47 lines
1.2 KiB
Django/Jinja
47 lines
1.2 KiB
Django/Jinja
#
|
|
# koji-hub is an xmlrpc interface to the Koji database
|
|
#
|
|
|
|
KeepAlive On
|
|
|
|
Alias /kojihub /usr/share/koji-hub/kojixmlrpc.py
|
|
|
|
<Directory "/usr/share/koji-hub">
|
|
Options ExecCGI
|
|
SetHandler wsgi-script
|
|
Require all granted
|
|
</Directory>
|
|
|
|
{% if inventory_hostname == 'arm-koji01.qa.fedoraproject.org' or inventory_hostname == 'ppc-koji01.ppc.fedoraproject.org' or inventory_hostname == 's390-koji01.s390.fedoraproject.org' %}
|
|
# Also serve /mnt/koji
|
|
Alias /kojifiles "/mnt/koji/"
|
|
|
|
<Directory "/mnt/koji">
|
|
Options Indexes FollowSymLinks
|
|
AllowOverride None
|
|
Order allow,deny
|
|
Allow from all
|
|
</Directory>
|
|
{% endif %}
|
|
|
|
<Location /kojihub/ssllogin>
|
|
AuthType GSSAPI
|
|
GssapiSSLonly Off
|
|
GssapiLocalName On
|
|
AuthName "GSSAPI Single Sign On Login"
|
|
{% if fedmsg_koji_instance == "primary" %}
|
|
GssapiCredStore keytab:/etc/koji-hub/gssapi.keytab
|
|
{% else %}
|
|
GssapiCredStore keytab:/etc/krb5.HTTP_{{ fedmsg_koji_instance }}.koji.fedoraproject.org.keytab
|
|
{% endif %}
|
|
Require valid-user
|
|
</Location>
|
|
|
|
# uncomment this to enable authentication via SSL client certificates
|
|
#<Location /kojihub>
|
|
# SSLOptions +StdEnvVars
|
|
#</Location>
|
|
# these options must be enabled globally (in ssl.conf)
|
|
# SSLVerifyClient require
|
|
# SSLVerifyDepth 10
|
|
|