diff options
author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2011-10-24 05:00:37 -0700 |
---|---|---|
committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2011-10-24 05:00:37 -0700 |
commit | e7cc89379599c1e89d367426b55d57efb1bf3bbe (patch) | |
tree | ffca9b337000f066d7c35970bbbcb6e7f05208eb | |
parent | 6ff2d3abe6a8c7a93adf6f0335ef13ccce09cc0c (diff) | |
download | piny-code-e7cc89379599c1e89d367426b55d57efb1bf3bbe.tar.gz piny-code-e7cc89379599c1e89d367426b55d57efb1bf3bbe.zip |
Shifting instances of SSLRequireSSL around so Piny can operate behind an SSL proxy
-rw-r--r-- | libpiny/lib/Piny/Repo.pm | 12 | ||||
-rw-r--r-- | pinyconfigs/etc/apache2/sites-available/piny | 2 |
2 files changed, 7 insertions, 7 deletions
diff --git a/libpiny/lib/Piny/Repo.pm b/libpiny/lib/Piny/Repo.pm index dbb981b..eee8f90 100644 --- a/libpiny/lib/Piny/Repo.pm +++ b/libpiny/lib/Piny/Repo.pm @@ -752,21 +752,21 @@ sub _build_apache_global_config { if ( $s->config->core_sharedrepository eq "0666" ) { return ( - "<Directory " . $s->secure_path . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled off\n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"Valid Piny user needed.\"\n" . " Require valid-user\n" . " </Directory>\n" + "<Directory " . $s->secure_path . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled off\n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"Valid Piny user needed.\"\n" . " Require valid-user\n" . " </Directory>\n" ); } elsif ( $s->config->core_sharedrepository =~ /^(0664|all|everybody|world)$/ ) { return ( - "<Directory " . $s->secure_path . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" + "<Directory " . $s->secure_path . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" ); } elsif ( $s->config->core_sharedrepository =~ /^(0660|true|1|group)$/ ) { return ( - "<Directory " . $s->secure_path . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" . - "<Directory " . $s->ikiwiki_destdir . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" + "<Directory " . $s->secure_path . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" . + "<Directory " . $s->ikiwiki_destdir . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" ); } elsif ( $s->config->core_sharedrepository =~ /^(0640|false|0)$/ ) { return ( - "<Directory " . $s->secure_path . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled off\n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"Owner of " . $s->name . " repository needed.\"\n Require user " . $s->owner->name . "\n</Directory>\n" . - "<Directory " . $s->ikiwiki_destdir . ">\n SSLRequireSSL\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" + "<Directory " . $s->secure_path . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled off\n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"Owner of " . $s->name . " repository needed.\"\n Require user " . $s->owner->name . "\n</Directory>\n" . + "<Directory " . $s->ikiwiki_destdir . ">\n AuthPAM_Enabled on\n AuthGROUP_Enabled on \n AuthPAM_FallThrough off\n AuthBasicAuthoritative off\n AuthType Basic\n AuthName \"User with access to " . $s->name . " repository needed.\"\n Require group " . $s->group->name . "\n</Directory>\n" ); } else { die ( $s->config->core_sharedrepository . "is an unhandled value!" ); diff --git a/pinyconfigs/etc/apache2/sites-available/piny b/pinyconfigs/etc/apache2/sites-available/piny index 2dfdb02..445e41b 100644 --- a/pinyconfigs/etc/apache2/sites-available/piny +++ b/pinyconfigs/etc/apache2/sites-available/piny @@ -51,12 +51,12 @@ RedirectMatch 301 ^/$ http://piny.be/ <Directory /> + SSLRequireSSL Options Indexes FollowSymLinks MultiViews AllowOverride None </Directory> <Directory "/srv/www/secure.piny.be/write"> - SSLRequireSSL SetHandler cgi-script Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch </Directory> |