|
1 ; |
|
2 ;TLS macro for vhost blocks |
|
3 ; |
|
4 $%define TLS {$%{config/use_tls:? |
|
5 SSLEngine On |
|
6 |
|
7 # Disable the known insecure SSLv3 protocol |
|
8 SSLProtocol all -SSLv3 |
|
9 |
|
10 SSLCertificateFile $%{config/ssl_cert_file} |
|
11 $%{config/ssl_ca_cert_file:^*SSLCACertificateFile } |
|
12 SSLCertificateKeyFile $%{config/ssl_cert_key_file} |
|
13 }} |
|
14 ; |
|
15 ;vhost macro |
|
16 ; |
|
17 $%define VHOST type port name { |
|
18 <VirtualHost *:$%port> |
|
19 $%[TLS] |
|
20 WSGIDaemonProcess keystone-$%type processes=5 threads=1 user=keystone group=keystone display-name=%\{GROUP\} |
|
21 WSGIScriptAlias / /usr/lib/python2.7/vendor-packages/keystone/httpd/$%name |
|
22 WSGIProcessGroup keystone-$%type |
|
23 WSGIApplicationGroup %\{GLOBAL\} |
|
24 WSGIPassAuthorization On |
|
25 |
|
26 </VirtualHost> |
|
27 } |
|
28 ; |
|
29 ; Start of conf file stencil |
|
30 ; |
|
31 # WARNING: THIS FILE GENERATED FROM SMF DATA. |
|
32 # DO NOT EDIT THIS FILE. EDITS WILL BE LOST. |
|
33 # |
|
34 |
|
35 ServerRoot "/usr/apache2/2.4" |
|
36 |
|
37 LoadModule authn_file_module libexec/mod_authn_file.so |
|
38 LoadModule authn_core_module libexec/mod_authn_core.so |
|
39 LoadModule authz_host_module libexec/mod_authz_host.so |
|
40 LoadModule authz_groupfile_module libexec/mod_authz_groupfile.so |
|
41 LoadModule authz_user_module libexec/mod_authz_user.so |
|
42 LoadModule authz_core_module libexec/mod_authz_core.so |
|
43 LoadModule access_compat_module libexec/mod_access_compat.so |
|
44 LoadModule auth_basic_module libexec/mod_auth_basic.so |
|
45 LoadModule reqtimeout_module libexec/mod_reqtimeout.so |
|
46 LoadModule filter_module libexec/mod_filter.so |
|
47 LoadModule log_config_module libexec/mod_log_config.so |
|
48 LoadModule env_module libexec/mod_env.so |
|
49 LoadModule headers_module libexec/mod_headers.so |
|
50 LoadModule version_module libexec/mod_version.so |
|
51 LoadModule slotmem_shm_module libexec/mod_slotmem_shm.so |
|
52 <IfDefine prefork> |
|
53 LoadModule mpm_prefork_module libexec/mod_mpm_prefork.so |
|
54 </IfDefine> |
|
55 <IfDefine worker> |
|
56 LoadModule mpm_worker_module libexec/mod_mpm_worker.so |
|
57 </IfDefine> |
|
58 <IfDefine !prefork> |
|
59 <IfDefine !worker> |
|
60 LoadModule mpm_event_module libexec/mod_mpm_event.so |
|
61 </IfDefine> |
|
62 </IfDefine> |
|
63 LoadModule unixd_module libexec/mod_unixd.so |
|
64 LoadModule status_module libexec/mod_status.so |
|
65 LoadModule alias_module libexec/mod_alias.so |
|
66 LoadModule wsgi_module libexec/mod_wsgi-2.7.so |
|
67 $%{config/use_tls:? |
|
68 LoadModule ssl_module libexec\/mod_ssl.so |
|
69 } |
|
70 |
|
71 <IfModule unixd_module> |
|
72 User keystone |
|
73 Group keystone |
|
74 </IfModule> |
|
75 |
|
76 PidFile /var/lib/keystone/keystone.httpd.pid |
|
77 |
|
78 ServerName 127.0.0.1 |
|
79 Listen $%{config/public_port} |
|
80 Listen $%{config/admin_port} |
|
81 |
|
82 <Directory /> |
|
83 AllowOverride none |
|
84 Require all denied |
|
85 </Directory> |
|
86 |
|
87 ErrorLogFormat "%{cu}t %M" |
|
88 ErrorLog "$%{config/error_log}" |
|
89 LogLevel warn |
|
90 |
|
91 <IfModule log_config_module> |
|
92 LogFormat "%h %u %t \\"%r\\" %p %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined |
|
93 </IfModule> |
|
94 |
|
95 CustomLog $%{config/access_log} combined |
|
96 |
|
97 <Directory /usr/lib/python2.7/vendor-packages/keystone/httpd> |
|
98 Options Indexes FollowSymLinks MultiViews |
|
99 AllowOverride None |
|
100 Require all granted |
|
101 </Directory> |
|
102 |
|
103 WSGISocketPrefix /var/run/keystone_wsgi_ |
|
104 |
|
105 $%[VHOST public $%{config/public_port} main] |
|
106 $%[VHOST admin $%{config/admin_port} admin] |