This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_http [2022/10/06 09:01] val [Управление доступом к HTTP серверу с использованием OAuth2 аутентификации] |
сервис_http [2023/01/22 20:35] val [Прокси "красивого" URL в приложение (пример 3)] |
||
---|---|---|---|
Line 539: | Line 539: | ||
===== Поддержка протокола HTTPS ===== | ===== Поддержка протокола HTTPS ===== | ||
+ | * [[https://stackoverflow.com/questions/31370454/sslcertificatechainfile-is-obsolete|SSLCertificateChainFile is now obsolete, and any intermediate certificates are supposed to be included in the server certificate file]] | ||
==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
Line 817: | Line 818: | ||
* [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | ||
+ | * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | ||
<code> | <code> | ||
gate# apt install libapache2-mod-auth-openidc | gate# apt install libapache2-mod-auth-openidc | ||
+ | </code><code> | ||
gate# cat /etc/apache2/sites-available/000-default.conf | gate# cat /etc/apache2/sites-available/000-default.conf | ||
+ | </code><code> | ||
... | ... | ||
OIDCSSLValidateServer Off | OIDCSSLValidateServer Off | ||
Line 830: | Line 833: | ||
OIDCCryptoPassphrase anystring | OIDCCryptoPassphrase anystring | ||
... | ... | ||
+ | </code><code> | ||
+ | # cat /etc/apache2/conf-available/serve-cgi-bin.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | #Require all granted | ||
+ | AuthType openid-connect | ||
+ | Require valid-user | ||
+ | ... | ||
+ | </code><code> | ||
+ | Проверка: http://gate.corp13.un/cgi-bin/test-cgi/ !!! Последний / обязательно !!! | ||
</code> | </code> | ||
Line 921: | Line 934: | ||
<code> | <code> | ||
# host mail | # host mail | ||
- | mail.corpX.un is an alias for server.corpX.un. | ||
- | server.corpX.un has address 192.168.X.10 | ||
- | |||
# host webd | # host webd | ||
- | webd.corpX.un has address 192.168.X.10 | + | # host www |
+ | # host corpX.un | ||
+ | ... has address 192.168.X.10 | ||
- | root@server# cat /var/opt/gitlab/nginx/conf/my.conf | + | root@server# cat /var/opt/gitlab/nginx/conf/corpX.conf |
</code><code> | </code><code> | ||
server { | server { | ||
Line 943: | Line 955: | ||
location / { | location / { | ||
proxy_pass http://server.corpX.un:81/mail/; | proxy_pass http://server.corpX.un:81/mail/; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name corpX.un www.corpX.un; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://server.corpX.un:81/; | ||
} | } | ||
} | } | ||
Line 949: | Line 969: | ||
</code><code> | </code><code> | ||
... | ... | ||
- | include /var/opt/gitlab/nginx/conf/my.conf; | + | include /var/opt/gitlab/nginx/conf/corpX.conf; |
} | } | ||
</code><code> | </code><code> |