summaryrefslogtreecommitdiff
path: root/manifests
AgeCommit message (Collapse)Author
2010-08-16fix various missing things for itk_plus modemh
2010-08-16only set source or content when we actually manage the filemh
2010-08-16fix wrong param namingmh
2010-08-16impelement itk plus modemh
itk plus mode is an additional mode to deploy itk based hostings which should be a bit more performant. The idea is that we have two apache-instances running: A) prefork based, listening on the external interface B) itk based, listening on the loopback interface A) will serve all static webpages, as well as possibly serve all static content of dynamic websites. All requests to dynamic content will be redirected to B). The idea is that A) doesn't load any modules to server dynamic content at all. B) will serve all the dynamic scripts of a vhost. This will mean that for vhosts (static ones) as well as static content (all none dynamic scripts) we can benefit from the fast prefork model, while we can use itk's security model for all the dynamic scripts. There are two new additional run_modes: - proxy-itk: this just passes all requests to apache instance B). This one is similar to plain itk based mode and should be used for vhosts that shouldn't (yet) changed to the mixed mode. - static-itk: this passes only requests to dynamic scripts to B) while all static content is served by A). Beware that the user with which A) is running should be member of the run group of B) and all static files need to readable by the group. This reduces the security model you have with plain itk, as the prefork apache user will be able to read php (config-) files of any vhost that runs in static-itk mode. If you want to keep the level of security for a certain vhost, you need to run the specific vhost in proxy-itk mode. Note 1: you cannot run vhosts in itk mode and others in proxy or static itk mode. There is a duplicate file resource definition that blocks that possibility. Note 2: This mode works currently only on CentOS based systems, as no work have been done so far to implement an init.d script that's able to run 2 apache instances.
2010-08-11use default logpath as redirects usually don't have a root pathmh
2010-08-11remove unnecessary fileserver variable (#2460) round IImh
2010-08-11only manage source or content if file should be presentmh
2010-08-11only include noip logging if we actually need itmh
2010-08-11introduce logmode featuremh
We are now able to select how apache should log accesses. These modes are: * default: as you would use it * semianonym: no ips are logged for CustomLog, ErrorLog still logs ips * anonym: no ips are logged for CustomLog, ErrorLog is sent to /dev/null * nologs: all logs are sent to /dev/null
2010-08-07remove unnecessary fileserver variable (#2460)mh
2010-07-20clean up some possible loopsmh
2010-07-20fix wrong statementmh
2010-07-05remove duplicate source entrymh
2010-06-12disable mod_security for galleriesmh
2010-06-12get the decision branch rightmh
2010-06-12introduce upload dir for gallery server side uploadsmh
2010-05-09redirects don't need mod_securitymh
2010-02-23include mod_security depending on the run_modemh
2010-01-30migrate missing partsmh
- migrate missing (newly introduced) vhosts - pass relevant_only stuff to subdefines
2010-01-30merged with lavamindmh
2010-01-26module silverstripeAndreas
2010-01-20missing variablesAndreas
2010-01-20missing variableAndreas
2010-01-10make it also possible that safe_mode_exec_bin can be absentmh
2010-01-10if we should remove everything if set to absentmh
2010-01-04add $mod_security_relevantonly flag, enabled by default, logs only on ↵Jerome Charaoui
suspicious requests, set to 'false' to log all requests (as before)
2010-01-04config file to managemh
2010-01-02actually the default is already utf8mh
2010-01-02we have already a default charset flag we managemh
2010-01-01not a managed dirAndreas
2010-01-01create g2data dirAndreas
2010-01-01redefinition errorAndreas
2010-01-01create gdata dirAndreas
2010-01-01gallery2 moduleAndreas
2009-12-26changed davdir->davdbdir, add to templateAndreas
2009-12-26DAV needs a writable dir for the db (with itk, with the correct user settings)Andreas
2009-12-23manage default 'charset' and 'security' configs on DebianJerome Charaoui
2009-12-23simplify config subclassesJerome Charaoui
2009-12-23fix passing of $content in config::includeJerome Charaoui
2009-12-23organize files in subdirectories per type : 'config' for main apache config; ↵Jerome Charaoui
'scripts' for extra shell scripts; 'service' for service default parameters. also, manage apache2.conf on Debian.
2009-12-23introduce config::global for global configs in conf.d and config::include ↵Jerome Charaoui
for vhost snippets in include.d
2009-12-23fix debian support for itk and use correct httpd username in managed webdirJerome Charaoui
2009-12-22remove default vhost from debian packageJerome Charaoui
2009-12-17add itk class for debianJerome Charaoui
2009-12-08manage debian apache module packagesJerome Charaoui
2009-12-08improve Debian supportJerome Charaoui
2009-11-21purge bin dir, only add php option if we actually added binariesmh
2009-11-21substitute with correct variable so we can use it more than oncemh
2009-11-21add missing parametermh
2009-11-21introduce php_default_charset to set charset header in phpmh