Matthijs Kooijman [Thu, 7 Nov 2013 11:42:07 +0000 (12:42 +0100)]
lighttpd: Update SSL configs
In particular, this changes some paths and removes the SSL config for
mail.stdout.nl which is no longer used.
Matthijs Kooijman [Tue, 20 Mar 2012 14:43:29 +0000 (15:43 +0100)]
lighttpd/stderr.nl: Enable dirlistings for apt.stderr.nl.
Matthijs Kooijman [Mon, 20 Feb 2012 14:01:57 +0000 (15:01 +0100)]
lighttpd/stdout.nl: Add authentication for /beef.
Beef is a browser exploit framework, useful for testing XSS
vulnerabilities.
Matthijs Kooijman [Mon, 20 Feb 2012 13:58:33 +0000 (14:58 +0100)]
lighttpd/stdin.nl: Explicitly specify a ca-file for https
Without this, the intermediate certificate would not be sent. This only
affected clients that support SNI, since the fallback SSL configuration
(used for non-SNI browsers) did have an explicit ca-file configuration.
Matthijs Kooijman [Mon, 20 Feb 2012 13:58:00 +0000 (14:58 +0100)]
lighttpd/evolution-events.nl: Redirect /forum for extinction and ssmx.
Matthijs Kooijman [Mon, 20 Feb 2012 13:57:16 +0000 (14:57 +0100)]
lighttpd/mkit.nl: Redirect mkit.nl to www.mkit.nl.
Matthijs Kooijman [Sun, 13 Feb 2011 16:36:38 +0000 (17:36 +0100)]
lighttpd/evolution-events.nl: Redirect old /forum urls.
These now redirect to the central forum on www.evolution-events.nl.
Matthijs Kooijman [Sun, 13 Feb 2011 16:29:37 +0000 (17:29 +0100)]
lighttpd: Move the EE orga forum back to orga.evolution-events.nl
Matthijs Kooijman [Sun, 13 Feb 2011 11:27:49 +0000 (12:27 +0100)]
fastcgi: Enable php and trac for chimara-if.org.
Matthijs Kooijman [Sun, 13 Feb 2011 11:27:12 +0000 (12:27 +0100)]
lighttpd: Add configuration for chimara-if.org.
This has a trac instance and php enabled.
Matthijs Kooijman [Sun, 13 Feb 2011 11:26:28 +0000 (12:26 +0100)]
addsite: Make per-subdomain logs readable.
Matthijs Kooijman [Sun, 13 Feb 2011 11:24:32 +0000 (12:24 +0100)]
phpmyadmin: Show 200 rows per page by default.
The default limit of 30 is a bit low, usually you want a bit more
overview.
Matthijs Kooijman [Sun, 13 Feb 2011 11:23:10 +0000 (12:23 +0100)]
phpmyadmin: Add initial configuration.
Seems like this is not completely the default configuration, it already
points to the mysql vserver.
Matthijs Kooijman [Sun, 30 Jan 2011 21:34:26 +0000 (22:34 +0100)]
squirrelmail: Use sendmail to send messages.
The default is to use SMTP to localhost, but that doesn't work on this
setup.
Matthijs Kooijman [Tue, 7 Dec 2010 18:44:19 +0000 (19:44 +0100)]
lighttpd: Require HTTP auth for Brevidius git repositories.
This uses simple matching on the querystring to select
Brevidius-related repositories (which should be sufficient and perhaps
have a few false positives as well) and uses a htpasswd file for the
logins.
Matthijs Kooijman [Wed, 24 Nov 2010 08:10:25 +0000 (09:10 +0100)]
phpldapadmin: Remove the (unused) apache.conf file.
Matthijs Kooijman [Wed, 24 Nov 2010 08:08:52 +0000 (09:08 +0100)]
php5: Add the current directory to the include path.
It is in there by default, but our local override of the include_path
had removed it, breaking stuff.
Matthijs Kooijman [Wed, 24 Nov 2010 08:08:10 +0000 (09:08 +0100)]
fastcgi: Enable Dorestad1493 booking system Django app.
Matthijs Kooijman [Wed, 24 Nov 2010 08:06:48 +0000 (09:06 +0100)]
lightppd: Add dorestad1493 booking system.
Matthijs Kooijman [Wed, 24 Nov 2010 08:06:02 +0000 (09:06 +0100)]
gitweb: Update config after upgrade.
Matthijs Kooijman [Thu, 14 Oct 2010 10:57:32 +0000 (12:57 +0200)]
lighttpd: Enable dirlistings for orga.evolution-events.nl/private.
Matthijs Kooijman [Thu, 14 Oct 2010 10:44:07 +0000 (12:44 +0200)]
lighttpd: Add basic configuration for mkit.nl.
Matthijs Kooijman [Thu, 19 Aug 2010 20:56:50 +0000 (22:56 +0200)]
php: Don't use ( in comment in the custom config.
For some weird reason, using a ( in a comment in my local php.ini makes
PHP stop parsing the php.ini right there. Not sure why that is... It
seems that using parentheses is ok in the main config file. Perhaps it's
because the custom config isn't in the [PHP] section (but creating a
second [PHP] section doesn't help either...)
root [Tue, 3 Aug 2010 15:51:59 +0000 (17:51 +0200)]
Merge branch 'template' of ssh://matthijs@git.stderr.nl/matthijs/servers/drsnuggles into www
* 'template' of ssh://matthijs@git.stderr.nl/matthijs/servers/drsnuggles:
oidentd: Allow the vserver host to forward connections.
oidentd: Add default configuration.
Matthijs Kooijman [Mon, 26 Jul 2010 13:29:31 +0000 (15:29 +0200)]
oidentd: Allow the vserver host to forward connections.
Matthijs Kooijman [Mon, 26 Jul 2010 13:26:53 +0000 (15:26 +0200)]
oidentd: Add default configuration.
Matthijs Kooijman [Mon, 26 Jul 2010 14:00:49 +0000 (16:00 +0200)]
update-stats: Close logging.conf before reloading lighttpd.
Previously, lighttpd would sometimes read a half-finished logging.conf
and fail to start.
Matthijs Kooijman [Mon, 26 Jul 2010 13:59:37 +0000 (15:59 +0200)]
update-stats: Output logging.conf on lighttpd failure.
Matthijs Kooijman [Mon, 26 Jul 2010 12:04:27 +0000 (14:04 +0200)]
logrotate: Suppress output from update-stats.
Matthijs Kooijman [Fri, 23 Jul 2010 11:59:36 +0000 (13:59 +0200)]
lighttpd/stderr.nl: Enable dirlisting for /static/tmp.
Matthijs Kooijman [Fri, 23 Jul 2010 11:58:43 +0000 (13:58 +0200)]
lighttpd/stdout.nl: Enable dirlisting for /static/tmp.
Matthijs Kooijman [Fri, 23 Jul 2010 11:57:12 +0000 (13:57 +0200)]
lighttpd/stderr.nl: Don't let blosxom eat /stats/.
Matthijs Kooijman [Fri, 23 Jul 2010 11:56:50 +0000 (13:56 +0200)]
lighttpd: Make awstats available as /stats in all domains.
Matthijs Kooijman [Fri, 23 Jul 2010 11:56:08 +0000 (13:56 +0200)]
lighttpd/evolution-events.nl: Fix Xerxes configuration.
Matthijs Kooijman [Fri, 23 Jul 2010 11:54:31 +0000 (13:54 +0200)]
lighttpd/evolution-events.nl: Move authentication info out of conditional.
This allows the same authentication info to be used by multiple subdomains.
Matthijs Kooijman [Fri, 23 Jul 2010 11:50:52 +0000 (13:50 +0200)]
addsite: Give lighttpd more permissions on logs.
This includes permissions to read and write log files not created by
lighttpd.
Matthijs Kooijman [Fri, 23 Jul 2010 11:50:14 +0000 (13:50 +0200)]
php: Set some useful default options.
This disables stuff like magic quotes and other insecure stuff, sets the
loglevel, etc.
Matthijs Kooijman [Fri, 23 Jul 2010 11:48:22 +0000 (13:48 +0200)]
lighttpd: Have an access log per subdomain.
The configuration for this is autogenerated by updates-stats and
included in lighttpd.conf.
Matthijs Kooijman [Fri, 23 Jul 2010 11:44:45 +0000 (13:44 +0200)]
fastcgi: Enable Xerxes on evolution-events.nl.
Matthijs Kooijman [Fri, 23 Jul 2010 11:44:32 +0000 (13:44 +0200)]
fastcgi: Enable php for stdin.nl.
Matthijs Kooijman [Fri, 23 Jul 2010 11:41:02 +0000 (13:41 +0200)]
logrotate: Rotate per-vhost logs by lighttpd.
Also call update-stats to update awstats after rotating.
Matthijs Kooijman [Fri, 23 Jul 2010 11:37:58 +0000 (13:37 +0200)]
awstats: Add update-stats script and call it hourly.
This script handles generating lighttpd configuration snippets that
cause logging to be done per vhost (handling aliases created with
symlinks), it generates corresponding awstats configuration file and
calls awstats to parse all the logfiles.
Matthijs Kooijman [Thu, 24 Jun 2010 12:41:47 +0000 (14:41 +0200)]
lighttpd: Remove vhost configuration for stdio.
Matthijs Kooijman [Thu, 24 Jun 2010 12:37:55 +0000 (14:37 +0200)]
lighttpd: Serve diff files as plain text.
This allows browsers to view them directly, instead of opening an
external editor for it.
Matthijs Kooijman [Tue, 15 Jun 2010 07:36:47 +0000 (09:36 +0200)]
lighttpd: Move webmail from stdout.nl to stdin.nl.
Matthijs Kooijman [Mon, 3 May 2010 14:52:27 +0000 (16:52 +0200)]
lighttpd: Redirect git.stderr.nl/ tot /gitweb.
Matthijs Kooijman [Wed, 28 Apr 2010 11:31:28 +0000 (13:31 +0200)]
gitweb: Make the description field wider.
Matthijs Kooijman [Tue, 27 Apr 2010 11:01:07 +0000 (13:01 +0200)]
fastcgi: Also kill trac and wipi processes.
Matthijs Kooijman [Thu, 15 Apr 2010 10:44:32 +0000 (12:44 +0200)]
lighttpd: Point /phpldapadmin to the non-patched version again.
Matthijs Kooijman [Thu, 15 Apr 2010 10:29:12 +0000 (12:29 +0200)]
phpldapadmin: Show simplePersons in the modify member list.
Matthijs Kooijman [Thu, 15 Apr 2010 10:28:14 +0000 (12:28 +0200)]
phpldapadmin: Upgrade configuration to 1.2.0.5.
Matthijs Kooijman [Wed, 10 Mar 2010 19:59:06 +0000 (20:59 +0100)]
lighttpd: Tell blosxom where the log files live.
This allows blosxom to keep its own error log.
Matthijs Kooijman [Wed, 10 Mar 2010 19:57:56 +0000 (20:57 +0100)]
lighttpd: Move blog to / instead of /Blog.
Matthijs Kooijman [Thu, 25 Feb 2010 13:17:12 +0000 (14:17 +0100)]
lighttpd: Enable SSL for mail.stdout.nl.
Matthijs Kooijman [Thu, 25 Feb 2010 13:16:34 +0000 (14:16 +0100)]
apt: Add testing to sources.list.
We need lighttpd 1.4.24 for SNI support, which installs from testing
just fine.
Matthijs Kooijman [Tue, 23 Feb 2010 15:49:26 +0000 (16:49 +0100)]
lighttpd: Add redirect for url published in my Master's thesis.
Matthijs Kooijman [Mon, 22 Feb 2010 15:10:26 +0000 (16:10 +0100)]
hgweb: Switch to gitweb style.
Matthijs Kooijman [Mon, 22 Feb 2010 15:09:41 +0000 (16:09 +0100)]
hgweb: Hide /data/vcs/hg prefix from repository names.
Matthijs Kooijman [Mon, 22 Feb 2010 15:08:00 +0000 (16:08 +0100)]
lighttpd: Add configuration for hgweb.
For some unknown reason, this configuration has never made it into git
and somehow disappeared.
Matthijs Kooijman [Mon, 8 Feb 2010 10:33:35 +0000 (11:33 +0100)]
squirrelmail: Adapt config to our setup.
Matthijs Kooijman [Mon, 8 Feb 2010 10:33:14 +0000 (11:33 +0100)]
squirrelmail: Add default config.
Matthijs Kooijman [Mon, 8 Feb 2010 10:32:43 +0000 (11:32 +0100)]
lighttpd: Enable Squirrelmail and Hastymail webmail.
Matthijs Kooijman [Tue, 26 Jan 2010 10:24:08 +0000 (11:24 +0100)]
lighttpd: Change the default character encoding to utf-8.
root [Mon, 25 Jan 2010 19:34:37 +0000 (20:34 +0100)]
phpldapadmin: Update template dtd after upgrade.
These changes were made by the Debian package during upgrade.
Matthijs Kooijman [Tue, 5 Jan 2010 12:53:30 +0000 (13:53 +0100)]
lighttpd: Add redirects for deprecated EE domains.
Matthijs Kooijman [Mon, 4 Jan 2010 21:36:27 +0000 (22:36 +0100)]
lighttdp: Add redirect for renamed category.
Matthijs Kooijman [Mon, 4 Jan 2010 21:31:03 +0000 (22:31 +0100)]
lighttpd: Move blog static files to /static.
Matthijs Kooijman [Mon, 4 Jan 2010 21:30:50 +0000 (22:30 +0100)]
lighttpd: Move blog to /Blog and remove redirect to kat.
Matthijs Kooijman [Mon, 4 Jan 2010 19:39:24 +0000 (20:39 +0100)]
lighttpd: Add config for Hunternet.
Matthijs Kooijman [Tue, 24 Nov 2009 21:14:24 +0000 (22:14 +0100)]
lighttpd: Add config for hekjelarp.nl.
Matthijs Kooijman [Wed, 29 Jul 2009 08:55:18 +0000 (10:55 +0200)]
lighttpd: Fix rewrite rule for the evolution-events.nl wipi
This new rewrite rule also supports query parameters on /Site.
Matthijs Kooijman [Wed, 29 Jul 2009 08:54:41 +0000 (10:54 +0200)]
lighttpd: Add configuration for blues-brothers.eu.
Matthijs Kooijman [Wed, 29 Jul 2009 08:53:58 +0000 (10:53 +0200)]
fastcgi: Enable PHP for blues-brothers.eu.
Matthijs Kooijman [Wed, 29 Jul 2009 08:53:41 +0000 (10:53 +0200)]
fastcgi: ENable the wipi for evolution-events.nl.
Matthijs Kooijman [Wed, 29 Jul 2009 08:17:06 +0000 (10:17 +0200)]
addsite: Update to new LDAP schema.
Matthijs Kooijman [Wed, 29 Jul 2009 08:05:34 +0000 (10:05 +0200)]
addsite: Check we're not running as root.
Matthijs Kooijman [Wed, 24 Jun 2009 19:30:41 +0000 (21:30 +0200)]
Remove broken-scriptfilename for the wipi.
It does not seem to be necessary, everything still works without it.
Matthijs Kooijman [Wed, 24 Jun 2009 19:29:32 +0000 (21:29 +0200)]
lighttpd: Enable the wipi on exodus.ee.nl/Site.
Matthijs Kooijman [Wed, 24 Jun 2009 16:56:50 +0000 (18:56 +0200)]
lighttpd: Use += instead of = to increase robustness.
= might overwrite other settings, while += will preserve them.
Matthijs Kooijman [Sun, 24 May 2009 16:18:22 +0000 (18:18 +0200)]
lighttpd: Redirect all of www.stderr.nl to kat.
Previously, only the root was redirected using a php script, but now I
can also make permanent links using www.stderr.nl/something.
Matthijs Kooijman [Sun, 24 May 2009 16:18:03 +0000 (18:18 +0200)]
lighttpd: Enable dirlistings for blues.stderr.nl.
Matthijs Kooijman [Sat, 9 May 2009 15:46:58 +0000 (17:46 +0200)]
lighttpd: Only catch /trac/ urls with trac.
Previously, urls like /tracker would also trigger trac.
Matthijs Kooijman [Thu, 7 May 2009 15:59:03 +0000 (17:59 +0200)]
phpldapadmin: Set the custom_templates_only option.
This makes phpldapadmin ignore all its shipped templates and only offer
ones we create ourselves (distinguished by the "custom_" filename
prefix).
Matthijs Kooijman [Thu, 7 May 2009 09:46:58 +0000 (11:46 +0200)]
lighttpd: Move the php fastcgi server down in stderr.nl
This prevents php from triggering on trac urls.
root [Tue, 5 May 2009 16:20:22 +0000 (18:20 +0200)]
Merge commit 'origin/template' into www
* commit 'origin/template':
rsyslog: Use another format for forwarding messages.
ssh: Disable changing of the oom_adj value.
ssh: Add default initscript configuration.
Matthijs Kooijman [Tue, 5 May 2009 16:09:52 +0000 (18:09 +0200)]
rsyslog: Use another format for forwarding messages.
The syslog protocol 23 format seems to be broken in rsyslog for messages
that were originally generated by legacy applications (i.e., do not have
a structured-data field).
See http://bugzilla.adiscon.com/show_bug.cgi?id=125
Matthijs Kooijman [Tue, 5 May 2009 15:07:10 +0000 (17:07 +0200)]
ssh: Disable changing of the oom_adj value.
This value is meant for making sure ssh is never killed by the oom
killer, but that is not allowed inside vservers.
Matthijs Kooijman [Tue, 5 May 2009 15:06:45 +0000 (17:06 +0200)]
ssh: Add default initscript configuration.
root [Tue, 5 May 2009 14:26:48 +0000 (16:26 +0200)]
Merge commit 'origin/template' into www
* commit 'origin/template':
rsyslog: Make the main queue disk-assisted as well.
rsyslog: Enable queuing of log messages.
nss: Add some comments.
rsyslog: Send all logs to the log vserver.
rsyslog: Move all rsyslog log files into a subdir.
rsyslog: Update logrotate config to new rsyslog config.
rsyslog: Add default logrotate config.
rsyslog: Disable logging of kernel messages.
rsyslog: Enable loggin of mark lines.
rsyslog: Clean up rsyslog configuration.
rsyslog: Add default configuration.
pam: Add pam_permit to the auth section of chfn.
nss: Update to use our custom LDAP schema.
apt: Set the Default-Release to "stable".
pam: Let pam.d/cron include common-account.
pam: Let pam.d/su include common{account,session}.
pam: Make common-account also support unix users.
pam: Add .so to module names in pam.d/other.
Matthijs Kooijman [Tue, 5 May 2009 13:55:27 +0000 (15:55 +0200)]
rsyslog: Make the main queue disk-assisted as well.
Matthijs Kooijman [Tue, 5 May 2009 13:07:22 +0000 (15:07 +0200)]
rsyslog: Enable queuing of log messages.
This prevents messages from getting lost when the log vserver is
temporarily unavailable.
Matthijs Kooijman [Tue, 5 May 2009 09:17:28 +0000 (11:17 +0200)]
nss: Add some comments.
Matthijs Kooijman [Tue, 5 May 2009 08:52:30 +0000 (10:52 +0200)]
rsyslog: Send all logs to the log vserver.
This happens in addition to local logging.
Matthijs Kooijman [Tue, 5 May 2009 08:17:52 +0000 (10:17 +0200)]
rsyslog: Move all rsyslog log files into a subdir.
This allows us to use *.log in the logrotate configuration, without
conflicting with logfiles not created by rsyslog.
Matthijs Kooijman [Mon, 4 May 2009 20:41:06 +0000 (22:41 +0200)]
rsyslog: Update logrotate config to new rsyslog config.
Matthijs Kooijman [Mon, 4 May 2009 20:37:56 +0000 (22:37 +0200)]
rsyslog: Add default logrotate config.
Matthijs Kooijman [Mon, 4 May 2009 20:31:27 +0000 (22:31 +0200)]
rsyslog: Disable logging of kernel messages.
The vservers won't have access to the kernel messages anyway.
Matthijs Kooijman [Mon, 4 May 2009 20:26:54 +0000 (22:26 +0200)]
rsyslog: Enable loggin of mark lines.
Matthijs Kooijman [Mon, 4 May 2009 20:00:15 +0000 (22:00 +0200)]
rsyslog: Clean up rsyslog configuration.
This removes some commented out lines, and reorganizes the existing
logfiles to be more consistent.
Matthijs Kooijman [Mon, 4 May 2009 19:50:28 +0000 (21:50 +0200)]
rsyslog: Add default configuration.