Jeremy Stanley 760d1dfd51 Substitute site name for survey OpenID callback
Initial testing failed to turn up some hard-coding of the server
name in the Apache mod_auth_openid configuration options. Replace
these with ERB variable expansions for the site name as used
elsewhere in that file.

Change-Id: I80793e34962ac9b6659e4ed05a6a7d5029c79429
2018-06-03 13:34:32 +00:00

54 lines
1.7 KiB

# ************************************
# Managed by Puppet
# ************************************
<VirtualHost <%= @vhost_name %>:80>
ServerName <%= @srvname %>
ReWriteEngine On
ReWriteRule ^/(.*) https://<%= @srvname %>/$1 [last,redirect=permanent]
LogLevel warn
ErrorLog /var/log/apache2/<%= @name %>_error.log
CustomLog /var/log/apache2/<%= @name %>_access.log combined
ServerSignature Off
<VirtualHost <%= @vhost_name %>:<%= @port %>>
ServerName <%= @srvname %>
DocumentRoot <%= @docroot %>
<Directory <%= @docroot %>>
Options <%= @options %>
AllowOverride None
Order allow,deny
allow from all
Require all granted
<% if @auth_openid != nil %>
<Location /index.php/admin/>
AuthType OpenID
AuthName "Welcome"
AuthOpenIDSecureCookie On
AuthOpenIDCookieLifespan 3600
AuthOpenIDTrustRoot https://<%= @srvname %>
AuthOpenIDServerName https://<%= @srvname %>
AuthOpenIDTrusted ^*$
Require valid-user
<% end %>
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("openstack_project::survey::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("openstack_project::survey::ssl_key_file") %>
<% if scope.lookupvar("openstack_project::survey::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("openstack_project::survey::ssl_chain_file") %>
<% end %>
ErrorLog /var/log/apache2/<%= @name %>_error.log
LogLevel warn
CustomLog /var/log/apache2/<%= @name %>_access.log combined
ServerSignature Off