diff options
| author | Pierre-Yves Chibon <pingou@pingoured.fr> | 2017-05-31 10:37:42 +0200 |
|---|---|---|
| committer | Pierre-Yves Chibon <pingou@pingoured.fr> | 2017-05-31 10:37:42 +0200 |
| commit | b36d12b497da683b14f5d24aedcdb45496c352a6 (patch) | |
| tree | 062dd5be486c3b2b55c63d1dd64d4dee88f14da7 /roles/ccsdb | |
| parent | 6eb8e901e2f15755b0f853abbec2569c4f6f86c9 (diff) | |
| download | ansible-b36d12b497da683b14f5d24aedcdb45496c352a6.tar.gz ansible-b36d12b497da683b14f5d24aedcdb45496c352a6.tar.xz ansible-b36d12b497da683b14f5d24aedcdb45496c352a6.zip | |
Add the ccsdb.conf apache config file
Diffstat (limited to 'roles/ccsdb')
| -rw-r--r-- | roles/ccsdb/templates/ccsdb.conf | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/roles/ccsdb/templates/ccsdb.conf b/roles/ccsdb/templates/ccsdb.conf new file mode 100644 index 000000000..7863c4fcf --- /dev/null +++ b/roles/ccsdb/templates/ccsdb.conf @@ -0,0 +1,27 @@ +WSGIDaemonProcess ccsdb user=apache group=apache threads=5 +WSGIScriptAlias /{{ ccsdb_endpoint }} /usr/share/ccsdb/ccsdb.wsgi +WSGISocketPrefix run/wsgi + +# this isn't the best way to force SSL but it works for now +#RewriteEngine On +#RewriteCond %{HTTPS} !=on +#RewriteRule ^/execdb/admin/?(.*) https://%{SERVER_NAME}/$1 [R,L] + +<Directory /usr/share/ccsdb> + WSGIProcessGroup ccsdb + WSGIApplicationGroup %{GLOBAL} + WSGIScriptReloading On + <IfModule mod_authz_core.c> + # Apache 2.4 + <RequireAny> + Require method GET + Require ip 127.0.0.1 ::1{% for host in allowed_hosts %} {{ host }}{% endfor %} + + </RequireAny> + </IfModule> + <IfModule !mod_auth_core.c> + Order allow,deny + Allow from all + </IfModule> + +</Directory> |