[Astlinux-commits] SF.net SVN: astlinux:[7868] branches/1.0

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 7868
          http://sourceforge.net/p/astlinux/code/7868
Author:   abelbeck
Date:     2016-09-29 17:07:42 +0000 (Thu, 29 Sep 2016)
Log Message:
-----------
lighttpd, web interface, force HTTPS for /admin/ Authentication, default to both HTTP and HTTPS serving the web interace

Modified Paths:
--------------
    branches/1.0/package/lighttpd/lighttpd.conf
    branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf

Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================

--- branches/1.0/package/lighttpd/lighttpd.conf	2016-09-29 13:45:11 UTC (rev 7867)
+++ branches/1.0/package/lighttpd/lighttpd.conf	2016-09-29 17:07:42 UTC (rev 7868)
@@ -7,7 +7,8 @@
                                 "mod_auth",
                                 "mod_alias",
                                 "mod_fastcgi",
-                                "mod_proxy" )
+                                "mod_proxy",
+                                "mod_redirect" )
 
 server.document-root        = "@HTTPDIR@"
 server.errorlog-use-syslog  = "enable"
@@ -124,7 +125,10 @@
 
 auth.backend               = "htpasswd"
 auth.backend.htpasswd.userfile = "/var/www/admin/.htpasswd"
-auth.require               = ( "/admin/cli/" =>
+
+## Require HTTPS for /admin/ Authentication
+$HTTP["scheme"] == "https" {
+    auth.require           = ( "/admin/cli/" =>
                                (
                                  "method"  => "basic",
                                  "realm"   => "admin",
@@ -155,6 +159,13 @@
                                  "require" => "valid-user"
                                )
                              )
+}
+## Redirect HTTP to HTTPS for /admin/ Authentication
+$HTTP["scheme"] == "http" {
+    $HTTP["host"] =~ "^(.*)$" {
+        url.redirect = ( "^/(admin/.*)$" => "https://%1/$1" )
+    }
+}
 
 @CLI_PROXY_SERVER@$HTTP["scheme"] == "https" {
 @CLI_PROXY_SERVER@     proxy.server += ( "/admin/cli/" =>

Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2016-09-29 13:45:11 UTC (rev 7867)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2016-09-29 17:07:42 UTC (rev 7868)
@@ -371,10 +371,10 @@
 
 ## HTTP Server
 ## If you set HTTPDIR, serve files from that directory.
-HTTPDIR="/tftpboot"
+HTTPDIR="/stat/var/www"    # Define the location to serve HTTP from
 HTTP_LISTING="yes"
 HTTP_ACCESSLOG="no"        # Enable access logging in /var/log/lighttpd/access.log
-HTTPCGI="no"
+HTTPCGI="yes"
 
 ## HTTP and HTTPS /phoneprov/ directory server, useful for IP Phone provisioning
 ## If the directory "/mnt/kd/phoneprov/" exists, this will be served as /phoneprov/

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



