#
# koji-hub is an xmlrpc interface to the Koji database
#

Alias /kojihub /usr/share/koji-hub/kojixmlrpc.py

<Directory "/usr/share/koji-hub">
    Options ExecCGI
    SetHandler wsgi-script
    WSGIApplicationGroup %{GLOBAL}
    # ^ works around a hub issue with OpenSSL
    # see: https://cryptography.io/en/latest/faq/#starting-cryptography-using-mod-wsgi-produces-an-internalerror-during-a-call-in-register-osrandom-engine
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
</Directory>

# Support for mod_python is DEPRECATED. If you still need mod_python support,
# then use the following directory settings instead:
#
# <Directory "/usr/share/koji-hub">
#         SetHandler mod_python
#         PythonHandler kojixmlrpc
#         PythonOption ConfigFile /etc/koji-hub/hub.conf
#         PythonDebug Off
#         PythonAutoReload Off
# </Directory>

# Also serve /mnt/koji
Alias /kojifiles "/mnt/koji/"

<Directory "/mnt/koji">
    Options Indexes SymLinksIfOwnerMatch
    #If your top /mnt/koji directory is not owned by the httpd user, then
    #you will need to follow all symlinks instead, e.g.
    #Options Indexes FollowSymLinks
    AllowOverride None
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
</Directory>

# uncomment this to enable authentication via SSL client certificates
# <Location /kojihub/ssllogin>
#         SSLVerifyClient require
#         SSLVerifyDepth  10
#         SSLOptions +StdEnvVars
# </Location>

# If you need to support koji < 1.4.0 clients using SSL authentication, then use the following instead:
# <Location /kojihub>
#         SSLOptions +StdEnvVars
# </Location>
# In this case, you will need to enable these options globally (in ssl.conf):
# SSLVerifyClient require
# SSLVerifyDepth  10