Create directory for registry-signatures
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
This commit is contained in:
Patrick Uiterwijk
parent
fb85471281
commit
49323cdec7
5 changed files with 33 additions and 0 deletions
|
|
@ -46,6 +46,11 @@
|
||||||
tags:
|
tags:
|
||||||
- fedora-web
|
- fedora-web
|
||||||
|
|
||||||
|
- name: make registry-signatures dir
|
||||||
|
file: state=directory path=/srv/web/registry-signatures owner=apache group=sysadmin-releng mode=2775 setype=httpd_sys_content_t seuser=system_u
|
||||||
|
tags:
|
||||||
|
- fedora-web
|
||||||
|
|
||||||
- name: Copy syncStatic script (stg)
|
- name: Copy syncStatic script (stg)
|
||||||
when: env == "staging"
|
when: env == "staging"
|
||||||
copy: >
|
copy: >
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,12 @@
|
||||||
- fedora-web
|
- fedora-web
|
||||||
- fedora-web/registry
|
- fedora-web/registry
|
||||||
|
|
||||||
|
- name: Copy in the sync-registry-signatures cronjob
|
||||||
|
copy: src=cron-sync-registry-signatures dest=/etc/cron.d/sync-registry-signatures
|
||||||
|
tags:
|
||||||
|
- fedora-web
|
||||||
|
- fedora-web/registry
|
||||||
|
|
||||||
- name: Copy over the registry passwd
|
- name: Copy over the registry passwd
|
||||||
copy: src=passwd dest=/etc/httpd/conf.d/registry.fedoraproject.org/passwd
|
copy: src=passwd dest=/etc/httpd/conf.d/registry.fedoraproject.org/passwd
|
||||||
owner=root group=root mode=0644
|
owner=root group=root mode=0644
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ RequestHeader set X-Scheme https early
|
||||||
RequestHeader set X-Forwarded-Proto https early
|
RequestHeader set X-Forwarded-Proto https early
|
||||||
ProxyPreserveHost On
|
ProxyPreserveHost On
|
||||||
|
|
||||||
|
Alias /signatures /srv/web/registry-signatures
|
||||||
|
|
||||||
RewriteEngine on
|
RewriteEngine on
|
||||||
{% if env == "production" %}
|
{% if env == "production" %}
|
||||||
RewriteCond %{HTTP:VIA} !cdn77
|
RewriteCond %{HTTP:VIA} !cdn77
|
||||||
|
|
@ -20,6 +22,10 @@ SSLVerifyDepth 1
|
||||||
SSLCACertificateFile /etc/pki/httpd/fedora-server-ca.cert
|
SSLCACertificateFile /etc/pki/httpd/fedora-server-ca.cert
|
||||||
SSLOptions +FakeBasicAuth
|
SSLOptions +FakeBasicAuth
|
||||||
|
|
||||||
|
<Directory /srv/web/registry-signatures>
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
|
||||||
<Location /v2>
|
<Location /v2>
|
||||||
Order deny,allow
|
Order deny,allow
|
||||||
|
|
|
||||||
|
|
@ -181,3 +181,11 @@ uid = root
|
||||||
gid = root
|
gid = root
|
||||||
read only = yes
|
read only = yes
|
||||||
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
||||||
|
|
||||||
|
[registry-signatures]
|
||||||
|
comment = registry-signatures
|
||||||
|
path = /srv/web/registry-signatures
|
||||||
|
uid = root
|
||||||
|
gid = root
|
||||||
|
read only = yes
|
||||||
|
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
||||||
|
|
|
||||||
|
|
@ -181,3 +181,11 @@ uid = root
|
||||||
gid = root
|
gid = root
|
||||||
read only = yes
|
read only = yes
|
||||||
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
||||||
|
|
||||||
|
[registry-signatures]
|
||||||
|
comment = registry-signatures
|
||||||
|
path = /srv/web/registry-signatures
|
||||||
|
uid = root
|
||||||
|
gid = root
|
||||||
|
read only = yes
|
||||||
|
hosts allow = 10.5.126.0/255.255.255.0 192.168.0.0/255.255.0.0
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue