I'm enjoying the fact that all I need to do to apply this is to run config/setupmymac, which then issues the following commands:
$ sudo cp /private/var/whimsy/whimsy/config/whimsy.conf /private/etc/apache2/other/whimsy.conf $ sudo apachectl restart - Sam Ruby - Sam Ruby On Sun, Dec 8, 2019 at 6:53 AM <s...@apache.org> wrote: > > This is an automated email from the ASF dual-hosted git repository. > > sebb pushed a commit to branch master > in repository https://gitbox.apache.org/repos/asf/whimsy.git > > > The following commit(s) were added to refs/heads/master by this push: > new 355f740 Refresh config from live file > 355f740 is described below > > commit 355f740248ceb2ebc5a4d6fe37f184a0d29c05e2 > Author: Sebb <s...@apache.org> > AuthorDate: Sun Dec 8 11:52:58 2019 +0000 > > Refresh config from live file > --- > config/whimsy.conf | 85 > +++++++++++++++++++++++++++++++----------------------- > 1 file changed, 49 insertions(+), 36 deletions(-) > > diff --git a/config/whimsy.conf b/config/whimsy.conf > index 2d994da..8e1bf1d 100644 > --- a/config/whimsy.conf > +++ b/config/whimsy.conf > @@ -32,9 +32,6 @@ > SetEnv PATH /usr/local/bin:${PATH} > > PassengerFriendlyErrorPages on > -#PassengerUser www-data > -#PassengerGroup www-data > - > > AddCharset UTF-8 .json > > @@ -65,6 +62,11 @@ ExpiresActive On > Options +Indexes > </Directory> > > +# WHIMSY-199 > +<Directory /srv/whimsy/www/board/minutes> > + AllowOverride FileInfo > +</Directory> > + > RewriteEngine on > RewriteRule ^.*$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] > > @@ -137,9 +139,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Committers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </LocationMatch> > > <Directory /srv/whimsy/www/committers> > @@ -147,9 +149,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Committers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/project/icla> > @@ -157,9 +159,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Committers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/roster> > @@ -167,9 +169,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Committers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/test/roster> > @@ -177,9 +179,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Committers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <LocationMatch ^/incubator/moderators> > @@ -187,9 +189,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Incubator PMC" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </LocationMatch> > > <LocationMatch ^/incubator/signoff> > @@ -197,9 +199,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Incubator PMC" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </LocationMatch> > > <Directory /srv/whimsy/www/fundraising> > @@ -207,9 +209,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Officers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/officers> > @@ -217,9 +219,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Officers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/treasurer> > @@ -227,9 +229,9 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Officers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/board/agenda> > @@ -237,15 +239,16 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > AuthName "ASF Members and Officers" > AuthBasicProvider ldap > AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > - AuthLDAPGroupAttribute memberUid > - AuthLDAPGroupAttributeIsDN off > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > Require expr %{REQUEST_URI} == '/board/agenda/app.js' > Require expr %{REQUEST_URI} == '/board/agenda/app.js.map' > Require expr %{REQUEST_URI} =~ m#^/board/agenda/.*\.js\.rb$# > Require expr %{REQUEST_URI} =~ m#^/board/agenda/[-\d]+/bootstrap.html$# > + Require expr %{REQUEST_URI} == '/board/agenda/manifest.json' > Require expr %{REQUEST_URI} == '/board/agenda/stylesheets/app.css' > Require expr %{REQUEST_URI} == '/board/agenda/sw.js' > - Require ldap-group cn=committers,ou=groups,dc=apache,dc=org > + Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org > </Directory> > > <Directory /srv/whimsy/www/apmail> > @@ -278,6 +281,16 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public > Require ldap-group cn=member,ou=groups,dc=apache,dc=org > </Directory> > > +<Directory /srv/whimsy/www/infra> > + AuthType Basic > + AuthName "ASF Infrastructure Team" > + AuthBasicProvider ldap > + AuthLDAPUrl "ldaps://ldap-us-ro.apache.org:636 > ldap-eu-ro.apache.org:636/ou=people,dc=apache,dc=org?uid" > + AuthLDAPGroupAttribute member > + AuthLDAPGroupAttributeIsDN on > + Require ldap-group cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org > +</Directory> > + > <Directory /srv/whimsy/www/secretary> > AuthType Basic > AuthName "ASF Secretarial Team" >
