package /etc/nagios/nrpe.d to nagios-common

[packages/nagios.git] / nagios-apache.conf

diff --git a/nagios-apache.conf b/nagios-apache.conf
index e1fc0f24d2b6b4b59896c2311342b95a7dbdfcf6..2c8982c80ffb8c729433ffb2664eeea046f08699 100644 (file)
--- a/nagios-apache.conf
+++ b/nagios-apache.conf
@@ -1,50 +1,60 @@
-
-# WITHOUT SSL
-<IfModule !mod_ssl.c>
 ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi/
-<Directory /usr/lib/nagios/cgi/>
-   Options ExecCGI
-   Order deny,allow
-   Deny from all
-   Allow from 127.0.0.1
-</Directory>
-
+Alias /nagios/docs/ /usr/share/doc/nagios/
 Alias /nagios/ /usr/share/nagios/
-<Directory /usr/share/nagios/>
-   Options None
-   Order deny,allow
-   Deny from all
-   Allow from 127.0.0.1
-</Directory>
-</IfModule>
 
-# WITH SSL ENABLED
-<IfModule mod_ssl.c>
-ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi/
-<Directory /usr/lib/nagios/cgi/>
-   Options ExecCGI
-   SSLRequireSSL
-   Order deny,allow
-   Deny from all
-   AuthType Basic
-   AuthUserFile /etc/nagios/passwd
-   AuthGroupFile /etc/nagios/group
-   AuthName "Nagios"
-   Require group nagios
+# We grant access to static images for everybody, as the files are available
+# publically anyway, but without having it with http password i'm able to link
+# icons to jabber notify messages :)
+<Directory ~ "^/usr/share/(doc/nagios|nagios/images)">
+       # Apache 2.x
+       <IfModule !mod_authz_core.c>
+               Order allow,deny
+               Allow from all
+       </IfModule>
+       # Apache 2.4
+       <IfModule mod_authz_core.c>
+               Require all granted
+       </IfModule>
 </Directory>
 
-Alias /nagios/ /usr/share/nagios/
-<Directory /usr/share/nagios/>
-   Options None
-   SSLRequireSSL
-   Order deny,allow
-   Deny from all
-   AuthType Basic
-   AuthUserFile /etc/nagios/passwd
-   AuthGroupFile /etc/nagios/group
-   AuthName "Nagios"
-   Require group nagios
-</Directory>
-</IfModule>
+<Directory ~ "/usr/lib/nagios/cgi/|/usr/share/nagios/">
+       Options +ExecCGI
 
-# vim: filetype=apache ts=4 sw=4 et
+       # WITHOUT SSL
+       <IfModule !mod_ssl.c>
+               # Apache 2.x
+               <IfModule !mod_authz_core.c>
+                       Order deny,allow
+                       Deny from all
+                       Allow from 127.0.0.1
+               </IfModule>
+               # Apache 2.4
+               <IfModule mod_authz_core.c>
+                       Require all denied
+                       Require local
+               </IfModule>
+       </IfModule>
+
+       # WITH SSL ENABLED
+       <IfModule mod_ssl.c>
+               SSLRequireSSL
+
+               AuthType Basic
+               AuthName "Nagios"
+
+               # Apache 2.x
+               <IfModule !mod_authz_core.c>
+                       Allow from all
+               </IfModule>
+
+               # LDAP based Authz. Apache 1.3
+#              <IfModule mod_auth_ldap.c>
+#                      AuthLDAPEnabled on
+#                      AuthLDAPURL ldap://ldap.example.org/ou=People,dc=example,dc=org?uid?sub?(objectClass=*)
+#              </IfModule>
+
+               AuthUserFile /etc/webapps/nagios/passwd
+               AuthGroupFile /etc/webapps/nagios/group
+               Require group nagios
+       </IfModule>
+</Directory>