You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
105 lines
3.3 KiB
105 lines
3.3 KiB
{
|
|
|
|
use esmith::util;
|
|
|
|
if ( $port ne ($modSSL{'TCPPort'} || '443')){
|
|
$OUT .=<<"EOF";
|
|
|
|
#====================================================================
|
|
# HTTPS redirection for LemonLDAP::NG Manager
|
|
#====================================================================
|
|
|
|
RewriteEngine on
|
|
RewriteRule ^/(.*|\$) https://%{HTTP_HOST}/\$1 \[L,R\]
|
|
EOF
|
|
}
|
|
else{
|
|
my $authtype = $lemonldap{'ManagerAuth'} || 'basic';
|
|
my $auth = '';
|
|
my $base = esmith::util::ldapBase($DomainName);
|
|
|
|
unless ( $authtype eq 'self' ) {
|
|
$auth = "AuthName 'LemonLDAP NG Manager Interface'\n" .
|
|
" AuthType Basic\n" .
|
|
" AuthBasicProvider ldap\n" .
|
|
" AuthLDAPURL ldap://localhost/ou=Users,$base?uid\n" .
|
|
" AuthLDAPGroupAttribute memberUid\n" .
|
|
" AuthLDAPGroupAttributeIsDN off\n" .
|
|
" require ldap-user admin";
|
|
}
|
|
|
|
$OUT .=<<"EOF";
|
|
|
|
SSLEngine On
|
|
|
|
PerlOptions +Parent
|
|
|
|
#====================================================================
|
|
# Apache configuration for LemonLDAP::NG Manager
|
|
#====================================================================
|
|
|
|
# DocumentRoot
|
|
DocumentRoot /var/lib/lemonldap-ng/manager/
|
|
<Directory /var/lib/lemonldap-ng/manager/>
|
|
Order deny,allow
|
|
Deny from all
|
|
Allow from $localAccess $externalSSLAccess
|
|
Options +ExecCGI +FollowSymlinks
|
|
$auth
|
|
Satisfy all
|
|
</Directory>
|
|
|
|
# On-line documentation
|
|
Alias /doc/ /var/lib/lemonldap-ng/doc/
|
|
Alias /lib/ /var/lib/lemonldap-ng/doc/lib/
|
|
<Directory /var/lib/lemonldap-ng/doc/>
|
|
Order deny,allow
|
|
Allow from all
|
|
ErrorDocument 404 /notfound.html
|
|
Options +FollowSymlinks
|
|
DirectoryIndex index.pl index.html
|
|
</Directory>
|
|
|
|
# Perl script
|
|
# Note: to avoid manager stay in memory, we don't use ModPerl::Registry
|
|
# by default. Change this to increase manager performances
|
|
<Files *.pl>
|
|
#SetHandler cgi-script
|
|
SetHandler perl-script
|
|
PerlResponseHandler ModPerl::Registry
|
|
</Files>
|
|
|
|
# Directory index
|
|
<IfModule mod_dir.c>
|
|
DirectoryIndex index.pl index.html
|
|
</IfModule>
|
|
|
|
<Location />
|
|
<IfModule mod_deflate.c>
|
|
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
|
SetOutputFilter DEFLATE
|
|
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
|
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
|
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
|
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)\$ no-gzip dont-vary
|
|
</IfModule>
|
|
<IfModule mod_headers.c>
|
|
Header append Vary User-Agent env=!dont-vary
|
|
</IfModule>
|
|
</Location>
|
|
<Location /doc/>
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresDefault "access plus 1 month"
|
|
</IfModule>
|
|
</Location>
|
|
<Location /skins/>
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresDefault "access plus 1 month"
|
|
</IfModule>
|
|
</Location>
|
|
EOF
|
|
}
|
|
}
|
|
|
|
|