Skip to content

Commit

Permalink
Merge pull request #694 from Conzar/master
Browse files Browse the repository at this point in the history
Added WSGIPassAuthorization option to vhost.
  • Loading branch information
Ashley Penney committed May 15, 2014
2 parents 74dff45 + 16e8c50 commit b2decac
Show file tree
Hide file tree
Showing 6 changed files with 33 additions and 1 deletion.
8 changes: 7 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -768,6 +768,10 @@ Specifies the verbosity of the error log. Defaults to 'warn' for the global serv

Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with [`proxy_dest`](#proxy_dest).

#####`proxy_preserve_host`

Sets the [ProxyPreserveHost Directive](http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypreservehost). true Enables the Host: line from an incoming request to be proxied to the host instead of hostname . false sets this option to off (default).

#####`options`

Sets the [Options](http://httpd.apache.org/docs/current/mod/core.html#options) for the specified virtual host. Defaults to '['Indexes','FollowSymLinks','MultiViews']', as demonstrated below:
Expand Down Expand Up @@ -1040,7 +1044,7 @@ Sets up a virtual host with a wildcard alias subdomain mapped to a directory wit
}
```

#####`wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, & `wsgi_script_aliases`
#####`wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, `wsgi_script_aliases`, & `wsgi_pass_authorization`

Set up a virtual host with [WSGI](https://code.google.com/p/modwsgi/).

Expand All @@ -1052,6 +1056,8 @@ Set up a virtual host with [WSGI](https://code.google.com/p/modwsgi/).

`wsgi_script_aliases` requires a hash of web paths to filesystem .wsgi paths. Defaults to 'undef'.

`wsgi_pass_authorization` the WSGI application handles authorisation instead of Apache when set to 'On'. For more information see [here] (http://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIPassAuthorization.html). Defaults to 'undef' where apache will set the defaults setting to 'Off'.

To set up a virtual host with WSGI

```puppet
Expand Down
3 changes: 3 additions & 0 deletions manifests/vhost.pp
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@
$php_admin_flags = [],
$php_admin_values = [],
$no_proxy_uris = [],
$proxy_preserve_host = false,
$redirect_source = '/',
$redirect_dest = undef,
$redirect_status = undef,
Expand All @@ -158,6 +159,7 @@
$wsgi_import_script_options = undef,
$wsgi_process_group = undef,
$wsgi_script_aliases = undef,
$wsgi_pass_authorization = undef,
$custom_fragment = undef,
$itk = undef,
$action = undef,
Expand Down Expand Up @@ -478,6 +480,7 @@
# proxy fragment:
# - $proxy_dest
# - $no_proxy_uris
# - $proxy_preserve_host (true to set ProxyPreserveHost to on and false to off
# rack fragment:
# - $rack_base_uris
# redirect fragment:
Expand Down
5 changes: 5 additions & 0 deletions spec/acceptance/vhost_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ class { 'apache': }
proxy_pass => [
{ 'path' => '/foo', 'url' => 'http://backend-foo/'},
],
proxy_preserve_host => true,
}
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -111,6 +112,7 @@ class { 'apache': }
it { should contain '<VirtualHost \*:80>' }
it { should contain "ServerName proxy.example.com" }
it { should contain "ProxyPass" }
it { should contain "ProxyPreserveHost On" }
it { should_not contain "<Proxy \*>" }
end
end
Expand Down Expand Up @@ -940,6 +942,7 @@ class { 'apache::mod::wsgi': }
wsgi_daemon_process_options => {processes => '2'},
wsgi_process_group => 'nobody',
wsgi_script_aliases => { '/test' => '/test1' },
wsgi_pass_authorization => 'On',
}
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -959,6 +962,7 @@ class { 'apache::mod::wsgi': }
wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' },
wsgi_process_group => 'nobody',
wsgi_script_aliases => { '/test' => '/test1' },
wsgi_pass_authorization => 'On',
}
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -971,6 +975,7 @@ class { 'apache::mod::wsgi': }
it { should contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' }
it { should contain 'WSGIProcessGroup nobody' }
it { should contain 'WSGIScriptAlias /test "/test1"' }
it { should contain 'WSGIPassAuthorization On' }
end
end

Expand Down
12 changes: 12 additions & 0 deletions spec/defines/vhost_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -607,6 +607,18 @@
:value => '%{GLOBAL}',
:match => [/^ WSGIApplicationGroup %{GLOBAL}$/],
},
{
:title => 'should set wsgi pass authorization',
:attr => 'wsgi_pass_authorization',
:value => 'On',
:match => [/^ WSGIPassAuthorization On$/],
},
{
:title => 'should set wsgi pass authorization false',
:attr => 'wsgi_pass_authorization',
:value => 'Off',
:match => [/^ WSGIPassAuthorization Off$/],
},
{
:title => 'should contain environment variables',
:attr => 'access_log_env_var',
Expand Down
3 changes: 3 additions & 0 deletions templates/vhost/_proxy.erb
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
## Proxy rules
ProxyRequests Off
<%- end -%>
<% if @proxy_preserve_host %>
ProxyPreserveHost On
<% end %>
<% [@proxy_pass].flatten.compact.each do |proxy| %>
ProxyPass <%= proxy['path'] %> <%= proxy['url'] %>
<Location <%= proxy['path']%>>
Expand Down
3 changes: 3 additions & 0 deletions templates/vhost/_wsgi.erb
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,6 @@
<%- end -%>
<%- end -%>
<% end -%>
<% if @wsgi_pass_authorization -%>
WSGIPassAuthorization <%= @wsgi_pass_authorization %>
<% end -%>

0 comments on commit b2decac

Please sign in to comment.