WebSVN – ALCASAR – Diff – /conf/lighttpd/vhosts.d/alcasar-without-ssl.conf



    ssl.engine = "enable"
    ssl.pemfile = "/etc/pki/tls/private/alcasar.pem"
    ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem"
    ssl.use-sslv2 = "disable"
    ssl.use-sslv3 = "disable"
 
    ssl.honor-cipher-order = "enable"
    ssl.cipher-list = "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
 
    var.server_name = "alcasar.localdomain"
    server.name = server_name
 
    server.document-root = "/var/www/html"
 
}
 
$HTTP["scheme"] == "https" {
 
    alias.url = (
        "/save" => "/var/Save"
    )
 
    # Digest authentication configuration
    auth.backend = "htdigest"
 
    auth.require = (
        "/acc/" => 
        (
            "method"  => "digest",
            "realm"   => "ALCASAR Control Center (ACC)",

        (
            "method"  => "digest",
            "realm"   => "ALCASAR Control Center (ACC)",
            "require" => "valid-user"
        )
 
    )
 
    $HTTP["url"] =~ "^/(acc|save)/" {
        # Setting digest files according access permissions
        $HTTP["url"] =~ "^/acc/" {
            auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_all"
 

 
            $HTTP["url"] =~ "^/acc/backup/" {
                auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"
            }
        }
 
        $HTTP["url"] =~ "^/save" {
            auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"
 
            # Enabling directory listing
            dir-listing.activate = "enable"
        }
    }
}

Rev 2920	Rev 2923
Line 15...	Line 15...
15	`ssl.engine = "enable"`	15	`ssl.engine = "enable"`
16	`ssl.pemfile = "/etc/pki/tls/private/alcasar.pem"`	16	`ssl.pemfile = "/etc/pki/tls/private/alcasar.pem"`
17	`ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem"`	17	`ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem"`
18	`ssl.use-sslv2 = "disable"`	18	`ssl.use-sslv2 = "disable"`
19	`ssl.use-sslv3 = "disable"`	19	`ssl.use-sslv3 = "disable"`
20	`ssl.use-compression = "disable"`	-
21	`ssl.honor-cipher-order = "enable"`	20	`ssl.honor-cipher-order = "enable"`
22	`ssl.cipher-list = "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"`	21	`ssl.cipher-list = "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"`
23		-
24	`var.server_name = "alcasar.localdomain"`	22	`var.server_name = "alcasar.localdomain"`
25	`server.name = server_name`	23	`server.name = server_name`
26		-
27	`server.document-root = "/var/www/html"`	24	`server.document-root = "/var/www/html"`
28		-
29	`}`	25	`}`
30		26
31	`$HTTP["scheme"] == "https" {`	27	`$HTTP["scheme"] == "https" {`
32		-
33	`alias.url = (`	28	`alias.url = (`
34	`"/save" => "/var/Save"`	29	`"/save" => "/var/Save"`
35	`)`	30	`)`
36		-
37	`# Digest authentication configuration`	31	`# Digest authentication configuration`
38	`auth.backend = "htdigest"`	32	`auth.backend = "htdigest"`
39	`auth.debug = 1`	-
40	`auth.require = (`	33	`auth.require = (`
41	`"/acc/" =>`	34	`"/acc/" =>`
42	`(`	35	`(`
43	`"method" => "digest",`	36	`"method" => "digest",`
44	`"realm" => "ALCASAR Control Center (ACC)",`	37	`"realm" => "ALCASAR Control Center (ACC)",`
Line 48...	Line 41...
48	`(`	41	`(`
49	`"method" => "digest",`	42	`"method" => "digest",`
50	`"realm" => "ALCASAR Control Center (ACC)",`	43	`"realm" => "ALCASAR Control Center (ACC)",`
51	`"require" => "valid-user"`	44	`"require" => "valid-user"`
52	`)`	45	`)`
53		-
54	`)`	46	`)`
55		-
56	`$HTTP["url"] =~ "^/(acc\|save)/" {`	47	`$HTTP["url"] =~ "^/(acc\|save)/" {`
57	`# Setting digest files according access permissions`	48	`# Setting digest files according access permissions`
58	`$HTTP["url"] =~ "^/acc/" {`	49	`$HTTP["url"] =~ "^/acc/" {`
59	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_all"`	50	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_all"`
60		51
Line 68...	Line 59...
68		59
69	`$HTTP["url"] =~ "^/acc/backup/" {`	60	`$HTTP["url"] =~ "^/acc/backup/" {`
70	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"`	61	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"`
71	`}`	62	`}`
72	`}`	63	`}`
73		-
74	`$HTTP["url"] =~ "^/save" {`	64	`$HTTP["url"] =~ "^/save" {`
75	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"`	65	`auth.backend.htdigest.userfile = "/usr/local/etc/digest/key_backup"`
76		-
77	`# Enabling directory listing`	66	`# Enabling directory listing`
78	`dir-listing.activate = "enable"`	67	`dir-listing.activate = "enable"`
79	`}`	68	`}`
80	`}`	69	`}`
81	`}`	70	`}`

Subversion Repositories ALCASAR

(root)/conf/lighttpd/vhosts.d/alcasar-without-ssl.conf – Rev 2920 → 2923