-tests/conf/
@cp -f $(SRCMANAGERDIR)/site/htdocs/manager* e2e-tests/conf/manager
@cp -f $(SRCMANAGERDIR)/site/htdocs/api* e2e-tests/conf/manager
@cp -f $(SRCMANAGERDIR)/site/api/api* e2e-tests/conf/api
@cp -f $(SRCPORTALDIR)/site/htdocs/index* e2e-tests/conf/portal
@cp e2e-tests/persistent/5efe8af397fc3577e05b483aca964f1b e2e-tests/conf/persistents
@cp e2e-tests/saml-sp.xml e2e-tests/conf/site/saml-sp.xml
......@@ -690,7 +692,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
# Fix a lost of rights on the main directory
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RMANAGERAPIDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
@echo
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
@echo " - System configuration: ${CONFDIR}"
......@@ -702,6 +704,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
@echo " include ${CONFDIR}/portal-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/handler-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/manager-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/api-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/test-apache$(APACHEVERSION).conf"
@echo
@echo "2 - Restart Apache:"
......@@ -725,10 +728,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
install_webserver_conf:
@install -m 755 -v -d $(RCONFDIR)
@if [ "$(ERASECONFIG)" -eq "1" ]; then \
cp -f _example/etc/portal-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/handler-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/manager-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/test-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/*-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp -f _example/etc/*nginx*.conf $(RCONFDIR); \
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g; \
......@@ -736,6 +736,7 @@ install_webserver_conf:
s#__PORTALSITEDIR__#$(PORTALSITEDIR)/#g; \
s#__PORTALSTATICDIR__#$(PORTALSTATICDIR)/#g; \
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
s#__MANAGERAPIDIR__#$(MANAGERAPIDIR)/#g; \
s#__MANAGERSITEDIR__#$(MANAGERSITEDIR)/#g; \
s#__MANAGERSTATICDIR__#$(MANAGERSTATICDIR)/#g; \
s#__TESTDIR__#$(TESTDIR)/#g; \
......@@ -749,7 +750,8 @@ install_webserver_conf:
install_manager_site: install_conf_dir
# Manager install
@install -v -d $(RMANAGERDIR) $(RMANAGERSTATICDIR) \
$(RMANAGERTEMPLATESDIR)
$(RMANAGERTEMPLATESDIR) $(RMANAGERAPIDIR)
@cp -pR -f $(SRCMANAGERDIR)/site/api/* $(RMANAGERAPIDIR)
@cp -pR -f $(SRCMANAGERDIR)/site/htdocs/manager.* $(RMANAGERSITEDIR)
@cp -pR $(SRCMANAGERDIR)/site/htdocs/static/* $(RMANAGERSTATICDIR)
@for f in $(SRCMANAGERDIR)/site/templates/*.tpl; do \
......@@ -1061,6 +1063,7 @@ debian-dist: clean
@cp lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/api-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/api-apache2.conf
@cp lemonldap-ng-$(VERSION)/_example/etc/test-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/test-apache2.conf
@rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
@rm -rf lemonldap-ng-$(VERSION)/node_modules
......
......@@ -96,9 +96,11 @@
"domain" : "__DNSDOMAIN__",
"exportedHeaders" : {
"test1.__DNSDOMAIN__" : {
"Auth-Groups" : "$groups",
"Auth-User" : "$uid"
},
"test2.__DNSDOMAIN__" : {
"Auth-Groups" : "$groups",
"Auth-User" : "$uid"
}
},
......@@ -120,15 +122,15 @@
},
"locationRules" : {
"auth.__DNSDOMAIN__" : {
"(?#checkUser)^/checkuser" : "$uid eq \"dwho\"",
"(?#checkUser)^/checkuser" : "inGroup(\"timelords\")",
"(?#errors)^/lmerror/" : "accept",
"default" : "accept"
},
"manager.__DNSDOMAIN__" : {
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)" : "$uid eq \"dwho\"",
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"default" : "$uid eq \"dwho\" or $uid eq \"rtyler\""
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)" : "inGroup(\"timelords\")",
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications" : "inGroup(\"timelords\") or $uid eq \"rtyler\"",
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions" : "inGroup(\"timelords\") or $uid eq \"rtyler\"",
"default" : "inGroup(\"timelords\") or $uid eq \"rtyler\""
},
"test1.__DNSDOMAIN__" : {
"^/logout" : "logout_sso",
......
#===========================================
# Apache configuration for LemonLDAP::NG API
#===========================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName manager-api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen 2000000
<Files *.fcgi>
SetHandler fcgid-script
Options +ExecCGI
header unset Lm-Remote-User
</Files>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/api.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot __MANAGERAPIDIR__
<Location />
Require all denied
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName manager-api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen 2000000
<Files *.fcgi>
SetHandler fcgid-script
Options +ExecCGI
header unset Lm-Remote-User
</Files>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot __MANAGERAPIDIR__
<Location />
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
Options +FollowSymLinks
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName manager-api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen 2000000
<Files *.fcgi>
SetHandler fcgid-script
Options +ExecCGI
header unset Lm-Remote-User
</Files>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot __MANAGERAPIDIR__
<Location />
Order Deny,Allow
Deny from all
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
server {
listen __PORT__;
server_name manager-api.__DNSDOMAIN__;
root __MANAGERAPIDIR__;
# Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
#access_log /var/log/nginx/manager-api.log lm_app;
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
# As an alternative, you can use the PROXY protocol
#
#set_real_ip_from 127.0.0.1;
#real_ip_header X-Forwarded-For;
rewrite ^/(.*)$ /api.psgi/$1 break;
location ~ ^(?<sc>/.*\.psgi)(?:$|/) {
# FastCGI configuration
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
fastcgi_param LLTYPE psgi;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
# OR TO USE uWSGI
#include /etc/nginx/uwsgi_params;
#uwsgi_pass 127.0.0.1:5000;
#uwsgi_param LLTYPE psgi;
#uwsgi_param SCRIPT_FILENAME $document_root$sc;
#uwsgi_param SCRIPT_NAME $sc;
# Uncomment this if you use https only
#add_header Strict-Transport-Security "max-age=15768000";
# Access control
#allow 127.0.0.0/8;
deny all;
}
# DEBIAN
# If install was made with USEDEBIANLIBS (official releases), uncomment this
#location /javascript/ {
# alias /usr/share/javascript/;
#}
}
......@@ -99,76 +99,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
# API virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen 2000000
<Files *.fcgi>
SetHandler fcgid-script
Options +ExecCGI
header unset Lm-Remote-User
</Files>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot __MANAGERSITEDIR__
<Location />
Require all denied
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
......@@ -118,83 +118,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
# API virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen 2000000
<Files *.fcgi>
SetHandler fcgid-script
Options +ExecCGI
header unset Lm-Remote-User
</Files>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot __MANAGERSITEDIR__
<Location />
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
Options +FollowSymLinks
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
......@@ -102,77 +102,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
# API virtual host (api.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName api.__DNSDOMAIN__
LogLevel notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]