User Tools
сервис_http
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
сервис_http [2023/03/19 19:01] val [Прокси "красивого" URL в приложение (пример 3)] |
сервис_http [2023/11/01 17:22] val [Управление доступом к HTTP серверу с использованием OAuth2 аутентификации] |
||
|---|---|---|---|
| Line 539: | Line 539: | ||
| ===== Поддержка протокола HTTPS ===== | ===== Поддержка протокола HTTPS ===== | ||
| + | * [[Letsencrypt Certbot]] | ||
| * [[https://stackoverflow.com/questions/31370454/sslcertificatechainfile-is-obsolete|SSLCertificateChainFile is now obsolete, and any intermediate certificates are supposed to be included in the server certificate file]] | * [[https://stackoverflow.com/questions/31370454/sslcertificatechainfile-is-obsolete|SSLCertificateChainFile is now obsolete, and any intermediate certificates are supposed to be included in the server certificate file]] | ||
| ==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
| Line 819: | Line 820: | ||
| * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | ||
| * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | ||
| + | |||
| + | * [[https://www.janua.fr/using-apache2-mod_auth_openidc-module-with-keycloak-openid-connect/|Using apache2 mod_auth_openidc module with Keycloak (OpenID Connect)]] | ||
| <code> | <code> | ||
| Line 826: | Line 829: | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| + | # GitLab | ||
| OIDCSSLValidateServer Off | OIDCSSLValidateServer Off | ||
| OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | ||
| OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | ||
| - | OIDCClientID e...............................................4 | + | OIDCClientID e...............................................4 #Application ID |
| - | OIDCClientSecret 7.................................................4 | + | OIDCClientSecret 7.................................................4 #Secret |
| + | OIDCCryptoPassphrase anystring | ||
| + | |||
| + | # Keycloak | ||
| + | OIDCSSLValidateServer Off | ||
| + | OIDCProviderMetadataURL https://server.corp16.un:8443/realms/myrealm/.well-known/openid-configuration | ||
| + | OIDCRedirectURI http://gate.corp16.un/cgi-bin/test-cgi | ||
| + | OIDCClientID test-cgi | ||
| OIDCCryptoPassphrase anystring | OIDCCryptoPassphrase anystring | ||
| ... | ... | ||
| Line 841: | Line 852: | ||
| Require valid-user | Require valid-user | ||
| ... | ... | ||
| + | </code><code> | ||
| + | # a2enmod auth_openidc | ||
| </code><code> | </code><code> | ||
| Проверка: http://gate.corp13.un/cgi-bin/test-cgi/ !!! Последний / обязательно !!! | Проверка: http://gate.corp13.un/cgi-bin/test-cgi/ !!! Последний / обязательно !!! | ||
| Line 938: | Line 951: | ||
| # host autoconfig | # host autoconfig | ||
| # host corpX.un | # host corpX.un | ||
| + | |||
| ... has address 192.168.X.10 | ... has address 192.168.X.10 | ||
| Line 975: | Line 989: | ||
| # } | # } | ||
| </code><code> | </code><code> | ||
| - | root@server# cat /var/opt/gitlab/nginx/conf/nginx.conf | + | # cat /etc/gitlab/gitlab.rb |
| + | </code><code> | ||
| + | ... | ||
| + | nginx['custom_nginx_config'] = "include /var/opt/gitlab/nginx/conf/corpX.conf;" | ||
| + | ... | ||
| + | </code> | ||
| + | * [[Инструмент GitLab#Проверка конфигурации и перезапуск]] | ||
| + | <code> | ||
| + | root@server# less /var/opt/gitlab/nginx/conf/nginx.conf | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
сервис_http.txt · Last modified: 2024/05/24 09:20 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
