apache-frontend: Upgrade apache to 2.4

1f7bf3d1 · Rafael Monnerat · 1829c584 · 1f7bf3d1 · 1f7bf3d1 · 1f7bf3d1
Commit 1f7bf3d1 authored Feb 27, 2017 by Rafael Monnerat
5 changed files
--- a/software/apache-frontend/README.apache_frontend.rst
+++ b/software/apache-frontend/README.apache_frontend.rst
@@ -461,6 +461,6 @@ Solution 2 (IPv6 only)

 It is also possible to directly allow the service to listen on 80 and 443 ports using the following command:

-  setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$APACHE_FRONTEND_SOFTWARE_RELEASE_MD5/parts/apache-2.2/bin/httpd
+  setcap 'cap_net_bind_service=+ep' /opt/slapgrid/$APACHE_FRONTEND_SOFTWARE_RELEASE_MD5/parts/apache/bin/httpd

 Then specify in the instance parameters "port" and "plain_http_port" to be 443 and 80, respectively.
--- a/software/apache-frontend/buildout.hash.cfg
+++ b/software/apache-frontend/buildout.hash.cfg
@@ -19,7 +19,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e

 [template-apache-frontend]
 filename = instance-apache-frontend.cfg
-md5sum = f093d1f85449c9a8d48ccd5a32980c1d
+md5sum = e0559650ee303714a77c7c1ace03f664

 [template-apache-replicate]
 filename = instance-apache-replicate.cfg.in
@@ -39,7 +39,7 @@ md5sum = 665e83d660c9b779249b2179d7ce4b4e

 [template-apache-frontend-configuration]
 filename = templates/apache.conf.in
-md5sum = 7d5f0f38e4dd81ff26f2499890b13315
+md5sum = 0382e39cd6ed7ce68c07ef906049dbcf

 [template-custom-slave-list]
 filename = templates/apache-custom-slave-list.cfg.in

--- a/software/apache-frontend/common.cfg
+++ b/software/apache-frontend/common.cfg
@@ -25,8 +25,8 @@ parts +=
  template
  template-apache-frontend
  template-apache-replicate
-  apache-2.2
-  apache-antiloris-apache-2.2
+  apache
+  apache-antiloris

  stunnel


--- a/software/apache-frontend/instance-apache-frontend.cfg
+++ b/software/apache-frontend/instance-apache-frontend.cfg
@@ -123,7 +123,7 @@ configuration.re6st-verification-url = http://[2001:67c:1254:4::1]/index.html
 [frontend-configuration]
 template-log-access = ${template-log-access:target}
 log-access-configuration = $${directory:etc}/apache-log-access.conf
-apache-directory = ${apache-2.2:location}
+apache-directory = ${apache:location}
 apache-ipv6 = $${instance-parameter:ipv6-random}
 apache-https-port = $${instance-parameter:configuration.port}

@@ -156,7 +156,7 @@ template-default-slave-virtualhost = ${template-default-slave-virtualhost:target
 template-cached-slave-virtualhost = ${template-cached-slave-virtualhost:target}
 template-nginx-eventsource-slave-virtualhost = ${template-nginx-eventsource-slave-virtualhost:target}
 template-nginx-notebook-slave-virtualhost = ${template-nginx-notebook-slave-virtualhost:target}
-apache-location = ${apache-2.2:location}
+apache-location = ${apache:location}

 [dynamic-custom-personal-template-slave-list]
 < = jinja2-template-base
@@ -241,7 +241,7 @@ extra-context =

 [apache-frontend]
 recipe = slapos.cookbook:wrapper
-command-line = ${apache-2.2:location}/bin/httpd -f $${dynamic-apache-frontend-template:rendered} -DFOREGROUND
+command-line = ${apache:location}/bin/httpd -f $${dynamic-apache-frontend-template:rendered} -DFOREGROUND
 wrapper-path = $${directory:service}/frontend_apache
 wait-for-files =
 	       $${ca-frontend:cert-file}
@@ -271,7 +271,7 @@ error-log = $${directory:log}/frontend-apache-error.log
 pid-file = $${directory:run}/httpd.pid
 protected-path = /
 access-control-string = none
-frontend-configuration-verification = ${apache-2.2:location}/bin/httpd -Sf $${:frontend-configuration} > /dev/null
+frontend-configuration-verification = ${apache:location}/bin/httpd -Sf $${:frontend-configuration} > /dev/null
 frontend-graceful-command = $${:frontend-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat $${:pid-file}); fi

 # Comunication with ats
@@ -282,7 +282,7 @@ ssl-cache-through-port = 26012
 # Create wrapper for "apachectl conftest" in bin
 [configtest]
 recipe = slapos.cookbook:wrapper
-command-line = ${apache-2.2:location}/bin/httpd -f $${directory:etc}/apache_frontend.conf -t
+command-line = ${apache:location}/bin/httpd -f $${directory:etc}/apache_frontend.conf -t
 wrapper-path = $${directory:bin}/apache-configtest

 [certificate-authority]

--- a/software/apache-frontend/templates/apache.conf.in
+++ b/software/apache-frontend/templates/apache.conf.in
@@ -44,8 +44,7 @@ CustomLog "{{ access_log }}" combined
 </Directory>

 <Directory {{ document_root }}>
-  Order Allow,Deny
-  Allow from All
+  Require all granted
  Options -Indexes
  ErrorDocument 404 /notfound.html
  RewriteEngine on
@@ -53,10 +52,11 @@ CustomLog "{{ access_log }}" combined
 </Directory>

 # List of modules
-#LoadModule unixd_module modules/mod_unixd.so
-#LoadModule access_compat_module modules/mod_access_compat.so
-#LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule unixd_module        {{ httpd_home }}/modules/mod_unixd.so
+LoadModule access_compat_module {{ httpd_home }}/modules/mod_access_compat.so
+LoadModule authz_core_module  {{ httpd_home }}/modules/mod_authz_core.so
 LoadModule authz_host_module  {{ httpd_home }}/modules/mod_authz_host.so
+LoadModule authn_core_module  {{ httpd_home }}/modules/mod_authn_core.so
 LoadModule log_config_module  {{ httpd_home }}/modules/mod_log_config.so
 LoadModule deflate_module     {{ httpd_home }}/modules/mod_deflate.so
 LoadModule setenvif_module    {{ httpd_home }}/modules/mod_setenvif.so
@@ -71,13 +71,15 @@ LoadModule negotiation_module {{ httpd_home }}/modules/mod_negotiation.so
 LoadModule rewrite_module     {{ httpd_home }}/modules/mod_rewrite.so
 LoadModule headers_module     {{ httpd_home }}/modules/mod_headers.so
 LoadModule cache_module       {{ httpd_home }}/modules/mod_cache.so
-LoadModule mem_cache_module   {{ httpd_home }}/modules/mod_mem_cache.so
+LoadModule cache_socache_module   {{ httpd_home }}/modules/mod_cache_socache.so
+LoadModule socache_shmcb_module   {{ httpd_home }}/modules/mod_socache_shmcb.so
 LoadModule antiloris_module   {{ httpd_home }}/modules/mod_antiloris.so
 LoadModule alias_module       {{ httpd_home }}/modules/mod_alias.so
 LoadModule autoindex_module   {{ httpd_home }}/modules/mod_autoindex.so
 LoadModule auth_basic_module  {{ httpd_home }}/modules/mod_auth_basic.so
 LoadModule authz_user_module  {{ httpd_home }}/modules/mod_authz_user.so
 LoadModule authn_file_module  {{ httpd_home }}/modules/mod_authn_file.so
+LoadModule filter_module       {{ httpd_home }}/modules/mod_filter.so

 # The following directives modify normal HTTP response behavior to
 # handle known problems with browser implementations.