blob: 3187f85e26eac49b21e4fff27a3318d28fcaf2c2 [file] [log] [blame]
# ************************************
# Vhost template in module puppetlabs-apache
# Managed by Puppet
# ************************************
<VirtualHost *:80>
ServerName whimsy.local
## Vhost docroot
DocumentRoot "/srv/whimsy/www"
## Directories, there should at least be a declaration for /srv/whimsy/www
<Directory "/srv/whimsy/www">
Options +FollowSymLinks +MultiViews +ExecCGI
AllowOverride None
Require all granted
</Directory>
## Logging
ErrorLog "/var/log/apache2/whimsy_error.log"
ServerSignature Off
CustomLog "/var/log/apache2/whimsy_access.log" combined
## Server aliases
ServerAlias whimsy-test.apache.org
ServerAlias whimsy4.apache.org
ServerAlias whimsy-vm4.apache.org
## Custom fragment
SetEnv PATH /usr/local/bin:${PATH}
PassengerFriendlyErrorPages on
AddCharset UTF-8 .json
ExpiresActive On
<If "%{QUERY_STRING} =~ /^\d+$/">
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
</If>
<Directory /srv/whimsy/www/>
AddHandler cgi-script .cgi
MultiViewsMatch Any
CheckSpelling On
</Directory>
<Directory /srv/whimsy/www/public/>
Header add Access-Control-Allow-Origin "*"
Options +Indexes
</Directory>
<Directory /srv/whimsy/www/logs>
Options +Indexes
</Directory>
<Directory /srv/whimsy/www/members/log>
Options +Indexes
</Directory>
RewriteEngine on
RewriteRule ^.*$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# for secretary workbench
RedirectMatch permanent ^/secmail /secretary/workbench
RedirectMatch permanent ^/officers/public_names /secretary/public-names
ProxyPass "/board/agenda/websocket/" "ws://localhost:34234/"
# We now have local custom error pages
ErrorDocument 401 /401.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
Alias /board/agenda/ /srv/whimsy/www/board/agenda/public
<Location /board/agenda>
PassengerBaseURI /board/agenda
PassengerAppRoot /srv/whimsy/www/board/agenda
Options -MultiViews
CheckSpelling Off
# SetEnv HTTPS on
</Location>
Alias /racktest/ /srv/whimsy/www/racktest/public
<Location /racktest>
PassengerBaseURI /racktest
PassengerAppRoot /srv/whimsy/www/racktest
Options -MultiViews
CheckSpelling Off
# SetEnv HTTPS on
</Location>
Alias /roster/ /srv/whimsy/www/roster/public
<Location /roster>
PassengerBaseURI /roster
PassengerAppRoot /srv/whimsy/www/roster
Options -MultiViews
CheckSpelling Off
# SetEnv HTTPS on
</Location>
Alias /secretary/workbench/ /srv/whimsy/www/secretary/workbench/public
<Location /secretary/workbench>
PassengerBaseURI /secretary/workbench
PassengerAppRoot /srv/whimsy/www/secretary/workbench
Options -MultiViews
CheckSpelling Off
# SetEnv HTTPS on
</Location>
Alias /test/icla/ /srv/whimsy/www/test/icla/public
<Location /test/icla>
PassengerBaseURI /test/icla
PassengerAppRoot /srv/whimsy/www/test/icla
Options -MultiViews
CheckSpelling Off
# SetEnv HTTPS on
</Location>
<LocationMatch ^/board/subscriptions>
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</LocationMatch>
<Directory /srv/whimsy/www/committers>
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/test/icla>
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/roster>
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/test/roster>
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<LocationMatch ^/incubator/moderators>
AuthType Basic
AuthName "ASF Members and Incubator PMC"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</LocationMatch>
<LocationMatch ^/incubator/signoff>
AuthType Basic
AuthName "ASF Members and Incubator PMC"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</LocationMatch>
<Directory /srv/whimsy/www/board/agenda>
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/fundraising>
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/officers>
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/treasurer>
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=committers,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/apmail>
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/members>
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/voter>
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/secretary>
AuthType Basic
AuthName "ASF Secretarial Team"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
<RequireAny>
Require ldap-group cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
</RequireAny>
</Directory>
<LocationMatch ^/board/publish_minutes>
AuthType Basic
AuthName "ASF Secretarial Team"
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap2-us-west.apache.org:636 ldap1-us-west.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
<RequireAny>
Require ldap-group cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
</RequireAny>
</LocationMatch>
</VirtualHost>