X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=apache%2Fmyslice.conf;h=c994af369aff4f4d6285decc82bb3bdb799dbf66;hb=8be9b358a544e1ea9e53ad40495fa42e9d5edf9a;hp=a7f6f2cef3ea7b91a6e02793129839224f585c54;hpb=bb1f5f96f8a8a3eeb8585357a3a94c047c1c496b;p=myslice.git
diff --git a/apache/myslice.conf b/apache/myslice.conf
index a7f6f2ce..c994af36 100644
--- a/apache/myslice.conf
+++ b/apache/myslice.conf
@@ -1,6 +1,8 @@
+# xxx it might be smarter to install wsgi.py in some other location
+# so we don't have to hard-wire these paths here
- WSGIScriptAlias / /usr/share/unfold/apache/wsgi.py
-
+ WSGIScriptAlias / /usr/lib/python2.7/dist-packages/myslice/wsgi.py
+
Order deny,allow
Allow from all
@@ -12,3 +14,37 @@
Allow from all
+
+# This port (not necessarily well picked) is configured
+# with client-certificate required
+# corresponding trusted roots (e.g. ple.gid and plc.gid) should be
+# configured in /etc/unfold/trusted_roots
+# check Jordan's email and pointer to trac, although we do not want
+# this to be optional on that port
+
+
+ WSGIScriptAlias / /usr/lib/python2.7/dist-packages/myslice/wsgi.py
+
+
+ Order deny,allow
+ Allow from all
+
+
+ Alias /static/ /usr/share/unfold/static/
+
+ Order deny,allow
+ Allow from all
+
+
+ SSLEngine on
+ SSLVerifyClient require
+ SSLVerifyDepth 5
+# make this a symlink to /etc/sfa/trusted_roots if that makes sense in your env.
+ SSLCACertificatePath /etc/unfold/trusted_roots
+# see init-ssl.sh for how to create self-signed stuff in here
+ SSLCertificateFile /etc/unfold/myslice.cert
+ SSLCertificateKeyFile /etc/unfold/myslice.key
+
+# SSLOptions +StdEnvVars +ExportCertData
+ SSLOptions +StdEnvVars
+