[packages/eventum.git] / eventum-lighttpd.conf

#
# This config provides two kinds of configuration, for url based ("/eventum")
# and vhost based ("http://eventum.example.org").
#
# To use one of the configurations uncomment the other.

# To redirect all http requests to https server:
#$SERVER["socket"] == ":80" {
#	$HTTP["host"] == "eventum.example.org" {
#		server.name = "eventum.example.org"
#		url.redirect = ( "^/(.*)" => "https://eventum.example.org/$1" )
#	}
#}

# HTTP Strict Transport Security (HSTS) headers on https addresses
#$SERVER["socket"] == ":443" {
#	# HSTS (mod_setenv is required) (15768000 seconds = 6 months)
#	setenv.add-response-header += ( "Strict-Transport-Security" => "max-age=15768000" )
#}

# running as alias, part 1
alias.url += (
	"/eventum" => "/usr/share/eventum/htdocs",
)

# running as separate vhost, part 1
#$HTTP["host"] == "eventum.example.org" {
#	server.document-root = "/usr/share/eventum/htdocs",
#}

# running as alias, part 2
$HTTP["url"] =~ "^/eventum/" {
# running as separate vhost, part 2
#$HTTP["host"] == "eventum.example.org" {

#	# Make whole eventum password protected
#	auth.backend = "htpasswd"
#	auth.backend.htpasswd.userfile = "/etc/webapps/eventum/htpasswd"
#
#	# rss has it's own authorization
#	$HTTP["url"] !~ "/rss\.php$" {
#		auth.require += (
#			"/" => (
#				"method"  => "basic",
#				"realm"   => "Eventum",
#				"require" => "valid-user"
#			)
#		)
#	}

	# SCM integration. Set here IP of host running CVS, SVN, Git
	$HTTP["remoteip"] != "127.0.0.1" {
		$HTTP["url"] =~ "/scm_ping\.php$" {
			url.access-deny = ( "" )
		}
	}

	# IP Restrict XMLRPC
	$HTTP["url"] =~ "/rpc/xmlrpc.php" {
		$HTTP["remoteip"] !~ "127.0.0.1" {
			url.access-deny = ( "" )
		}
	}
}

# vim:ts=4
Commit	Line	Data
18426839 ER	1	#
	2	# This config provides two kinds of configuration, for url based ("/eventum")
	3	# and vhost based ("http://eventum.example.org").
	4	#
	5	# To use one of the configurations uncomment the other.
7bd3df31	6
37022e56 ER	7	# To redirect all http requests to https server:
	8	#$SERVER["socket"] == ":80" {
	9	# $HTTP["host"] == "eventum.example.org" {
	10	# server.name = "eventum.example.org"
	11	# url.redirect = ( "^/(.*)" => "https://eventum.example.org/$1" )
	12	# }
	13	#}
	14
06ddb94b ER	15	# HTTP Strict Transport Security (HSTS) headers on https addresses
	16	#$SERVER["socket"] == ":443" {
	17	# # HSTS (mod_setenv is required) (15768000 seconds = 6 months)
	18	# setenv.add-response-header += ( "Strict-Transport-Security" => "max-age=15768000" )
	19	#}
	20
18426839	21	# running as alias, part 1
7a930844 ER	22	alias.url += (
	23	"/eventum" => "/usr/share/eventum/htdocs",
	24	)
18426839 ER	25
18426839 ER	26	# running as separate vhost, part 1
6dac82cb	27	#$HTTP["host"] == "eventum.example.org" {
06ddb94b	28	# server.document-root = "/usr/share/eventum/htdocs",
7a930844	29	#}
18426839 ER	30
18426839 ER	31	# running as alias, part 2
7a930844	32	$HTTP["url"] =~ "^/eventum/" {
18426839	33	# running as separate vhost, part 2
6dac82cb	34	#$HTTP["host"] == "eventum.example.org" {
18426839	35
7a930844 ER	36	# # Make whole eventum password protected
	37	# auth.backend = "htpasswd"
	38	# auth.backend.htpasswd.userfile = "/etc/webapps/eventum/htpasswd"
	39	#
	40	# # rss has it's own authorization
	41	# $HTTP["url"] !~ "/rss\.php$" {
	42	# auth.require += (
	43	# "/" => (
	44	# "method" => "basic",
	45	# "realm" => "Eventum",
	46	# "require" => "valid-user"
	47	# )
	48	# )
	49	# }
	50
c28270d0	51	# SCM integration. Set here IP of host running CVS, SVN, Git
18426839 ER	52	$HTTP["remoteip"] != "127.0.0.1" {
	53	$HTTP["url"] =~ "/scm_ping\.php$" {
	54	url.access-deny = ( "" )
	55	}
	56	}
0152475f ER	57
	58	# IP Restrict XMLRPC
	59	$HTTP["url"] =~ "/rpc/xmlrpc.php" {
	60	$HTTP["remoteip"] !~ "127.0.0.1" {
	61	url.access-deny = ( "" )
	62	}
	63	}
18426839 ER	64	}
	65
	66	# vim:ts=4