123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223 |
- ServerRoot "/usr/local/apache2"
- Listen 80
- LoadModule mpm_event_module modules/mod_mpm_event.so
- LoadModule authn_core_module modules/mod_authn_core.so
- LoadModule authz_core_module modules/mod_authz_core.so
- LoadModule access_compat_module modules/mod_access_compat.so
- LoadModule mime_module modules/mod_mime.so
- LoadModule log_config_module modules/mod_log_config.so
- LoadModule env_module modules/mod_env.so
- #LoadModule expires_module modules/mod_expires.so
- LoadModule headers_module modules/mod_headers.so
- #LoadModule setenvif_module modules/mod_setenvif.so
- #LoadModule remoteip_module modules/mod_remoteip.so
- LoadModule proxy_module modules/mod_proxy.so
- LoadModule proxy_http_module modules/mod_proxy_http.so
- LoadModule unixd_module modules/mod_unixd.so
- #LoadModule status_module modules/mod_status.so
- #LoadModule autoindex_module modules/mod_autoindex.so
- LoadModule dir_module modules/mod_dir.so
- LoadModule alias_module modules/mod_alias.so
- LoadModule session_module modules/mod_session.so
- LoadModule session_crypto_module modules/mod_session_crypto.so
- LoadModule session_cookie_module modules/mod_session_cookie.so
- LoadModule request_module modules/mod_request.so
- LoadModule authz_user_module modules/mod_authz_user.so
- LoadModule auth_form_module modules/mod_auth_form.so
- LoadModule authn_dbd_module modules/mod_authn_dbd.so
- LoadModule dbd_module modules/mod_dbd.so
- LoadModule macro_module modules/mod_macro.so
- LoadModule rewrite_module modules/mod_rewrite.so
- <IfModule unixd_module>
- #
- # If you wish httpd to run as a different user or group, you must run
- # httpd as root initially and it will switch.
- #
- # User/Group: The name (or #number) of the user/group to run httpd as.
- # It is usually good practice to create a dedicated user and group for
- # running httpd, as with most system services.
- #
- User daemon
- Group daemon
- </IfModule>
- ServerAdmin you@example.com
- ServerName feedati-fe:80
- DBDriver pgsql
- DBDParams "host=db dbname=feeds user=apache password=apachepass"
- <Macro Auth>
- AuthFormLoginRequiredLocation "/login/"
- # authn
- AuthFormProvider dbd
- AuthDBDUserPWQuery "SELECT password FROM users.users WHERE username = %s"
- # form
- AuthType form
- AuthName "authenticationform"
- # mod_session
- Session On
- SessionCookieName session path=/;httponly
- SessionCryptoPassphrase changeme!really!
- </Macro>
- <Location "/login/do">
- SetHandler form-login-handler
- Use Auth
- AuthFormLoginSuccessLocation "/panel/"
- </Location>
- <Directory />
- AllowOverride none
- Require all denied
- </Directory>
- DocumentRoot "/var/www"
- <Directory "/var/www">
- Options None
- AllowOverride None
- Use Auth
- Require all granted
- </Directory>
- <Files ".ht*">
- Require all denied
- </Files>
- # ErrorLog: The location of the error log file.
- # If you do not specify an ErrorLog directive within a <VirtualHost>
- # container, error messages relating to that virtual host will be
- # logged here. If you *do* define an error logfile for a <VirtualHost>
- # container, that host's errors will be logged there and not here.
- #
- ErrorLog /proc/self/fd/2
- # LogLevel: Control the number of messages logged to the error_log.
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
- <IfModule log_config_module>
- #
- # The following directives define some format nicknames for use with
- # a CustomLog directive (see below).
- #
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
- <IfModule logio_module>
- # You need to enable mod_logio.c to use %I and %O
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
- </IfModule>
- #
- # The location and format of the access logfile (Common Logfile Format).
- # If you do not define any access logfiles within a <VirtualHost>
- # container, they will be logged here. Contrariwise, if you *do*
- # define per-<VirtualHost> access logfiles, transactions will be
- # logged therein and *not* in this file.
- #
- CustomLog /proc/self/fd/1 common
- #
- # If you prefer a logfile with access, agent, and referer information
- # (Combined Logfile Format) you can use the following directive.
- #
- #CustomLog "logs/access_log" combined
- </IfModule>
- <IfModule headers_module>
- #
- # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
- # backend servers which have lingering "httpoxy" defects.
- # 'Proxy' request header is undefined by the IETF, not listed by IANA
- #
- RequestHeader unset Proxy early
- </IfModule>
- <IfModule mime_module>
- #
- # TypesConfig points to the file containing the list of mappings from
- # filename extension to MIME-type.
- #
- TypesConfig conf/mime.types
- #
- # AddType allows you to add to or override the MIME configuration
- # file specified in TypesConfig for specific file types.
- #
- #AddType application/x-gzip .tgz
- #
- # AddEncoding allows you to have certain browsers uncompress
- # information on the fly. Note: Not all browsers support this.
- #
- #AddEncoding x-compress .Z
- #AddEncoding x-gzip .gz .tgz
- #
- # If the AddEncoding directives above are commented-out, then you
- # probably should define those extensions to indicate media types:
- #
- AddType application/x-compress .Z
- AddType application/x-gzip .gz .tgz
- #
- # AddHandler allows you to map certain file extensions to "handlers":
- # actions unrelated to filetype. These can be either built into the server
- # or added with the Action directive (see below)
- #
- # To use CGI scripts outside of ScriptAliased directories:
- # (You will also need to add "ExecCGI" to the "Options" directive.)
- #
- #AddHandler cgi-script .cgi
- # For type maps (negotiated resources):
- #AddHandler type-map var
- #
- # Filters allow you to process content before it is sent to the client.
- #
- # To parse .shtml files for server-side includes (SSI):
- # (You will also need to add "Includes" to the "Options" directive.)
- #
- #AddType text/html .shtml
- #AddOutputFilter INCLUDES .shtml
- </IfModule>
- Redirect permanent "/tt-rss" "/tt-rss/"
- ProxyPreserveHost On
- <Location /tt-rss/>
- ProxyPass http://tt-rss/tt-rss/
- ProxyPassReverse http://tt-rss/tt-rss/
- Use Auth
- Require valid-user
- RewriteEngine on
- RewriteRule .* - [E=RU:%{LA-U:REMOTE_USER},NS]
- RequestHeader set X-Forwarded-User %{RU}e
- </Location>
- Redirect permanent "/rss-bridge" "/rss-bridge/"
- <Location /rss-bridge/>
- ProxyPass http://rss-bridge/
- ProxyPassReverse http://rss-bridge/
- Require all granted
- </Location>
- <Location /panel/>
- ProxyPass http://panel:8000/panel/
- ProxyPassReverse http://panel:8000/panel/
- Use Auth
- Require valid-user
- RewriteEngine on
- RewriteRule .* - [E=RU:%{LA-U:REMOTE_USER},NS]
- RequestHeader set X-Forwarded-User %{RU}e
- </Location>
- # vim: set ft=apache bkc=yes:
|