You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by ru...@apache.org on 2021/10/12 22:51:17 UTC
[whimsy] branch master updated: resync config/whimsy.conf
This is an automated email from the ASF dual-hosted git repository.
rubys pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new d3cd998 resync config/whimsy.conf
d3cd998 is described below
commit d3cd998e133b164da6638fa3ab78aab6acf465e5
Author: Sam Ruby <ru...@intertwingly.net>
AuthorDate: Tue Oct 12 18:51:03 2021 -0400
resync config/whimsy.conf
---
config/whimsy.conf | 95 +++++++++++++++---------------------------------------
tools/mkconf.rb | 2 +-
2 files changed, 27 insertions(+), 70 deletions(-)
diff --git a/config/whimsy.conf b/config/whimsy.conf
index a601cec..329473b 100644
--- a/config/whimsy.conf
+++ b/config/whimsy.conf
@@ -2,7 +2,7 @@
# Vhost template in module puppetlabs-apache
# Managed by Puppet
# ************************************
-
+#
<VirtualHost *:80>
ServerName whimsy.local
@@ -23,19 +23,15 @@
CustomLog "/var/log/apache2/whimsy_access.log" combined
## Server aliases
- ## ServerAlias whimsy-test.apache.org
- ## ServerAlias whimsy4.apache.org
- ## ServerAlias whimsy-vm4.apache.org
+ ## ServerAlias whimsy6.apache.org
+ ## ServerAlias whimsy.apache.org
## Custom fragment
-SetEnv PATH /usr/local/bin:${PATH}
+## Needed? SetEnv PATH /usr/local/rvm/wrappers/ruby-2.7:${PATH}
PassengerFriendlyErrorPages on
-PassengerUser www-data
-PassengerGroup www-data
-
AddCharset UTF-8 .json
ExpiresActive On
@@ -52,6 +48,10 @@ ExpiresActive On
</FilesMatch>
</Directory>
+<Directory /srv/whimsy/www/.well-known/acme-challenge>
+ Require all granted
+</Directory>
+
<Directory /srv/whimsy/www/public/>
Header add Access-Control-Allow-Origin "*"
Options +Indexes
@@ -80,6 +80,7 @@ RedirectMatch permanent ^/officers/public_names /secretary/public-names
# redirect obsolete mailing list request form to replacement application
RedirectMatch permanent ^/officers/mlreq https://selfserve.apache.org/mail.html
+
ProxyPass "/board/agenda/websocket/" "ws://localhost:34234/"
# We now have local custom error pages
@@ -141,10 +142,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</LocationMatch>
@@ -152,10 +152,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -163,10 +162,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -174,10 +172,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -185,10 +182,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Committers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -196,10 +192,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Incubator PMC"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</LocationMatch>
@@ -207,10 +202,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Incubator PMC"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</LocationMatch>
@@ -218,10 +212,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -229,10 +222,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -240,10 +232,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
@@ -251,10 +242,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members and Officers"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require expr %{REQUEST_URI} == '/board/agenda/app.js'
Require expr %{REQUEST_URI} == '/board/agenda/app.js.map'
Require expr %{REQUEST_URI} =~ m#^/board/agenda/.*\.js\.rb$#
@@ -269,10 +259,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
@@ -280,10 +269,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
@@ -291,10 +279,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Members"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
@@ -302,10 +289,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Infrastructure Team"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
Require ldap-group cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org
</Directory>
@@ -313,10 +299,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Secretarial Team"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
<RequireAny>
Require ldap-group cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
@@ -327,41 +312,13 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
AuthType Basic
AuthName "ASF Secretarial Team"
AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
<RequireAny>
Require ldap-group cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
</RequireAny>
</LocationMatch>
-<Directory /srv/whimsy/www/test/member>
- AuthType Basic
- AuthName "ASF Members"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
- Require ldap-alias-member
-</Directory>
-
-<Directory /srv/whimsy/www/test/incubator>
- AuthType Basic
- AuthName "Incubator PMC"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
- Require ldap-alias-incubator-pmc
-</Directory>
-
-<Directory /srv/whimsy/www/test/member-incubator>
- AuthType Basic
- AuthName "ASF Members and Incubator PMC"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
- <RequireAny>
- Require ldap-alias-member
- Require ldap-alias-incubator-pmc
- </RequireAny>
-</Directory>
-
</VirtualHost>
diff --git a/tools/mkconf.rb b/tools/mkconf.rb
index d81190e..fb8404b 100755
--- a/tools/mkconf.rb
+++ b/tools/mkconf.rb
@@ -16,7 +16,7 @@ else
end
conf.sub! 'VirtualHost *:443', 'VirtualHost *:80'
-conf.sub! 'ServerName whimsy.apache.org', 'ServerName whimsy.local'
+conf.sub! /ServerName whimsy(.*?)\.apache\.org/, 'ServerName whimsy.local'
conf.gsub! 'ServerAlias', '## ServerAlias'
Re: [whimsy] branch master updated: resync config/whimsy.conf
Posted by sebb <se...@gmail.com>.
On Wed, 13 Oct 2021 at 13:49, Sam Ruby <ru...@intertwingly.net> wrote:
>
> I ran https://github.com/apache/whimsy/blob/master/tools/mkconf.rb,
> which in turn executes:
>
> ssh whimsy.apache.org cat /etc/apache2/sites-enabled/*-whimsy-vm-443.conf
>
> patches welcome, either to infra-p6, or to the mkconf script :-)
I added a PR for Whimsy:
https://github.com/apache/infrastructure-p6/pull/881
Would you be able to review that please?
> - Sam Ruby
>
> On Wed, Oct 13, 2021 at 6:47 AM sebb <se...@gmail.com> wrote:
> >
> > On Tue, 12 Oct 2021 at 23:51, <ru...@apache.org> wrote:
> >
> > > This is an automated email from the ASF dual-hosted git repository.
> > >
> > > rubys pushed a commit to branch master
> > > in repository https://gitbox.apache.org/repos/asf/whimsy.git
> > >
> > >
> > > The following commit(s) were added to refs/heads/master by this push:
> > > new d3cd998 resync config/whimsy.conf
> > > d3cd998 is described below
> > >
> > > commit d3cd998e133b164da6638fa3ab78aab6acf465e5
> > > Author: Sam Ruby <ru...@intertwingly.net>
> > > AuthorDate: Tue Oct 12 18:51:03 2021 -0400
> > >
> > > resync config/whimsy.conf
> > > ---
> > > config/whimsy.conf | 95
> > > +++++++++++++++---------------------------------------
> > > tools/mkconf.rb | 2 +-
> > > 2 files changed, 27 insertions(+), 70 deletions(-)
> > >
> > > diff --git a/config/whimsy.conf b/config/whimsy.conf
> > > index a601cec..329473b 100644
> > > --- a/config/whimsy.conf
> > > +++ b/config/whimsy.conf
> > > @@ -2,7 +2,7 @@
> > > # Vhost template in module puppetlabs-apache
> > > # Managed by Puppet
> > > # ************************************
> > > -
> > > +#
> > > <VirtualHost *:80>
> > > ServerName whimsy.local
> > >
> > > @@ -23,19 +23,15 @@
> > > CustomLog "/var/log/apache2/whimsy_access.log" combined
> > >
> > > ## Server aliases
> > > - ## ServerAlias whimsy-test.apache.org
> > > - ## ServerAlias whimsy4.apache.org
> > > - ## ServerAlias whimsy-vm4.apache.org
> > > + ## ServerAlias whimsy6.apache.org
> > > + ## ServerAlias whimsy.apache.org
> > >
> > > ## Custom fragment
> > >
> > > -SetEnv PATH /usr/local/bin:${PATH}
> > > +## Needed? SetEnv PATH /usr/local/rvm/wrappers/ruby-2.7:${PATH}
> > >
> > > PassengerFriendlyErrorPages on
> > >
> > > -PassengerUser www-data
> > > -PassengerGroup www-data
> > > -
> > > AddCharset UTF-8 .json
> > >
> > > ExpiresActive On
> > > @@ -52,6 +48,10 @@ ExpiresActive On
> > > </FilesMatch>
> > > </Directory>
> > >
> > > +<Directory /srv/whimsy/www/.well-known/acme-challenge>
> > > + Require all granted
> > > +</Directory>
> > > +
> > > <Directory /srv/whimsy/www/public/>
> > > Header add Access-Control-Allow-Origin "*"
> > > Options +Indexes
> > > @@ -80,6 +80,7 @@ RedirectMatch permanent ^/officers/public_names
> > > /secretary/public-names
> > >
> > > # redirect obsolete mailing list request form to replacement application
> > > RedirectMatch permanent ^/officers/mlreq
> > > https://selfserve.apache.org/mail.html
> > > +
> > > ProxyPass "/board/agenda/websocket/" "ws://localhost:34234/"
> > >
> > > # We now have local custom error pages
> > > @@ -141,10 +142,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Committers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > >
> >
> > Why drop the eu host?
> > Not all developers are US-located, even though the live server may be.
> >
> >
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </LocationMatch>
> > >
> > > @@ -152,10 +152,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Committers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > >
> >
> > Why drop this?
> > It should speed up LDAP checks.
> >
> >
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -163,10 +162,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Committers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -174,10 +172,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Committers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -185,10 +182,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Committers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -196,10 +192,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Incubator PMC"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </LocationMatch>
> > >
> > > @@ -207,10 +202,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Incubator PMC"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </LocationMatch>
> > >
> > > @@ -218,10 +212,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Officers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -229,10 +222,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Officers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -240,10 +232,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Officers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -251,10 +242,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members and Officers"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require expr %{REQUEST_URI} == '/board/agenda/app.js'
> > > Require expr %{REQUEST_URI} == '/board/agenda/app.js.map'
> > > Require expr %{REQUEST_URI} =~ m#^/board/agenda/.*\.js\.rb$#
> > > @@ -269,10 +259,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute memberUid
> > > AuthLDAPGroupAttributeIsDN off
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -280,10 +269,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute memberUid
> > > AuthLDAPGroupAttributeIsDN off
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -291,10 +279,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Members"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute memberUid
> > > AuthLDAPGroupAttributeIsDN off
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -302,10 +289,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Infrastructure Team"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > Require ldap-group
> > > cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org
> > > </Directory>
> > >
> > > @@ -313,10 +299,9 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Secretarial Team"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > <RequireAny>
> > > Require ldap-group
> > > cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> > > Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> > > @@ -327,41 +312,13 @@ Alias /project/icla/
> > > /srv/whimsy/www/project/icla/public
> > > AuthType Basic
> > > AuthName "ASF Secretarial Team"
> > > AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > + AuthLDAPUrl "ldaps://
> > > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > AuthLDAPGroupAttribute member
> > > AuthLDAPGroupAttributeIsDN on
> > > - AuthLDAPMaxSubGroupDepth 0
> > > <RequireAny>
> > > Require ldap-group
> > > cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> > > Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> > > </RequireAny>
> > > </LocationMatch>
> > >
> > > -<Directory /srv/whimsy/www/test/member>
> > > - AuthType Basic
> > > - AuthName "ASF Members"
> > > - AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > - Require ldap-alias-member
> > > -</Directory>
> > > -
> > > -<Directory /srv/whimsy/www/test/incubator>
> > > - AuthType Basic
> > > - AuthName "Incubator PMC"
> > > - AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > - Require ldap-alias-incubator-pmc
> > > -</Directory>
> > > -
> > > -<Directory /srv/whimsy/www/test/member-incubator>
> > > - AuthType Basic
> > > - AuthName "ASF Members and Incubator PMC"
> > > - AuthBasicProvider ldap
> > > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > > - <RequireAny>
> > > - Require ldap-alias-member
> > > - Require ldap-alias-incubator-pmc
> > > - </RequireAny>
> > > -</Directory>
> > > -
> > > </VirtualHost>
> > > diff --git a/tools/mkconf.rb b/tools/mkconf.rb
> > > index d81190e..fb8404b 100755
> > > --- a/tools/mkconf.rb
> > > +++ b/tools/mkconf.rb
> > > @@ -16,7 +16,7 @@ else
> > > end
> > >
> > > conf.sub! 'VirtualHost *:443', 'VirtualHost *:80'
> > > -conf.sub! 'ServerName whimsy.apache.org', 'ServerName whimsy.local'
> > > +conf.sub! /ServerName whimsy(.*?)\.apache\.org/, 'ServerName whimsy.local'
> > >
> > > conf.gsub! 'ServerAlias', '## ServerAlias'
> > >
> > >
Re: [whimsy] branch master updated: resync config/whimsy.conf
Posted by Sam Ruby <ru...@intertwingly.net>.
I ran https://github.com/apache/whimsy/blob/master/tools/mkconf.rb,
which in turn executes:
ssh whimsy.apache.org cat /etc/apache2/sites-enabled/*-whimsy-vm-443.conf
patches welcome, either to infra-p6, or to the mkconf script :-)
- Sam Ruby
On Wed, Oct 13, 2021 at 6:47 AM sebb <se...@gmail.com> wrote:
>
> On Tue, 12 Oct 2021 at 23:51, <ru...@apache.org> wrote:
>
> > This is an automated email from the ASF dual-hosted git repository.
> >
> > rubys pushed a commit to branch master
> > in repository https://gitbox.apache.org/repos/asf/whimsy.git
> >
> >
> > The following commit(s) were added to refs/heads/master by this push:
> > new d3cd998 resync config/whimsy.conf
> > d3cd998 is described below
> >
> > commit d3cd998e133b164da6638fa3ab78aab6acf465e5
> > Author: Sam Ruby <ru...@intertwingly.net>
> > AuthorDate: Tue Oct 12 18:51:03 2021 -0400
> >
> > resync config/whimsy.conf
> > ---
> > config/whimsy.conf | 95
> > +++++++++++++++---------------------------------------
> > tools/mkconf.rb | 2 +-
> > 2 files changed, 27 insertions(+), 70 deletions(-)
> >
> > diff --git a/config/whimsy.conf b/config/whimsy.conf
> > index a601cec..329473b 100644
> > --- a/config/whimsy.conf
> > +++ b/config/whimsy.conf
> > @@ -2,7 +2,7 @@
> > # Vhost template in module puppetlabs-apache
> > # Managed by Puppet
> > # ************************************
> > -
> > +#
> > <VirtualHost *:80>
> > ServerName whimsy.local
> >
> > @@ -23,19 +23,15 @@
> > CustomLog "/var/log/apache2/whimsy_access.log" combined
> >
> > ## Server aliases
> > - ## ServerAlias whimsy-test.apache.org
> > - ## ServerAlias whimsy4.apache.org
> > - ## ServerAlias whimsy-vm4.apache.org
> > + ## ServerAlias whimsy6.apache.org
> > + ## ServerAlias whimsy.apache.org
> >
> > ## Custom fragment
> >
> > -SetEnv PATH /usr/local/bin:${PATH}
> > +## Needed? SetEnv PATH /usr/local/rvm/wrappers/ruby-2.7:${PATH}
> >
> > PassengerFriendlyErrorPages on
> >
> > -PassengerUser www-data
> > -PassengerGroup www-data
> > -
> > AddCharset UTF-8 .json
> >
> > ExpiresActive On
> > @@ -52,6 +48,10 @@ ExpiresActive On
> > </FilesMatch>
> > </Directory>
> >
> > +<Directory /srv/whimsy/www/.well-known/acme-challenge>
> > + Require all granted
> > +</Directory>
> > +
> > <Directory /srv/whimsy/www/public/>
> > Header add Access-Control-Allow-Origin "*"
> > Options +Indexes
> > @@ -80,6 +80,7 @@ RedirectMatch permanent ^/officers/public_names
> > /secretary/public-names
> >
> > # redirect obsolete mailing list request form to replacement application
> > RedirectMatch permanent ^/officers/mlreq
> > https://selfserve.apache.org/mail.html
> > +
> > ProxyPass "/board/agenda/websocket/" "ws://localhost:34234/"
> >
> > # We now have local custom error pages
> > @@ -141,10 +142,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Committers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> >
>
> Why drop the eu host?
> Not all developers are US-located, even though the live server may be.
>
>
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </LocationMatch>
> >
> > @@ -152,10 +152,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Committers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> >
>
> Why drop this?
> It should speed up LDAP checks.
>
>
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -163,10 +162,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Committers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -174,10 +172,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Committers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -185,10 +182,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Committers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -196,10 +192,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Incubator PMC"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </LocationMatch>
> >
> > @@ -207,10 +202,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Incubator PMC"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </LocationMatch>
> >
> > @@ -218,10 +212,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Officers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -229,10 +222,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Officers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -240,10 +232,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Officers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -251,10 +242,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members and Officers"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require expr %{REQUEST_URI} == '/board/agenda/app.js'
> > Require expr %{REQUEST_URI} == '/board/agenda/app.js.map'
> > Require expr %{REQUEST_URI} =~ m#^/board/agenda/.*\.js\.rb$#
> > @@ -269,10 +259,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute memberUid
> > AuthLDAPGroupAttributeIsDN off
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -280,10 +269,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute memberUid
> > AuthLDAPGroupAttributeIsDN off
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -291,10 +279,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Members"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute memberUid
> > AuthLDAPGroupAttributeIsDN off
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> > </Directory>
> >
> > @@ -302,10 +289,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Infrastructure Team"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > Require ldap-group
> > cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org
> > </Directory>
> >
> > @@ -313,10 +299,9 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Secretarial Team"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > <RequireAny>
> > Require ldap-group
> > cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> > Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> > @@ -327,41 +312,13 @@ Alias /project/icla/
> > /srv/whimsy/www/project/icla/public
> > AuthType Basic
> > AuthName "ASF Secretarial Team"
> > AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > + AuthLDAPUrl "ldaps://
> > ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > - AuthLDAPMaxSubGroupDepth 0
> > <RequireAny>
> > Require ldap-group
> > cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> > Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> > </RequireAny>
> > </LocationMatch>
> >
> > -<Directory /srv/whimsy/www/test/member>
> > - AuthType Basic
> > - AuthName "ASF Members"
> > - AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > - Require ldap-alias-member
> > -</Directory>
> > -
> > -<Directory /srv/whimsy/www/test/incubator>
> > - AuthType Basic
> > - AuthName "Incubator PMC"
> > - AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > - Require ldap-alias-incubator-pmc
> > -</Directory>
> > -
> > -<Directory /srv/whimsy/www/test/member-incubator>
> > - AuthType Basic
> > - AuthName "ASF Members and Incubator PMC"
> > - AuthBasicProvider ldap
> > - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> > - <RequireAny>
> > - Require ldap-alias-member
> > - Require ldap-alias-incubator-pmc
> > - </RequireAny>
> > -</Directory>
> > -
> > </VirtualHost>
> > diff --git a/tools/mkconf.rb b/tools/mkconf.rb
> > index d81190e..fb8404b 100755
> > --- a/tools/mkconf.rb
> > +++ b/tools/mkconf.rb
> > @@ -16,7 +16,7 @@ else
> > end
> >
> > conf.sub! 'VirtualHost *:443', 'VirtualHost *:80'
> > -conf.sub! 'ServerName whimsy.apache.org', 'ServerName whimsy.local'
> > +conf.sub! /ServerName whimsy(.*?)\.apache\.org/, 'ServerName whimsy.local'
> >
> > conf.gsub! 'ServerAlias', '## ServerAlias'
> >
> >
Re: [whimsy] branch master updated: resync config/whimsy.conf
Posted by sebb <se...@gmail.com>.
On Tue, 12 Oct 2021 at 23:51, <ru...@apache.org> wrote:
> This is an automated email from the ASF dual-hosted git repository.
>
> rubys pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/whimsy.git
>
>
> The following commit(s) were added to refs/heads/master by this push:
> new d3cd998 resync config/whimsy.conf
> d3cd998 is described below
>
> commit d3cd998e133b164da6638fa3ab78aab6acf465e5
> Author: Sam Ruby <ru...@intertwingly.net>
> AuthorDate: Tue Oct 12 18:51:03 2021 -0400
>
> resync config/whimsy.conf
> ---
> config/whimsy.conf | 95
> +++++++++++++++---------------------------------------
> tools/mkconf.rb | 2 +-
> 2 files changed, 27 insertions(+), 70 deletions(-)
>
> diff --git a/config/whimsy.conf b/config/whimsy.conf
> index a601cec..329473b 100644
> --- a/config/whimsy.conf
> +++ b/config/whimsy.conf
> @@ -2,7 +2,7 @@
> # Vhost template in module puppetlabs-apache
> # Managed by Puppet
> # ************************************
> -
> +#
> <VirtualHost *:80>
> ServerName whimsy.local
>
> @@ -23,19 +23,15 @@
> CustomLog "/var/log/apache2/whimsy_access.log" combined
>
> ## Server aliases
> - ## ServerAlias whimsy-test.apache.org
> - ## ServerAlias whimsy4.apache.org
> - ## ServerAlias whimsy-vm4.apache.org
> + ## ServerAlias whimsy6.apache.org
> + ## ServerAlias whimsy.apache.org
>
> ## Custom fragment
>
> -SetEnv PATH /usr/local/bin:${PATH}
> +## Needed? SetEnv PATH /usr/local/rvm/wrappers/ruby-2.7:${PATH}
>
> PassengerFriendlyErrorPages on
>
> -PassengerUser www-data
> -PassengerGroup www-data
> -
> AddCharset UTF-8 .json
>
> ExpiresActive On
> @@ -52,6 +48,10 @@ ExpiresActive On
> </FilesMatch>
> </Directory>
>
> +<Directory /srv/whimsy/www/.well-known/acme-challenge>
> + Require all granted
> +</Directory>
> +
> <Directory /srv/whimsy/www/public/>
> Header add Access-Control-Allow-Origin "*"
> Options +Indexes
> @@ -80,6 +80,7 @@ RedirectMatch permanent ^/officers/public_names
> /secretary/public-names
>
> # redirect obsolete mailing list request form to replacement application
> RedirectMatch permanent ^/officers/mlreq
> https://selfserve.apache.org/mail.html
> +
> ProxyPass "/board/agenda/websocket/" "ws://localhost:34234/"
>
> # We now have local custom error pages
> @@ -141,10 +142,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Committers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
>
Why drop the eu host?
Not all developers are US-located, even though the live server may be.
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </LocationMatch>
>
> @@ -152,10 +152,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Committers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
>
Why drop this?
It should speed up LDAP checks.
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -163,10 +162,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Committers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -174,10 +172,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Committers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -185,10 +182,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Committers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -196,10 +192,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Incubator PMC"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </LocationMatch>
>
> @@ -207,10 +202,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Incubator PMC"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </LocationMatch>
>
> @@ -218,10 +212,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Officers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -229,10 +222,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Officers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -240,10 +232,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Officers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -251,10 +242,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members and Officers"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require expr %{REQUEST_URI} == '/board/agenda/app.js'
> Require expr %{REQUEST_URI} == '/board/agenda/app.js.map'
> Require expr %{REQUEST_URI} =~ m#^/board/agenda/.*\.js\.rb$#
> @@ -269,10 +259,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute memberUid
> AuthLDAPGroupAttributeIsDN off
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -280,10 +269,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute memberUid
> AuthLDAPGroupAttributeIsDN off
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -291,10 +279,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Members"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute memberUid
> AuthLDAPGroupAttributeIsDN off
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group cn=member,ou=groups,dc=apache,dc=org
> </Directory>
>
> @@ -302,10 +289,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Infrastructure Team"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> Require ldap-group
> cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org
> </Directory>
>
> @@ -313,10 +299,9 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Secretarial Team"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> <RequireAny>
> Require ldap-group
> cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> @@ -327,41 +312,13 @@ Alias /project/icla/
> /srv/whimsy/www/project/icla/public
> AuthType Basic
> AuthName "ASF Secretarial Team"
> AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> + AuthLDAPUrl "ldaps://
> ldap-us-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN on
> - AuthLDAPMaxSubGroupDepth 0
> <RequireAny>
> Require ldap-group
> cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org
> Require ldap-group cn=apldap,ou=groups,ou=services,dc=apache,dc=org
> </RequireAny>
> </LocationMatch>
>
> -<Directory /srv/whimsy/www/test/member>
> - AuthType Basic
> - AuthName "ASF Members"
> - AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> - Require ldap-alias-member
> -</Directory>
> -
> -<Directory /srv/whimsy/www/test/incubator>
> - AuthType Basic
> - AuthName "Incubator PMC"
> - AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> - Require ldap-alias-incubator-pmc
> -</Directory>
> -
> -<Directory /srv/whimsy/www/test/member-incubator>
> - AuthType Basic
> - AuthName "ASF Members and Incubator PMC"
> - AuthBasicProvider ldap
> - AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636
> ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid"
> - <RequireAny>
> - Require ldap-alias-member
> - Require ldap-alias-incubator-pmc
> - </RequireAny>
> -</Directory>
> -
> </VirtualHost>
> diff --git a/tools/mkconf.rb b/tools/mkconf.rb
> index d81190e..fb8404b 100755
> --- a/tools/mkconf.rb
> +++ b/tools/mkconf.rb
> @@ -16,7 +16,7 @@ else
> end
>
> conf.sub! 'VirtualHost *:443', 'VirtualHost *:80'
> -conf.sub! 'ServerName whimsy.apache.org', 'ServerName whimsy.local'
> +conf.sub! /ServerName whimsy(.*?)\.apache\.org/, 'ServerName whimsy.local'
>
> conf.gsub! 'ServerAlias', '## ServerAlias'
>
>