Mercurial > hg > soundsoftware-site

view deploy/config/code.conf.in @ 1587:d8949733849d dockerise

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Another rearrangement, to share provisioning scripts
author Chris Cannam
date Thu, 17 Aug 2017 11:55:29 +0100
parents extra/soundsoftware/scripted-deploy/config/code.conf@ae8043b014c7
children c18460da6620
line wrap: on
line source

# A test Apache config. Lacks SSL, lacks a desirable extra layer of
# authentication for admin interface paths. Do not deploy this.

PerlLoadModule Apache::Authn::SoundSoftware

<VirtualHost *:80>
        ServerName code.soundsoftware.ac.uk
        ServerAdmin chris.cannam@soundsoftware.ac.uk

        DocumentRoot /var/www/code/public
        PassengerRestartDir restart_files
        PassengerHighPerformance on
        PassengerMaxRequests 50000
        PassengerStatThrottleRate 5
	PassengerStartTimeout 60
	PassengerFriendlyErrorPages on
        RailsSpawnMethod smart
        ExpiresDefault "access plus 1 minute"

        <DirectoryMatch "^/.*/\.svn/">
                Order allow,deny
                Deny from all
                Satisfy All
        </DirectoryMatch>

        <DirectoryMatch "^/.*/\.hg/">
                Order allow,deny
                Deny from all
                Satisfy All
        </DirectoryMatch>

        <DirectoryMatch "^/.*/\.git/">
                Order allow,deny
                Deny from all
                Satisfy All
        </DirectoryMatch>

        <Directory /var/www/code/public>
                Options -MultiViews
	</Directory>

        <Directory /var/www/code/public/themes/soundsoftware/stylesheets/fonts>
		# Avoid other sites embedding our fonts
		RewriteEngine on
		RewriteCond %{HTTP_REFERER} !^$
		RewriteCond %{HTTP_REFERER} !^http(s)?://code.soundsoftware.ac.uk/.*$ [NC]
		RewriteRule \.(ttf|woff|eot|otf|svg|zip|gz|html|txt)$ - [F]
	</Directory>

	ScriptAlias /hg "/var/hg/index.cgi"

	<Location /hg>
               	AuthName "Mercurial"
                AuthType Basic
                Require valid-user
		PerlAccessHandler Apache::Authn::SoundSoftware::access_handler
      		PerlAuthenHandler Apache::Authn::SoundSoftware::authen_handler
		PerlSetVar HTTPS "on"
		SoundSoftwareDSN "dbi:Pg:database=code;host=localhost"
    		SoundSoftwareDbUser "code"
     		SoundSoftwareDbPass "INSERT_POSTGRES_PASSWORD_HERE"
		SoundSoftwareRepoPrefix "/var/hg/"
                #!!! "on" in production please!:
                SoundSoftwareSslRequired "off"
		Options +ExecCGI
		AddHandler cgi-script .cgi
		ExpiresDefault now
        </Location>

	Alias /git "/var/files/git-mirror"	

	<Directory "/var/files/git-mirror">
		Options -Indexes +FollowSymLinks
                Order allow,deny
                Allow from all
	</Directory>
	<Directory ~ "/var/files/git-mirror/.*\.workdir">
		Order allow,deny
		Deny from all
	</Directory>
	<Directory ~ "/var/files/git-mirror/__.*">
                Order allow,deny
                Deny from all
	</Directory>

	ErrorLog /var/log/apache2/code-error.log
	CustomLog /var/log/apache2/code-access.log vhost_combined

        LogLevel warn
        ServerSignature Off
        
</VirtualHost>