diff options
author | Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com> | 2021-03-01 14:00:50 +0100 |
---|---|---|
committer | Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com> | 2021-03-05 10:34:22 +0100 |
commit | 3a379f80dd6df7ea28210e46c2cea81a64b95534 (patch) | |
tree | 7d576ffb18dc2bc42ab865af8bdd1f57313e899d /resources | |
parent | b4c81d195c09cc2a7623316d417de7624f2b6bb2 (diff) |
move httpserver from pnf-simulator repo to nf-simulator/pm-https-server directly.
Change-Id: I80b7db9dbe02389cb2a81cdbfb201830349ca5b7
Issue-ID: INT-1869
Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
Diffstat (limited to 'resources')
-rw-r--r-- | resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz | bin | 0 -> 2046 bytes | |||
-rw-r--r-- | resources/apache2.conf | 228 | ||||
-rw-r--r-- | resources/cert/key.pem | 28 | ||||
-rw-r--r-- | resources/cert/keystore.pem | 26 | ||||
-rw-r--r-- | resources/cert/truststore.pem | 28 | ||||
-rwxr-xr-x | resources/lib/libjwt.so.1.7.0 | bin | 0 -> 133400 bytes | |||
-rw-r--r-- | resources/local/.htpasswd | 1 | ||||
-rw-r--r-- | resources/local/upload.php | 18 | ||||
-rw-r--r-- | resources/mods-enabled/auth_jwt.load | 1 | ||||
-rw-r--r-- | resources/modules/mod_authnz_jwt.so | bin | 0 -> 146696 bytes | |||
-rw-r--r-- | resources/ports.conf | 14 | ||||
-rw-r--r-- | resources/sites-enabled/000-default.conf | 132 |
12 files changed, 476 insertions, 0 deletions
diff --git a/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz b/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz Binary files differnew file mode 100644 index 0000000..3af5ea8 --- /dev/null +++ b/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz diff --git a/resources/apache2.conf b/resources/apache2.conf new file mode 100644 index 0000000..13c805f --- /dev/null +++ b/resources/apache2.conf @@ -0,0 +1,228 @@ +# This is the main Apache server configuration file. It contains the +# configuration directives that give the server its instructions. +# See http://httpd.apache.org/docs/2.4/ for detailed information about +# the directives and /usr/share/doc/apache2/README.Debian about Debian specific +# hints. +# +# +# Summary of how the Apache 2 configuration works in Debian: +# The Apache 2 web server configuration in Debian is quite different to +# upstream's suggested way to configure the web server. This is because Debian's +# default Apache2 installation attempts to make adding and removing modules, +# virtual hosts, and extra configuration directives as flexible as possible, in +# order to make automating the changes and administering the server as easy as +# possible. + +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf-enabled +# | `-- *.conf +# `-- sites-enabled +# `-- *.conf +# +# +# * apache2.conf is the main configuration file (this file). It puts the pieces +# together by including all remaining configuration files when starting up the +# web server. +# +# * ports.conf is always included from the main configuration file. It is +# supposed to determine listening ports for incoming connections which can be +# customized anytime. +# +# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ +# directories contain particular configuration snippets which manage modules, +# global configuration fragments, or virtual host configurations, +# respectively. +# +# They are activated by symlinking available configuration files from their +# respective *-available/ counterparts. These should be managed by using our +# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See +# their respective man pages for detailed information. +# +# * The binary is called apache2. Due to the use of environment variables, in +# the default configuration, apache2 needs to be started/stopped with +# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not +# work with the default configuration. + + +# Global configuration +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the Mutex documentation (available +# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +#Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a <VirtualHost> +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a <VirtualHost> +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. +<Directory /> + Options FollowSymLinks + AllowOverride None + Require all denied +</Directory> + +<Directory /usr/share> + AllowOverride None + Require all granted +</Directory> + +<Directory /var/www/> + Options Indexes FollowSymLinks + AllowOverride None + Require all granted +</Directory> + +#<Directory /srv/> +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +#</Directory> + + + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +#AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# +<FilesMatch "^\.ht"> + Require all denied +</FilesMatch> + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet +ServerName httpserver.onap.org diff --git a/resources/cert/key.pem b/resources/cert/key.pem new file mode 100644 index 0000000..b56438e --- /dev/null +++ b/resources/cert/key.pem @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqgpwzCGIg4buO +aAZ/MQlt2pVeIKYCgY+7HK4DH1DooF8q04lJptKlqOWBCN9OUUGzM8eOYhQgpkyE +chdgwtbLNhZ5IigEjy2Mn1T6jWuASpm/uurSDRkWZQWQB2Kyk3Fkz3iepYX1dOdI +L2vIEnZPovTgEAZPsx4XRXtulpu01oZjizRV538Kcppfo0o8yM42fFecKuh2UZjR +kcIG1Bo+JaMJ//m8FHBslYrzxbE60Fs8ey66AUo+dK3S+P8c+r0vso7ql8QtKcrW +HMfx2HNwq0T/nU1QiH+NhTmDMl9YgAY7SK1LBQFv7JxW0ipLrPDZPfFT479Z7ngw +GcgMsFKZAgMBAAECggEAVST/huRKzAysscH0bJM6GCcsq2I2Q84azd7Wbiy3JFLg +8uvLBIJPcfXTFQovKFafLjNPFSSY1Gz2jLTEQ8dHpxYNRtPtk8lDf5MYxjzUT63w +9LMMC3QK8QnlKzTk7jN+Tk7j9qTFLfsAeyVi9vdxKPdAvJqD7EyPXCOQLXr7qeMd +Z13q9gMPEb4fwJ1p/edZyxaL1yxiTukk1kgd6PZLaktBJ929YAGuGGRsPIpJffo4 +iOmUDlRqypLgyEVrDGvuS3omA5zSRnmhF8Nka4EsOCzY0aIV/Bgpnyfb3pfVECjf +GNLeq01Jpq7MCBxujx7anfh6lTvP0xDkeqb3+vEfmQKBgQDVetxjr8ZMGUWzY0q6 +wKGtVCmzQ96MiMIaIUW1rBI5/wMbmr8sLF1jZyt5+sSUlTTqktmSqQQg+dPifZz8 +qrVJNxPCfCdqIz1weYjML29BI7SOk1frl7KrJf1qLPmL4Vy9mpJju+B1LnafvJMe +5hEbGHFkBPyy8xDWZzCOsxHzcwKBgQDMeMNyw3bI3MPRg9KuV6R2nZNnvPjxmBSK +2W+jpj48TCl2z46cnCkGNwlP97+nGoJfabRoTC+jlshpnv/Fipt6xAioLwXfUxCL +GckY0ictMJdFHiHu2sisp9n0PW1JXdcdHwvOonb5ZVTcTdULRnbKH1VhGPiQCE0r +SvD+oogWwwKBgGO8JJ7GDiSbYf7vEoixWld6DIld2elaMyS2CrVXkKRbyX3qDAp9 +J5w7JQq154VrN++nb9Ke9/jX/u+/s8ovjsaH3slr65YgpKGZhhmux5FtNvutRtQg +aS6gbwZdwLBjN0q1nlLOAY19iZoTJcC3x6IbB06tLcoE2Qbx6rOgYXCVAoGAZqPQ +aNGZ1SaM3aVwore4BRsAnbiMtqoC1dhkZB/VaetJfSyfiBoTtdz2vb+94yI5g6/K +MfjciR/tpqd7+Suk9LFnLxW7uuk1ir385orHw7V6meWQXxhQV+tCS4pyS7vheerV +wHppgrPNL3Gamjha9QdZko44aATix/KsmwX3joUCgYEAo4w5L7yqGLMgTfkxDmOy +C9UFhKesrOZBPP6qDZz34jvaCiipWq6Gwd7wnoC2zrgtASGIIKcXAaNqzfvw7gEz +5wKSvw8lwmPJQvMntUJin1TqNgRo7xPOx1C1BnDF9UU4auv8nR89BbYhX+40fkuj +3DlFmSndvwhil6gy/1srmIs= +-----END RSA PRIVATE KEY----- diff --git a/resources/cert/keystore.pem b/resources/cert/keystore.pem new file mode 100644 index 0000000..2ab3eed --- /dev/null +++ b/resources/cert/keystore.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEcTCCAtmgAwIBAgIUe6XM/Mon47supO+rWFSbiFBeNiswDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRkODRmYTRhODhkNTA3ZGIxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjAxMjI4MTIzNjU3WhcNMjIxMjI4MTIyODEyWjCBgjEcMBoGA1UE +AwwTaHR0cHNlcnZlci1vbmFwLm9yZzENMAsGA1UECwwET05BUDEZMBcGA1UECgwQ +TGludXgtRm91bmRhdGlvbjEWMBQGA1UEBwwNU2FuLUZyYW5jaXNjbzETMBEGA1UE +CAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCqgpwzCGIg4buOaAZ/MQlt2pVeIKYCgY+7HK4DH1DooF8q04lJ +ptKlqOWBCN9OUUGzM8eOYhQgpkyEchdgwtbLNhZ5IigEjy2Mn1T6jWuASpm/uurS +DRkWZQWQB2Kyk3Fkz3iepYX1dOdIL2vIEnZPovTgEAZPsx4XRXtulpu01oZjizRV +538Kcppfo0o8yM42fFecKuh2UZjRkcIG1Bo+JaMJ//m8FHBslYrzxbE60Fs8ey66 +AUo+dK3S+P8c+r0vso7ql8QtKcrWHMfx2HNwq0T/nU1QiH+NhTmDMl9YgAY7SK1L +BQFv7JxW0ipLrPDZPfFT479Z7ngwGcgMsFKZAgMBAAGjfzB9MAwGA1UdEwEB/wQC +MAAwHwYDVR0jBBgwFoAUd1DNCRzI4WLLgdg4GnsxyxfCkrQwHQYDVR0lBBYwFAYI +KwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBSAtkT7PNLyP3voHno7YcJXYfO4 +ETAOBgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQELBQADggGBAIBgig4otdzAQedD +ke9vWQMbBRA1yaPytR4BGigAQiLFRvDzq2qZR+LL2/+fTb0njzk2Npw6cAGcA/gQ +/+P3eGpktJldC8y5YRj0aHeay8pUNn9pU62hjY25CQuTSY5wRKIkGYfOQkEclZ8+ +d8jlNgYRQU6aqRnJsO2uTn4pjgeFtGFaApmX9qaAc8pLXB7vJOuSCP0YrQsV7YOv +Ew921NwMiJU/PSMLgCir0j1MCGeEp2Vlu0qPkJMfHh2li+pFw7jfGKwCf1RAtjGu +fqJjrdFx/AGXh0e858dW8y4wcS3Q4ED6zk9VMlKRLm8cwjcY6aVUlh7Tj+xpu+x8 +rExBbG27xzs5VK2Kcdniuy4dvyQZ9tlah/GLbnFkPqqIy6BhSFNbzqlq+fmTb1O+ +f/rNHJPfKmlvJFSCHkBcOO3rl66bwrzrg5qgWt1O4aF5bO7T9OmihJLMQp1TGZSA +wBWySAcZhtpzLrxyaChOHO7vdM3mHDZSfsKkNpBB6j7uSx+EAw== +-----END CERTIFICATE----- diff --git a/resources/cert/truststore.pem b/resources/cert/truststore.pem new file mode 100644 index 0000000..e2509e9 --- /dev/null +++ b/resources/cert/truststore.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEszCCAxugAwIBAgIUQi4FHo9reCoqZM8C9hgp/ld8RMowDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRkODRmYTRhODhkNTA3ZGIxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjAxMjI4MTIzNjU3WhcNMzAxMjI4MTIzNjU3WjBhMSMwIQYKCZIm +iZPyLGQBAQwTYy0wNGQ4NGZhNGE4OGQ1MDdkYjEVMBMGA1UEAwwMTWFuYWdlbWVu +dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBAKlGZ0r/WxJCAOzi39sFJsAcQwsdPxtR +WkSHI1gHKnHRsHdOJ/b8E/jGy16qWD18twvTt2DUGE4gFrG25HacqwOsklfSHaZl +fTJQrPCRLLVGZfLVusDJeaeT2LyEFDCkgyONErfxKRlo42aSQgcv4erhkUYeCKHq +qHP3a3s5xShBRZSCVGHtsJro4AkeJYHGHBTjhzigY49oMMMf9ZPjOCnfimeebcMM +SbBmvceGyi2QjzavhoqhLOY2MLBciyYGf6LyR0hRRQJhrsiSyVYVDUTVl/BjiRSc +HPfdciY37Db7gVSNIoc01jAHuf3gEZnLgSbmA+BOpuXLaI1qrDWVl6JmGWri19ru +JdrJ8xXUQUe5PXlJceQZEMPbIp3yMdwrLrY697iGMh1SKhwXLUBkbvXYFHQiiC+3 +5JHndEw/ISBMcF0fd/ykxma+IckKiQfm77Qfn+KCuHwqesbh99wMlDS9NL3SH9m9 +VBjYE7heB+jsh1NAZthomSUH+/VqgPik9QIDAQABo2MwYTAPBgNVHRMBAf8EBTAD +AQH/MB8GA1UdIwQYMBaAFHdQzQkcyOFiy4HYOBp7McsXwpK0MB0GA1UdDgQWBBR3 +UM0JHMjhYsuB2DgaezHLF8KStDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL +BQADggGBADmXPjO/7I2SipGNhGU0Ask68eEL+Dz3V58JsKg+0bvtkeCUK64AAqyV +hus1GqU1IcGwuM+k8rEM0BYLnImeU5mZeLXg9Tbq6Li+9a5UlFNJOJB4F7VaKkx/ +EgafkKb9ptpkcsz2cHLP1ZaKtlywYYUWtDe+fGl9pw1CWkzrcDeKdvxFk+GgC67v +ZnIlYR3vkWxGMqkp2faCyCbaJxkOKzbBYvq9afXZuwd+6wzLXS2i+uNEUoNPVfXv +H0b2P4xKHtEROTk5nprSeJC3tRTBbPmVKqTx+O8lTtaL6Tew2x9/weUIHGTfVZZl +TOE5G0qiO7WHXcO17YkjEaKXOV/p9r2czIhzp2HXgCeP4SYhYaVrd3kn5gEelc8J +8vuVz0t5VD7R+xV1dwYE8w8CMDXov3rRbqpXGldcvjTXncOmbj3Zfy17xHYRxf+v +AdVVVBlx6O2mAx9YQNZCyMAUMUU6C4UzD4Jo4I6/EPCGaD3OqTANJgWYiBf/r+SP +UD0yuqV3pQ== +-----END CERTIFICATE----- diff --git a/resources/lib/libjwt.so.1.7.0 b/resources/lib/libjwt.so.1.7.0 Binary files differnew file mode 100755 index 0000000..b22c527 --- /dev/null +++ b/resources/lib/libjwt.so.1.7.0 diff --git a/resources/local/.htpasswd b/resources/local/.htpasswd new file mode 100644 index 0000000..e991d18 --- /dev/null +++ b/resources/local/.htpasswd @@ -0,0 +1 @@ +demo:$apr1$UhwaUkTW$lTHMzOU2TyNn6qM8P/zS3. diff --git a/resources/local/upload.php b/resources/local/upload.php new file mode 100644 index 0000000..31dbaa3 --- /dev/null +++ b/resources/local/upload.php @@ -0,0 +1,18 @@ +<?PHP + if(!empty($_FILES['uploaded_file'])) + { + $dirpath = ""; + $path = $dirpath . basename( $_FILES['uploaded_file']['name']); + $filename = $_FILES['uploaded_file']['name']; + $filepath = '/usr/local/apache2/htdocs/'.$path; + + if (file_exists($filepath)) { + echo "The file $filename exists" .PHP_EOL; + } else if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $path)) { + echo "The file ". basename( $_FILES['uploaded_file']['name']). + " has been uploaded" .PHP_EOL; + } else{ + echo "There was an error uploading the file, please try again!" .PHP_EOL; + } + } +?> diff --git a/resources/mods-enabled/auth_jwt.load b/resources/mods-enabled/auth_jwt.load new file mode 100644 index 0000000..72eb3af --- /dev/null +++ b/resources/mods-enabled/auth_jwt.load @@ -0,0 +1 @@ +LoadModule auth_jwt_module /usr/local/apache2/modules/mod_authnz_jwt.so diff --git a/resources/modules/mod_authnz_jwt.so b/resources/modules/mod_authnz_jwt.so Binary files differnew file mode 100644 index 0000000..2e2e834 --- /dev/null +++ b/resources/modules/mod_authnz_jwt.so diff --git a/resources/ports.conf b/resources/ports.conf new file mode 100644 index 0000000..b7a16cd --- /dev/null +++ b/resources/ports.conf @@ -0,0 +1,14 @@ +Listen 80 http +Listen 32000 http + +<IfModule ssl_module> + Listen 443 https + Listen 8080 https + Listen 32100 https +</IfModule> + +<IfModule mod_gnutls.c> + Listen 443 https + Listen 8080 https + Listen 32100 https +</IfModule> diff --git a/resources/sites-enabled/000-default.conf b/resources/sites-enabled/000-default.conf new file mode 100644 index 0000000..58e95ce --- /dev/null +++ b/resources/sites-enabled/000-default.conf @@ -0,0 +1,132 @@ +<VirtualHost *:80> + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + <Directory /usr/local/apache2/htdocs> + Options Indexes FollowSymLinks MultiViews + AllowOverride None + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> +<VirtualHost *:32000> + + ServerAdmin httpserver-onap.org + DocumentRoot "/usr/local/apache2/htdocs" + + AuthJWTSignatureAlgorithm HS256 + AuthJWTSignatureSharedSecret Q0hBTkdFTUU= + AuthJWTIss onap + <Directory "/usr/local/apache2/htdocs"> + AllowOverride None + Options Indexes FollowSymLinks MultiViews + AuthType jwt + AuthName "Restricted Content" + Require valid-user + RewriteEngine On + RewriteCond %{HTTP:Authorization} ^(.*) + RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> + +<IfModule mod_ssl.c> +<VirtualHost *:443> + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + <Directory /usr/local/apache2/htdocs> + SSLVerifyClient optional + SSLVerifyDepth 2 + SSLOptions +FakeBasicAuth +StrictRequire + <RequireAll> + Require ssl-verify-client + </RequireAll> + Options Indexes FollowSymLinks MultiViews + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user + </Directory> + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> + +<VirtualHost *:8080> + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + <Directory "/usr/local/apache2/htdocs"> + Require all granted + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem +</VirtualHost> + +<VirtualHost *:32100> + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + AuthJWTSignatureAlgorithm HS256 + AuthJWTSignatureSharedSecret Q0hBTkdFTUU= + AuthJWTIss onap + <Directory "/usr/local/apache2/htdocs"> + AllowOverride None + Options Indexes FollowSymLinks MultiViews + AuthType jwt + AuthName "Restricted Content" + Require valid-user + RewriteEngine On + RewriteCond %{HTTP:Authorization} ^(.*) + RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem +</VirtualHost> +</IfModule> |