From 09ea945c3908fd42e90eb64c194d9af11d174206 Mon Sep 17 00:00:00 2001 From: Kristian Lyngstol Date: Tue, 12 Apr 2016 18:01:32 +0200 Subject: Actual initial import Fetched from tgmanage. --- misc/apache2.conf | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ misc/varnish.vcl | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 111 insertions(+) create mode 100644 misc/apache2.conf create mode 100644 misc/varnish.vcl (limited to 'misc') diff --git a/misc/apache2.conf b/misc/apache2.conf new file mode 100644 index 0000000..08471e0 --- /dev/null +++ b/misc/apache2.conf @@ -0,0 +1,56 @@ + + ServerAdmin drift@gathering.org + ServerName nms.tg16.gathering.org + ServerAlias nms.tg16.gathering.org + + DocumentRoot /srv/tgmanage/web/nms.gathering.org + ScriptAlias /api/write/ /srv/tgmanage/web/nms.gathering.org/api/write/ + ScriptAlias /api/read/ /srv/tgmanage/web/nms.gathering.org/api/read/ + ScriptAlias /api/public/ /srv/tgmanage/web/nms.gathering.org/api/public/ + + AllowOverride None + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch + + AuthUserFile /srv/tgmanage/web/htpasswd-write + AuthName "Tech:Server Secret Volcano Lair" + AuthType Basic + Require valid-user + + + + AllowOverride None + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch + + AuthUserFile /srv/tgmanage/web/htpasswd-read + AuthName "The Gathering Network Management System" + AuthType Basic + Require valid-user + + + + AllowOverride None + Options +ExecCGI -MultiViews +Indexes +SymLinksIfOwnerMatch + Require all granted + + + AllowOverride None + Options Indexes FollowSymLinks MultiViews + AddDefaultCharset UTF-8 + + AuthUserFile /srv/tgmanage/web/htpasswd-read + AuthName "The Gathering Network Management System" + AuthType Basic + Require valid-user + + + + ErrorLog /var/log/apache2/error-nms.tg16.gathering.org.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/access-nms.tg16.gathering.org.log combined + ServerSignature On + + diff --git a/misc/varnish.vcl b/misc/varnish.vcl new file mode 100644 index 0000000..754ecbc --- /dev/null +++ b/misc/varnish.vcl @@ -0,0 +1,55 @@ +# vim: ts=8:expandtab:sw=4:softtabstop=4 + +vcl 4.0; + +backend default { + .host = "127.0.0.1"; + .port = "8080"; +} + +sub vcl_recv { + if (req.url ~ "^/where" || req.url ~ "^/location") { + set req.url = "/api/public/location"; + } + if (req.method != "GET" && + req.method != "HEAD" && + req.method != "PUT" && + req.method != "POST" && + req.method != "TRACE" && + req.method != "OPTIONS" && + req.method != "DELETE") { + # Vi hater alt som er gøy. + return (synth(418,"LOLOLOL")); + } + + if (req.method != "GET" && req.method != "HEAD") { + /* We only deal with GET and HEAD by default */ + return (pass); + } + + # Brukes ikke. Cookies er for nubs. + unset req.http.Cookie; + + # Tvinges gjennom for å cache med authorization-skrot. + return (hash); +} + + +# Rosa magi +sub vcl_hash { + # Wheee. Legg til authorization-headeren i hashen. + hash_data(req.http.authorization); +} + +# Mauve magi. Hva nå enn det er. +# Dette er WIP - Skal flyttes til backend +sub vcl_backend_response { + set beresp.http.x-url = bereq.url; + if (beresp.http.x-ban) { + ban("obj.http.x-url ~ " + beresp.http.x-ban); + } + if (beresp.status != 200) { + set beresp.uncacheable = false; + set beresp.ttl = 5s; + } +} -- cgit v1.2.3