initial commit of file from CVS for e-smith-apache on Wed 12 Jul 08:48:55 BST 2023
This commit is contained in:
Brian Read
@@ -0,0 +1 @@
|
||||
disabled
|
||||
@@ -0,0 +1 @@
|
||||
disabled
|
||||
@@ -0,0 +1 @@
|
||||
80
|
||||
@@ -0,0 +1 @@
|
||||
public
|
||||
@@ -0,0 +1 @@
|
||||
enabled
|
||||
@@ -0,0 +1 @@
|
||||
service
|
||||
@@ -0,0 +1 @@
|
||||
disabled
|
||||
1
root/etc/e-smith/db/configuration/defaults/modPerl/type
Normal file
1
root/etc/e-smith/db/configuration/defaults/modPerl/type
Normal file
@@ -0,0 +1 @@
|
||||
service
|
||||
7
root/etc/e-smith/db/domains/migrate/10DomainContent
Normal file
7
root/etc/e-smith/db/domains/migrate/10DomainContent
Normal file
@@ -0,0 +1,7 @@
|
||||
{
|
||||
# Deprecate 'wwwpublic' special case, and migrate to i-bay 'Primary'
|
||||
foreach my $domain ($DB->get_all_by_prop('Content' => 'wwwpublic'))
|
||||
{
|
||||
$domain->merge_props('Content' => 'Primary');
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,13 @@
|
||||
{
|
||||
#------------------------------------------------------------
|
||||
# Compute "localAccess" string for use in template below.
|
||||
#------------------------------------------------------------
|
||||
use esmith::NetworksDB;
|
||||
|
||||
my $ndb = esmith::NetworksDB->open_ro();
|
||||
|
||||
$localAccess = $ndb->local_access_spec();
|
||||
$localAccess =~ s#/255\.255\.255\.255##g;
|
||||
|
||||
"";
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
{
|
||||
#---------------------------------------------------------------------
|
||||
# Grab ValidFrom access list property of httpd-admin
|
||||
# SSL enabled virtual hosts should only allow access from IP's in
|
||||
# this list, as well as local networks.
|
||||
#---------------------------------------------------------------------
|
||||
|
||||
$externalSSLAccess = '';
|
||||
$OUT = '';
|
||||
|
||||
my $validFrom = ${'httpd-admin'}{'ValidFrom'};
|
||||
return unless defined $validFrom;
|
||||
|
||||
$validFrom =~ s/,/ /g;
|
||||
$validFrom =~ s:/255.255.255.255::g;
|
||||
$externalSSLAccess = $validFrom;
|
||||
}
|
||||
@@ -0,0 +1,5 @@
|
||||
{
|
||||
$httpPort = ${'httpd-e-smith'}{TCPPort} || 80;
|
||||
$httpsPort = $modSSL{TCCPort} || 443;
|
||||
"";
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
# HostnameLookups: Log the names of clients or just their IP numbers
|
||||
# e.g. www.apache.org (on) or 204.62.129.132 (off)
|
||||
# The default is off because it'd be overall better for the net if people
|
||||
# had to knowingly turn this feature on.
|
||||
|
||||
HostnameLookups { ${'httpd-e-smith'}{HostnameLookups} || 'off'; }
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# ServerAdmin: Your address, where problems with the server should be
|
||||
# e-mailed.
|
||||
|
||||
ServerAdmin admin@{ $DomainName }
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
# ServerRoot: The directory the server's config, error, and log files
|
||||
# are kept in.
|
||||
# NOTE! If you intend to place this on a NFS (or otherwise network)
|
||||
# mounted filesystem then please read the LockFile documentation,
|
||||
# you will save yourself a lot of trouble.
|
||||
|
||||
ServerRoot /etc/httpd
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
ServerTokens { ${'httpd-e-smith'}{ServerTokens} || 'ProductOnly'; }
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
# If you wish httpd to run as a different user or group, you must run
|
||||
# httpd as root initially and it will switch.
|
||||
|
||||
# User/Group: The name (or #number) of the user/group to run httpd as.
|
||||
# On SCO (ODT 3) use User nouser and Group nogroup
|
||||
# On HPUX you may not be able to use shared memory as nobody, and the
|
||||
# suggested workaround is to create a user www and use that user.
|
||||
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
|
||||
# when the value of (unsigned)Group is above 60000;
|
||||
# don't use Group nobody on these systems!
|
||||
|
||||
User www
|
||||
Group www
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
# ErrorLog: The location of the error log file. If this does not start
|
||||
# with /, ServerRoot is prepended to it.
|
||||
|
||||
ErrorLog /var/log/httpd/error_log
|
||||
|
||||
# LogLevel: Control the number of messages logged to the error_log.
|
||||
# Possible values include: debug, info, notice, warn, error, crit,
|
||||
# alert, emerg.
|
||||
|
||||
LogLevel warn
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
# Dynamic Shared Object (DSO) Support
|
||||
#
|
||||
# To be able to use the functionality of a module which was built as a DSO you
|
||||
# have to place corresponding `LoadModule' lines at this location so the
|
||||
# directives contained in it are actually available _before_ they are used.
|
||||
# Please read the file README.DSO in the Apache 1.3 distribution for more
|
||||
# details about the DSO mechanism and run `httpd -l' for the list of already
|
||||
# built-in (statically linked and thus always available) modules in your httpd
|
||||
# binary.
|
||||
#
|
||||
# Example:
|
||||
# LoadModule foo_module libexec/mod_foo.so
|
||||
#
|
||||
# Documentation for modules is in "/home/httpd/manual/mod" in HTML format.
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
sub load_modules {
|
||||
my @list = @_;
|
||||
my $out = '';
|
||||
foreach (@list)
|
||||
{
|
||||
next unless -f "/usr/lib/httpd/modules/mod_${_}.so" ||
|
||||
-f "/usr/lib64/httpd/modules/mod_${_}.so";
|
||||
$out .= "LoadModule ${_}_module modules/mod_${_}.so\n";
|
||||
}
|
||||
return $out;
|
||||
}
|
||||
'';
|
||||
}
|
||||
@@ -0,0 +1,3 @@
|
||||
{
|
||||
$OUT .= load_modules(qw(env log_config));
|
||||
}
|
||||
@@ -0,0 +1,3 @@
|
||||
# notify for systemd
|
||||
LoadModule systemd_module modules/mod_systemd.so
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
{
|
||||
$OUT .= load_modules(qw(
|
||||
mime
|
||||
negotiation
|
||||
status
|
||||
info
|
||||
include
|
||||
autoindex
|
||||
dir
|
||||
cgi
|
||||
asis
|
||||
imap
|
||||
imagemap
|
||||
actions
|
||||
));
|
||||
}
|
||||
@@ -0,0 +1,23 @@
|
||||
{
|
||||
$OUT .= load_modules(qw(
|
||||
proxy
|
||||
proxy_http
|
||||
alias
|
||||
rewrite
|
||||
authn_core
|
||||
authz_core
|
||||
authz_host
|
||||
authz_user
|
||||
authn_file
|
||||
authn_anon
|
||||
auth_digest
|
||||
auth_basic
|
||||
authz_groupfile
|
||||
authnz_ldap
|
||||
ldap
|
||||
proxy_wstunnel
|
||||
mpm_prefork
|
||||
socache_dbm
|
||||
unixd
|
||||
));
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
|
||||
$OUT .= load_modules(qw(
|
||||
access_compat
|
||||
));
|
||||
}
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
{
|
||||
$OUT .= load_modules(qw(
|
||||
expires
|
||||
headers
|
||||
usertrack
|
||||
setenvif
|
||||
));
|
||||
}
|
||||
@@ -0,0 +1,4 @@
|
||||
|
||||
# Extra Modules
|
||||
LoadModule authnz_external_module modules/mod_authnz_external.so
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
my $status = $modPerl{status};
|
||||
|
||||
return "# modPerl disabled" unless ($status and $status eq "enabled");
|
||||
|
||||
return "LoadModule perl_module modules/mod_perl.so";
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
{
|
||||
# vim: ft=perl:
|
||||
my $status = $modSSL{status} || 'disabled';
|
||||
if ( $status eq "enabled" )
|
||||
{
|
||||
$OUT = "LoadModule ssl_module modules/mod_ssl.so";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,2 @@
|
||||
DefineExternalAuth pwauth pipe /usr/bin/pwauth
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
{
|
||||
my $listen_default = "Listen 0.0.0.0:$httpPort";
|
||||
|
||||
my $mode = $SystemMode || "serveronly";
|
||||
|
||||
return $listen_default if ($mode eq "serveronly");
|
||||
|
||||
my $httpdAccess = ${'httpd-e-smith'}{access} || 'private';
|
||||
|
||||
return $listen_default unless ($httpdAccess eq "private");
|
||||
|
||||
# Only selectively bind interfaces if we are in private server/gateway mode
|
||||
|
||||
my @ipAddresses = ("127.0.0.1", $LocalIP);
|
||||
|
||||
# Remove any duplicate IP addresses
|
||||
my %ipAddresses = map { $_ => 1 } @ipAddresses;
|
||||
foreach my $ip (sort keys %ipAddresses)
|
||||
{
|
||||
$OUT .= "Listen $ip:$httpPort\n";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,49 @@
|
||||
{
|
||||
use esmith::AccountsDB;
|
||||
my $db = esmith::AccountsDB->open_ro;
|
||||
return "" unless $db;
|
||||
foreach my $path ($db->get_all_by_prop(type => 'ProxyPass'))
|
||||
{
|
||||
my $key = $path->key;
|
||||
my $target = $path->prop('Target');
|
||||
unless (defined $target)
|
||||
{
|
||||
warn("No Target property specified for ProxyPath $key." .
|
||||
" Skipping...");
|
||||
next;
|
||||
}
|
||||
my $desc = $path->prop('Description');
|
||||
if (defined $desc)
|
||||
{
|
||||
$OUT .= "# ProxyPass: $key\n";
|
||||
$OUT .= "# Description: $desc\n";
|
||||
}
|
||||
$OUT .= "ProxyPass\t/$key\t$target\n";
|
||||
$OUT .= "ProxyPassReverse\t/$key\t$target\n";
|
||||
$OUT .= "<Location /$key>\n";
|
||||
|
||||
my $proxyHTTP = $path->prop('HTTP') || "yes";
|
||||
my $proxyHTTPS = $path->prop('HTTPS') || "yes";
|
||||
|
||||
if ( $proxyHTTP eq "no" )
|
||||
{
|
||||
$OUT .= " SSLRequireSSL\n";
|
||||
}
|
||||
|
||||
if ( $proxyHTTPS eq "no" )
|
||||
{
|
||||
$OUT .= ' SSLRequire (%{HTTPS} eq "NULL")' . "\n";
|
||||
}
|
||||
|
||||
my $valid = $path->prop('ValidFrom');
|
||||
if (defined $valid)
|
||||
{
|
||||
# Convert from comma separated list to space separated
|
||||
$valid =~ s/,/ /g;
|
||||
# Make sure that /32 ValidFrom specs don't cause Apache problems.
|
||||
$valid =~ s:/255.255.255.255::g;
|
||||
$OUT .= " Require ip $valid\n";
|
||||
}
|
||||
$OUT .= "</Location>\n";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
##########################################################
|
||||
## SSL Global Context Configuration
|
||||
##
|
||||
## All SSL configuration in this context applies both to
|
||||
## the main server and all SSL-enabled virtual hosts
|
||||
## (unless overridden by virtual hosts)
|
||||
##
|
||||
<IfModule mod_ssl.c>
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
my $listen_default = "Listen 0.0.0.0:$httpsPort";
|
||||
|
||||
my $mode = $SystemMode || "serveronly";
|
||||
|
||||
return $listen_default if ($mode eq "serveronly");
|
||||
|
||||
my $httpdAccess = ${'httpd-e-smith'}{access} || 'private';
|
||||
|
||||
my $httpsOnlyLocal = ${'httpd-e-smith'}{httpsOnlyLocal} || 'disabled';
|
||||
|
||||
return $listen_default unless ($httpdAccess eq "private") || ($httpsOnlyLocal eq "enabled");
|
||||
|
||||
# Only selectively bind interfaces if we are in private server/gateway mode
|
||||
|
||||
my @ipAddresses = ("127.0.0.1", $LocalIP);
|
||||
|
||||
# Remove any duplicate IP addresses
|
||||
my %ipAddresses = map { $_ => 1 } @ipAddresses;
|
||||
foreach my $ip (sort keys %ipAddresses)
|
||||
{
|
||||
$OUT .= "Listen $ip:$httpsPort\n";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,4 @@
|
||||
{
|
||||
# Turn SSL on or off for this context
|
||||
}
|
||||
SSLEngine off
|
||||
@@ -0,0 +1,2 @@
|
||||
SSLProxyEngine On
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
my $chain_file = $modSSL{CertificateChainFile}
|
||||
or return "# modSSL{CertificateChainFile} not set";
|
||||
return "# modSSL{CertificateChainFile} does not exist" unless -e $chain_file;
|
||||
$OUT = "SSLCertificateChainFile $chain_file";
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
my $defaultcrt = "/home/e-smith/ssl.crt/${SystemName}.${DomainName}.crt";
|
||||
my $defaultkey = "/home/e-smith/ssl.key/${SystemName}.${DomainName}.key";
|
||||
my $crt = $modSSL{'crt'} || $defaultcrt;
|
||||
$crt = $defaultcrt unless -e $crt;
|
||||
my $key = $modSSL{'key'} || $defaultkey;
|
||||
$key = $defaultkey unless -e $key;
|
||||
|
||||
$OUT .= <<SSL_END;
|
||||
SSLCertificateFile $crt
|
||||
SSLCertificateKeyFile $key
|
||||
SSL_END
|
||||
|
||||
}
|
||||
@@ -0,0 +1,5 @@
|
||||
{
|
||||
# When updating CipherSuite both e-smith-apache and smeserver-qpsmtpd templates should be updated.
|
||||
$OUT = "SSLCipherSuite ";
|
||||
$OUT .= $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4';
|
||||
}
|
||||
@@ -0,0 +1,4 @@
|
||||
{
|
||||
my $HCO = ( ($modSSL{HonorCipherOrder}||'on') eq 'on') ? 'on' : 'off';
|
||||
$OUT .= "SSLHonorCipherOrder $HCO\n";
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
# Pass Phrase Dialog:
|
||||
# Configure the pass phrase gathering process.
|
||||
# The filtering dialog program (`builtin' is a internal
|
||||
# terminal dialog) has to provide the pass phrase on stdout.
|
||||
}
|
||||
SSLPassPhraseDialog builtin
|
||||
@@ -0,0 +1,9 @@
|
||||
{
|
||||
# Inter-Process Session Cache:
|
||||
# Configure the SSL Session Cache: either `none'
|
||||
# or `dbm:/path/to/file' for the mechanism to use
|
||||
#SSLSessionCache none
|
||||
#SSLSessionCache shm:logs/ssl_scache(512000)
|
||||
#SSLSessionCache dbm:logs/ssl_scache
|
||||
}
|
||||
SSLSessionCache dbm:state/ssl_scache
|
||||
@@ -0,0 +1,5 @@
|
||||
{
|
||||
# Inter-Process Session Cache:
|
||||
# the expiring timeout (in seconds).
|
||||
}
|
||||
SSLSessionCacheTimeout 300
|
||||
@@ -0,0 +1 @@
|
||||
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
# Semaphore:
|
||||
# Configure the path to the mutual explusion semaphore the
|
||||
# SSL engine uses internally for inter-process synchronization.
|
||||
}
|
||||
Mutex sysvsem default
|
||||
@@ -0,0 +1,13 @@
|
||||
{
|
||||
# Pseudo Random Number Generator (PRNG):
|
||||
# Configure one or more sources to seed the PRNG of the
|
||||
# SSL library. The seed data should be of good random quality.
|
||||
#SSLRandomSeed startup builtin
|
||||
#SSLRandomSeed startup file:/dev/random 512
|
||||
#SSLRandomSeed startup file:/dev/urandom 512
|
||||
#SSLRandomSeed connect builtin
|
||||
#SSLRandomSeed connect file:/dev/random 512
|
||||
#SSLRandomSeed connect file:/dev/urandom 512
|
||||
}
|
||||
SSLRandomSeed startup file:/dev/urandom 512
|
||||
SSLRandomSeed connect builtin
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
# Logging:
|
||||
# Log levels are (ascending order: higher ones include lower ones):
|
||||
# none, error, warn, info, trace, debug.
|
||||
}
|
||||
#SSLLogLevel info
|
||||
@@ -0,0 +1,9 @@
|
||||
{
|
||||
# Specify which SSL Protocols to accept for this context
|
||||
$OUT .= "SSLProtocol all";
|
||||
$OUT .= " -SSLv2" unless (${'httpd-e-smith'}{'SSLv2'} || 'disabled') eq 'enabled';
|
||||
$OUT .= " -SSLv3" unless (${'httpd-e-smith'}{'SSLv3'} || 'disabled') eq 'enabled';
|
||||
$OUT .= " -TLSv1" unless (${'httpd-e-smith'}{'TLSv1'} || 'disabled') eq 'enabled';
|
||||
$OUT .= " -TLSv1.1" unless (${'httpd-e-smith'}{'TLSv1.1'} || 'disabled') eq 'enabled';
|
||||
$OUT .= " -TLSv1.2" unless (${'httpd-e-smith'}{'TLSv1.2'} || 'enabled') eq 'enabled';
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
# Specify if SSLStrictSNIHostCheck should be turned off, this is required if each ibay has its own SSL certificates.
|
||||
|
||||
my $check_SSLStrictSNIVHostCheck = (${'httpd-e-smith'}{'SSLStrictSNIVHostCheck'} || 'off');
|
||||
$OUT .= "SSLStrictSNIVHostCheck $check_SSLStrictSNIVHostCheck";
|
||||
}
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
</IfModule>
|
||||
#
|
||||
# END OF SSL GLOBAL CONTEXT CONFIGURATION
|
||||
#############################################
|
||||
@@ -0,0 +1,10 @@
|
||||
# The LockFile directive sets the path to the lockfile used when Apache
|
||||
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
|
||||
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
|
||||
# its default value. The main reason for changing it is if the logs
|
||||
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
|
||||
# DISK. The PID of the main server process is automatically appended to
|
||||
# the filename.
|
||||
#
|
||||
#LockFile /var/lock/httpd.lock
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
# PidFile: The file the server should log its pid to
|
||||
PidFile /var/run/httpd.pid
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
# ScoreBoardFile: File used to store internal server process information.
|
||||
# Not all architectures require this. But if yours does (you'll know because
|
||||
# this file is created when you run Apache) then you *must* ensure that
|
||||
# no two invocations of Apache share the same scoreboard file.
|
||||
ScoreBoardFile /var/run/httpd.scoreboard
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
# CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each
|
||||
# document that was negotiated on the basis of content. This asks proxy
|
||||
# servers not to cache the document. Uncommenting the following line disables
|
||||
# this behavior, and proxies will be allowed to cache the documents.
|
||||
|
||||
#CacheNegotiatedDocs
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
|
||||
# Apache needs to construct a self-referencing URL (a url that refers back
|
||||
# to the server the response is coming from) it will use ServerName and
|
||||
# Port to form a "canonical" name. With this setting off, Apache will
|
||||
# use the hostname:port that the client supplied, when possible. This
|
||||
# also affects SERVER_NAME and SERVER_PORT in CGIs.
|
||||
UseCanonicalName off
|
||||
|
||||
@@ -0,0 +1,26 @@
|
||||
# The following directives define some format nicknames for use with
|
||||
# a CustomLog directive (see below).
|
||||
|
||||
LogFormat "%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-Agent\}i\"" combined
|
||||
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
||||
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-Agent\}i\"" combined_virtual
|
||||
LogFormat "%\{Referer\}i -> %U" referer
|
||||
LogFormat "%\{User-agent\}i" agent
|
||||
|
||||
# The location of the access logfile (Common Logfile Format).
|
||||
# If this does not start with /, ServerRoot is prepended to it.
|
||||
|
||||
# CustomLog logs/access_log common
|
||||
CustomLog /var/log/httpd/access_log combined_virtual
|
||||
|
||||
# If you would like to have an agent and referer logfile uncomment the
|
||||
# following directives.
|
||||
|
||||
#CustomLog logs/referer_log referer
|
||||
#CustomLog logs/agent_log agent
|
||||
|
||||
# If you prefer a single logfile with access, agent and referer information
|
||||
# (Combined Logfile Format) you can use the following directive.
|
||||
|
||||
#CustomLog logs/access_log combined
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
FileETag MTime Size
|
||||
@@ -0,0 +1,15 @@
|
||||
# KeepAlive: Whether or not to allow persistent connections (more than
|
||||
# one request per connection). Set to "Off" to deactivate.
|
||||
|
||||
KeepAlive On
|
||||
|
||||
# MaxKeepAliveRequests: The maximum number of requests to allow
|
||||
# during a persistent connection. Set to 0 to allow an unlimited amount.
|
||||
# We reccomend you leave this number high, for maximum performance.
|
||||
|
||||
MaxKeepAliveRequests 100
|
||||
|
||||
# KeepAliveTimeout: Number of seconds to wait for the next request
|
||||
|
||||
KeepAliveTimeout 15
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
# Limit on total number of servers running, i.e., limit on the number
|
||||
# of clients who can simultaneously connect --- if this limit is ever
|
||||
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
|
||||
# It is intended mainly as a brake to keep a runaway server from taking
|
||||
# Unix with it as it spirals down...
|
||||
|
||||
MaxClients 150
|
||||
|
||||
# MaxRequestsPerChild: the number of requests each child process is
|
||||
# allowed to process before the child dies.
|
||||
# The child will exit so as to avoid problems after prolonged use when
|
||||
# Apache (and maybe the libraries it uses) leak. On most systems, this
|
||||
# isn't really needed, but a few (such as Solaris) do have notable leaks
|
||||
# in the libraries.
|
||||
|
||||
MaxRequestsPerChild 100
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# Proxy Server directives. Uncomment the following line to
|
||||
# enable the proxy server:
|
||||
|
||||
#ProxyRequests On
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
# ServerName allows you to set a host name which is sent back to clients for
|
||||
# your server if it's different than the one the program would get (i.e. use
|
||||
# "www" instead of the host's real name).
|
||||
#
|
||||
# Note: You cannot just invent host names and hope they work. The name you
|
||||
# define here must be a valid DNS name for your host. If you don't understand
|
||||
# this, ask your network administrator.
|
||||
|
||||
ServerName www.{ $DomainName }
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
# Server-pool size regulation. Rather than making you guess how many
|
||||
# server processes you need, Apache dynamically adapts to the load it
|
||||
# sees --- that is, it tries to maintain enough server processes to
|
||||
# handle the current load, plus a few spare servers to handle transient
|
||||
# load spikes (e.g., multiple simultaneous requests from a single
|
||||
# Netscape browser).
|
||||
|
||||
# It does this by periodically checking how many servers are waiting
|
||||
# for a request. If there are fewer than MinSpareServers, it creates
|
||||
# a new spare. If there are more than MaxSpareServers, some of the
|
||||
# spares die off. These values are probably OK for most sites ---
|
||||
|
||||
MinSpareServers 8
|
||||
MaxSpareServers 20
|
||||
|
||||
# Number of servers to start --- should be a reasonable ballpark figure.
|
||||
|
||||
StartServers 10
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
# Timeout: The number of seconds before receives and sends time out
|
||||
|
||||
Timeout 300
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# DefaultIcon is which icon to show for files which do not have an icon
|
||||
# explicitly set.
|
||||
|
||||
DefaultIcon /icons/unknown.gif
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
|
||||
# directory index. Separate multiple entries with spaces.
|
||||
|
||||
DirectoryIndex index.htm index.html index.shtml index.cgi
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# DocumentRoot: The directory out of which you will serve your
|
||||
# documents. By default, all requests are taken from this directory, but
|
||||
# symbolic links and aliases may be used to point to other locations.
|
||||
|
||||
DocumentRoot /home/e-smith/files/ibays/Primary/html
|
||||
@@ -0,0 +1 @@
|
||||
IndexOptions FancyIndexing VersionSort NameWidth=*
|
||||
@@ -0,0 +1,5 @@
|
||||
# AddIcon tells the server which icon to show for different files or filename
|
||||
# extensions
|
||||
|
||||
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# AccessFileName: The name of the file to look for in each directory
|
||||
# for access control information.
|
||||
|
||||
AccessFileName .htaccess
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
# AddDescription allows you to place a short description after a file in
|
||||
# server-generated indexes.
|
||||
# Format: AddDescription "description" filename
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# DefaultType is the default MIME type for documents which the server
|
||||
# cannot find the type of from filename extensions.
|
||||
|
||||
DefaultType none
|
||||
|
||||
@@ -0,0 +1,4 @@
|
||||
# IndexIgnore is a set of filenames which directory indexing should ignore
|
||||
# Format: IndexIgnore name1 name2...
|
||||
|
||||
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
|
||||
@@ -0,0 +1,5 @@
|
||||
# TypesConfig describes where the mime.types file (or equivalent) is
|
||||
# to be found.
|
||||
|
||||
TypesConfig /etc/mime.types
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
# AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
|
||||
# information on the fly. Note: Not all browsers support this.
|
||||
|
||||
AddEncoding x-compress Z
|
||||
AddEncoding x-gzip gz
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
AddIcon /icons/tar.gif .tar
|
||||
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
|
||||
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
|
||||
AddIcon /icons/a.gif .ps .ai .eps
|
||||
AddIcon /icons/layout.gif .html .shtml .htm .pdf
|
||||
AddIcon /icons/text.gif .txt
|
||||
AddIcon /icons/c.gif .c
|
||||
AddIcon /icons/p.gif .pl .py
|
||||
AddIcon /icons/f.gif .for
|
||||
AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
AddIcon /icons/folder.gif ^^DIRECTORY^^
|
||||
AddIcon /icons/blank.gif ^^BLANKICON^^
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
# AddLanguage allows you to specify the language of a document. You can
|
||||
# then use content negotiation to give a browser a file in a language
|
||||
# it can understand. Note that the suffix does not have to be the same
|
||||
# as the language keyword --- those with documents in Polish (whose
|
||||
# net-standard language code is pl) may wish to use "AddLanguage pl .po"
|
||||
# to avoid the ambiguity with the common suffix for perl scripts.
|
||||
|
||||
AddLanguage en .en
|
||||
AddLanguage fr .fr
|
||||
AddLanguage de .de
|
||||
AddLanguage da .da
|
||||
AddLanguage el .el
|
||||
AddLanguage it .it
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
# LanguagePriority allows you to give precedence to some languages
|
||||
# in case of a tie during content negotiation.
|
||||
# Just list the languages in decreasing order of preference.
|
||||
|
||||
LanguagePriority en fr de
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
# AddType allows you to tweak mime.types without actually editing it, or to
|
||||
# make certain files to be certain types.
|
||||
# Format: AddType type/subtype ext1
|
||||
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
# Microsoft Office Word 2007 macro-enabled document
|
||||
AddType application/vnd.ms-word.document.macroEnabled.12 .docm
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office Word 2007 document
|
||||
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.document .docx
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office Word 2007 macro-enabled document template
|
||||
AddType application/vnd.ms-word.template.macroEnabled.12 .dotm
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office Word 2007 template
|
||||
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.template .dotx
|
||||
@@ -0,0 +1,2 @@
|
||||
# Fix up default type for .exe files.
|
||||
AddType application/octet-stream .exe
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.database .odb
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.chart .odc
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.formula .odf
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.graphics .odg
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.image .odi
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.text-master .odm
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.presentation .odp
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.spreadsheet .ods
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.text .odt
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office OneNote 2007 temporary file
|
||||
AddType application/onenote .onetmp
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office OneNote 2007 TOC
|
||||
AddType application/onenote .onetoc
|
||||
@@ -0,0 +1,2 @@
|
||||
# Microsoft Office OneNote 2007 TOC
|
||||
AddType application/onenote .onetoc2
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.graphics-template .otg
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.text-web .oth
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.spreadsheet-template .ots
|
||||
@@ -0,0 +1 @@
|
||||
AddType application/vnd.oasis.opendocument.text-template .ott
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user