[Mpuls-commits] r2309 - in wasko/branches/2.0: . contrib contrib/apache

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Mon Apr 12 14:12:14 CEST 2010


Author: torsten
Date: 2010-04-12 14:12:07 +0200 (Mon, 12 Apr 2010)
New Revision: 2309

Added:
   wasko/branches/2.0/contrib/
   wasko/branches/2.0/contrib/apache/
   wasko/branches/2.0/contrib/apache/apache-site-proxy.conf
   wasko/branches/2.0/contrib/apache/apache-site-wsgi.conf
   wasko/branches/2.0/contrib/apache/mpuls.wsgi
Modified:
   wasko/branches/2.0/ChangeLog
Log:
Added template configuration files.


Modified: wasko/branches/2.0/ChangeLog
===================================================================
--- wasko/branches/2.0/ChangeLog	2010-04-12 08:24:57 UTC (rev 2308)
+++ wasko/branches/2.0/ChangeLog	2010-04-12 12:12:07 UTC (rev 2309)
@@ -1,3 +1,11 @@
+2010-04-12  Torsten Irländer <torsten.irlaender at intevation.de>
+
+	* contrib/apache/mpuls.wsgi,
+	  contrib/apache/apache-site-proxy.conf,
+	  contrib/apache/apache-site-wsgi.conf: Added templates for
+	  configuration as wsgi-application, or stand-alone application behind
+	  a reverse proxy.
+
 2010-04-12  Roland Geider <roland.geider at intevation.de>
 	
         * mpulsweb/public/styles/all.css: Set the vertical alignment of

Added: wasko/branches/2.0/contrib/apache/apache-site-proxy.conf
===================================================================
--- wasko/branches/2.0/contrib/apache/apache-site-proxy.conf	2010-04-12 08:24:57 UTC (rev 2308)
+++ wasko/branches/2.0/contrib/apache/apache-site-proxy.conf	2010-04-12 12:12:07 UTC (rev 2309)
@@ -0,0 +1,70 @@
+NameVirtualHost *
+<VirtualHost *>
+        ServerAdmin webmaster at localhost
+
+	ProxyRequests Off
+        RewriteEngine On
+        RewriteOptions Inherit
+
+	<Proxy *>
+                Order deny,allow
+                Allow from all
+        </Proxy>
+
+	ProxyPass / http://127.0.0.1:8080/
+        ProxyPassReverse / http://127.0.0.1:8080/
+
+	SSLProxyEngine on
+        SSLEngine On
+        SSLCipherSuite HIGH:MEDIUM
+        SSLCertificateFile    /etc/apache2/ssl/server.crt
+        SSLCertificateKeyFile /etc/apache2/ssl/server.key
+        SSLCACertificatePath  /etc/apache2/ssl/clients
+
+	# If you do not want to use client certificates commen out the
+	# following line and set header for dbname and app name
+	# Do not forget to comment out the requirements under <location>
+        SSLVerifyClient        require
+
+        SSLVerifyDepth         1
+        SSLSessionCacheTimeout 1800
+        SSLOptions             StdEnvVars
+
+	# Set correct headers for dbname and appname.
+	# Format of SSL_CLIENT_S_DN_CN: "XXX XXX XXX dbname" 
+	RequestHeader set MPULS_DBNAME %{SSL_CLIENT_S_DN_CN}s
+        RequestHeader set MPULS_APPNAME %{SSL_CLIENT_S_DN}s 
+
+        <Location />
+		# Please set correct SSL_CLIENT_S_DN_OU
+                SSLRequire (%{SSL_CLIENT_S_DN_OU} eq "WASKO_Demo" \
+                or %{SSL_CLIENT_S_DN_OU} eq "mpuls") \
+                and %{SSL_CLIENT_VERIFY} eq "SUCCESS"
+
+                # Insert filter
+                SetOutputFilter DEFLATE
+
+                # Netscape 4.x has some problems...
+                BrowserMatch ^Mozilla/4 gzip-only-text/html
+
+                # Netscape 4.06-4.08 have some more problems
+                BrowserMatch ^Mozilla/4\.0[678] no-gzip
+
+                # MSIE masquerades as Netscape, but it is fine
+                BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+                # Don't compress images
+                SetEnvIfNoCase Request_URI \
+                \.(?:gif|jpe?g|png)$ no-gzip dont-vary
+
+                # Make sure proxies don't deliver the wrong content
+                Header append Vary User-Agent env=!dont-vary
+        </Location>
+        ErrorLog /var/log/apache2/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog /var/log/apache2/access.log combined
+        ServerSignature On
+</VirtualHost>

Added: wasko/branches/2.0/contrib/apache/apache-site-wsgi.conf
===================================================================
--- wasko/branches/2.0/contrib/apache/apache-site-wsgi.conf	2010-04-12 08:24:57 UTC (rev 2308)
+++ wasko/branches/2.0/contrib/apache/apache-site-wsgi.conf	2010-04-12 12:12:07 UTC (rev 2309)
@@ -0,0 +1,91 @@
+NameVirtualHost *
+<VirtualHost *>
+        ServerAdmin webmaster at localhost
+
+        SSLEngine On
+        SSLCipherSuite HIGH:MEDIUM
+        SSLCertificateFile    /etc/apache2/ssl/server.crt
+        SSLCertificateKeyFile /etc/apache2/ssl/server.key
+        SSLCACertificatePath  /etc/apache2/ssl/clients
+
+	#Unset http-headers (prevent users to set http-header and connect to a
+	#different database as defined in the client certificate)
+	RequestHeader unset MPULS_DBNAME
+        RequestHeader unset MPULS_APPNAME
+
+	# If you do not want to use client certificates comment out the
+	# following line and set 'dbname' and 'agencyname'
+	# Do not forget to comment out the requirements under <location>
+        SSLVerifyClient        require
+	# Set correct headers for dbname and appname.
+	# Format of SSL_CLIENT_S_DN_CN: "XXX XXX XXX dbname" 
+	RequestHeader set MPULS_DBNAME %{SSL_CLIENT_S_DN_CN}s
+        RequestHeader set MPULS_APPNAME %{SSL_CLIENT_S_DN}s 
+
+        SSLVerifyDepth         1
+        SSLSessionCacheTimeout 1800
+        SSLOptions             StdEnvVars
+
+        WSGIDaemonProcess www-data processes=2 threads=30
+        WSGIProcessGroup www-data 
+
+	# Set correct path to the mpuls.wsgi script
+        WSGIScriptAlias / /usr/local/wsgi/scripts/mpuls.wsgi
+
+        <Location />
+		# Please set correct SSL_CLIENT_S_DN_OU
+                SSLRequire (%{SSL_CLIENT_S_DN_OU} eq "WASKO_Demo" \
+                or %{SSL_CLIENT_S_DN_OU} eq "mpuls") \
+                and %{SSL_CLIENT_VERIFY} eq "SUCCESS"
+
+                # Insert filter
+                SetOutputFilter DEFLATE
+
+                # Netscape 4.x has some problems...
+                BrowserMatch ^Mozilla/4 gzip-only-text/html
+
+                # Netscape 4.06-4.08 have some more problems
+                BrowserMatch ^Mozilla/4\.0[678] no-gzip
+
+                # MSIE masquerades as Netscape, but it is fine
+                BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
+                # Don't compress images
+                SetEnvIfNoCase Request_URI \
+                \.(?:gif|jpe?g|png)$ no-gzip dont-vary
+
+                # Make sure proxies don't deliver the wrong content
+                Header append Vary User-Agent env=!dont-vary
+        </Location>
+
+	DocumentRoot /var/www/
+        <Directory />
+                Options FollowSymLinks
+                AllowOverride None
+        </Directory>
+        <Directory /var/www/>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride None
+                Order allow,deny
+                allow from all
+                # This directive allows us to have apache2's default start page
+                # in /apache2-default/, but still have / go to the right place
+                # RedirectMatch ^/$ /apache2-default/
+        </Directory>
+
+        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+        <Directory "/usr/lib/cgi-bin">
+                AllowOverride None
+                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
+                Order allow,deny
+                Allow from all
+        </Directory>
+
+        ErrorLog /var/log/apache2/error.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog /var/log/apache2/access.log combined
+        ServerSignature On
+</VirtualHost>

Added: wasko/branches/2.0/contrib/apache/mpuls.wsgi
===================================================================
--- wasko/branches/2.0/contrib/apache/mpuls.wsgi	2010-04-12 08:24:57 UTC (rev 2308)
+++ wasko/branches/2.0/contrib/apache/mpuls.wsgi	2010-04-12 12:12:07 UTC (rev 2309)
@@ -0,0 +1,25 @@
+import sys
+import os
+import locale
+
+sys.stdout = sys.stderr
+from paste.deploy import loadapp
+from pkg_resources import working_set
+
+# Set correct app name and conf 
+APP_NAME = 'mpulsweb'
+APP_CONF = 'production.ini'
+APP_PATH = '/usr/local/wsgi/scripts/'+APP_NAME
+SUB_PATH = APP_PATH+'/'+APP_NAME
+
+if not APP_PATH in sys.path: sys.path.append(APP_PATH)
+if not SUB_PATH in sys.path: sys.path.append(SUB_PATH)
+
+working_set.add_entry(APP_PATH)
+
+os.environ['PYTHON_EGG_CACHE'] = '/usr/local/wsgi/egg_cache'
+
+locale.setlocale(locale.LC_ALL, "de_DE.UTF-8")
+
+# Double check if path to config file is correct. 
+application = loadapp('config:%s/%s' % (APP_PATH, APP_CONF)



More information about the Mpuls-commits mailing list