Sie sind nicht angemeldet.
20.02.2009, 10:00
|
Quellcode |
1 |
# emerge mod_python |
|
|
Quellcode |
1 2 3 |
<IfModule python> ... </IfModule> |
20.02.2009, 10:29
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
#Listen 12.34.56.78:80
Listen 80
# Use name-based virtual hosting.
#NameVirtualHost 192.168.7.102:80
<VirtualHost 192.168.7.102:80>
ServerName trac.gubellan.net
DocumentRoot /data/trac/test/htdocs/
<LocationMatch "/">
SetEnv PYTHON_EGG_CACHE /var/lib/trac/.egg-cache
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /data/trac/test
PythonOption TracUriRoot /
</LocationMatch>
<LocationMatch "/[^/]+/login">
AuthType Basic
AuthName "Trac Server"
AuthUserFile /var/svn/conf/svnusers
Require valid-user
</LocationMatch>
</VirtualHost>
|
20.02.2009, 11:25
|
|
Quellcode |
1 |
# qlist mod_python |
20.02.2009, 11:49
Aber wie gehts jetzt weiter mit Trac?
20.02.2009, 12:00
20.02.2009, 13:15
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
[Fri Feb 20 12:25:42 2009] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.8j mod_python/3.3.1 Python/2.5.2 configured -- resuming normal operations [Fri Feb 20 12:25:43 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:25:44 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:25:44 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:25:44 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:34:02 2009] [notice] caught SIGTERM, shutting down [Fri Feb 20 12:34:13 2009] [notice] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads. [Fri Feb 20 12:34:13 2009] [notice] mod_python: using mutex_directory /tmp [Fri Feb 20 12:34:14 2009] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.8j mod_python/3.3.1 Python/2.5.2 configured -- resuming normal operations [Fri Feb 20 12:34:14 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:34:16 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:34:16 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:34:16 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:51:30 2009] [notice] caught SIGTERM, shutting down [Fri Feb 20 12:51:33 2009] [notice] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads. [Fri Feb 20 12:51:33 2009] [notice] mod_python: using mutex_directory /tmp [Fri Feb 20 12:51:34 2009] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.8j mod_python/3.3.1 Python/2.5.2 configured -- resuming normal operations [Fri Feb 20 12:51:58 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs [Fri Feb 20 12:52:03 2009] [error] [client 192.168.7.101] client denied by server configuration: /usr/htdocs |
20.02.2009, 13:49
20.02.2009, 16:13
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 |
# see bug #178966 why this is in here
# When we also provide SSL we have to listen to the HTTPS port
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
Listen 443
<VirtualHost _default_:443>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
ErrorLog /var/log/apache2/ssl_error_log
<IfModule log_config_module>
TransferLog /var/log/apache2/ssl_access_log
</IfModule>
## SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
## SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
## Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If the certificate
# is encrypted, then you will be prompted for a pass phrase. Note that a
# kill -HUP will prompt again. Keep in mind that if you have both an RSA
# and a DSA certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
SSLCertificateFile /etc/apache2/ssl/server.crt
#SSLCertificateFile /etc/apache2/ssl/server-dsa.crt
## Server Private Key:
# If the key is not combined with the certificate, use this directive to
# point at the key file. Keep in mind that if you've both a RSA and a DSA
# private key you can configure both in parallel (to also allow the use of
# DSA ciphers, etc.)
SSLCertificateKeyFile /etc/apache2/ssl/server.key
#SSLCertificateKeyFile /etc/apache2/ssl/server-dsa.key
## Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the concatenation of
# PEM encoded CA certificates which form the certificate chain for the
# server certificate. Alternatively the referenced file can be the same as
# SSLCertificateFile when the CA certificates are directly appended to the
# server certificate for convinience.
#SSLCertificateChainFile /etc/apache2/ssl/ca.crt
## Certificate Authority (CA):
# Set the CA certificate verification path where to find CA certificates
# for client authentication or alternatively one huge file containing all
# of them (file must be PEM encoded).
# Note: Inside SSLCACertificatePath you need hash symlinks to point to the
# certificate files. Use the provided Makefile to update the hash symlinks
# after changes.
#SSLCACertificatePath /etc/apache2/ssl/ssl.crt
#SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt
## Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client authentication
# or alternatively one huge file containing all of them (file must be PEM
# encoded).
# Note: Inside SSLCARevocationPath you need hash symlinks to point to the
# certificate files. Use the provided Makefile to update the hash symlinks
# after changes.
#SSLCARevocationPath /etc/apache2/ssl/ssl.crl
#SSLCARevocationFile /etc/apache2/ssl/ca-bundle.crl
## Client Authentication (Type):
# Client certificate verification type and depth. Types are none, optional,
# require and optional_no_ca. Depth is a number which specifies how deeply
# to verify the certificate issuer chain before deciding the certificate is
# not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
## Access Control:
# With SSLRequire you can do per-directory access control based on arbitrary
# complex boolean expressions containing server variable checks and other
# lookup directives. The syntax is a mixture between C and Perl. See the
# mod_ssl documentation for more details.
#<Location />
# #SSLRequire (%{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
## SSL Engine Options:
# Set various options for the SSL engine.
## FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that the
# standard Auth/DBMAuth methods can be used for access control. The user
# name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
## ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server
# (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates into
# CGI scripts.
## StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the exportation
# for CGI and SSI requests only.
## StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even under
# a "Satisfy any" situation, i.e. when it applies access is denied and no
# other module can change it.
## OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/localhost/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
## SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait
# for the close notify alert from client. When you need a different
# shutdown approach you can use one of the following variables:
## ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates the
# SSL/TLS standard but is needed for some brain-dead browsers. Use this when
# you receive I/O errors because of the standard approach where mod_ssl
# sends the close notify alert.
## ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation works
# correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
<IfModule setenvif_module>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
## Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a compact
# non-error SSL logfile on a virtual host basis.
<IfModule log_config_module>
CustomLog /var/log/apache2/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
</IfModule>
</VirtualHost>
</IfModule>
</IfDefine>
</IfDefine>
# vim: ts=4 filetype=apache
|
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
<IfDefine DEFAULT_VHOST>
# see bug #178966 why this is in here
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 81
# Use name-based virtual hosting.
NameVirtualHost *:81
# When virtual hosts are enabled, the main host defined in the default
# httpd.conf configuration will go away. We redefine it here so that it is
# still available.
#
# If you disable this vhost by removing -D DEFAULT_VHOST from
# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
# the default.
<VirtualHost *:81>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
</VirtualHost>
</IfDefine>
# vim: ts=4 filetype=apache
|
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
#Listen 12.34.56.78:80
Listen 80
# Use name-based virtual hosting.
#NameVirtualHost 192.168.7.102:80
<VirtualHost *:80>
ServerName trac.gubellan.net
#DocumentRoot /user/lib/python2.5/site-packages/trac/
<LocationMatch "/">
SetEnv PYTHON_EGG_CACHE /var/lib/trac/egg-cache/
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /usr/lib/python2.5/site-packages/trac
PythonOption TracUriRoot /
</LocationMatch>
<LocationMatch "/[^/]+/login">
AuthType Basic
AuthName "Trac Server"
AuthUserFile /var/svn/conf/svnusers
Require valid-user
</LocationMatch>
</VirtualHost>
|
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
# This is a modification of the default Apache 2.2 configuration file # for Gentoo Linux. # # Support: # http://www.gentoo.org/main/en/lists.xml [mailing lists] # http://forums.gentoo.org/ [web forums] # irc://irc.freenode.net#gentoo-apache [irc chat] # # Bug Reports: # http://bugs.gentoo.org [gentoo related bugs] # http://httpd.apache.org/bug_report.html [apache httpd related bugs] # # # This is the main Apache HTTP server configuration file. It contains the # configuration directives that give the server its instructions. # See <URL:http://httpd.apache.org/docs/2.2> for detailed information. # In particular, see # <URL:http://httpd.apache.org/docs/2.2/mod/directives.html> # for a discussion of each configuration directive. # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # # Configuration and logfile names: If the filenames you specify for many # of the server's control files begin with "/" (or "drive:/" for Win32), the # server will use that explicit path. If the filenames do *not* begin # with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" # with ServerRoot set to "/usr" will be interpreted by the # server as "/usr/var/log/apache2/foo.log". # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # Do not add a slash at the end of the directory path. If you point # ServerRoot at a non-local disk, be sure to point the LockFile directive # at a local disk. If you wish to share the same ServerRoot for multiple # httpd daemons, you will need to change at least LockFile and PidFile. ServerRoot "/usr/lib/apache2" # Dynamic Shared Object (DSO) Support # # To be able to use the functionality of a module which was built as a DSO you # have to place corresponding `LoadModule' lines at this location so the # directives contained in it are actually available _before_ they are used. # Statically compiled modules (those listed by `httpd -l') do not need # to be loaded here. # # Example: # LoadModule foo_module modules/mod_foo.so # # GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. # Do not change manually, it will be overwritten on upgrade. # # The following modules are considered as the default configuration. # If you wish to disable one of them, you may have to alter other # configuration directives. # # Change these at your own risk! LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_alias_module modules/mod_authn_alias.so LoadModule authn_anon_module modules/mod_authn_anon.so LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule authz_default_module modules/mod_authz_default.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule autoindex_module modules/mod_autoindex.so <IfDefine CACHE> LoadModule cache_module modules/mod_cache.so </IfDefine> LoadModule cgi_module modules/mod_cgi.so <IfDefine DAV> LoadModule dav_module modules/mod_dav.so </IfDefine> <IfDefine DAV> LoadModule dav_fs_module modules/mod_dav_fs.so </IfDefine> <IfDefine DAV> LoadModule dav_lock_module modules/mod_dav_lock.so </IfDefine> LoadModule deflate_module modules/mod_deflate.so LoadModule dir_module modules/mod_dir.so <IfDefine CACHE> LoadModule disk_cache_module modules/mod_disk_cache.so </IfDefine> LoadModule env_module modules/mod_env.so LoadModule expires_module modules/mod_expires.so LoadModule ext_filter_module modules/mod_ext_filter.so <IfDefine CACHE> LoadModule file_cache_module modules/mod_file_cache.so </IfDefine> LoadModule filter_module modules/mod_filter.so LoadModule headers_module modules/mod_headers.so LoadModule include_module modules/mod_include.so <IfDefine INFO> LoadModule info_module modules/mod_info.so </IfDefine> LoadModule log_config_module modules/mod_log_config.so LoadModule logio_module modules/mod_logio.so <IfDefine CACHE> LoadModule mem_cache_module modules/mod_mem_cache.so </IfDefine> LoadModule mime_module modules/mod_mime.so LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule speling_module modules/mod_speling.so <IfDefine SSL> LoadModule ssl_module modules/mod_ssl.so </IfDefine> <IfDefine STATUS> LoadModule status_module modules/mod_status.so </IfDefine> LoadModule unique_id_module modules/mod_unique_id.so <IfDefine USERDIR> LoadModule userdir_module modules/mod_userdir.so </IfDefine> LoadModule usertrack_module modules/mod_usertrack.so LoadModule vhost_alias_module modules/mod_vhost_alias.so # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch. # # User/Group: The name (or #number) of the user/group to run httpd as. # It is usually good practice to create a dedicated user and group for # running httpd, as with most system services. User apache Group apache # Supplemental configuration # # Most of the configuration files in the /etc/apache2/modules.d/ directory can # be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features # or to modify the default configuration of the server. # # To know which flag to add to APACHE2_OPTS, look at the first line of the # the file, which will usually be an <IfDefine OPTION> where OPTION is the # flag to use. Include /etc/apache2/modules.d/*.conf # Virtual-host support # # Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we # include a default vhost (enabled by adding -D DEFAULT_VHOST to # APACHE2_OPTS in /etc/conf.d/apache2). Include /etc/apache2/vhosts.d/*.conf # vim: ts=4 filetype=apache |
20.02.2009, 19:49
|
|
Quellcode |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
#Listen 12.34.56.78:80
Listen 80
# Use name-based virtual hosting.
#NameVirtualHost 192.168.7.102:80
<VirtualHost *:80>
ServerName trac.gubellan.net
#DocumentRoot /user/lib/python2.5/site-packages/trac/
<directory /usr>
allow from all
</directory>
<LocationMatch "/">
SetEnv PYTHON_EGG_CACHE /var/lib/trac/egg-cache/
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir /data/trac
PythonOption TracUriRoot /
</LocationMatch>
<LocationMatch "/[^/]+/login">
AuthType Basic
AuthName "Trac Server"
AuthUserFile /var/svn/conf/svnusers
Require valid-user
</LocationMatch>
</VirtualHost>
|
21.02.2009, 09:08
