...
| Bloc de code |
|---|
mkdir -p /usr/local/src cd /usr/local/src sudo wget http://apache.multidist.com/tomcat/tomcat-6/v6.0.3233/bin/apache-tomcat-6.0.3233.tar.gz sudo wget http://archive.apache.org/dist/ant/binaries/apache-ant-1.7.1-bin.tar.gz sudo wget https://sourcesup.cru.fr/frs/download.php/3562/esup-uPortal-3.2.4-esup-1.0.0-RC3.tar.gz echo '928a960268adf610a7d6fe5c4fcd0b20 *apache-tomcat-6.0.32.tar.gz' | md5sum -c - echo 'cc5777c57c4e8269be5f3d1dc515301c *apache-ant-1.7.1-bin.tar.gz' | md5sum -c - echo '17366476588f4bcaa3cc331232fc01b0 *esup-uPortal-3.2.4-esup-1.0.0-RC3.tar.gz' | md5sum -c - |
...
| Bloc de code |
|---|
<VirtualHost *:80 >
<Proxy balancer://entCluster>
BalancerMember ajp://localhost:8009 min=10 max=150 route=ent1 retry=1
Order deny,allow
</Proxy>
ProxyPass /balancer-manager !
ProxyPass / balancer://entCluster/ stickysession=JSESSIONID nofailover=Off
<Location /balancer-manager>
SetHandler balancer-manager
Order allow,deny
Allow from xxx.univ-xxx.fr
</Location>
ServerName entergo-unpidf.univ-paris1.fr
ServerAlias entergo-unpidf
ErrorLog /var/log/apache2/entergo-unpidf-error.log
CustomLog /var/log/apache2/entergo-unpidf-access.log combined
# restreindre l'acces a certaines choses, notamment les web services
<Location ~ "/(EsupMonitor|private|problems|services|monitor)">
Order allow,deny
Allow from univ-paris1.fr
</Location>
# Interdit en mode non SSL
<Location /jkstatus>
Order allow,deny
</Location>
</VirtualHost>
|
...
| Bloc de code |
|---|
sudo -u esup sh -c 'cd /usr/local/esup/esup-package ; ant _tomcat.init -Dtomcat.update=true -Dtomcat.reloadable=false'
|
(nb: il faut appeler la tache _tomcat.init car elle n'est pas effectuée quand on n'utilise pas le embbeded tomcat)
...
(nb : les commandes ci-dessous suppose que le mot de passe root mysql est stocké dans /root/file-with-root-password.my.cnf)
| Bloc de code |
|---|
root_password=`sudo sed -n 's/password="\(.*\)"/\1/p' /root/file-with-root-password`.my.cnf` dbvar() { sed -n 's![[:space:]]*!!g; s/esup.db.'$1'=//p' /usr/local/esup/esup-package/config.properties; } username=`dbvar username` password=`dbvar password` database=`dbvar url | sed 's!jdbc:mysql://localhost/!!'` echo "grant all on $database.* to $username identified by '$password';" | mysql -uroot -p"$root_password" mysqladmin -u"$username" -p"$password" create "$database" |
...
| Bloc de code |
|---|
<VirtualHost *:443 >
<Proxy balancer://entCluster>
BalancerMember ajp://localhost:8009 min=10 max=150 route=ent1 retry=1
Order deny,allow
</Proxy>
ProxyPass /balancer-manager !
ProxyPass / balancer://entCluster/ stickysession=JSESSIONID nofailover=Off
<Location /balancer-manager>
SetHandler balancer-manager
Order allow,deny
Allow from xxx.univ-xxx.fr
</Location>
ServerName entergo-unpidf.univ-paris1.fr
ServerAlias entergo-unpidf
ErrorLog /var/log/apache2/entergo-unpidf-ssl-error.log
CustomLog /var/log/apache2/entergo-unpidf-ssl-access.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /usr/local/etc/ssl/certs/entergo-unpidf.univ-paris1.fr.crt
SSLCertificateKeyFile /usr/local/etc/ssl/private/entergo-unpidf.univ-paris1.fr.key
SSLCertificateChainFile /usr/local/etc/ssl/certs/cachain.crt
# restreindre l'acces a certaines choses, notamment les web services
<Location ~ "/(EsupMonitor|private|problems|services)">
Order allow,deny
Allow from univ-paris1.fr
</Location>
# Interdit en mode non SSL
<Location /jkstatus>
Order allow,deny
</Location>
</VirtualHost>
|
...