Permalink
Browse files

remove ssl for web tools

  • Loading branch information...
1 parent 2c65e02 commit dbc95578ebb2fda3070bd0f48a19032f5380e2d9 @karlbright karlbright committed Oct 19, 2012
Showing with 0 additions and 101 deletions.
  1. +0 −101 config/rubber/role/web_tools/tools-apache-vhost.conf
View
101 config/rubber/role/web_tools/tools-apache-vhost.conf
@@ -19,104 +19,3 @@ Listen <%= rubber_env.web_tools_port %>
RewriteRule ^/(.*)$ https://%{SERVER_NAME}:<%= rubber_env.web_tools_ssl_port %>/$1 [L,R]
RewriteLog "/var/log/apache2/rewrite.log"
</VirtualHost>
-
-Listen <%= rubber_env.web_tools_ssl_port %>
-NameVirtualHost *:<%= rubber_env.web_tools_ssl_port %>
-
-<VirtualHost *:<%= rubber_env.web_tools_ssl_port %>>
- ServerName <%= rubber_env.full_host %>
- DocumentRoot /var/www
-
- SSLEngine on
- SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
- SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
- # SSLCertificateFile <%= Rubber.root %>/config/<%= rubber_env.domain %>.crt
- # SSLCertificateKeyFile <%= Rubber.root %>/config/<%= rubber_env.domain %>.key
- # SSLCertificateChainFile /etc/ssl/certs/gd_intermediate_bundle.crt
-
- RequestHeader set X_FORWARDED_PROTO "https"
-
- <Location />
- AuthType Basic
- AuthName "Rubber Admin Tools"
- AuthUserFile <%= Rubber.root %>/config/<%= rubber_env.app_name %>.auth
- Require valid-user
-
- Allow from all
- </Location>
-
- SetOutputFilter proxy-html
-
- <% rubber_instances.for_role('haproxy').each do |ic| %>
- ProxyPass /haproxy_<%= ic.name %>/ http://<%= ic.full_name %>:<%= rubber_env.haproxy_admin_port %>/haproxy/
- <Location /haproxy_<%= ic.name %>/>
- ProxyPassReverse /
- ProxyHTMLURLMap http://<%= ic.full_name %>:<%= rubber_env.haproxy_admin_port %>/ /haproxy_<%= ic.name %>/
- ProxyHTMLURLMap /haproxy/ /haproxy_<%= ic.name %>/
- ProxyHTMLURLMap /haproxy /haproxy_<%= ic.name %>/
- </Location>
- <% end %>
-
- <% rubber_instances.each do |ic| %>
- ProxyPass /monit_<%= ic.name %>/ http://<%= ic.full_name %>:<%= rubber_env.monit_admin_port %>/
- <Location /monit_<%= ic.name %>/>
- ProxyPassReverse /
- ProxyHTMLURLMap http://<%= ic.full_name %>:<%= rubber_env.monit_admin_port %>/ /monit_<%= ic.name %>/
- ProxyHTMLURLMap / /monit_<%= ic.name %>/
- </Location>
- <% end %>
-</VirtualHost>
-
-
-<%
- Array(rubber_env.web_tools_proxies).each do |name, settings|
- proxy_host = rubber_instances.for_role(settings.role).first.full_name rescue nil
- next unless proxy_host
-
- host = "#{name}.#{rubber_env.full_host}"
- host_and_port = "#{host}:#{rubber_env.web_tools_ssl_port}"
-
- # don't use settings.path here - mapping the host/port is sufficient,
- # and path can be done in tools-index.html. This allows admin sites
- # that hit other paths on same host/port to still function, e.g. elasticsearch
- proxy_url = "http://#{proxy_host}:#{settings.port}/"
-%>
- <VirtualHost *:<%= rubber_env.web_tools_ssl_port %>>
- ServerName <%= host %>
- DocumentRoot /var/www
-
- SSLEngine on
- SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
-
- SSLEngine on
- SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
- SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
- # SSLCertificateFile <%= Rubber.root %>/config/<%= rubber_env.domain %>.crt
- # SSLCertificateKeyFile <%= Rubber.root %>/config/<%= rubber_env.domain %>.key
- # SSLCertificateChainFile /etc/ssl/certs/gd_intermediate_bundle.crt
-
- RequestHeader set X_FORWARDED_PROTO "https"
-
- <Location />
- AuthType Basic
- AuthName "Rubber Admin Tools"
- AuthUserFile <%= Rubber.root %>/config/<%= rubber_env.app_name %>.auth
- Require valid-user
-
- Allow from all
- </Location>
-
- ProxyRequests Off
- ProxyPreserveHost On
-
- ProxyPass / <%= proxy_url %>
- <Location />
- ProxyPassReverse /
- </Location>
-
- # Fix any redirects occurring on the backend server, since we're communicating with it via HTTP.
- Header edit Location ^http://<%= host_and_port %>/ https://<%= host_and_port %>/
- </VirtualHost>
-<% end %>

0 comments on commit dbc9557

Please sign in to comment.