-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
32 changed files
with
834 additions
and
239 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,84 +1,34 @@ | ||
<IfModule mod_ssl.c> | ||
ServerSignature off | ||
ServerTokens Prod | ||
# | ||
# Apache SSL config | ||
# @see NetScaler: https://www.citrix.com/products/netscaler-application-delivery-controller/overview/what-is-an-adc.html | ||
# | ||
|
||
## | ||
## SSL Global Context | ||
## | ||
## All SSL configuration in this context applies both to | ||
## the main server and all SSL-enabled virtual hosts. | ||
## | ||
|
||
<VirtualHost _default_:443> | ||
ServerName %(project_url)s:443 | ||
UseCanonicalName On | ||
|
||
|
||
|
||
|
||
<VirtualHost *:443> | ||
ServerName %(project_url)s | ||
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains" | ||
|
||
SSLEngine on | ||
SSLProtocol All -SSLv2 -SSLv3 | ||
SSLCipherSuite AES256+EECDH:AES256+EDH:!aNULL:!eNULL | ||
SSLCompression off | ||
SSLCertificateFile /etc/apache2/ssl/%(project_url)s.crt | ||
SSLCertificateKeyFile /etc/apache2/ssl/%(project_url)s.key | ||
|
||
# Possible values: debug, info, notice, warn, error, crit, alert, emerg. | ||
LogLevel warn | ||
ServerAdmin webmaster@localhost | ||
ErrorLog %(project_path)s/logs/error.log | ||
CustomLog %(project_path)s/logs/access.log combined | ||
|
||
############################################################################ | ||
# @see https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess | ||
########################################################################### | ||
|
||
#ALZ_INSTANCE_BEGIN | ||
WSGIDaemonProcess %(project_name)s processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=%(env_path)s/lib/%(python)s/site-packages | ||
WSGIProcessGroup %(project_name)s | ||
WSGIScriptAlias /alz %(wsgi_file)s | ||
|
||
<Directory "%(project_path)s"> | ||
WSGIScriptReloading On | ||
WSGIProcessGroup %(project_name)s | ||
WSGIApplicationGroup %%{GLOBAL} | ||
|
||
Order deny,allow | ||
Allow from all | ||
</Directory> | ||
|
||
Alias /alz/static %(project_repo_path)s/app/redidropper/static | ||
<Directory "%(project_repo_path)s/app/redidropper/static/"> | ||
Order allow,deny | ||
Allow from all | ||
</Directory> | ||
#ALZ_INSTANCE_END | ||
|
||
#ONEFL_INSTANCE_BEGIN | ||
WSGIDaemonProcess dropper_onefl user=www-data group=www-data processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=/srv/apps/dropper-onefl/env/lib/python2.7/site-packages | ||
WSGIProcessGroup dropper_onefl | ||
WSGIScriptAlias /onefl /srv/apps/dropper-onefl/dropper.wsgi | ||
|
||
<Directory "/srv/apps/dropper-onefl"> | ||
WSGIScriptReloading On | ||
WSGIProcessGroup dropper_onefl | ||
WSGIApplicationGroup %%{GLOBAL} | ||
SSLEngine on | ||
SSLProtocol all -SSLv2 -SSLv3 | ||
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW | ||
|
||
Order deny,allow | ||
Allow from all | ||
</Directory> | ||
SSLCertificateFile /etc/apache2/ssl/%(project_url)s.crt | ||
SSLCertificateKeyFile /etc/apache2/ssl/%(project_url)s.key | ||
|
||
Alias /onefl/static /srv/apps/dropper-onefl/src/current/app/redidropper/static | ||
<Directory "/srv/apps/dropper-onefl/src/current/app/redidropper/static/"> | ||
Order allow,deny | ||
Allow from all | ||
</Directory> | ||
#ONEFL_INSTANCE_END | ||
<Files ~ "\.(cgi|shtml|phtml|php3?)$"> | ||
SSLOptions +StdEnvVars | ||
</Files> | ||
|
||
########################################################################### | ||
<Location /> | ||
AuthType shibboleth | ||
ShibRequireSession Off | ||
ShibUseHeaders On | ||
# require valid-user | ||
require shibboleth | ||
</Location> | ||
SetEnvIf User-Agent ".*MSIE.*" \ | ||
nokeepalive ssl-unclean-shutdown \ | ||
downgrade-1.0 force-response-1.0 | ||
|
||
Options -Indexes | ||
SetOutputFilter DEFLATE | ||
AddOutputFilterByType DEFLATE text/html text/css text/plain text/xml application/x-javascript | ||
</VirtualHost> | ||
</IfModule> |
Oops, something went wrong.