Actual initial import

Fetched from tgmanage.

2 files changed, 111 insertions, 0 deletions

diff --git a/misc/apache2.conf b/misc/apache2.conf
new file mode 100644
index 0000000..08471e0
--- /dev/null
+++ b/misc/apache2.conf
@@ -0,0 +1,56 @@
+<VirtualHost *:8080>
+        ServerAdmin drift@gathering.org
+        ServerName nms.tg16.gathering.org
+        ServerAlias nms.tg16.gathering.org
+
+        DocumentRoot /srv/tgmanage/web/nms.gathering.org
+	ScriptAlias /api/write/ /srv/tgmanage/web/nms.gathering.org/api/write/
+	ScriptAlias /api/read/ /srv/tgmanage/web/nms.gathering.org/api/read/
+	ScriptAlias /api/public/ /srv/tgmanage/web/nms.gathering.org/api/public/
+	<Directory "/srv/tgmanage/web/nms.gathering.org/api/write/">
+		AllowOverride None
+		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+		<RequireAny>
+			AuthUserFile /srv/tgmanage/web/htpasswd-write
+	                AuthName "Tech:Server Secret Volcano Lair"
+        	        AuthType Basic
+			Require valid-user
+		</RequireAny>
+	</Directory>
+	<Directory "/srv/tgmanage/web/nms.gathering.org/api/read/">
+		AllowOverride None
+		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+		<RequireAny>
+			AuthUserFile /srv/tgmanage/web/htpasswd-read
+	                AuthName "The Gathering Network Management System"
+        	        AuthType Basic
+			Require valid-user
+		</RequireAny>
+	</Directory>
+	<Directory "/srv/tgmanage/web/nms.gathering.org/api/public/">
+		AllowOverride None
+		Options +ExecCGI -MultiViews +Indexes +SymLinksIfOwnerMatch
+		Require all granted
+	</Directory>
+        <Directory "/srv/tgmanage/web/nms.gathering.org">
+                AllowOverride None
+                Options Indexes FollowSymLinks MultiViews
+                AddDefaultCharset UTF-8
+		<RequireAny>
+			AuthUserFile /srv/tgmanage/web/htpasswd-read
+	                AuthName "The Gathering Network Management System"
+        	        AuthType Basic
+			Require valid-user
+		</RequireAny>
+        </Directory>
+
+        ErrorLog /var/log/apache2/error-nms.tg16.gathering.org.log
+
+        # Possible values include: debug, info, notice, warn, error, crit,
+        # alert, emerg.
+        LogLevel warn
+
+        CustomLog /var/log/apache2/access-nms.tg16.gathering.org.log combined
+        ServerSignature On
+
+</VirtualHost>
diff --git a/misc/varnish.vcl b/misc/varnish.vcl
new file mode 100644
index 0000000..754ecbc
--- /dev/null
+++ b/misc/varnish.vcl
@@ -0,0 +1,55 @@
+# vim: ts=8:expandtab:sw=4:softtabstop=4
+
+vcl 4.0;
+
+backend default {
+    .host = "127.0.0.1";
+    .port = "8080";
+}
+
+sub vcl_recv {
+    if (req.url ~ "^/where" || req.url ~ "^/location") {
+	set req.url = "/api/public/location";
+    }
+    if (req.method != "GET" &&
+        req.method != "HEAD" &&
+        req.method != "PUT" &&
+        req.method != "POST" &&
+        req.method != "TRACE" &&
+        req.method != "OPTIONS" &&
+        req.method != "DELETE") {
+        # Vi hater alt som er gøy.
+        return (synth(418,"LOLOLOL"));
+    }
+
+    if (req.method != "GET" && req.method != "HEAD") {
+        /* We only deal with GET and HEAD by default */
+        return (pass);
+    }
+
+    # Brukes ikke. Cookies er for nubs.
+    unset req.http.Cookie;
+
+    # Tvinges gjennom for å cache med authorization-skrot.
+    return (hash);
+}
+
+
+# Rosa magi
+sub vcl_hash {
+    # Wheee. Legg til authorization-headeren i hashen.
+    hash_data(req.http.authorization);
+}
+
+# Mauve magi. Hva nå enn det er.
+# Dette er WIP - Skal flyttes til backend
+sub vcl_backend_response {
+    set beresp.http.x-url = bereq.url;
+    if (beresp.http.x-ban) {
+        ban("obj.http.x-url ~ " + beresp.http.x-ban);
+    }
+    if (beresp.status != 200) {
+        set beresp.uncacheable = false;
+        set beresp.ttl = 5s;
+    }
+}