-# $Id$
+#
+# This config provides two kinds of configuration, for url based ("/eventum")
+# and vhost based ("http://eventum.example.org").
+#
+# To use one of the configurations uncomment the other.
-# running as alias
+# To redirect all http requests to https server:
+#$SERVER["socket"] == ":80" {
+# $HTTP["host"] == "eventum.example.org" {
+# server.name = "eventum.example.org"
+# url.redirect = ( "^/(.*)" => "https://eventum.example.org/$1" )
+# }
+#}
+
+# HTTP Strict Transport Security (HSTS) headers on https addresses
+#$SERVER["socket"] == ":443" {
+# # HSTS (mod_setenv is required) (15768000 seconds = 6 months)
+# setenv.add-response-header += ( "Strict-Transport-Security" => "max-age=15768000" )
+#}
+
+# running as alias, part 1
alias.url += (
"/eventum" => "/usr/share/eventum/htdocs",
)
-# running as separate vhost
-#$HTTP["host"] == "eventum.delfi.lan" {
-# server.document-root = "/usr/share/eventum/htdocs",
+# running as separate vhost, part 1
+#$HTTP["host"] == "eventum.example.org" {
+# server.document-root = "/usr/share/eventum/htdocs",
#}
+
+# running as alias, part 2
+$HTTP["url"] =~ "^/eventum/" {
+# running as separate vhost, part 2
+#$HTTP["host"] == "eventum.example.org" {
+
+# # Make whole eventum password protected
+# auth.backend = "htpasswd"
+# auth.backend.htpasswd.userfile = "/etc/webapps/eventum/htpasswd"
+#
+# # rss has it's own authorization
+# $HTTP["url"] !~ "/rss\.php$" {
+# auth.require += (
+# "/" => (
+# "method" => "basic",
+# "realm" => "Eventum",
+# "require" => "valid-user"
+# )
+# )
+# }
+
+ # SCM integration. Set here IP of host running CVS, SVN, Git
+ $HTTP["remoteip"] != "127.0.0.1" {
+ $HTTP["url"] =~ "/scm_ping\.php$" {
+ url.access-deny = ( "" )
+ }
+ }
+
+ # IP Restrict XMLRPC
+ $HTTP["url"] =~ "/rpc/xmlrpc.php" {
+ $HTTP["remoteip"] !~ "127.0.0.1" {
+ url.access-deny = ( "" )
+ }
+ }
+}
+
+# vim:ts=4