davical/davical-apache.conf@c10fb90893b9 (annotated)
davical/davical-apache.conf
Thu, 04 Oct 2012 20:30:05 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 04 Oct 2012 20:30:05 +0200
- changeset 715
- c10fb90893b9
- parent 396
- 610cba0674b9
- permissions
- -rw-r--r--
Correct out of date build configuration, porting to Solaris 11 network
link infrastructure and new libpcap logic. This additionally allows for
device drivers in subdirectories of /dev. Correct packaged nmap
personalities and signatures to work out of the box. Finally, hack
arpd logic to properly close sockets and quit on TERM by repeating
signaling in the run command script. Sadly, all this fails to correct
the run time behaviour of honeyd which fails to bind to the IP layer.
| michael@290 | 1 | ## |
| michael@290 | 2 | ## davical-apache.conf -- DAViCal Apache Custom Configuration |
| michael@290 | 3 | ## |
| michael@290 | 4 | |
| michael@290 | 5 | ServerRoot @l_prefix@ |
| michael@290 | 6 | ServerAdmin root@@l_hostname@.@l_domainname@ |
| michael@290 | 7 | ServerName @l_hostname@.@l_domainname@ |
| michael@290 | 8 | ServerTokens Prod |
| michael@290 | 9 | User @l_rusr@ |
| michael@290 | 10 | Group @l_rgrp@ |
| michael@290 | 11 | <IfDefine !SSL> |
| michael@290 | 12 | Listen 127.0.0.1:8080 |
| michael@290 | 13 | </IfDefine> |
| michael@290 | 14 | <IfDefine SSL> |
| michael@290 | 15 | Listen 127.0.0.1:8443 |
| michael@290 | 16 | </IfDefine> |
| michael@290 | 17 | |
| michael@290 | 18 | # runtime files |
| michael@290 | 19 | PidFile @l_prefix@/var/davical/run/apache.pid |
| michael@290 | 20 | ScoreBoardFile @l_prefix@/var/davical/run/apache.sb |
| michael@290 | 21 | LockFile @l_prefix@/var/davical/run/apache.lck |
| michael@290 | 22 | |
| michael@290 | 23 | # include apache-php |
| michael@290 | 24 | Include @l_prefix@/etc/apache/apache.d/apache-php.conf |
| michael@290 | 25 | |
| michael@290 | 26 | # server behaviour |
| michael@290 | 27 | Timeout 300 |
| michael@290 | 28 | KeepAlive on |
| michael@290 | 29 | MaxKeepAliveRequests 100 |
| michael@290 | 30 | KeepAliveTimeout 15 |
| michael@290 | 31 | MinSpareServers 5 |
| michael@290 | 32 | MaxSpareServers 10 |
| michael@290 | 33 | StartServers 5 |
| michael@290 | 34 | MaxClients 15 |
| michael@290 | 35 | MaxRequestsPerChild 500 |
| michael@290 | 36 | HostnameLookups off |
| michael@290 | 37 | UseCanonicalName on |
| michael@290 | 38 | |
| michael@290 | 39 | # access logging |
| michael@290 | 40 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined |
| michael@290 | 41 | LogFormat "%h %l %u %t \"%r\" %>s %b" common |
| michael@290 | 42 | LogFormat "%{Referer}i -> %U" referer |
| michael@290 | 43 | LogFormat "%{User-agent}i" agent |
| michael@290 | 44 | CustomLog @l_prefix@/var/davical/log/apache.access.log common |
| michael@290 | 45 | |
| michael@290 | 46 | # error logging |
| michael@290 | 47 | LogLevel warn |
| michael@290 | 48 | ErrorLog @l_prefix@/var/davical/log/apache.error.log |
| michael@290 | 49 | ServerSignature on |
| michael@290 | 50 | |
| michael@290 | 51 | # SSL/TLS support |
| michael@290 | 52 | <IfDefine SSL> |
| michael@290 | 53 | SSLEngine on |
| michael@290 | 54 | SSLRandomSeed startup builtin |
| michael@290 | 55 | SSLRandomSeed connect builtin |
| michael@290 | 56 | SSLMutex sem |
| michael@290 | 57 | SSLCADNRequestFile @l_prefix@/etc/x509/example-ca.crt.pem |
| michael@290 | 58 | SSLCACertificateFile @l_prefix@/etc/x509/example-ca.crt.pem |
| michael@290 | 59 | SSLCertificateFile @l_prefix@/etc/x509/example-server.crt.pem |
| michael@290 | 60 | SSLCertificateKeyFile @l_prefix@/etc/x509/example-server.key.pem |
| michael@290 | 61 | SSLSessionCache shm:@l_prefix@/var/davical/run/apache.ssl_scache(512000) |
| michael@290 | 62 | SSLSessionCacheTimeout 300 |
| michael@290 | 63 | SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL |
| michael@290 | 64 | SetEnvIf User-Agent ".*MSIE.*" \ |
| michael@290 | 65 | nokeepalive ssl-unclean-shutdown \ |
| michael@290 | 66 | downgrade-1.0 force-response-1.0 |
| michael@290 | 67 | </IfDefine> |
| michael@290 | 68 | |
| michael@290 | 69 | # secure root directory |
| michael@290 | 70 | <Directory /> |
| michael@290 | 71 | Options FollowSymLinks |
| michael@290 | 72 | AllowOverride None |
| michael@290 | 73 | </Directory> |
| michael@290 | 74 | |
| michael@290 | 75 | # configure PHP |
| michael@290 | 76 | AddType application/x-httpd-php .php |
| michael@290 | 77 | php_admin_flag magic_quotes_gpc on |
| michael@290 | 78 | php_admin_flag register_globals on |
| michael@290 | 79 | php_admin_flag register_argc_argv off |
| michael@290 | 80 | |
| michael@290 | 81 | # configure DAViCal |
| michael@396 | 82 | php_value include_path @l_prefix@/lib/davical/davical/inc:@l_prefix@/lib/davical/davical/htdocs:@l_prefix@/lib/davical/awl/inc |
| michael@396 | 83 | php_value error_reporting "E_ALL&~E_NOTICE" |
| michael@585 | 84 | php_value display_errors "1" |
| michael@290 | 85 | php_value default_charset "utf-8" |
| michael@290 | 86 | RewriteEngine on |
| michael@290 | 87 | RewriteRule ^/caldav/(.*)$ /caldav.php/$1 [PT] |
| michael@585 | 88 | DirectoryIndex index.php |
| michael@290 | 89 | DocumentRoot @l_prefix@/lib/davical/davical/htdocs |
| michael@290 | 90 | <Directory @l_prefix@/lib/davical/davical/htdocs> |
| michael@290 | 91 | <IfDefine SSL> |
| michael@290 | 92 | SSLOptions +StdEnvVars |
| michael@290 | 93 | </IfDefine> |
| michael@290 | 94 | Options None |
| michael@290 | 95 | AllowOverride None |
| michael@290 | 96 | Order allow,deny |
| michael@290 | 97 | Allow from all |
| michael@290 | 98 | </Directory> |
| michael@290 | 99 |
