Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-02-25 | cleanup rendering | mh | |
2011-02-25 | fix template syntax | mh | |
2011-02-25 | fixing template foo | mh | |
2011-02-24 | use a better subsitution | mh | |
2011-02-24 | try a more unique placeholder, because the old one failed with binaries ↵ | mh | |
which contained _ in the name | |||
2011-02-24 | allow setting of a specific bin_dir | mh | |
2011-02-23 | add a directory for global exec bins | mh | |
2011-02-22 | fixing mode stuff | mh | |
2011-02-22 | try to fix a variable problem | mh | |
2011-02-22 | fix template paths | mh | |
2011-02-22 | fix typo | mh | |
2011-02-22 | add missing param | mh | |
2011-02-22 | add missing param | mh | |
2011-02-22 | add STS header in default ssl config | mh | |
2011-02-22 | first way to a unified partial based vhost template | mh | |
2011-01-30 | adding htpasswd for proxy | mh | |
2010-12-12 | update to latest secure ssl directives | mh | |
2010-12-12 | enable HTS everywhere | mh | |
2010-12-06 | add STS header for enforced SSL sites | mh | |
* http://en.wikipedia.org/wiki/Strict_Transport_Security This will tell browsers to interact with that site only per HTTPS. | |||
2010-11-04 | allow setting of additional options for proxy vhosts | mh | |
2010-11-01 | add htpasswd option | mh | |
2010-11-01 | introduce mod security for proxy | mh | |
2010-11-01 | correct name | mh | |
2010-11-01 | add possibility to proxy vhosts | mh | |
2010-10-25 | unify naming | mh | |
2010-10-25 | improve redirect, so we don't stick on the servername | mh | |
2010-10-09 | fix typo | mh | |
2010-10-09 | only manage file parts if the file should actually be present | mh | |
2010-10-09 | pass run mode | mh | |
2010-10-06 | remove cgi-bin dir if we are removing the vhost | mh | |
2010-09-03 | this selector doesn't work that way | mh | |
2010-09-03 | fix php dir modes for new itk modes | mh | |
2010-08-18 | add missing directive for ssl proxy vhosts | mh | |
2010-08-17 | all itk modes need the userdir set to 755 | mh | |
2010-08-17 | correct statement | mh | |
2010-08-17 | set correct domain, if domain is absent, what it is most of the time | mh | |
2010-08-17 | fix cronjob domain | mh | |
2010-08-17 | remove includes in defines that are called a lot, it looks like compile time ↵ | mh | |
goes up with such includes | |||
2010-08-16 | use modules url | mh | |
2010-08-16 | correctly fix problem | mh | |
2010-08-16 | override instead of redefine | mh | |
2010-08-16 | correctly fix problem | mh | |
2010-08-16 | fix include bug | mh | |
2010-08-16 | improve vhosts stuff | mh | |
- move various inclusion to the file define, as this is the last define for all in the chain - only include if our vhost is not set to absent | |||
2010-08-16 | automatically include php for php vhosts | mh | |
2010-08-16 | fix various missing things for itk_plus mode | mh | |
2010-08-16 | only set source or content when we actually manage the file | mh | |
2010-08-16 | fix wrong param naming | mh | |
2010-08-16 | impelement itk plus mode | mh | |
itk plus mode is an additional mode to deploy itk based hostings which should be a bit more performant. The idea is that we have two apache-instances running: A) prefork based, listening on the external interface B) itk based, listening on the loopback interface A) will serve all static webpages, as well as possibly serve all static content of dynamic websites. All requests to dynamic content will be redirected to B). The idea is that A) doesn't load any modules to server dynamic content at all. B) will serve all the dynamic scripts of a vhost. This will mean that for vhosts (static ones) as well as static content (all none dynamic scripts) we can benefit from the fast prefork model, while we can use itk's security model for all the dynamic scripts. There are two new additional run_modes: - proxy-itk: this just passes all requests to apache instance B). This one is similar to plain itk based mode and should be used for vhosts that shouldn't (yet) changed to the mixed mode. - static-itk: this passes only requests to dynamic scripts to B) while all static content is served by A). Beware that the user with which A) is running should be member of the run group of B) and all static files need to readable by the group. This reduces the security model you have with plain itk, as the prefork apache user will be able to read php (config-) files of any vhost that runs in static-itk mode. If you want to keep the level of security for a certain vhost, you need to run the specific vhost in proxy-itk mode. Note 1: you cannot run vhosts in itk mode and others in proxy or static itk mode. There is a duplicate file resource definition that blocks that possibility. Note 2: This mode works currently only on CentOS based systems, as no work have been done so far to implement an init.d script that's able to run 2 apache instances. | |||
2010-08-11 | use default logpath as redirects usually don't have a root path | mh | |