61 lines
1.9 KiB
Django/Jinja
61 lines
1.9 KiB
Django/Jinja
{% if odcs_force_ssl %}
|
|
# Force SSL
|
|
RewriteEngine On
|
|
RewriteCond %{HTTPS} off
|
|
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
|
|
{% endif %}
|
|
|
|
WSGIDaemonProcess odcs user=odcs group=odcs threads=5
|
|
WSGIScriptAlias /{{ odcs_endpoint }} /usr/share/odcs/odcs.wsgi
|
|
|
|
{% if env == 'staging' %}
|
|
OIDCOAuthClientID {{ odcs_stg_oidc_client_id }}
|
|
OIDCOAuthClientSecret {{ odcs_stg_oidc_client_secret }}
|
|
OIDCOAuthIntrospectionEndpoint https://id.stg.fedoraproject.org/openidc/TokenInfo
|
|
{% else %}
|
|
OIDCOAuthClientID {{ odcs_prod_oidc_client_id }}
|
|
OIDCOAuthClientSecret {{ odcs_prod_oidc_client_secret }}
|
|
OIDCOAuthIntrospectionEndpoint https://id.fedoraproject.org/openidc/TokenInfo
|
|
{% endif %}
|
|
|
|
OIDCOAuthIntrospectionEndpointAuth client_secret_post
|
|
OIDCOAuthIntrospectionEndpointParams token_type_hint=Bearer
|
|
|
|
<Directory /usr/share/odcs>
|
|
WSGIProcessGroup odcs
|
|
WSGIApplicationGroup %{GLOBAL}
|
|
|
|
<RequireAll>
|
|
{% if odcs_allowed_named_hosts or odcs_allowed_hosts %}
|
|
<RequireAny>
|
|
Require method GET POST DELETE
|
|
{% if odcs_allowed_named_hosts %}
|
|
{{ 'Require host ' ~ odcs_allowed_named_hosts|join(' ') }}
|
|
{% endif %}
|
|
{% if odcs_allowed_hosts %}
|
|
{{ 'Require ip ' ~ odcs_allowed_hosts|join(' ') }}
|
|
{% endif %}
|
|
</RequireAny>
|
|
{% endif %}
|
|
Require all granted
|
|
</RequireAll>
|
|
</Directory>
|
|
|
|
Alias "/composes" "{{ odcs_target_dir }}"
|
|
<Directory {{ odcs_target_dir }}>
|
|
{% if odcs_allowed_named_hosts or odcs_allowed_hosts %}
|
|
<RequireAny>
|
|
Require method GET
|
|
{% if odcs_allowed_named_hosts %}
|
|
{{ 'Require host ' ~ odcs_allowed_named_hosts|join(' ') }}
|
|
{% endif %}
|
|
{% if odcs_allowed_hosts -%}
|
|
{{ 'Require ip ' ~ odcs_allowed_hosts|join(' ') }}
|
|
{% endif %}
|
|
</RequireAny>
|
|
{% else %}
|
|
Require all granted
|
|
{% endif %}
|
|
|
|
Options +Indexes
|
|
</Directory>
|