|
@@ -10,7 +10,7 @@ LoadModule mime_module modules/mod_mime.so
|
|
|
LoadModule log_config_module modules/mod_log_config.so
|
|
|
LoadModule env_module modules/mod_env.so
|
|
|
#LoadModule expires_module modules/mod_expires.so
|
|
|
-#LoadModule headers_module modules/mod_headers.so
|
|
|
+LoadModule headers_module modules/mod_headers.so
|
|
|
#LoadModule setenvif_module modules/mod_setenvif.so
|
|
|
#LoadModule remoteip_module modules/mod_remoteip.so
|
|
|
LoadModule proxy_module modules/mod_proxy.so
|
|
@@ -20,7 +20,18 @@ LoadModule status_module modules/mod_status.so
|
|
|
LoadModule autoindex_module modules/mod_autoindex.so
|
|
|
LoadModule dir_module modules/mod_dir.so
|
|
|
LoadModule alias_module modules/mod_alias.so
|
|
|
-#LoadModule rewrite_module modules/mod_rewrite.so
|
|
|
+
|
|
|
+LoadModule session_module modules/mod_session.so
|
|
|
+LoadModule session_crypto_module modules/mod_session_crypto.so
|
|
|
+LoadModule session_cookie_module modules/mod_session_cookie.so
|
|
|
+LoadModule request_module modules/mod_request.so
|
|
|
+LoadModule authz_user_module modules/mod_authz_user.so
|
|
|
+LoadModule auth_form_module modules/mod_auth_form.so
|
|
|
+LoadModule authn_file_module modules/mod_authn_file.so
|
|
|
+# LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
|
|
+
|
|
|
+LoadModule macro_module modules/mod_macro.so
|
|
|
+LoadModule rewrite_module modules/mod_rewrite.so
|
|
|
|
|
|
<IfModule unixd_module>
|
|
|
#
|
|
@@ -39,37 +50,38 @@ ServerAdmin you@example.com
|
|
|
|
|
|
ServerName feedati-fe:80
|
|
|
|
|
|
+<Macro Auth>
|
|
|
+ AuthFormLoginRequiredLocation "/login/"
|
|
|
+ AuthFormLoginRequiredLocation "/login/"
|
|
|
+ AuthFormProvider file
|
|
|
+# authn
|
|
|
+ AuthFormProvider file
|
|
|
+ AuthUserFile /etc/apache2/passwords.txt
|
|
|
+# form
|
|
|
+ AuthType form
|
|
|
+ AuthName "authenticationform"
|
|
|
+# mod_session
|
|
|
+ Session On
|
|
|
+ SessionCookieName session path=/;httponly
|
|
|
+ SessionCryptoPassphrase changeme!really!
|
|
|
+</Macro>
|
|
|
+
|
|
|
+<Location "/login/do">
|
|
|
+SetHandler form-login-handler
|
|
|
+Use Auth
|
|
|
+AuthFormLoginSuccessLocation "/tt-rss/"
|
|
|
+</Location>
|
|
|
+
|
|
|
<Directory />
|
|
|
AllowOverride none
|
|
|
Require all denied
|
|
|
</Directory>
|
|
|
|
|
|
-DocumentRoot "/usr/local/apache2/htdocs"
|
|
|
-<Directory "/usr/local/apache2/htdocs">
|
|
|
- #
|
|
|
- # Possible values for the Options directive are "None", "All",
|
|
|
- # or any combination of:
|
|
|
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
|
|
|
- #
|
|
|
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
|
|
|
- # doesn't give it to you.
|
|
|
- #
|
|
|
- # The Options directive is both complicated and important. Please see
|
|
|
- # http://httpd.apache.org/docs/2.4/mod/core.html#options
|
|
|
- # for more information.
|
|
|
- #
|
|
|
- Options Indexes FollowSymLinks
|
|
|
-
|
|
|
- #
|
|
|
- # AllowOverride controls what directives may be placed in .htaccess files.
|
|
|
- # It can be "All", "None", or any combination of the keywords:
|
|
|
- # AllowOverride FileInfo AuthConfig Limit
|
|
|
- #
|
|
|
+DocumentRoot "/var/www"
|
|
|
+<Directory "/var/www">
|
|
|
+ Options None
|
|
|
AllowOverride None
|
|
|
-
|
|
|
- #
|
|
|
- # Controls who can get stuff from this server.
|
|
|
- #
|
|
|
+ Use Auth
|
|
|
Require all granted
|
|
|
</Directory>
|
|
|
|
|
@@ -180,11 +192,17 @@ ProxyPreserveHost On
|
|
|
<Location /tt-rss/>
|
|
|
ProxyPass http://tt-rss/tt-rss/
|
|
|
ProxyPassReverse http://tt-rss/tt-rss/
|
|
|
+Use Auth
|
|
|
+Require valid-user
|
|
|
+RewriteEngine on
|
|
|
+RewriteRule .* - [E=RU:%{LA-U:REMOTE_USER},NS]
|
|
|
+RequestHeader set X-Forwarded-User %{RU}e
|
|
|
</Location>
|
|
|
|
|
|
<Location /rss-bridge/>
|
|
|
ProxyPass http://rss-bridge/
|
|
|
ProxyPassReverse http://rss-bridge/
|
|
|
+Require all granted
|
|
|
</Location>
|
|
|
|
|
|
# vim: set ft=apache bkc=yes:
|