skip to navigation
skip to content

Not Logged In

isotoma.recipe.apache 1.0.4

Buildout recipes for apache.

Apache buildout recipe

This package provides buildout recipes for the configuration of apache. This has a number of features that we have found useful in production, such as support for long CA chains, htpasswd authentication protection and the support for optional templates provided with the buildout.

We use the system apache, so this recipe will not install apache for you. If you wish to install apache, use zc.recipe.cmmi perhaps.

Mandatory Parameters

interface
The IP address of the interface on which to listen
sitename
The name of the site, used to identify the correct virtual host
serveradmin
The email address of the administrator of the server
proxyport
The port to which requests are forwarded

Optional Parameters

realm
The name of the HTTP Authentication realm, if you wish to password protect this site
passwdfile
The filename of the htpasswd file to secure the realm, defaults to "passwd" in the part directory
username
The username used in the htpasswd file
allowpurge
The IP address of a server that is permitted to send PURGE requests to this server
portal
The name of the portal object in the zope server, defaults to "portal"
template
The filename of the template file to use, if you do not wish to use the default
configfile
The name of the config file written by the recipe, defaults to "apache.cfg" in the part directory
ssl
Should ssl be on or off. By default this isn't needed, setting the ssl options is enough to turn it on. Useful to force SSL off, even if your base buildout set defaults.
sslca
A list of full pathnames to certificate authority certificate files
sslcert
The full pathname of the ssl certificate, if required
sslkey
The full pathname of the key for the ssl certificate
redirects
A list of other domains to forward to this domain
rewrites
A list source;destination;flags that gets expanded to 'RewriteRule source destination [flags]'
auto-www
If true, the recipe will have a Redirect for www.${sitename}. If your sitename already has a www prefix, the alias will be sitename with the prefix trimmed.
logdir
Where to store apache logs (Default: /var/log/apache2)
logformat
What apache logformat to use (Default: combined)
protected
A list of locations to set a basic auth password on, should be a list of lines of the format: <URI>:<realm>:<username>:<password>
enhanced-privacy
Set to true to stop it logging IP addresses (Default: IP addresses are logged)

Domain-level Redirects

When using isotoma.recipe.apache:redirect you can listen on an interface and redirect any hits for a domain to any url.

Mandatory Paramaters

interface
The IP and port to listen on, e.g. 192.168.0.19:80
serveradmin
The email address of the administrator of the server
redirects
A list of domain;url pairs, seperated by ';'. E.g. www.isotoma.com;http://www.isotoma.com/foo

Repository

This software is available from our recipe repository on github.

License

Copyright 2010 Isotoma Limited

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Changelog

1.0.4 (2013-03-19)

  • Set Keep-Alive to Off for the WSGI recipe.

1.0.3 (2012-11-26)

  • Set a Jinja2 line_statement_prefix of %. This allows for much better whitespace control in templates:

    % if requestheader is defined
    // DO STUFF
    % endif
    

    This avoids the whitespace mess that plagues the current templates.

  • Update built in templates to have less whitespace noise

  • IP whitelisting fixes (Deny before allow, prevent 2 <Location /> stanzas from interracting).

1.0.2 (2012-10-09)

  • Support IP whitelisting as well as username/password

1.0.1 (2012-07-05)

  • Prever SERVER_NAME over HTTP_HOST and force UseCanonicalName to Off (the default) so that SERVER_NAME will be the same as HTTP_HOST.

1.0.0 (2012-05-25)

  • Add a strict_domains setting which 403's unpermitted domain access.
  • Make redirects permanent

0.6.19 (2012-05-25)

  • Plone recipe can now construct VHM rewrites that use %{HTTP_HOST} - allowing a single vhost to serve multiple domains via ServerAlias.

0.6.18 (2012-03-02)

  • Fix case where ${:ssl} is auto.
  • Find all doctests automatically

0.6.17 (2012-03-02)

  • Fix handling of ${:auto-www} and updated regression tests accordingly.

0.6.16 (2012-02-27)

  • Add sendfile option to the wsgi recipe to enable mod_xsendfile

0.6.15 (2012-02-23)

  • bugfix to regain python2.4 compatibility

0.6.14 (2012-02-20)

  • Allow recipe to set Header:

    header.X-Hello = SOME EXAMPLE HEADER
    
  • Moved some general functionality into the ApacheBase class for reuse elsewhere

  • Added isotoma.recipe.apache:maintenance to provide an apache configuration for a site which will return 503s for each request, and display a predefined maintenance page.

0.6.13 (2011-12-19)

  • Allow recipe to set RequestHeaders:

    requestheader.plone_skin = Sunburst
    

0.6.12 (2011-11-29)

  • Fixed an issue with PURGE not being received if basic authentication is enabled.
  • Added an "indexes" option to the wsgi recipe to limit access to directory indexes unless "indexes = on".

0.6.11 (2011-11-28)

  • Lots of template whitespace removal to produce more legible apache configs.
  • Fixed bug where RewriteRule directives were being concatenated on a single line.

0.6.10 (2011-11-26)

  • Redirects (such as those used by the auto-www option) now pay attention to the "ssl" option, redirecting to https:// or http:// as required.
  • Updated doctests with unused option ordering.

0.6.9 (2011-09-14)

  • Brown paper bag.

0.6.8 (2011-09-14)

  • Support ${:ssl} 'only' option, to turn off the HTTP -> HTTP redirect

0.6.7 (2011-09-06)

  • Fix WSGI static_aliases to add a newline between each.
  • Improve output formatting of basic_auth option

0.6.6 (2011-09-05)

  • SSL now works with WSGI using either the 'protected' argument for multiple 'Location's or the 'realm', 'username', 'password' for '<Location />'

0.6.5 (2011-08-24)

  • Nothing changed yet.

0.6.4 (2011-08-22)

  • Use FileSystemLoader

0.6.3 (2011-08-17)

  • Don't turn on auth if realm is empty

0.6.0 (2011-08-13)

  • Don't hard code Jinja2 dependency
  • Move entirely to Jinja2
  • Remove Cheetah
  • Remove zope.testing from test dependencies
  • Remove Standalone
  • Define a 'body' block that can be overriden
  • Tests now use difflib to give 'git diff' style output when there are problems
  • Add an ssl flag so we can provide sensible ssl defaults but still turn it on and off
  • Merge apache and apache-ssl into a single template

0.5.10 (2011-07-13)

  • Pinning Jinja to stop projects using this having to pin Jinja as well

0.5.9 (2011-07-13)

  • Pinned all versions and disabled buildout's allow-picked-verions to stablise release from dependencies.
 
File Type Py Version Uploaded on Size
isotoma.recipe.apache-1.0.4.tar.gz (md5) Source 2013-03-19 17KB
  • Downloads (All Versions):
  • 23 downloads in the last day
  • 355 downloads in the last week
  • 1577 downloads in the last month