This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_http [2022/09/26 06:19] val [NGINX] |
сервис_http [2023/01/22 07:02] val [Прокси "красивого" URL в приложение (пример 3)] |
||
---|---|---|---|
Line 539: | Line 539: | ||
===== Поддержка протокола HTTPS ===== | ===== Поддержка протокола HTTPS ===== | ||
+ | * [[https://stackoverflow.com/questions/31370454/sslcertificatechainfile-is-obsolete|SSLCertificateChainFile is now obsolete, and any intermediate certificates are supposed to be included in the server certificate file]] | ||
==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
Line 813: | Line 814: | ||
[[http://grolmsnet.de/kerbtut/firefox.html]] | [[http://grolmsnet.de/kerbtut/firefox.html]] | ||
+ | |||
+ | ==== Управление доступом к HTTP серверу с использованием OAuth2 аутентификации ==== | ||
+ | |||
+ | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | ||
+ | * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | ||
+ | |||
+ | <code> | ||
+ | gate# apt install libapache2-mod-auth-openidc | ||
+ | </code><code> | ||
+ | gate# cat /etc/apache2/sites-available/000-default.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | OIDCSSLValidateServer Off | ||
+ | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | ||
+ | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | ||
+ | OIDCClientID e...............................................4 | ||
+ | OIDCClientSecret 7.................................................4 | ||
+ | OIDCCryptoPassphrase anystring | ||
+ | ... | ||
+ | </code><code> | ||
+ | # cat /etc/apache2/conf-available/serve-cgi-bin.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | #Require all granted | ||
+ | AuthType openid-connect | ||
+ | Require valid-user | ||
+ | ... | ||
+ | </code><code> | ||
+ | Проверка: http://gate.corp13.un/cgi-bin/test-cgi/ !!! Последний / обязательно !!! | ||
+ | </code> | ||
===== Протокол WebDAV ===== | ===== Протокол WebDAV ===== | ||
Line 909: | Line 940: | ||
webd.corpX.un has address 192.168.X.10 | webd.corpX.un has address 192.168.X.10 | ||
- | root@server# cat /var/opt/gitlab/nginx/conf/my.conf | + | root@server# cat /var/opt/gitlab/nginx/conf/corpX.conf |
</code><code> | </code><code> | ||
server { | server { | ||
Line 925: | Line 956: | ||
location / { | location / { | ||
proxy_pass http://server.corpX.un:81/mail/; | proxy_pass http://server.corpX.un:81/mail/; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name corpX.un www.corpX.un; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://server.corpX.un:81/; | ||
} | } | ||
} | } | ||
Line 931: | Line 970: | ||
</code><code> | </code><code> | ||
... | ... | ||
- | include /var/opt/gitlab/nginx/conf/my.conf; | + | include /var/opt/gitlab/nginx/conf/corpX.conf; |
} | } | ||
</code><code> | </code><code> |