generated from BlockchainCommons/secure-template
-
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add check-curl-tor command and service that uses it. Add Tor service host objects.
- Loading branch information
Showing
8 changed files
with
2,431 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -87,3 +87,8 @@ Mkfile.old | |
| dkms.conf | ||
|
|
||
| # End of https://www.gitignore.io/api/c | ||
|
|
||
| # Vim backup files | ||
| *.*~ | ||
| # Vim swap files | ||
| *.*.swp | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| This tree contains all the configuration files for servers deployed by BlockchainCommons. | ||
| **_WARNING:_ Do not commit any keys or secrets into this repository.** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| # apache configuration for nagios 4.x | ||
|
|
||
| ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4 | ||
| ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4 | ||
|
|
||
| # Where the stylesheets (config files) reside | ||
| Alias /nagios4/stylesheets /etc/nagios4/stylesheets | ||
|
|
||
| # Where the HTML pages live | ||
| Alias /nagios4 /usr/share/nagios4/htdocs | ||
|
|
||
| <DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)> | ||
| Options FollowSymLinks | ||
| DirectoryIndex index.php index.html | ||
| AllowOverride AuthConfig | ||
| AuthDigestDomain "Nagios4" | ||
| AuthDigestProvider file | ||
| AuthUserFile "/etc/nagios4/htdigest.users" | ||
| AuthGroupFile "/etc/group" | ||
| AuthName "Nagios4" | ||
| AuthType Digest | ||
| # Require all granted | ||
| Allow from 127.0.0.1 197.237.85.120 | ||
| Require valid-user | ||
| # | ||
| # The default Debian nagios4 install sets use_AUTHEntication=0 in | ||
| # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication. | ||
| # This is insecure. As a compromise this default apache2 configuration | ||
| # only allows private IP addresses access. | ||
| # | ||
| # The <Files>...</Files> below shows how you can secure the nagios4 | ||
| # web site so anybody can view it, but only authenticated users can issue | ||
| # commands (such as silence notifications). To do that replace the | ||
| # "Require all granted" with "Require valid-user", and use htdigest | ||
| # program from the apache2-utils package to add users to | ||
| # /etc/nagios4/htdigest.users. | ||
| # | ||
| # A step up is to insist all users validate themselves by moving | ||
| # the stanza's in the <Files>..<Files> into the <DirectoryMatch>. | ||
| # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg youq | ||
| # can configure which people get to see a particular service from | ||
| # within the nagios configuration. | ||
| # | ||
| # Require ip ::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 | ||
| </DirectoryMatch> | ||
|
|
||
| <DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4)> | ||
| Options +ExecCGI | ||
| </DirectoryMatch> |
Oops, something went wrong.