Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Xavier Montagutelli
lemonldap-ng
Commits
c4ebfc34
Commit
c4ebfc34
authored
Mar 22, 2020
by
Christophe Maudoux
Browse files
Merge branch 'v2.0'
parents
a394dfbe
40fb55f3
Changes
99
Hide whitespace changes
Inline
Side-by-side
Makefile
View file @
c4ebfc34
...
...
@@ -60,6 +60,7 @@ PORTALTEMPLATESDIR=$(PORTALDIR)/templates
MANAGERDIR
=
$(DOCUMENTROOT)
/manager
MANAGERSITEDIR
=
$(MANAGERDIR)
/htdocs
MANAGERAPIDIR
=
$(MANAGERDIR)
/api
MANAGERSTATICDIR
=
$(MANAGERSITEDIR)
/static
MANAGERRELATIVESTATICDIR
=
/static
MANAGERTEMPLATESDIR
=
$(MANAGERSITEDIR)
/templates
...
...
@@ -156,6 +157,7 @@ RPORTALSTATICDIR=$(DESTDIR)/$(PORTALSTATICDIR)
RPORTALTEMPLATESDIR
=
$(DESTDIR)
/
$(PORTALTEMPLATESDIR)
RMANAGERDIR
=
$(DESTDIR)
/
$(MANAGERDIR)
RMANAGERSITEDIR
=
$(DESTDIR)
/
$(MANAGERSITEDIR)
RMANAGERAPIDIR
=
$(DESTDIR)
/
$(MANAGERAPIDIR)
RMANAGERSTATICDIR
=
$(DESTDIR)
/
$(MANAGERSTATICDIR)
RMANAGERTEMPLATESDIR
=
$(DESTDIR)
/
$(MANAGERTEMPLATESDIR)
RDOCDIR
=
$(DESTDIR)
/
$(DOCDIR)
...
...
@@ -409,7 +411,7 @@ nox_e2e_test:
prepare_test_server
:
-
@mkdir
-p
e2e-tests/conf/sessions/lock e2e-tests/conf/persistents/lock
-
@mkdir e2e-tests/conf/manager e2e-tests/conf/portal
-
@mkdir e2e-tests/conf/manager e2e-tests/conf/portal
e2e-tests/conf/api
$(MAKE)
install_webserver_conf install_test_site install_fastcgi_server
\
CONFDIR
=
`
pwd
`
/e2e-tests/conf
\
RCONFDIR
=
e2e-tests/conf
\
...
...
@@ -428,7 +430,7 @@ prepare_test_server:
ETCDEFAULTDIR
=
`
pwd
`
/e2e-tests/conf/def
#@cp -f e2e-tests/index.* e2e-tests/conf/
@
cp
-f
$(SRCMANAGERDIR)
/site/htdocs/manager
*
e2e-tests/conf/manager
@
cp
-f
$(SRCMANAGERDIR)
/site/
htdocs
/api
*
e2e-tests/conf/
manager
@
cp
-f
$(SRCMANAGERDIR)
/site/
api
/api
*
e2e-tests/conf/
api
@
cp
-f
$(SRCPORTALDIR)
/site/htdocs/index
*
e2e-tests/conf/portal
@
cp
e2e-tests/persistent/5efe8af397fc3577e05b483aca964f1b e2e-tests/conf/persistents
@
cp
e2e-tests/saml-sp.xml e2e-tests/conf/site/saml-sp.xml
...
...
@@ -690,7 +692,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
fi
@
$(PERL)
-i
-pe
's/__DNSDOMAIN__/
$(DNSDOMAIN)
/g'
$(RCONFDIR)
/for_etc_hosts
# Fix a lost of rights on the main directory
@
chmod
755
$(RBINDIR)
$(RDOCUMENTROOT)
$(REXAMPLESDIR)
$(RHANDLERDIR)
$(RPORTALSTATICDIR)
$(RMANAGERSITEDIR)
$(RTOOLSDIR)
$(RCONFDIR)
$(RDATADIR)
@
chmod
755
$(RBINDIR)
$(RDOCUMENTROOT)
$(REXAMPLESDIR)
$(RHANDLERDIR)
$(RPORTALSTATICDIR)
$(RMANAGERSITEDIR)
$(RMANAGERAPIDIR)
$(RTOOLSDIR)
$(RCONFDIR)
$(RDATADIR)
@
echo
@
echo
"LemonLDAP::NG v
${VERSION}
is installed with these parameters:"
@
echo
" - System configuration:
${CONFDIR}
"
...
...
@@ -702,6 +704,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
@
echo
" include
${CONFDIR}
/portal-apache
$(APACHEVERSION)
.conf"
@
echo
" include
${CONFDIR}
/handler-apache
$(APACHEVERSION)
.conf"
@
echo
" include
${CONFDIR}
/manager-apache
$(APACHEVERSION)
.conf"
@
echo
" include
${CONFDIR}
/api-apache
$(APACHEVERSION)
.conf"
@
echo
" include
${CONFDIR}
/test-apache
$(APACHEVERSION)
.conf"
@
echo
@
echo
"2 - Restart Apache:"
...
...
@@ -725,10 +728,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
install_webserver_conf
:
@
install
-m
755
-v
-d
$(RCONFDIR)
@
if
[
"
$(ERASECONFIG)
"
-eq
"1"
]
;
then
\
cp
-f
_example/etc/portal-apache
$(APACHEVERSION)
.conf
$(RCONFDIR)
;
\
cp
-f
_example/etc/handler-apache
$(APACHEVERSION)
.conf
$(RCONFDIR)
;
\
cp
-f
_example/etc/manager-apache
$(APACHEVERSION)
.conf
$(RCONFDIR)
;
\
cp
-f
_example/etc/test-apache
$(APACHEVERSION)
.conf
$(RCONFDIR)
;
\
cp
-f
_example/etc/
*
-apache
$(APACHEVERSION)
.conf
$(RCONFDIR)
;
\
cp
-f
_example/etc/
*
nginx
*
.conf
$(RCONFDIR)
;
\
fi
@
$(PERL)
-i
-pe
's/__DNSDOMAIN__/
$(DNSDOMAIN)
/g; \
...
...
@@ -736,6 +736,7 @@ install_webserver_conf:
s#__PORTALSITEDIR__#
$(PORTALSITEDIR)
/#g; \
s#__PORTALSTATICDIR__#
$(PORTALSTATICDIR)
/#g; \
s#__MANAGERDIR__#
$(MANAGERDIR)
/#g; \
s#__MANAGERAPIDIR__#
$(MANAGERAPIDIR)
/#g; \
s#__MANAGERSITEDIR__#
$(MANAGERSITEDIR)
/#g; \
s#__MANAGERSTATICDIR__#
$(MANAGERSTATICDIR)
/#g; \
s#__TESTDIR__#
$(TESTDIR)
/#g; \
...
...
@@ -749,7 +750,8 @@ install_webserver_conf:
install_manager_site
:
install_conf_dir
# Manager install
@
install
-v
-d
$(RMANAGERDIR)
$(RMANAGERSTATICDIR)
\
$(RMANAGERTEMPLATESDIR)
$(RMANAGERTEMPLATESDIR)
$(RMANAGERAPIDIR)
@
cp
-pR
-f
$(SRCMANAGERDIR)
/site/api/
*
$(RMANAGERAPIDIR)
@
cp
-pR
-f
$(SRCMANAGERDIR)
/site/htdocs/manager.
*
$(RMANAGERSITEDIR)
@
cp
-pR
$(SRCMANAGERDIR)
/site/htdocs/static/
*
$(RMANAGERSTATICDIR)
@
for
f
in
$(SRCMANAGERDIR)
/site/templates/
*
.tpl
;
do
\
...
...
@@ -1061,6 +1063,7 @@ debian-dist: clean
@
cp
lemonldap-ng-
$(VERSION)
/_example/etc/handler-apache2.X.conf lemonldap-ng-
$(VERSION)
/_example/etc/handler-apache2.conf
@
cp
lemonldap-ng-
$(VERSION)
/_example/etc/manager-apache2.X.conf lemonldap-ng-
$(VERSION)
/_example/etc/manager-apache2.conf
@
cp
lemonldap-ng-
$(VERSION)
/_example/etc/portal-apache2.X.conf lemonldap-ng-
$(VERSION)
/_example/etc/portal-apache2.conf
@
cp
lemonldap-ng-
$(VERSION)
/_example/etc/api-apache2.X.conf lemonldap-ng-
$(VERSION)
/_example/etc/api-apache2.conf
@
cp
lemonldap-ng-
$(VERSION)
/_example/etc/test-apache2.X.conf lemonldap-ng-
$(VERSION)
/_example/etc/test-apache2.conf
@
rm
-rf
lemonldap-ng-
$(VERSION)
/lemonldap-ng-
$(VERSION)
@
rm
-rf
lemonldap-ng-
$(VERSION)
/node_modules
...
...
_example/conf/lmConf-1.json
View file @
c4ebfc34
...
...
@@ -96,9 +96,11 @@
"domain"
:
"__DNSDOMAIN__"
,
"exportedHeaders"
:
{
"test1.__DNSDOMAIN__"
:
{
"Auth-Groups"
:
"$groups"
,
"Auth-User"
:
"$uid"
},
"test2.__DNSDOMAIN__"
:
{
"Auth-Groups"
:
"$groups"
,
"Auth-User"
:
"$uid"
}
},
...
...
@@ -120,15 +122,15 @@
},
"locationRules"
:
{
"auth.__DNSDOMAIN__"
:
{
"(?#checkUser)^/checkuser"
:
"
$uid eq
\"
dwho
\"
"
,
"(?#checkUser)^/checkuser"
:
"
inGroup(
\"
timelords
\"
)
"
,
"(?#errors)^/lmerror/"
:
"accept"
,
"default"
:
"accept"
},
"manager.__DNSDOMAIN__"
:
{
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)"
:
"
$uid eq
\"
dwho
\"
"
,
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications"
:
"
$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions"
:
"
$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
,
"default"
:
"
$uid eq
\"
dwho
\"
or $uid eq
\"
rtyler
\"
"
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)"
:
"
inGroup(
\"
timelords
\"
)
"
,
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications"
:
"
inGroup(
\"
timelords
\"
)
or $uid eq
\"
rtyler
\"
"
,
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions"
:
"
inGroup(
\"
timelords
\"
)
or $uid eq
\"
rtyler
\"
"
,
"default"
:
"
inGroup(
\"
timelords
\"
)
or $uid eq
\"
rtyler
\"
"
},
"test1.__DNSDOMAIN__"
:
{
"^/logout"
:
"logout_sso"
,
...
...
_example/etc/api-apache2.4.conf
0 → 100644
View file @
c4ebfc34
#===========================================
# Apache configuration for LemonLDAP::NG API
#===========================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
manager
-
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule
"^/(.+)$"
"/api.fcgi/$1"
[
PT
]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen
2000000
<
Files
*.
fcgi
>
SetHandler
fcgid
-
script
Options
+
ExecCGI
header
unset
Lm
-
Remote
-
User
</
Files
>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/api.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot
__
MANAGERAPIDIR__
<
Location
/>
Require
all
denied
<
IfModule
mod_deflate
.
c
>
AddOutputFilterByType
DEFLATE
text
/
html
text
/
plain
text
/
xml
text
/
javascript
text
/
css
SetOutputFilter
DEFLATE
BrowserMatch
^
Mozilla
/
4
gzip
-
only
-
text
/
html
BrowserMatch
^
Mozilla
/
4
\.
0
[
678
]
no
-
gzip
BrowserMatch
\
bMSIE
!
no
-
gzip
!
gzip
-
only
-
text
/
html
SetEnvIfNoCase
Request_URI
\.(?:
gif
|
jpe
?
g
|
png
)$
no
-
gzip
dont
-
vary
</
IfModule
>
<
IfModule
mod_headers
.
c
>
Header
append
Vary
User
-
Agent
env
=!
dont
-
vary
</
IfModule
>
</
Location
>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
_example/etc/api-apache2.X.conf
0 → 100644
View file @
c4ebfc34
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
manager
-
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule
"^/(.+)$"
"/api.fcgi/$1"
[
PT
]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen
2000000
<
Files
*.
fcgi
>
SetHandler
fcgid
-
script
Options
+
ExecCGI
header
unset
Lm
-
Remote
-
User
</
Files
>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot
__
MANAGERAPIDIR__
<
Location
/>
<
IfVersion
>=
2
.
3
>
Require
all
denied
</
IfVersion
>
<
IfVersion
<
2
.
3
>
Order
Deny
,
Allow
Deny
from
all
</
IfVersion
>
Options
+
FollowSymLinks
<
IfModule
mod_deflate
.
c
>
AddOutputFilterByType
DEFLATE
text
/
html
text
/
plain
text
/
xml
text
/
javascript
text
/
css
SetOutputFilter
DEFLATE
BrowserMatch
^
Mozilla
/
4
gzip
-
only
-
text
/
html
BrowserMatch
^
Mozilla
/
4
\.
0
[
678
]
no
-
gzip
BrowserMatch
\
bMSIE
!
no
-
gzip
!
gzip
-
only
-
text
/
html
SetEnvIfNoCase
Request_URI
\.(?:
gif
|
jpe
?
g
|
png
)$
no
-
gzip
dont
-
vary
</
IfModule
>
<
IfModule
mod_headers
.
c
>
Header
append
Vary
User
-
Agent
env
=!
dont
-
vary
</
IfModule
>
</
Location
>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
_example/etc/api-apache2.conf
0 → 100644
View file @
c4ebfc34
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# To insert LLNG user id in Apache logs, declare this format and use it in
# CustomLog directive
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
# Manager virtual host (manager.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
manager
-
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager-api.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteRule
"^/(.+)$"
"/api.fcgi/$1"
[
PT
]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen
2000000
<
Files
*.
fcgi
>
SetHandler
fcgid
-
script
Options
+
ExecCGI
header
unset
Lm
-
Remote
-
User
</
Files
>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot
__
MANAGERAPIDIR__
<
Location
/>
Order
Deny
,
Allow
Deny
from
all
<
IfModule
mod_deflate
.
c
>
AddOutputFilterByType
DEFLATE
text
/
html
text
/
plain
text
/
xml
text
/
javascript
text
/
css
SetOutputFilter
DEFLATE
BrowserMatch
^
Mozilla
/
4
gzip
-
only
-
text
/
html
BrowserMatch
^
Mozilla
/
4
\.
0
[
678
]
no
-
gzip
BrowserMatch
\
bMSIE
!
no
-
gzip
!
gzip
-
only
-
text
/
html
SetEnvIfNoCase
Request_URI
\.(?:
gif
|
jpe
?
g
|
png
)$
no
-
gzip
dont
-
vary
</
IfModule
>
<
IfModule
mod_headers
.
c
>
Header
append
Vary
User
-
Agent
env
=!
dont
-
vary
</
IfModule
>
</
Location
>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
_example/etc/api-nginx.conf
0 → 100644
View file @
c4ebfc34
server
{
listen
__
PORT__
;
server_name
manager
-
api
.
__
DNSDOMAIN__
;
root
__
MANAGERAPIDIR__
;
# Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
#access_log /var/log/nginx/manager-api.log lm_app;
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
# As an alternative, you can use the PROXY protocol
#
#set_real_ip_from 127.0.0.1;
#real_ip_header X-Forwarded-For;
rewrite
^/(.*)$ /
api
.
psgi
/$
1
break
;
location
~ ^(?<
sc
>/.*\.
psgi
)(?:$|/) {
# FastCGI configuration
include
/
etc
/
nginx
/
fastcgi_params
;
fastcgi_pass
unix
:
__
FASTCGISOCKDIR__
/
llng
-
fastcgi
.
sock
;
fastcgi_param
LLTYPE
psgi
;
fastcgi_param
SCRIPT_FILENAME
$
document_root
$
fastcgi_script_name
;
fastcgi_split_path_info
^(.*\.
psgi
)(/.*)$;
fastcgi_param
PATH_INFO
$
fastcgi_path_info
;
# OR TO USE uWSGI
#include /etc/nginx/uwsgi_params;
#uwsgi_pass 127.0.0.1:5000;
#uwsgi_param LLTYPE psgi;
#uwsgi_param SCRIPT_FILENAME $document_root$sc;
#uwsgi_param SCRIPT_NAME $sc;
# Uncomment this if you use https only
#add_header Strict-Transport-Security "max-age=15768000";
# Access control
#allow 127.0.0.0/8;
deny
all
;
}
# DEBIAN
# If install was made with USEDEBIANLIBS (official releases), uncomment this
#location /javascript/ {
# alias /usr/share/javascript/;
#}
}
_example/etc/manager-apache2.4.conf
View file @
c4ebfc34
...
...
@@ -99,76 +99,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
# API virtual host (manager.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteCond
"%{REQUEST_URI}"
"!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule
"^/(.+)$"
"/api.fcgi/$1"
[
PT
]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen
2000000
<
Files
*.
fcgi
>
SetHandler
fcgid
-
script
Options
+
ExecCGI
header
unset
Lm
-
Remote
-
User
</
Files
>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot
__
MANAGERSITEDIR__
<
Location
/>
Require
all
denied
<
IfModule
mod_deflate
.
c
>
AddOutputFilterByType
DEFLATE
text
/
html
text
/
plain
text
/
xml
text
/
javascript
text
/
css
SetOutputFilter
DEFLATE
BrowserMatch
^
Mozilla
/
4
gzip
-
only
-
text
/
html
BrowserMatch
^
Mozilla
/
4
\.
0
[
678
]
no
-
gzip
BrowserMatch
\
bMSIE
!
no
-
gzip
!
gzip
-
only
-
text
/
html
SetEnvIfNoCase
Request_URI
\.(?:
gif
|
jpe
?
g
|
png
)$
no
-
gzip
dont
-
vary
</
IfModule
>
<
IfModule
mod_headers
.
c
>
Header
append
Vary
User
-
Agent
env
=!
dont
-
vary
</
IfModule
>
</
Location
>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
_example/etc/manager-apache2.X.conf
View file @
c4ebfc34
...
...
@@ -118,83 +118,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
# API virtual host (manager.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
# REST URLs
RewriteCond
"%{REQUEST_URI}"
"!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule
"^/(.+)$"
"/api.fcgi/$1"
[
PT
]
# 2) FastCGI engine
# You can choose any FastCGI system. Here is an example using mod_fcgid
# mod_fcgid configuration
FcgidMaxRequestLen
2000000
<
Files
*.
fcgi
>
SetHandler
fcgid
-
script
Options
+
ExecCGI
header
unset
Lm
-
Remote
-
User
</
Files
>
# If you want to use mod_fastcgi, replace lines below by:
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
# GLOBAL CONFIGURATION
# --------------------
DocumentRoot
__
MANAGERSITEDIR__
<
Location
/>
<
IfVersion
>=
2
.
3
>
Require
all
denied
</
IfVersion
>
<
IfVersion
<
2
.
3
>
Order
Deny
,
Allow
Deny
from
all
</
IfVersion
>
Options
+
FollowSymLinks
<
IfModule
mod_deflate
.
c
>
AddOutputFilterByType
DEFLATE
text
/
html
text
/
plain
text
/
xml
text
/
javascript
text
/
css
SetOutputFilter
DEFLATE
BrowserMatch
^
Mozilla
/
4
gzip
-
only
-
text
/
html
BrowserMatch
^
Mozilla
/
4
\.
0
[
678
]
no
-
gzip
BrowserMatch
\
bMSIE
!
no
-
gzip
!
gzip
-
only
-
text
/
html
SetEnvIfNoCase
Request_URI
\.(?:
gif
|
jpe
?
g
|
png
)$
no
-
gzip
dont
-
vary
</
IfModule
>
<
IfModule
mod_headers
.
c
>
Header
append
Vary
User
-
Agent
env
=!
dont
-
vary
</
IfModule
>
</
Location
>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
_example/etc/manager-apache2.conf
View file @
c4ebfc34
...
...
@@ -102,77 +102,3 @@
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security "max-age=15768000"
</
VirtualHost
>
# API virtual host (api.__DNSDOMAIN__)
<
VirtualHost
__
VHOSTLISTEN__
>
ServerName
api
.
__
DNSDOMAIN__
LogLevel
notice
# See above to set LLNG user id in Apache logs
#CustomLog __APACHELOGDIR__/manager.log llng
#ErrorLog __APACHELOGDIR__/lm_err.log
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
#
#RemoteIPHeader X-Forwarded-For
#RemoteIPInternalProxy 127.0.0.1
# FASTCGI CONFIGURATION
# ---------------------
# 1) URI management
RewriteEngine
on
# For performances, you can delete the previous RewriteRule line after
# puttings html files: simply put the HTML results of differents modules
# (configuration, sessions, notifications) as manager.html, sessions.html,
# notifications.html and uncomment the 2 following lines:
# DirectoryIndex manager.html
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"