davical/davical-apache.conf@300d43423c2e (annotated)
davical/davical-apache.conf
Wed, 08 Feb 2012 20:07:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 08 Feb 2012 20:07:00 +0200
- changeset 588
- 300d43423c2e
- parent 396
- 610cba0674b9
- permissions
- -rw-r--r--
Update version, adapt patch, correct PID writing, correct build on newer
FreeBSD releases, and most importantly introduce new patch to try to
avoid segfault caused by multiple network interfaces with the same (or
no) address. This is common when configuring bridges and tunnels.
| michael@290 | 1 | ## |
| michael@290 | 2 | ## davical-apache.conf -- DAViCal Apache Custom Configuration |
| michael@290 | 3 | ## |
| michael@290 | 4 | |
| michael@290 | 5 | ServerRoot @l_prefix@ |
| michael@290 | 6 | ServerAdmin root@@l_hostname@.@l_domainname@ |
| michael@290 | 7 | ServerName @l_hostname@.@l_domainname@ |
| michael@290 | 8 | ServerTokens Prod |
| michael@290 | 9 | User @l_rusr@ |
| michael@290 | 10 | Group @l_rgrp@ |
| michael@290 | 11 | <IfDefine !SSL> |
| michael@290 | 12 | Listen 127.0.0.1:8080 |
| michael@290 | 13 | </IfDefine> |
| michael@290 | 14 | <IfDefine SSL> |
| michael@290 | 15 | Listen 127.0.0.1:8443 |
| michael@290 | 16 | </IfDefine> |
| michael@290 | 17 | |
| michael@290 | 18 | # runtime files |
| michael@290 | 19 | PidFile @l_prefix@/var/davical/run/apache.pid |
| michael@290 | 20 | ScoreBoardFile @l_prefix@/var/davical/run/apache.sb |
| michael@290 | 21 | LockFile @l_prefix@/var/davical/run/apache.lck |
| michael@290 | 22 | |
| michael@290 | 23 | # include apache-php |
| michael@290 | 24 | Include @l_prefix@/etc/apache/apache.d/apache-php.conf |
| michael@290 | 25 | |
| michael@290 | 26 | # server behaviour |
| michael@290 | 27 | Timeout 300 |
| michael@290 | 28 | KeepAlive on |
| michael@290 | 29 | MaxKeepAliveRequests 100 |
| michael@290 | 30 | KeepAliveTimeout 15 |
| michael@290 | 31 | MinSpareServers 5 |
| michael@290 | 32 | MaxSpareServers 10 |
| michael@290 | 33 | StartServers 5 |
| michael@290 | 34 | MaxClients 15 |
| michael@290 | 35 | MaxRequestsPerChild 500 |
| michael@290 | 36 | HostnameLookups off |
| michael@290 | 37 | UseCanonicalName on |
| michael@290 | 38 | |
| michael@290 | 39 | # access logging |
| michael@290 | 40 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined |
| michael@290 | 41 | LogFormat "%h %l %u %t \"%r\" %>s %b" common |
| michael@290 | 42 | LogFormat "%{Referer}i -> %U" referer |
| michael@290 | 43 | LogFormat "%{User-agent}i" agent |
| michael@290 | 44 | CustomLog @l_prefix@/var/davical/log/apache.access.log common |
| michael@290 | 45 | |
| michael@290 | 46 | # error logging |
| michael@290 | 47 | LogLevel warn |
| michael@290 | 48 | ErrorLog @l_prefix@/var/davical/log/apache.error.log |
| michael@290 | 49 | ServerSignature on |
| michael@290 | 50 | |
| michael@290 | 51 | # SSL/TLS support |
| michael@290 | 52 | <IfDefine SSL> |
| michael@290 | 53 | SSLEngine on |
| michael@290 | 54 | SSLRandomSeed startup builtin |
| michael@290 | 55 | SSLRandomSeed connect builtin |
| michael@290 | 56 | SSLMutex sem |
| michael@290 | 57 | SSLCADNRequestFile @l_prefix@/etc/x509/example-ca.crt.pem |
| michael@290 | 58 | SSLCACertificateFile @l_prefix@/etc/x509/example-ca.crt.pem |
| michael@290 | 59 | SSLCertificateFile @l_prefix@/etc/x509/example-server.crt.pem |
| michael@290 | 60 | SSLCertificateKeyFile @l_prefix@/etc/x509/example-server.key.pem |
| michael@290 | 61 | SSLSessionCache shm:@l_prefix@/var/davical/run/apache.ssl_scache(512000) |
| michael@290 | 62 | SSLSessionCacheTimeout 300 |
| michael@290 | 63 | SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL |
| michael@290 | 64 | SetEnvIf User-Agent ".*MSIE.*" \ |
| michael@290 | 65 | nokeepalive ssl-unclean-shutdown \ |
| michael@290 | 66 | downgrade-1.0 force-response-1.0 |
| michael@290 | 67 | </IfDefine> |
| michael@290 | 68 | |
| michael@290 | 69 | # secure root directory |
| michael@290 | 70 | <Directory /> |
| michael@290 | 71 | Options FollowSymLinks |
| michael@290 | 72 | AllowOverride None |
| michael@290 | 73 | </Directory> |
| michael@290 | 74 | |
| michael@290 | 75 | # configure PHP |
| michael@290 | 76 | AddType application/x-httpd-php .php |
| michael@290 | 77 | php_admin_flag magic_quotes_gpc on |
| michael@290 | 78 | php_admin_flag register_globals on |
| michael@290 | 79 | php_admin_flag register_argc_argv off |
| michael@290 | 80 | |
| michael@290 | 81 | # configure DAViCal |
| michael@396 | 82 | php_value include_path @l_prefix@/lib/davical/davical/inc:@l_prefix@/lib/davical/davical/htdocs:@l_prefix@/lib/davical/awl/inc |
| michael@396 | 83 | php_value error_reporting "E_ALL&~E_NOTICE" |
| michael@585 | 84 | php_value display_errors "1" |
| michael@290 | 85 | php_value default_charset "utf-8" |
| michael@290 | 86 | RewriteEngine on |
| michael@290 | 87 | RewriteRule ^/caldav/(.*)$ /caldav.php/$1 [PT] |
| michael@585 | 88 | DirectoryIndex index.php |
| michael@290 | 89 | DocumentRoot @l_prefix@/lib/davical/davical/htdocs |
| michael@290 | 90 | <Directory @l_prefix@/lib/davical/davical/htdocs> |
| michael@290 | 91 | <IfDefine SSL> |
| michael@290 | 92 | SSLOptions +StdEnvVars |
| michael@290 | 93 | </IfDefine> |
| michael@290 | 94 | Options None |
| michael@290 | 95 | AllowOverride None |
| michael@290 | 96 | Order allow,deny |
| michael@290 | 97 | Allow from all |
| michael@290 | 98 | </Directory> |
| michael@290 | 99 |
