Merge pull request #111 from indera/allow-non-ssl

Add sample config files for deploying two application instances
ctsit · Aug 27, 2015 · 07ef125 · 07ef125
2 parents c35724e + d5a5329
commit 07ef125
Show file tree

Hide file tree

Showing 2 changed files with 125 additions and 15 deletions.
diff --git a/app/deploy/sample.virtualhost-ssl.conf b/app/deploy/sample.virtualhost-ssl.conf
@@ -0,0 +1,84 @@
+<IfModule mod_ssl.c>
+ServerSignature off
+ServerTokens Prod
+
+
+
+
+<VirtualHost *:443>
+    ServerName %(project_url)s
+    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+
+    SSLEngine on
+	SSLProtocol All -SSLv2 -SSLv3
+    SSLCipherSuite AES256+EECDH:AES256+EDH:!aNULL:!eNULL
+    SSLCompression off
+    SSLCertificateFile    /etc/apache2/ssl/%(project_url)s.crt
+    SSLCertificateKeyFile /etc/apache2/ssl/%(project_url)s.key
+
+    # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
+    LogLevel warn
+    ServerAdmin webmaster@localhost
+    ErrorLog %(project_path)s/logs/error.log
+    CustomLog %(project_path)s/logs/access.log combined
+
+    ############################################################################
+    # @see https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess
+    ###########################################################################
+
+#ALZ_INSTANCE_BEGIN
+    WSGIDaemonProcess %(project_name)s processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=%(env_path)s/lib/%(python)s/site-packages
+    WSGIProcessGroup %(project_name)s
+    WSGIScriptAlias /alz %(wsgi_file)s
+
+    <Directory "%(project_path)s">
+        WSGIScriptReloading On
+        WSGIProcessGroup %(project_name)s
+        WSGIApplicationGroup %%{GLOBAL}
+
+        Order deny,allow
+        Allow from all
+    </Directory>
+
+    Alias /alz/static %(project_repo_path)s/app/redidropper/static
+    <Directory "%(project_repo_path)s/app/redidropper/static/">
+        Order allow,deny
+        Allow from all
+    </Directory>
+#ALZ_INSTANCE_END
+
+#ONEFL_INSTANCE_BEGIN
+    WSGIDaemonProcess dropper_onefl user=www-data group=www-data processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=/srv/apps/dropper-onefl/env/lib/python2.7/site-packages
+    WSGIProcessGroup dropper_onefl
+    WSGIScriptAlias /onefl /srv/apps/dropper-onefl/dropper.wsgi
+
+    <Directory "/srv/apps/dropper-onefl">
+        WSGIScriptReloading On
+        WSGIProcessGroup dropper_onefl
+        WSGIApplicationGroup %%{GLOBAL}
+
+        Order deny,allow
+        Allow from all
+    </Directory>
+
+    Alias /onefl/static /srv/apps/dropper-onefl/src/current/app/redidropper/static
+    <Directory "/srv/apps/dropper-onefl/src/current/app/redidropper/static/">
+        Order allow,deny
+        Allow from all
+    </Directory>
+#ONEFL_INSTANCE_END
+
+    ###########################################################################
+    <Location />
+        AuthType shibboleth
+        ShibRequireSession Off
+        ShibUseHeaders On
+        # require valid-user
+        require shibboleth
+    </Location>
+
+    Options -Indexes
+    SetOutputFilter DEFLATE
+    AddOutputFilterByType DEFLATE text/html text/css text/plain text/xml application/x-javascript
+</VirtualHost>
+</IfModule>
diff --git a/app/deploy/sample.virtualhost.conf b/app/deploy/sample.virtualhost.conf
@@ -1,30 +1,35 @@
-<IfModule mod_ssl.c>
 # WSGIRestrictEmbedded On
 # WSGIPythonOptimize 1
 ServerSignature off
 ServerTokens Prod
+#NameVirtualHost *:80
 
-<VirtualHost *:443>
-    SSLEngine on
-	SSLProtocol All -SSLv2 -SSLv3
-    SSLCipherSuite AES256+EECDH:AES256+EDH:!aNULL:!eNULL 
+
+<VirtualHost *:80>
+    ServerName %(project_url)s
     Header set Strict-Transport-Security "max-age=31536000; includeSubDomains" 
-    SSLCompression off
-    SSLCertificateFile    /etc/apache2/ssl/dropper.crt
-    SSLCertificateKeyFile /etc/apache2/ssl/dropper.key
 
-    # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
-    LogLevel info
 
+
+
+
+
+
+
+    # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
+    LogLevel warn
     ServerAdmin webmaster@localhost
     ErrorLog %(project_path)s/logs/error.log
     CustomLog %(project_path)s/logs/access.log combined
 
     ###########################################################################
-    # Flask app: @see https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess
+    # @see https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess
+    ###########################################################################
+
+#ALZ_INSTANCE_BEGIN
     WSGIDaemonProcess %(project_name)s processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=%(env_path)s/lib/%(python)s/site-packages
     WSGIProcessGroup %(project_name)s
-    WSGIScriptAlias / %(wsgi_file)s
+    WSGIScriptAlias /alz %(wsgi_file)s
 
     <Directory "%(project_path)s">
         WSGIScriptReloading On
@@ -35,12 +40,35 @@ ServerTokens Prod
         Allow from all
     </Directory>
 
-    Alias /static %(project_repo_path)s/app/redidropper/static
+    Alias /%(project_name)s/static %(project_repo_path)s/app/redidropper/static
     <Directory "%(project_repo_path)s/app/redidropper/static/">
         Order allow,deny
         Allow from all
     </Directory>
+#ALZ_INSTANCE_END
+
+#ONEFL_INSTANCE_BEGIN
+    WSGIDaemonProcess dropper_onefl user=www-data group=www-data processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%{GROUP} python-path=/srv/apps/dropper-onefl/env/lib/python2.7/site-packages
+    WSGIProcessGroup dropper_onefl
+    WSGIScriptAlias /onefl /srv/apps/dropper-onefl/dropper.wsgi
+
+    <Directory "/srv/apps/dropper-onefl">
+        WSGIScriptReloading On
+        WSGIProcessGroup dropper_onefl
+        WSGIApplicationGroup %%{GLOBAL}
+
+        Order deny,allow
+        Allow from all
+    </Directory>
+
+    Alias /onefl/static /srv/apps/dropper-onefl/src/current/app/redidropper/static
+    <Directory "/srv/apps/dropper-onefl/src/current/app/redidropper/static/">
+        Order allow,deny
+        Allow from all
+    </Directory>
+#ONEFL_INSTANCE_END
 
+    ###########################################################################
     <Location />
         AuthType shibboleth
         ShibRequireSession Off
@@ -49,9 +77,7 @@ ServerTokens Prod
         require shibboleth
     </Location>
 
-    # ServerName %(project_url)s
     Options -Indexes
     SetOutputFilter DEFLATE
     AddOutputFilterByType DEFLATE text/html text/css text/plain text/xml application/x-javascript
 </VirtualHost>
-</IfModule>