| #!/bin/sh |
| |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| # For this module to work, add the www.example.com domain to your /etc/hosts as |
| # follows: |
| # 127.0.0.1 www.example.com |
| |
| here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here` |
| host=`hostname` |
| |
| # Create SSL certificates |
| ../../modules/http/ssl-ca-conf tmp www.example.com |
| ../../modules/http/ssl-cert-conf tmp www.example.com server |
| |
| # Configure and start logging |
| if [ -x ../../components/log/scribe-cat ]; then |
| ../../components/log/scribed-central-conf tmp |
| ../../components/log/scribed-client-conf tmp localhost |
| ../../components/log/scribed-central-start tmp |
| ../../components/log/scribed-client-start tmp |
| fi |
| |
| # Start memcached |
| ../../components/cache/memcached-start tmp 11211 |
| ../../components/cache/memcached-start tmp 11212 |
| |
| # Clear document cache |
| rm -rf tmp/cache |
| |
| # Configure server |
| ../../modules/http/httpd-conf tmp www.example.com 8090 htdocs |
| ../../modules/http/alt-host-conf tmp ww1.example.com |
| ../../modules/http/alt-host-conf tmp ww2.example.com |
| ../../modules/http/httpd-event-conf tmp |
| #../../modules/http/cache-conf tmp |
| ../../modules/http/httpd-ssl-conf tmp 8453 |
| #../../modules/http/cache-ssl-conf tmp |
| |
| # Configure HTTP basic auth |
| ../../modules/http/basic-auth-conf tmp component |
| |
| # Configure OAuth authentication |
| # Configure your OAuth app keys here |
| ../../modules/oauth/oauth-conf tmp component |
| ../../modules/oauth/oauth-memcached-conf tmp localhost 11212 |
| ../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890 |
| ../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890 |
| |
| # Configure form-based authentication |
| ../../modules/http/open-auth-conf tmp component 80b67f38-b79e-4a72-bb5c-22c69fb00820 |
| |
| # Configure authorized admins |
| ../../modules/http/passwd-auth-conf tmp admin admin |
| |
| # Configure mod-security |
| #../../modules/http/mod-security-conf tmp |
| |
| # Configure Python component support |
| ../../modules/server/server-conf tmp |
| ../../modules/python/python-conf tmp |
| |
| # Configure server log streaming |
| if [ -x ../../components/log/scribe-cat ]; then |
| cat >tmp/conf/log.conf <<EOF |
| # Generated by: ssl-start $* |
| ErrorLog "|$here/../../components/log/scribe-cat $host server" |
| CustomLog "|$here/../../components/log/scribe-cat $host server" combined |
| |
| EOF |
| |
| cat >tmp/conf/log-ssl.conf <<EOF |
| # Generated by: ssl-start $* |
| CustomLog "|$here/../../components/log/scribe-cat $host server" sslcombined |
| |
| EOF |
| |
| cat >tmp/conf/mod-security-log.conf <<EOF |
| # Generated by: ssl-start $* |
| SecAuditLog "|$here/../../components/log/scribe-cat $host secaudit" |
| |
| EOF |
| |
| fi |
| #../../modules/http/httpd-loglevel-conf tmp debug |
| |
| # Configure certificate mime type |
| cat >>tmp/conf/svhost-ssl.conf <<EOF |
| # Generated by: ssl-start $* |
| # Certificate mime type |
| <Location /ca.crt> |
| ForceType application/x-x509-ca-cert |
| </Location> |
| |
| EOF |
| |
| # Configure error pages |
| cat >>tmp/conf/svhost-ssl.conf <<EOF |
| # Generated by: ssl-start $* |
| # Error pages |
| ErrorDocument 404 /public/notfound/ |
| ErrorDocument 401 /public/notauth/ |
| ErrorDocument 403 /public/notauth/ |
| ErrorDocument 400 /public/oops/ |
| ErrorDocument 405 /public/oops/ |
| ErrorDocument 500 /public/oops/ |
| ErrorDocument 502 /public/oops/ |
| ErrorDocument 503 /public/oops/ |
| |
| EOF |
| |
| # Configure SCA contributions |
| cat >>tmp/conf/httpd.conf <<EOF |
| # Generated by: ssl-start $* |
| # Configure SCA Composite |
| SCAContribution $here/ |
| SCAComposite server.composite |
| |
| # Configure SCA Composite for mass dynamic virtual Hosting |
| SCAVirtualContributor Composites |
| |
| # Configure SCA Authenticator component |
| SCAAuthenticator Authenticator |
| |
| # Configure SCA wiring timeout |
| SCAWiringTimeout 10 |
| |
| EOF |
| |
| # Configure resource aliases |
| cat >>tmp/conf/httpd.conf <<EOF |
| # Generated by: ssl-start $* |
| Alias /home/home.png $here/htdocs/home/home.png |
| Alias /home/home.b64 $here/htdocs/home/home.b64 |
| Alias /proxy/public/config.js $here/htdocs/public/config.js |
| Alias /proxy/public/config-min.js $here/public/config-min.js |
| |
| EOF |
| |
| # Configure app resource aliases |
| cat >>tmp/conf/svhost-ssl.conf <<EOF |
| # Generated by: ssl-start $* |
| # Map /v/<app-name>/<path> to htdocs/app/<path> |
| AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2 |
| |
| EOF |
| |
| # Configure admin access to server status and info |
| cat >tmp/conf/adminauth.conf <<EOF |
| # Generated by: ssl-start $* |
| # Allow the server admin to view the server status and info |
| <Location /server-status> |
| AuthType None |
| Require all granted |
| </Location> |
| |
| <Location /server-info> |
| AuthType None |
| Require all granted |
| </Location> |
| |
| EOF |
| |
| # Configure admin access to components |
| cat >>tmp/conf/locauth-ssl.conf <<EOF |
| # Generated by: ssl-start $* |
| # Allow the server admin to access all components |
| <Location /c> |
| Require user admin |
| </Location> |
| <Location /r> |
| Require user admin |
| </Location> |
| <Location /r/Editor> |
| Require valid-user |
| </Location> |
| <Location /r/App> |
| Require valid-user |
| </Location> |
| EOF |
| |
| # Start server |
| ../../modules/http/httpd-start tmp |
| sleep 2 |
| |
| # Configure authorized users |
| ./put-auth tmp admin admin admin admin |
| ./put-auth tmp admin admin john john |
| ./put-auth tmp admin admin jane jane |
| # Configure the email addresses associated with your OAuth ids here |
| ./put-auth tmp admin admin /oauth1/john@example.com password |
| ./put-auth tmp admin admin /oauth2/jane@example.com password |
| |