From: Michael Orlitzky Date: Thu, 15 Oct 2015 00:50:30 +0000 (-0400) Subject: app-backup/backuppc: working apache-2.4 ebuild. X-Git-Url: https://gitweb.michael.orlitzky.com/?a=commitdiff_plain;h=f56b949a280e3bab62716891d40d924c2523fca6;p=mjo-overlay.git app-backup/backuppc: working apache-2.4 ebuild. --- diff --git a/app-backup/backuppc/Manifest b/app-backup/backuppc/Manifest index cee7799..4fcd58c 100644 --- a/app-backup/backuppc/Manifest +++ b/app-backup/backuppc/Manifest @@ -1 +1,9 @@ -DIST BackupPC-3.3.0.tar.gz 554155 SHA256 8a9c1b6faa4502b4c40617be97e806813815d9e22544854d99983c3da7c1f69b SHA512 67ec1ca4d22ab1e81f9c0f409c758347a6c772e3d1aa39c93207f9d328176ac7b4e679d0b03972fc5870c37dde0480d28c61ae19975d54e144235ea0e84e9901 WHIRLPOOL 23a9ce5dd600843cea72354e1afe595e3779f883839f8d3feca7f1355ed20048026090097ddfbcf394632672b42bef4884bc6661203542d6fe2c6bc2e8ad7b96 +AUX 3.2.0/04-add-docdir-marker.patch 470 SHA256 9236caf66f1d5cd607ced53173cd127d49bfacb08212e93e0beff37ad80cc4bb SHA512 82b3fbb9c86405f2d8ab12f0a8de21d4b793ec012bfb1cd0fb3a51b769c3d29cfda1adf1b701826fd3e36e0a8aaf10b84b75643620b6512bd2351bbe768fc636 WHIRLPOOL 3526872a7f3ee121791624f4ba8c19a9cbbf899813ec832e2bcb6da77b9e936c845f893e9665d038d918802cc99fee92712737df12d734a411c118a97376d2ed +AUX 3.2.0/05-nicelevel.patch 756 SHA256 a707a592754fadc92a769a488518b355468afa8d57a280e29adff4e8c4384566 SHA512 b33fe04ba54c8d28c51a3c2d85b13e204db9a7f4f193d25888c168234f6fbe6f02a49403b7097f056d7ab8495cddaf457f1776d64bcc84188d2d67e8ea77c1f6 WHIRLPOOL bf6150e8e4c149762c0b53ac79d591215f2594eaeabb1408c6bc432653a5b713bf5894e94d4480eb765be10a3b7a9294f87994e022529e750e19ebe68f4ce746 +AUX 3.3.0/01-fix-configure.pl.patch 1098 SHA256 54b7371fd3f68a9d3dde5f06b93992aa3c5a17f0d759c7b674fa7a640b461d43 SHA512 532b88689e50c0a399b42a3264975e1fc71a97b9edfd60faf5e94d0bfad972717c380b8925ca4d7df1e402b13f7104082a57bbecd3fbf74113c6f0e4d0990584 WHIRLPOOL 1eb3dcc5bae154a02132a55c80142196dd98f932678df73cdb88b2fafaa3cc88d9583cee21046794f7e6eeb24573d4d6258fd6bcf84ac0a2da45ae4c613d639f +AUX 3.3.0/02-fix-config.pl-formatting.patch 23353 SHA256 9f68c0b8b0e9ce8e2a5b9498dfd553368eac78ce0c942340f7bcdbdf5725e542 SHA512 0999f7b7f5ae29435e2b833082d69c5244c44fb0a64b7b7531647bd33134b70b99492f594ae33efa32cf69922a05fcbc086152373c697eb8858297d44c149a64 WHIRLPOOL 1f0ab6cbe64dffacfce78135b7a6a4b897047ef525fef418c0be726dfe66fd3c47ca99ec3b530837927b1c6b68eb7ab016bbe06626619f25b8bb0fd4bd2afe49 +AUX 3.3.0/03-reasonable-config.pl-defaults.patch 1206 SHA256 bad0508f0a4d030a018774aebb39952acbbba5d8955b7453bf98999dd19d0d2b SHA512 317f5aab5eebe31a7f1c938b4dfbb4f8ebc20bb42ccc5cd17307e21aacfd581cb1e4be9bef372cdde048c4958577e72cc1477f462e820c60f2b25bdd9b6cd0ec WHIRLPOOL cdbfc81ba43438c0a1aaa59e4e286fae4f93a851c290b3eee16d036185093872039fea461e7e7c35e55c7112575d0c37146e7a3592d6ce1314ea9d3db893197a +AUX 99_backuppc.conf 718 SHA256 13b0e98b8a306de5b32330b53840a1a1e07c48f62aa6544fea5167fae3fed04f SHA512 cb68dfbb635564740428850ea3f026ebc0b8e22b2bca52640b2f367e5487fa205b00ec82e4e192b311e2886686b81f9ea52de54886994c6cce1cd154937fa0ee WHIRLPOOL 2d9abe48f24ffeabedaafb37e0219b4b6e1e044b195ae32c8afedabaf57188db5709dff5c992f3102bdb1e3724f25c496e08975d861a3beb378df0cb0c4d005c +DIST BackupPC-3.3.1.tar.gz 556461 SHA256 c9cc4aec28a7474a68d40f4bc460ff15140e05c96900c7f98ff3ef06c4f6ae4c SHA512 b6bb9de3103c5062098d80755055b7461ae9133a4a46a66b3d0af89d081086571694db1898e7d85880defa15b030bad522812116ae5361c0fbde90b877d139c6 WHIRLPOOL 1d895f530932fc1287cde9db584befc6ca0850b5841cc4e60927442d0db662ec092bda4efa4953650d3bfa13deb6e9fafa25c10f82e19b39c67969bb4e143bac +EBUILD backuppc-3.3.1.ebuild 5054 SHA256 65c66019fb0dfcc28ce33a903d3cdf353f4e671960cedf01a3ec08185ebc5b20 SHA512 f5607cce7d0f3c49bae649e4ff8d04c6a566ee15312aeb213401db3ce4d84cccc9a12141b9bb158b5f30cc6264b3877bb00697d60b793e3430b938cf0bc88d4f WHIRLPOOL 8530f4caa3c5e93e32f7ed7137878cf26c3c670cd88141f13ce1ed273e9226ee7012ff4f91b4891f7229b1f6e26b77ec5e7e7cad5a750a4881837c94d6c14678 +MISC metadata.xml 242 SHA256 b630012db9753fd117d5bac61bfd4b7b5cdcb0dc73959d71c7a7fc2a4cd50482 SHA512 df6aec7c9faa5a2c297188f3f5b9832a366d89e7a3ebd054233ded64d41c266bbaf53884a5ffd93eb01c7fe1ba9627d049205c39d8e7b953dea9e339b9c626d2 WHIRLPOOL 751e2747c783e5a011d531f3b14b25917ee254da08504f4fea634b5009b6c181817d6ba3a9625bb6d05031b6d2ab5702c1beade2f3e8e8c6743e269a5be5ba2e diff --git a/app-backup/backuppc/backuppc-3.3.1.ebuild b/app-backup/backuppc/backuppc-3.3.1.ebuild index e479b09..1bf036d 100644 --- a/app-backup/backuppc/backuppc-3.3.1.ebuild +++ b/app-backup/backuppc/backuppc-3.3.1.ebuild @@ -1,22 +1,26 @@ -# Copyright 1999-2014 Gentoo Foundation +# Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Id$ -EAPI="5" +EAPI=5 -inherit eutils systemd webapp user +inherit depend.apache eutils user MY_P="BackupPC-${PV}" -DESCRIPTION="A high-performance system for backing up computers to a server's disk" +DESCRIPTION="High-performance backups to a server's disk" HOMEPAGE="http://backuppc.sourceforge.net/" SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" LICENSE="GPL-2" -KEYWORDS="amd64 x86" +KEYWORDS="~amd64 ~x86" IUSE="rss samba" +APACHE_MODULES="apache2_modules_alias," +APACHE_MODULES+="apache2_modules_unixd," +APACHE_MODULES+="apache2_modules_authz_user" + DEPEND="dev-lang/perl app-admin/apache-tools app-admin/makepasswd" @@ -30,23 +34,28 @@ RDEPEND="${DEPEND} app-arch/bzip2 virtual/mta www-apache/mod_perl - www-servers/apache + www-apache/mpm_itk + || ( >=www-servers/apache-2.4[${APACHE_MODULES},apache2_modules_cgi] + >=www-servers/apache-2.4[${APACHE_MODULES},apache2_modules_cgid] + >=www-servers/apache-2.4[${APACHE_MODULES},apache2_modules_fcgid] ) net-misc/rsync >=dev-perl/File-RsyncP-0.68 rss? ( dev-perl/XML-RSS ) samba? ( net-fs/samba )" -WEBAPP_MANUAL_SLOT="yes" +need_apache2_4 + SLOT="0" -S=${WORKDIR}/${MY_P} +S="${WORKDIR}/${MY_P}" +CGIDIR="/usr/lib/backuppc/htdocs" CONFDIR="/etc/BackupPC" DATADIR="/var/lib/backuppc" +DOCDIR="/usr/share/doc/${PF}" LOGDIR="/var/log/BackupPC" pkg_setup() { - webapp_pkg_setup enewgroup backuppc enewuser backuppc -1 /bin/bash /var/lib/backuppc backuppc } @@ -56,21 +65,15 @@ src_prepare() { epatch "${FILESDIR}/3.3.0/02-fix-config.pl-formatting.patch" epatch "${FILESDIR}/3.3.0/03-reasonable-config.pl-defaults.patch" - # Fix the documentation location in the CGI interface epatch "${FILESDIR}/3.2.0/04-add-docdir-marker.patch" - sed -i "s+__DOCDIR__+/usr/share/doc/${PF}+" "lib/BackupPC/CGI/View.pm" - epatch "${FILESDIR}/3.2.0/05-nicelevel.patch" - sed -i -e 's/--chuid ${USER}//' "${S}"/init.d/src/gentoo-backuppc || die "Failed to fix the init script" -} -src_test() { - true + # Fix docs location using the marker that we've patched in. + sed -i "s+__DOCDIR__+${DOCDIR}+" "lib/BackupPC/CGI/View.pm" \ + || die "failed to sed the documentation location" } src_install() { - webapp_src_preinst - local myconf myconf="" if use samba ; then @@ -90,15 +93,15 @@ src_install() { --bin-path hostname=$(type -p hostname) \ --bin-path gzip=$(type -p gzip) \ --bin-path bzip2=$(type -p bzip2) \ - --config-dir ${CONFDIR} \ + --config-dir "${CONFDIR}" \ --install-dir /usr \ - --data-dir ${DATADIR} \ - --hostname $(hostname) \ + --data-dir "${DATADIR}" \ + --hostname 127.0.0.1 \ --uid-ignore \ --dest-dir "${D%/}" \ - --html-dir ${MY_HTDOCSDIR}/image \ + --html-dir "${CGIDIR}"/image \ --html-dir-url /image \ - --cgi-dir ${MY_HTDOCSDIR} \ + --cgi-dir "${CGIDIR}" \ --fhs \ ${myconf} || die "failed the configure.pl script" @@ -108,100 +111,67 @@ src_install() { -errors=none \ --section=8 \ --center="BackupPC manual" \ - "${S}"/doc/BackupPC.pod backuppc.8 || die "failed to generate man page" + "${S}"/doc/BackupPC.pod backuppc.8 \ + || die "failed to generate man page" doman backuppc.8 # Place the documentation in the correct location dodoc "${D}/usr/doc/BackupPC.html" dodoc "${D}/usr/doc/BackupPC.pod" - rm -rf "${D}/usr/doc" + rm -rf "${D}/usr/doc" || die eend 0 # Setup directories - dodir ${CONFDIR}/pc + dodir "${CONFDIR}/pc" - keepdir ${CONFDIR} - keepdir ${CONFDIR}/pc - keepdir ${DATADIR}/{trash,pool,pc,cpool} - keepdir ${LOGDIR} + keepdir "${CONFDIR}" + keepdir "${CONFDIR}/pc" + keepdir "${DATADIR}"/{trash,pool,pc,cpool} + keepdir "${LOGDIR}" ebegin "Setting up init.d/conf.d/systemd scripts" newinitd "${S}"/init.d/gentoo-backuppc backuppc newconfd "${S}"/init.d/gentoo-backuppc.conf backuppc - systemd_dounit "${FILESDIR}/${PN}.service" - eend 0 - - ebegin "Setting up an apache instance for backuppc" - - cp "${FILESDIR}/apache2-backuppc."{conf,init} "${WORKDIR}/" - cp "${FILESDIR}/httpd.conf" "${WORKDIR}/httpd.conf" - sed -i -e "s+HTDOCSDIR+${MY_HTDOCSDIR}+g" "${WORKDIR}/httpd.conf" - sed -i -e "s+AUTHFILE+${CONFDIR}/users.htpasswd+g" "${WORKDIR}/httpd.conf" - - moduledir="/usr/lib/apache2/modules" - - # Check if the Apache ServerRoot is real. - # This is sometimes broken on older amd64 systems. - # In this case we just patch our config file appropriately. - if [[ ! -d "/usr/lib/apache2" ]]; then - if [[ -d "/usr/lib64/apache2" ]]; then - sed -i -e "s+/usr/lib/apache2+/usr/lib64/apache2+g" "${WORKDIR}/httpd.conf" - sed -i -e "s+/usr/lib/apache2+/usr/lib64/apache2+g" "${WORKDIR}/apache2-backuppc.conf" - moduledir="/usr/lib64/apache2/modules" - fi - fi - - # Check if we're using mod_cgid instead of mod_cgi - # This happens if you install apache with USE="threads" - if [[ -f "${moduledir}/mod_cgid.so" ]]; then - sed -i -e "s+mod_cgi+mod_cgid+g" "${WORKDIR}/httpd.conf" - sed -i -e "s+cgi_module+cgid_module+g" "${WORKDIR}/httpd.conf" - fi - - # Install conf.d/init.d files for apache2-backuppc - if [ -e /etc/init.d/apache2 ]; then - newconfd "${WORKDIR}/apache2-backuppc.conf" apache2-backuppc - newinitd /etc/init.d/apache2 apache2-backuppc - else - newconfd "${WORKDIR}/apache2-backuppc.conf" apache2-backuppc - newinitd "${WORKDIR}/apache2-backuppc.init" apache2-backuppc - fi - insopts -m 0644 - insinto ${CONFDIR} - doins "${WORKDIR}/httpd.conf" - - eend $? - - webapp_src_install || die "webapp_src_install" + insinto "${APACHE_MODULES_CONFDIR}" + doins "${FILESDIR}"/99_backuppc.conf # Make sure that the ownership is correct - chown -R backuppc:backuppc "${D}${CONFDIR}" - chown -R backuppc:backuppc "${D}${DATADIR}" - chown -R backuppc:backuppc "${D}${LOGDIR}" + chown -R backuppc:backuppc "${D}${CONFDIR}" || die + chown -R backuppc:backuppc "${D}${DATADIR}" || die + chown -R backuppc:backuppc "${D}${LOGDIR}" || die } pkg_postinst() { - # This is disabled since BackupPC doesn't need it - # webapp_pkg_postinst - - elog "Installation finished, now may now start using BackupPC." - elog "" + elog "Installation finished, you may now start using BackupPC." + elog elog "- Read the documentation in /usr/share/doc/${PF}/BackupPC.html" elog " Please pay special attention to the security section." - elog "" - elog "- You can launch backuppc and it's apache web interface by running:" - elog " # /etc/init.d/backuppc start" - elog " # /etc/init.d/apache2-backuppc start" - - if [[ ! -e /etc/runlevels/default/backuppc ]]; then - elog "" - elog "- You also might want to add these scripts to your default runlevel:" - elog " # rc-update add backuppc default" - elog " # rc-update add apache2-backuppc default" - fi + elog + elog "- You can launch backuppc by running:" + elog + elog " # /etc/init.d/backuppc start" + elog + elog "- To enable the GUI, first edit ${ROOT}etc/conf.d/apache2 and add," + elog + elog " \"-D BACKUPPC -D PERL -D MPM_ITK\"" + elog + elog " to the APACHE2_OPTS line." + elog + elog " Then you must edit ${ROOT}etc/apache2/modules.d/00_mpm_itk.conf" + elog " and adjust the values of LimitUIDRange/LimitGIDRange to include" + elog " the UID and GID of the backuppc user." + elog + elog " Finally, start apache:" + elog + elog " # /etc/init.d/apache2 start" + elog + elog " The web interface should now be running on," + elog + elog " http://127.0.0.1:8080/" + elog # Generate a new password if there's no auth file if [[ ! -f "${CONFDIR}/users.htpasswd" ]]; then @@ -212,12 +182,7 @@ pkg_postinst() { elog "" elog "- Created admin user $adminuser with password $adminpass" elog " To add new users, run: " + elog "" elog " # htpasswd ${CONFDIR}/users.htpasswd newUser" fi - - if [[ -d "/etc/backuppc" ]]; then - ewarn "" - ewarn "Detected old config directory in /etc/backuppc" - ewarn "Please migrate relevant config files to ${CONFDIR} before starting backuppc" - fi } diff --git a/app-backup/backuppc/files/99_backuppc.conf b/app-backup/backuppc/files/99_backuppc.conf new file mode 100644 index 0000000..eae766e --- /dev/null +++ b/app-backup/backuppc/files/99_backuppc.conf @@ -0,0 +1,32 @@ + + + +Listen 8080 + + AssignUserId backuppc backuppc + DocumentRoot "/usr/lib/backuppc/htdocs/" + RedirectMatch ^/$ /BackupPC_Admin + + + AuthType Basic + AuthName "BackupPC Community Edition Administrative Interface" + AuthUserFile "/etc/BackupPC/users.htpasswd" + Options ExecCGI + Require valid-user + Require host 127.0.0.1 + + + + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + PerlOptions +ParseHeaders + + + + Require all granted + Options -ExecCGI + + + + + diff --git a/app-backup/backuppc/files/httpd.conf b/app-backup/backuppc/files/httpd.conf deleted file mode 100644 index 00493d8..0000000 --- a/app-backup/backuppc/files/httpd.conf +++ /dev/null @@ -1,332 +0,0 @@ -# This is a modification of the default Apache 2.2 configuration file -# for Gentoo Linux. -# -# Support: -# http://www.gentoo.org/main/en/lists.xml [mailing lists] -# http://forums.gentoo.org/ [web forums] -# irc://irc.freenode.net#gentoo-apache [irc chat] -# -# Bug Reports: -# http://bugs.gentoo.org [gentoo related bugs] -# http://httpd.apache.org/bug_report.html [apache httpd related bugs] -# -# -# This is the main Apache HTTP server configuration file. It contains the -# configuration directives that give the server its instructions. -# See for detailed information. -# In particular, see -# -# for a discussion of each configuration directive. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log" -# with ServerRoot set to "/usr" will be interpreted by the -# server as "/usr/var/log/apache2/foo.log". - -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# Do not add a slash at the end of the directory path. If you point -# ServerRoot at a non-local disk, be sure to point the LockFile directive -# at a local disk. If you wish to share the same ServerRoot for multiple -# httpd daemons, you will need to change at least LockFile and PidFile. -ServerRoot "/usr/lib/apache2" - -# Dynamic Shared Object (DSO) Support -# -# To be able to use the functionality of a module which was built as a DSO you -# have to place corresponding `LoadModule' lines at this location so the -# directives contained in it are actually available _before_ they are used. -# Statically compiled modules (those listed by `httpd -l') do not need -# to be loaded here. -# -# Example: -# LoadModule foo_module modules/mod_foo.so -# -# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable. -# Do not change manually, it will be overwritten on upgrade. -# -# The following modules are considered as the default configuration. -# If you wish to disable one of them, you may have to alter other -# configuration directives. -# -# Change these at your own risk! - -LoadModule actions_module modules/mod_actions.so -LoadModule alias_module modules/mod_alias.so -LoadModule auth_basic_module modules/mod_auth_basic.so - -LoadModule auth_digest_module modules/mod_auth_digest.so - -LoadModule authn_anon_module modules/mod_authn_anon.so -LoadModule authn_dbm_module modules/mod_authn_dbm.so -LoadModule authn_default_module modules/mod_authn_default.so -LoadModule authn_file_module modules/mod_authn_file.so -LoadModule authz_dbm_module modules/mod_authz_dbm.so -LoadModule authz_default_module modules/mod_authz_default.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_owner_module modules/mod_authz_owner.so -LoadModule authz_user_module modules/mod_authz_user.so -LoadModule autoindex_module modules/mod_autoindex.so - -LoadModule cache_module modules/mod_cache.so - -LoadModule cgi_module modules/mod_cgi.so -LoadModule deflate_module modules/mod_deflate.so -LoadModule dir_module modules/mod_dir.so - -LoadModule disk_cache_module modules/mod_disk_cache.so - -LoadModule env_module modules/mod_env.so -LoadModule expires_module modules/mod_expires.so -LoadModule ext_filter_module modules/mod_ext_filter.so - -LoadModule file_cache_module modules/mod_file_cache.so - -LoadModule filter_module modules/mod_filter.so -LoadModule headers_module modules/mod_headers.so -LoadModule include_module modules/mod_include.so - -LoadModule info_module modules/mod_info.so - -LoadModule log_config_module modules/mod_log_config.so -LoadModule logio_module modules/mod_logio.so - -LoadModule mem_cache_module modules/mod_mem_cache.so - -LoadModule mime_module modules/mod_mime.so -LoadModule mime_magic_module modules/mod_mime_magic.so -LoadModule negotiation_module modules/mod_negotiation.so - -LoadModule proxy_module modules/mod_proxy.so - - -LoadModule proxy_ajp_module modules/mod_proxy_ajp.so - - -LoadModule proxy_balancer_module modules/mod_proxy_balancer.so - - -LoadModule proxy_connect_module modules/mod_proxy_connect.so - - -LoadModule proxy_http_module modules/mod_proxy_http.so - -LoadModule rewrite_module modules/mod_rewrite.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule speling_module modules/mod_speling.so - -LoadModule ssl_module modules/mod_ssl.so - - -LoadModule status_module modules/mod_status.so - - -LoadModule suexec_module modules/mod_suexec.so - -LoadModule unique_id_module modules/mod_unique_id.so - -LoadModule userdir_module modules/mod_userdir.so - -LoadModule usertrack_module modules/mod_usertrack.so -LoadModule vhost_alias_module modules/mod_vhost_alias.so - -# -# HostnameLookups: Log the names of clients or just their IP addresses -# e.g., www.apache.org (on) or 204.62.129.132 (off). -# The default is off because it'd be overall better for the net if people -# had to knowingly turn this feature on, since enabling it means that -# each client request will result in AT LEAST one lookup request to the -# nameserver. -# -HostnameLookups Off - -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# It is usually good practice to create a dedicated user and group for -# running httpd, as with most system services. -User backuppc -Group backuppc - -# Supplemental configuration -# -# Most of the configuration files in the /etc/apache2/modules.d/ directory can -# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features -# or to modify the default configuration of the server. -# -# To know which flag to add to APACHE2_OPTS, look at the first line of the -# the file, which will usually be an where OPTION is the -# flag to use. - -Include /etc/apache2/modules.d/*.conf - -# Unique lock file -LockFile /var/lock/apache-backuppc.lock - -# Very important for init script -# Unique process ID file -PidFile /var/run/apache-backuppc.pid - -# Unique scoreboard file -ScoreBoardFile /var/run/apache-backuppc.scoreboard - -# Common document root - - - -# Common document root -DocumentRoot HTDOCSDIR -# see bug #178966 why this is in here - -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, instead of the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses. -# -#Listen 12.34.56.78:80 -Listen 80 - -# Use name-based virtual hosting. -NameVirtualHost *:80 - -# When virtual hosts are enabled, the main host defined in the default -# httpd.conf configuration will go away. We redefine it here so that it is -# still available. -# -# If you disable this vhost by removing -D DEFAULT_VHOST from -# /etc/conf.d/apache2, the first defined virtual host elsewhere will be -# the default. - - ServerName backuppc - - # Redirect requests to "/" to the CGI script - RedirectMatch "^/$" /BackupPC_Admin - - - - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L] - - ## SSL Engine Switch: - # Enable/Disable SSL for this virtual host. - SSLEngine on - SSLOptions +StrictRequire - - ## SSL Cipher Suite: - # List the ciphers that the client is permitted to negotiate. - # See the mod_ssl documentation for a complete list. - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - - ## Server Certificate: - # Point SSLCertificateFile at a PEM encoded certificate. If the certificate - # is encrypted, then you will be prompted for a pass phrase. Note that a - # kill -HUP will prompt again. Keep in mind that if you have both an RSA - # and a DSA certificate you can configure both in parallel (to also allow - # the use of DSA ciphers, etc.) - SSLCertificateFile /etc/ssl/apache2/server.crt - - ## Server Private Key: - # If the key is not combined with the certificate, use this directive to - # point at the key file. Keep in mind that if you've both a RSA and a DSA - # private key you can configure both in parallel (to also allow the use of - # DSA ciphers, etc.) - SSLCertificateKeyFile /etc/ssl/apache2/server.key - - SSLOptions +StdEnvVars - - - ## ssl-accurate-shutdown: - # This forces an accurate shutdown when the connection is closed, i.e. a - # SSL close notify alert is send and mod_ssl waits for the close notify - # alert of the client. This is 100% SSL/TLS standard compliant, but in - # practice often causes hanging connections with brain-dead browsers. Use - # this only for browsers where you know that their SSL implementation works - # correctly. - # Notice: Most problems of broken clients are also related to the HTTP - # keep-alive facility, so you usually additionally want to disable - # keep-alive for those clients, too. Use variable "nokeepalive" for this. - # Similarly, one has to force some clients to use HTTP/1.0 to workaround - # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and - # "force-response-1.0" for this. - - BrowserMatch ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - - - ## Per-Server Logging: - # The home of a custom SSL log file. Use this when you want a compact - # non-error SSL logfile on a virtual host basis. - - CustomLog /var/log/apache2/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - - - - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.2/mod/core.html#options - # for more information. - Options Indexes FollowSymLinks - - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # Options FileInfo AuthConfig Limit - AllowOverride None - - - - SSLOptions +StdEnvVars - - - - SetHandler perl-script - PerlResponseHandler ModPerl::Registry - PerlOptions +ParseHeaders - Options +ExecCGI - - Order allow,deny - Allow from all - - AuthName "Backup Admin" - AuthType Basic - AuthUserFile AUTHFILE - Require valid-user - - - - SetHandler None - Options Indexes FollowSymLinks - Order allow,deny - Allow from all - - - - - ServerEnvironment backuppc backuppc - - - - - -# vim: ts=4 filetype=apache