TipAndDoc/apache2/sites-available/ssl.lab

   1 <VirtualHost *:443>
   2 #   General setup for the virtual host
   3         ServerName lab.mitty.jp
   4         ServerSignature On
   5
   6         LogLevel warn
   7         ErrorLog "|/usr/sbin/rotatelogs /var/log/apache2/ssl/error_lab_%Y%m%d_log 86400 540"
   8         CustomLog "|/usr/sbin/rotatelogs /var/log/apache2/ssl/access_lab_%Y%m%d_log 86400 540" combined
   9
  10         SSLEngine on
  11         SSLCertificateFile "/path/to/ssl/server.crt"
  12         SSLCertificateKeyFile "/path/to/ssl/server.key"
  13
  14         BrowserMatch "MSIE [2-6]" \
  15                  nokeepalive ssl-unclean-shutdown \
  16                  downgrade-1.0 force-response-1.0
  17         # MSIE 7 and newer should be able to use keepalive
  18         BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
  19
  20         DocumentRoot "/var/www/lab"
  21         <Directory />
  22                 SSLRequireSSL
  23                 Options FollowSymLinks
  24                 AllowOverride None
  25                 Order Deny,Allow
  26                 Deny from all
  27         </Directory>
  28         <Directory /var/www/lab>
  29                 Order Allow,Deny
  30                 Allow from all
  31         </Directory>
  32
  33         SetEnv HTTPS 1
  34
  35 # Alias for project independent contents
  36         <Location /static>
  37                 Order Allow,Deny
  38                 Allow from all
  39         </Location>
  40         Alias /static/trac      /var/www/trac
  41         Alias /static/svn       /home/tools/www/svn
  42         Alias /static/htdocs    /home/tools/trac/htdocs
  43
  44 # Alias for SVN
  45         RedirectMatch ^/svn$ /svn/
  46         <Location /svn/>
  47                 # Requests for a collection must have a trailing slash on the URI.
  48                 DAV svn
  49                 SVNParentPath /var/svn/lab
  50                 SVNListParentPath on
  51                 SVNIndexXSLT "/static/svn/svnindex.xsl"
  52                 <LimitExcept GET PROPFIND OPTIONS REPORT>
  53                         AuthType Basic
  54                         AuthName "Authentication for lab.mitty.jp"
  55                         AuthUserFile /home/tools/passwd/htpasswd.lab
  56                         AuthzSVNAccessFile /home/tools/passwd/svn-authz.lab
  57                         Require valid-user
  58                 </LimitExcept>
  59                 Order Allow,Deny
  60                 Allow from all
  61         </Location>
  62
  63 # Alias for Trac
  64         ScriptAlias /trac       /home/tools/trac/cgi-bin/trac.fcgi
  65         FcgidInitialEnv PYTHON_EGG_CACHE "/tmp"
  66         FcgidInitialEnv TRAC_ENV_PARENT_DIR "/var/trac/lab"
  67
  68         # increase fcgi timeout value to wait slow cgi exec
  69         FcgidIOTimeout 180
  70
  71         <Location /trac>
  72                 <LimitExcept GET>
  73                         AuthType Basic
  74                         AuthName "Authentication for lab.mitty.jp"
  75                         AuthUserFile /home/tools/passwd/htpasswd.lab
  76                         Require valid-user
  77                 </LimitExcept>
  78                 Order Allow,Deny
  79                 Allow from all
  80         </Location>
  81         <LocationMatch /trac/[^/]+/login>
  82                 Require valid-user
  83         </LocationMatch>
  84
  85 ## Trac query redirect
  86         RewriteEngine On
  87         RewriteCond %{REQUEST_METHOD} POST
  88         RewriteRule ^/trac/([^/]+)/query$ - [L]
  89
  90         RewriteCond %{QUERY_STRING} ^$
  91         RewriteCond %{HTTP_COOKIE} !trac_auth=
  92         RewriteRule ^/trac/([^/]+)/query$ /trac/$1/query?status=!&group=component [R,L]
  93
  94         RewriteCond %{QUERY_STRING} ^$
  95         RewriteCond %{HTTP_COOKIE} trac_auth=
  96         RewriteRule ^/trac/([^/]+)/query$ /trac/$1/query?status=!closed&group=component [R,L]
  97
  98 </VirtualHost>