openstack
/
openstack-ansible-os_barbican
Code Issues Proposed changes
openstack-ansible-os_barbican/templates/barbican-httpd.conf.j2

59 lines
2.0 KiB
Django/Jinja
Raw Permalink Blame History

# {{ ansible_managed }}
<VirtualHost *:{{ barbican_service_port }}>
WSGIDaemonProcess barbican-service user={{ barbican_system_user_name }} group={{ barbican_system_group_name }} processes={{ barbican_wsgi_processes }} threads={{ barbican_wsgi_threads }} display-name=%{GROUP}
WSGIProcessGroup barbican-service
WSGIScriptAlias / /var/www/cgi-bin/barbican/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
LogLevel {{ barbican_apache_log_level }}
ErrorLog {{ barbican_log_directory }}/barbican-apache-error.log
CustomLog {{ barbican_log_directory }}/ssl_access.log combined
Options +FollowSymLinks
{% if barbican_ssl | bool and barbican_service_internaluri_proto == "https" -%}
SSLEngine on
SSLCertificateFile {{ barbican_ssl_cert }}
SSLCertificateKeyFile {{ barbican_ssl_key }}
{% if barbican_user_ssl_ca_cert is defined -%}
SSLCACertificateFile {{ barbican_ssl_ca_cert }}
{% endif -%}
SSLCompression Off
SSLProtocol {{ barbican_ssl_protocol }}
SSLHonorCipherOrder On
SSLCipherSuite {{ barbican_ssl_cipher_suite }}
SSLOptions +StdEnvVars +ExportCertData
{% endif %}
{% if barbican_sp is defined -%}
ShibURLScheme {{ barbican_service_publicuri_proto }}
<Location /Shibboleth.sso>
SetHandler shib
</Location>
<Location /v3/auth/OS-FEDERATION/websso/saml2>
AuthType shibboleth
ShibRequestSetting requireSession 1
ShibRequestSetting exportAssertion 1
ShibRequireSession On
ShibExportAssertion On
Require valid-user
</Location>
<LocationMatch /v3/OS-FEDERATION/identity_providers/.*?/protocols/saml2/auth>
ShibRequestSetting requireSession 1
AuthType shibboleth
ShibExportAssertion Off
Require valid-user
</LocationMatch>
WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/cgi-bin/barbican/main/$1
{% endif %}
</VirtualHost>
View Git Blame Copy Permalink