Sophie

Sophie

distrib > Fedora > 18 > i386 > by-pkgid > b66a28e5c20501b3b439bb3dba41f049 > files > 1

lcgdm-dav-server-0.12.2-1.fc18.i686.rpm

#
# This is the Apache configuration for the dmlite DAV.
#
# The first part of the file configures all the required options common to all
# VirtualHosts. The actual VirtualHost instances are defined at the end of this file.
#

# Static content
Alias /static/ /usr/share/lcgdm-dav/
<Location "/static">
  <IfModule expires_module>
    ExpiresActive On
    ExpiresDefault "access plus 1 month"
  </IfModule>
</Location>

# Compress text output (i.e. directory listings)
# This can reduce really _a_lot_ the response time for big directories.
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css

# Load all required modules for our own
<IfModule !mime_magic_module>
  LoadModule mime_magic_module  /usr/lib/httpd/modules/mod_mime_magic.so
</IfModule>
<IfModule !dav_module>
  LoadModule dav_module         /usr/lib/httpd/modules/mod_lcgdm_dav.so
</IfModule>

# Alias for the delegation
ScriptAlias /gridsite-delegation "/usr/libexec/gridsite/cgi-bin/gridsite-delegation.cgi"

# The location of the base dmlite configuration file
NSDMLite /etc/dmlite.conf

# Is this a DPM Head Node or a LFC?
NSType DPM

# Base path for nameserver requests
<LocationMatch "^/dpm.*">

  LoadModule lcgdm_ns_module      /usr/lib/httpd/modules/mod_lcgdm_ns.so

  # Enable LCGDM DAV here
  DAV nameserver

  # None, one or several flags
  # Write   Enable write access
  # NoAuthn Disables user authentication
  NSFlags

  # Use this user for anonymous access
  # It has to be in the mapfile!
  NSAnon nobody

  # On redirect, maximum number of replicas in the URL
  # (Used only by LFC)
  NSMaxReplicas 3

  # Redirect using SSL or plain HTTP? Default is On
  NSSecureRedirect On

  # List of trusted DN (as X509 Subject).
  # This DN can act on behalf of other users using the HTTP headers:
  # X-Auth-Dn
  # X-Auth-FqanN (Can be specified multiple times, with N starting on 0, and incrementing)
  # NSTrustedDNS "/DC=ch/DC=cern/OU=computers/CN=trusted-host.cern.ch"

  # If mod_gridsite does not give us information about the certificate, this
  # enables mod_ssl to pass environment variables that can be used by mod_lcgdm_ns
  # to get the user's DN.
  SSLOptions +StdEnvVars

</LocationMatch>

DiskDMLite /etc/dmlite.conf

# Filesystem location
<LocationMatch "^/(?!(dpm|static|icons)).*">

  LoadModule lcgdm_disk_module    /usr/lib/httpd/modules/mod_lcgdm_disk.so

  # Enable LCGDM DAV here
  DAV disk

  # None, one or several flags
  # Write      Enable write access
  # RemoteCopy Allow the COPY method
  # NoAuthn    Disables user authentication
  DiskFlags

  # Use this user for anonymous access
  # It has to be in the mapfile!
  DiskAnon nobody

  # Delegation service. If it does not start with http:/https:,
  # https will be assumed, and the host name appended.
  DiskProxyDelegationService /gridsite-delegation

  # Where delegation proxies are stored. This is hard-coded in the GridSite
  # CGI, it allways has to be DocumentRoot/../proxycache
  DiskProxyCache /var/www/proxycache

  # If mod_gridsite does not give us information about the certificate, this
  # enables mod_ssl to pass environment variables that can be used by mod_lcgdm_ns
  # to get the user's DN.
  SSLOptions +StdEnvVars

</LocationMatch>

# 
# This is the plain HTTP LCGDM DAV VirtualHost.
#
<VirtualHost *:80>

</VirtualHost>

# 
# This is the SSL enabled LCGDM DAV VirtualHost.
# WARN: If the _default_ VirtualHost is already defined in ssl.conf or in another
# module file, they will have priority over the definition below, and the frontend
# might not work as expected.
#
Listen 443

<VirtualHost *:443>

  LoadModule ssl_module modules/mod_ssl.so

  # To use the LCGDM DAV module you need to enable the SSL directives below.
  # WARN: Check warning above related to SSL directives and the VirtualHost in ssl.conf.
  <IfModule ssl_module>

    LoadModule gridsite_module  /usr/lib/httpd/modules/mod_gridsite.so

    SSLEngine	on
    SSLProtocol all -SSLv2

    # Certificates and CAs
    SSLCertificateFile		/etc/grid-security/hostcert.pem
    SSLCertificateKeyFile	/etc/grid-security/hostkey.pem
    SSLCACertificatePath 	/etc/grid-security/certificates
    SSLCARevocationPath		/etc/grid-security/certificates

    # This improves HTTPS performance when the client disables encryption
    SSLCipherSuite 	NULL-MD5:NULL:RC4-MD5:RC4:+LOW:+MEDIUM:+HIGH:+EXP
    SSLHonorCipherOrder on

    # Client verification should be at least optional (see ssl.conf for more information)
    SSLVerifyClient require
    SSLVerifyDepth  10
 
    # Logging
    ErrorLog	logs/ssl_error_log
    TransferLog	logs/ssl_transfer_log
    LogLevel	warn
    CustomLog	logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

  </IfModule>

</VirtualHost>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional