From 3155f712d7a0d0d13871334e8bcb6d562a7a08eb Mon Sep 17 00:00:00 2001 From: Alex Dehnert Date: Sun, 5 May 2019 04:40:54 -0400 Subject: [PATCH] Config updates for xenial --- conf-available/gitweb.conf | 23 +++++-- conf-available/security.conf | 3 +- mods-available/authnz_fcgi.load | 1 + mods-available/authz_svn.load | 3 + mods-available/dav_svn.load | 7 ++- mods-available/php5.load | 1 - mods-available/{php5.conf => php7.0.conf} | 20 +++--- mods-available/php7.0.load | 2 + mods-available/proxy_html.conf | 75 +++++++++++++++++++++++ mods-enabled/php5.conf | 1 - mods-enabled/php5.load | 1 - mods-enabled/php7.0.conf | 1 + mods-enabled/php7.0.load | 1 + 13 files changed, 117 insertions(+), 22 deletions(-) create mode 100644 mods-available/authnz_fcgi.load delete mode 100644 mods-available/php5.load rename mods-available/{php5.conf => php7.0.conf} (68%) create mode 100644 mods-available/php7.0.load create mode 100644 mods-available/proxy_html.conf delete mode 120000 mods-enabled/php5.conf delete mode 120000 mods-enabled/php5.load create mode 120000 mods-enabled/php7.0.conf create mode 120000 mods-enabled/php7.0.load diff --git a/conf-available/gitweb.conf b/conf-available/gitweb.conf index 8055f9d..cb914bc 100644 --- a/conf-available/gitweb.conf +++ b/conf-available/gitweb.conf @@ -1,6 +1,19 @@ -Alias /gitweb /usr/share/gitweb + + + + Define ENABLE_GITWEB + + + Define ENABLE_GITWEB + + + - - Options FollowSymLinks ExecCGI - AddHandler cgi-script .cgi - + + Alias /gitweb /usr/share/gitweb + + + Options +FollowSymLinks +ExecCGI + AddHandler cgi-script .cgi + + diff --git a/conf-available/security.conf b/conf-available/security.conf index 599333b..f9f69d4 100644 --- a/conf-available/security.conf +++ b/conf-available/security.conf @@ -7,8 +7,7 @@ # # # AllowOverride None -# Order Deny,Allow -# Deny from all +# Require all denied # diff --git a/mods-available/authnz_fcgi.load b/mods-available/authnz_fcgi.load new file mode 100644 index 0000000..69d757c --- /dev/null +++ b/mods-available/authnz_fcgi.load @@ -0,0 +1 @@ +LoadModule authnz_fcgi_module /usr/lib/apache2/modules/mod_authnz_fcgi.so diff --git a/mods-available/authz_svn.load b/mods-available/authz_svn.load index 2e466fd..c6df273 100644 --- a/mods-available/authz_svn.load +++ b/mods-available/authz_svn.load @@ -1,2 +1,5 @@ # Depends: dav_svn + + Include mods-enabled/dav_svn.load + LoadModule authz_svn_module /usr/lib/apache2/modules/mod_authz_svn.so diff --git a/mods-available/dav_svn.load b/mods-available/dav_svn.load index 68e1e0c..e41e158 100644 --- a/mods-available/dav_svn.load +++ b/mods-available/dav_svn.load @@ -1,2 +1,7 @@ # Depends: dav -LoadModule dav_svn_module /usr/lib/apache2/modules/mod_dav_svn.so + + + Include mods-enabled/dav.load + + LoadModule dav_svn_module /usr/lib/apache2/modules/mod_dav_svn.so + diff --git a/mods-available/php5.load b/mods-available/php5.load deleted file mode 100644 index 653695f..0000000 --- a/mods-available/php5.load +++ /dev/null @@ -1 +0,0 @@ -LoadModule php5_module /usr/lib/apache2/modules/libphp5.so diff --git a/mods-available/php5.conf b/mods-available/php7.0.conf similarity index 68% rename from mods-available/php5.conf rename to mods-available/php7.0.conf index 6eced76..05161a2 100644 --- a/mods-available/php5.conf +++ b/mods-available/php7.0.conf @@ -1,4 +1,4 @@ - + SetHandler application/x-httpd-php @@ -6,13 +6,11 @@ # Deny access to raw php sources by default # To re-enable it's recommended to enable access to the files # only in specific virtual host or directory - Order Deny,Allow - Deny from all + Require all denied # Deny access to files without filename (e.g. '.php') - - Order Deny,Allow - Deny from all + + Require all denied # Running PHP scripts in user directories is disabled by default @@ -20,8 +18,8 @@ # To re-enable PHP in user directories comment the following lines # (from to .) Do NOT set it to On as it # prevents .htaccess files from disabling it. -# -# -# php_admin_flag engine Off -# -# + + + #php_admin_flag engine Off + + diff --git a/mods-available/php7.0.load b/mods-available/php7.0.load new file mode 100644 index 0000000..55c2a49 --- /dev/null +++ b/mods-available/php7.0.load @@ -0,0 +1,2 @@ +# Conflicts: php5 +LoadModule php7_module /usr/lib/apache2/modules/libphp7.0.so diff --git a/mods-available/proxy_html.conf b/mods-available/proxy_html.conf new file mode 100644 index 0000000..14692ad --- /dev/null +++ b/mods-available/proxy_html.conf @@ -0,0 +1,75 @@ +# Configuration example. +# +# For detailed information about these directives see +# +# and for mod_xml2enc see +# +# + +# All knowledge of HTML links has been removed from the mod_proxy_html +# code itself, and is instead read from httpd.conf (or included file) +# at server startup. So you MUST declare it. This will normally be +# at top level, but can also be used in a . +# +# Here's the declaration for W3C HTML 4.01 and XHTML 1.0 + +ProxyHTMLLinks a href +ProxyHTMLLinks area href +ProxyHTMLLinks link href +ProxyHTMLLinks img src longdesc usemap +ProxyHTMLLinks object classid codebase data usemap +ProxyHTMLLinks q cite +ProxyHTMLLinks blockquote cite +ProxyHTMLLinks ins cite +ProxyHTMLLinks del cite +ProxyHTMLLinks form action +ProxyHTMLLinks input src usemap +ProxyHTMLLinks head profile +ProxyHTMLLinks base href +ProxyHTMLLinks script src for + +# To support scripting events (with ProxyHTMLExtended On), +# you'll need to declare them too. + +ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \ + onmouseover onmousemove onmouseout onkeypress \ + onkeydown onkeyup onfocus onblur onload \ + onunload onsubmit onreset onselect onchange + +# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML, +# you'll need to uncomment the following deprecated link attributes. +# Note that these are enabled in earlier mod_proxy_html versions +# +# ProxyHTMLLinks frame src longdesc +# ProxyHTMLLinks iframe src longdesc +# ProxyHTMLLinks body background +# ProxyHTMLLinks applet codebase +# +# If you're dealing with proprietary HTML variants, +# declare your own URL attributes here as required. +# +# ProxyHTMLLinks myelement myattr otherattr +# +########### +# EXAMPLE # +########### +# +# To define the URL /my-gateway/ as a gateway to an appserver with address +# http://some.app.intranet/ on a private network, after loading the +# modules and including this configuration file: +# +# ProxyRequests Off <-- this is an important security setting +# ProxyPass /my-gateway/ http://some.app.intranet/ +# +# ProxyPassReverse / +# ProxyHTMLEnable On +# ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/ +# ProxyHTMLURLMap / /my-gateway/ +# +# +# Many (though not all) real-life setups are more complex. +# +# See the documentation at +# http://apache.webthing.com/mod_proxy_html/ +# and the tutorial at +# http://www.apachetutor.org/admin/reverseproxies diff --git a/mods-enabled/php5.conf b/mods-enabled/php5.conf deleted file mode 120000 index ce1dd2e..0000000 --- a/mods-enabled/php5.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.conf \ No newline at end of file diff --git a/mods-enabled/php5.load b/mods-enabled/php5.load deleted file mode 120000 index dae39ce..0000000 --- a/mods-enabled/php5.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.load \ No newline at end of file diff --git a/mods-enabled/php7.0.conf b/mods-enabled/php7.0.conf new file mode 120000 index 0000000..11c4a99 --- /dev/null +++ b/mods-enabled/php7.0.conf @@ -0,0 +1 @@ +../mods-available/php7.0.conf \ No newline at end of file diff --git a/mods-enabled/php7.0.load b/mods-enabled/php7.0.load new file mode 120000 index 0000000..58e0a2f --- /dev/null +++ b/mods-enabled/php7.0.load @@ -0,0 +1 @@ +../mods-available/php7.0.load \ No newline at end of file -- 2.34.1