stackforge/rubick
Code Issues Proposed changes

Removed obsolete config_samples

Browse Source
This commit is contained in:
Maxim Kulkin 2013-10-01 11:47:46 +04:00
parent caa8262697
commit 917567ebdb
551 changed files with 0 additions and 29915 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
config_samples/config/host1/filesystem
View File

@ -1,20 +0,0 @@
# type | source filesystem | reference file | owner | group | permissions
dir|/etc/cinder|cinder|cinder|0750
file|/etc/cinder/cinder.conf|etc/cinder/cinder.conf|cinder|cinder|0640
file|/etc/cinder/logging.conf|etc/cinder/logging.conf|cinder|cinder|0640
file|/etc/cinder/api-paste.ini|etc/cinder/api-paste.ini|cinder|cinder|0640
file|/etc/cinder/policy.json|etc/cinder/policy.json|cinder|cinder|0640
file|/etc/cinder/rootwrap.conf|etc/cinder/rootwrap.conf|cinder|cinder|0640
dir|/etc/glance|glance|glance|0750
file|/etc/glance/glance-cache.conf|etc/glance/glance-cache.conf|glance|glance|0640
file|/etc/glance/glance-api.conf|etc/glance/glance-api.conf|glance|glance|0640
file|/etc/glance/glance-api-paste.ini|etc/glance/glance-api-paste.ini|glance|glance|0640
file|/etc/glance/logging.conf|etc/glance/logging.conf|glance|glance|0640
file|/etc/glance/glance-registry.conf|etc/glance/glance-registry.conf|glance|glance|0640
file|/etc/glance/policy.json|etc/glance/policy.json|glance|glance|0640
file|/etc/glance/schema-image.json|etc/glance/schema-image.json|glance|glance|0640
file|/etc/glance/glance-scrubber.conf|etc/glance/glance-scrubber.conf|glance|glance|0640
file|/etc/glance/glance-registry-paste.ini|etc/glance/glance-registry-paste.ini|glance|glance|0640

52
config_samples/config/host1/root/etc/cinder/api-paste.ini
View File

@ -1,52 +0,0 @@
#############
# OpenStack #
#############
[composite:osapi_volume]
use = call:cinder.api:root_app_factory
/: apiversions
/v1: openstack_volume_api_v1
/v2: openstack_volume_api_v2
[composite:openstack_volume_api_v1]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = faultwrap sizelimit noauth apiv1
keystone = faultwrap sizelimit authtoken keystonecontext apiv1
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
[composite:openstack_volume_api_v2]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = faultwrap sizelimit noauth apiv2
keystone = faultwrap sizelimit authtoken keystonecontext apiv2
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
[filter:faultwrap]
paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
[filter:noauth]
paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
[filter:sizelimit]
paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
[app:apiv1]
paste.app_factory = cinder.api.v1.router:APIRouter.factory
[app:apiv2]
paste.app_factory = cinder.api.v2.router:APIRouter.factory
[pipeline:apiversions]
pipeline = faultwrap osvolumeversionapp
[app:osvolumeversionapp]
paste.app_factory = cinder.api.versions:Versions.factory
##########
# Shared #
##########
[filter:keystonecontext]
paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

35
config_samples/config/host1/root/etc/cinder/cinder.conf
View File

@ -1,35 +0,0 @@
[DEFAULT]
state_path = /var/lib/cinder
lock_path = /var/lib/cinder/tmp
volumes_dir = /etc/cinder/volumes
iscsi_helper = tgtadm
sql_connection = mysql://cinder:ziNOHbWN@192.168.0.2/cinder?charset=utf8
rpc_backend = cinder.openstack.common.rpc.impl_kombu
rootwrap_config = /etc/cinder/rootwrap.conf
use_syslog=true
api_paste_config=/etc/cinder/api-paste.ini
debug=True
volume_group=cinder
log_config=/etc/cinder/logging.conf
rabbit_userid=nova
bind_host=0.0.0.0
osapi_volume_listen=0.0.0.0
iscsi_ip_address=192.168.1.4
auth_strategy=keystone
glance_api_servers=192.168.0.2:9292
rabbit_virtual_host=/
rabbit_hosts=192.168.0.2:5672
verbose=True
rabbit_ha_queues=True
rabbit_password=HNmMv5tY
rabbit_port=5672
[keystone_authtoken]
admin_tenant_name = services
admin_user = cinder
admin_password = 6LwUQj84
auth_host = 192.168.0.2
auth_port = 35357
auth_protocol = http
signing_dirname = /tmp/keystone-signing-cinder
signing_dir=/tmp/keystone-signing-cinder

35
config_samples/config/host1/root/etc/cinder/logging.conf
View File

@ -1,35 +0,0 @@
[loggers]
keys = root
# devel is reserved for future usage
[handlers]
keys = production,devel
[formatters]
keys = normal,debug
[logger_root]
level = NOTSET
handlers = production
propagate = 1
#qualname = cinder
[formatter_debug]
format = cinder-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s
[formatter_normal]
format = cinder-%(name)s %(levelname)s: %(message)s
# Extended logging info to LOG_LOCAL3 with debug:True and verbose:True
# Note: local copy goes to /var/log/cinder-all.log
[handler_production]
class = handlers.SysLogHandler
level = DEBUG
args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL3)
formatter = normal
# TODO find out how it could be usefull and how it should be used
[handler_devel]
class = StreamHandler
formatter = debug
args = (sys.stdout,)

33
config_samples/config/host1/root/etc/cinder/policy.json
View File

@ -1,33 +0,0 @@
{
"context_is_admin": [["role:admin"]],
"admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]],
"default": [["rule:admin_or_owner"]],
"admin_api": [["is_admin:True"]],
"volume:create": [],
"volume:get_all": [],
"volume:get_volume_metadata": [],
"volume:get_snapshot": [],
"volume:get_all_snapshots": [],
"volume_extension:types_manage": [["rule:admin_api"]],
"volume_extension:types_extra_specs": [["rule:admin_api"]],
"volume_extension:extended_snapshot_attributes": [],
"volume_extension:volume_image_metadata": [],
"volume_extension:quotas:show": [],
"volume_extension:quotas:update": [["rule:admin_api"]],
"volume_extension:quota_classes": [],
"volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]],
"volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]],
"volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]],
"volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]],
"volume_extension:volume_host_attribute": [["rule:admin_api"]],
"volume_extension:volume_tenant_attribute": [["rule:admin_api"]],
"volume_extension:hosts": [["rule:admin_api"]],
"volume_extension:services": [["rule:admin_api"]],
"volume:services": [["rule:admin_api"]]
}

27
config_samples/config/host1/root/etc/cinder/rootwrap.conf
View File

@ -1,27 +0,0 @@
# Configuration for cinder-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, user0, user1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR

57
config_samples/config/host1/root/etc/glance/glance-api-paste.ini
View File

@ -1,57 +0,0 @@
# Use this pipeline for no auth or image caching - DEFAULT
[pipeline:glance-api]
pipeline = versionnegotiation unauthenticated-context rootapp
# Use this pipeline for image caching and no auth
[pipeline:glance-api-caching]
pipeline = versionnegotiation unauthenticated-context cache rootapp
# Use this pipeline for caching w/ management interface but no auth
[pipeline:glance-api-cachemanagement]
pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp
# Use this pipeline for keystone auth
[pipeline:glance-api-keystone]
pipeline = versionnegotiation authtoken context rootapp
# Use this pipeline for keystone auth with image caching
[pipeline:glance-api-keystone+caching]
pipeline = versionnegotiation authtoken context cache rootapp
# Use this pipeline for keystone auth with caching and cache management
[pipeline:glance-api-keystone+cachemanagement]
pipeline = versionnegotiation authtoken context cache cachemanage rootapp
[composite:rootapp]
paste.composite_factory = glance.api:root_app_factory
/: apiversions
/v1: apiv1app
/v2: apiv2app
[app:apiversions]
paste.app_factory = glance.api.versions:create_resource
[app:apiv1app]
paste.app_factory = glance.api.v1.router:API.factory
[app:apiv2app]
paste.app_factory = glance.api.v2.router:API.factory
[filter:versionnegotiation]
paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
[filter:cache]
paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory
[filter:cachemanage]
paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory
[filter:context]
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
[filter:unauthenticated-context]
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
delay_auth_decision = true

363
config_samples/config/host1/root/etc/glance/glance-api.conf
View File

@ -1,363 +0,0 @@
[DEFAULT]
# Show more verbose log output (sets INFO log level output)
#verbose = False
verbose = true
# Show debugging output in logs (sets DEBUG log level output)
#debug = False
debug = true
# Which backend scheme should Glance use by default is not specified
# in a request to add a new image to Glance? Known schemes are determined
# by the known_stores option below.
# Default: 'file'
default_store = file
# List of which store classes and store class locations are
# currently known to glance at startup.
#known_stores = glance.store.filesystem.Store,
# glance.store.http.Store,
# glance.store.rbd.Store,
# glance.store.s3.Store,
# glance.store.swift.Store,
# Maximum image size (in bytes) that may be uploaded through the
# Glance API server. Defaults to 1 TB.
# WARNING: this value should only be increased after careful consideration
# and must be set to a value under 8 EB (9223372036854775808).
#image_size_cap = 1099511627776
# Address to bind the API server
bind_host = 0.0.0.0
# Port the bind the API server to
bind_port = 9292
# Log to this file. Make sure you do not set the same log
# file for both the API and registry servers!
# Backlog requests when creating socket
backlog = 4096
# TCP_KEEPIDLE value in seconds when creating socket.
# Not supported on OS X.
#tcp_keepidle = 600
# SQLAlchemy connection string for the reference implementation
# registry server. Any valid SQLAlchemy connection string is fine.
# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
sql_connection = mysql://glance:fXcrTaoy@127.0.0.1/glance
# Period in seconds after which SQLAlchemy should reestablish its connection
# to the database.
#
# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop
# idle connections. This can result in 'MySQL Gone Away' exceptions. If you
# notice this, you can lower this value to ensure that SQLAlchemy reconnects
# before MySQL can drop the connection.
sql_idle_timeout = 3600
# Number of Glance API worker processes to start.
# On machines with more than one CPU increasing this value
# may improve performance (especially if using SSL with
# compression turned on). It is typically recommended to set
# this value to the number of CPUs present on your machine.
workers = 8
# Role used to identify an authenticated user as administrator
#admin_role = admin
# Allow unauthenticated users to access the API with read-only
# privileges. This only applies when using ContextMiddleware.
#allow_anonymous_access = False
# Allow access to version 1 of glance api
#enable_v1_api = True
# Allow access to version 2 of glance api
#enable_v2_api = True
# Return the URL that references where the data is stored on
# the backend storage system. For example, if using the
# file system store a URL of 'file:///path/to/image' will
# be returned to the user in the 'direct_url' meta-data field.
# The default value is false.
#show_image_direct_url = False
# ================= Syslog Options ============================
# Send logs to syslog (/dev/log) instead of to file specified
# by `log_file`
#use_syslog = False
use_syslog = true
# Facility to use. If unset defaults to LOG_USER.
#syslog_log_facility = LOG_LOCAL0
# ================= SSL Options ===============================
# Certificate file to use when starting API server securely
#cert_file = /path/to/certfile
# Private key file to use when starting API server securely
#key_file = /path/to/keyfile
# CA certificate file to use to verify connecting clients
#ca_file = /path/to/cafile
# ================= Security Options ==========================
# AES key for encrypting store 'location' metadata, including
# -- if used -- Swift or S3 credentials
# Should be set to a random string of length 16, 24 or 32 bytes
#metadata_encryption_key = <16, 24 or 32 char registry metadata key>
# ============ Registry Options ===============================
# Address to find the registry server
registry_host = 127.0.0.1
# Port the registry server is listening on
registry_port = 9191
# What protocol to use when connecting to the registry server?
# Set to https for secure HTTP communication
registry_client_protocol = http
# The path to the key file to use in SSL connections to the
# registry server, if any. Alternately, you may set the
# GLANCE_CLIENT_KEY_FILE environ variable to a filepath of the key file
#registry_client_key_file = /path/to/key/file
# The path to the cert file to use in SSL connections to the
# registry server, if any. Alternately, you may set the
# GLANCE_CLIENT_CERT_FILE environ variable to a filepath of the cert file
#registry_client_cert_file = /path/to/cert/file
# The path to the certifying authority cert file to use in SSL connections
# to the registry server, if any. Alternately, you may set the
# GLANCE_CLIENT_CA_FILE environ variable to a filepath of the CA cert file
#registry_client_ca_file = /path/to/ca/file
# When using SSL in connections to the registry server, do not require
# validation via a certifying authority. This is the registry's equivalent of
# specifying --insecure on the command line using glanceclient for the API
# Default: False
#registry_client_insecure = False
# The period of time, in seconds, that the API server will wait for a registry
# request to complete. A value of '0' implies no timeout.
# Default: 600
#registry_client_timeout = 600
# Whether to automatically create the database tables.
# Default: False
#db_auto_create = False
# ============ Notification System Options =====================
# Notifications can be sent when images are create, updated or deleted.
# There are three methods of sending notifications, logging (via the
# log_file directive), rabbit (via a rabbitmq queue), qpid (via a Qpid
# message queue), or noop (no notifications sent, the default)
notifier_strategy = noop
# Configuration options if sending notifications via rabbitmq (these are
# the defaults)
rabbit_host = localhost
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = guest
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
rabbit_durable_queues = False
# Configuration options if sending notifications via Qpid (these are
# the defaults)
qpid_notification_exchange = glance
qpid_notification_topic = notifications
qpid_host = localhost
qpid_port = 5672
qpid_username =
qpid_password =
qpid_sasl_mechanisms =
qpid_reconnect_timeout = 0
qpid_reconnect_limit = 0
qpid_reconnect_interval_min = 0
qpid_reconnect_interval_max = 0
qpid_reconnect_interval = 0
qpid_heartbeat = 5
# Set to 'ssl' to enable SSL
qpid_protocol = tcp
qpid_tcp_nodelay = True
# ============ Filesystem Store Options ========================
# Directory that the Filesystem backend store
# writes image data to
filesystem_store_datadir = /var/lib/glance/images/
# ============ Swift Store Options =============================
# Version of the authentication service to use
# Valid versions are '2' for keystone and '1' for swauth and rackspace
swift_store_auth_version = 2
# Address where the Swift authentication service lives
# Valid schemes are 'http://' and 'https://'
# If no scheme specified, default to 'https://'
# For swauth, use something like '127.0.0.1:8080/v1.0/'
swift_store_auth_address = 127.0.0.1:5000/v2.0/
# User to authenticate against the Swift authentication service
# If you use Swift authentication service, set it to 'account':'user'
# where 'account' is a Swift storage account and 'user'
# is a user in that account
swift_store_user = jdoe:jdoe
# Auth key for the user authenticating against the
# Swift authentication service
swift_store_key = a86850deb2742ec3cb41518e26aa2d89
# Container within the account that the account should use
# for storing images in Swift
swift_store_container = glance
# Do we create the container if it does not exist?
swift_store_create_container_on_put = False
# What size, in MB, should Glance start chunking image files
# and do a large object manifest in Swift? By default, this is
# the maximum object size in Swift, which is 5GB
swift_store_large_object_size = 5120
# When doing a large object manifest, what size, in MB, should
# Glance write chunks to Swift? This amount of data is written
# to a temporary disk buffer during the process of chunking
# the image file, and the default is 200MB
swift_store_large_object_chunk_size = 200
# Whether to use ServiceNET to communicate with the Swift storage servers.
# (If you aren't RACKSPACE, leave this False!)
#
# To use ServiceNET for authentication, prefix hostname of
# `swift_store_auth_address` with 'snet-'.
# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
swift_enable_snet = False
# If set to True enables multi-tenant storage mode which causes Glance images
# to be stored in tenant specific Swift accounts.
#swift_store_multi_tenant = False
# A list of swift ACL strings that will be applied as both read and
# write ACLs to the containers created by Glance in multi-tenant
# mode. This grants the specified tenants/users read and write access
# to all newly created image objects. The standard swift ACL string
# formats are allowed, including:
# <tenant_id>:<username>
# <tenant_name>:<username>
# *:<username>
# Multiple ACLs can be combined using a comma separated list, for
# example: swift_store_admin_tenants = service:glance,*:admin
#swift_store_admin_tenants =
# The region of the swift endpoint to be used for single tenant. This setting
# is only necessary if the tenant has multiple swift endpoints.
#swift_store_region =
# ============ S3 Store Options =============================
# Address where the S3 authentication service lives
# Valid schemes are 'http://' and 'https://'
# If no scheme specified, default to 'http://'
s3_store_host = 127.0.0.1:8080/v1.0/
# User to authenticate against the S3 authentication service
s3_store_access_key = <20-char AWS access key>
# Auth key for the user authenticating against the
# S3 authentication service
s3_store_secret_key = <40-char AWS secret key>
# Container within the account that the account should use
# for storing images in S3. Note that S3 has a flat namespace,
# so you need a unique bucket name for your glance images. An
# easy way to do this is append your AWS access key to "glance".
# S3 buckets in AWS *must* be lowercased, so remember to lowercase
# your AWS access key if you use it in your bucket name below!
s3_store_bucket = <lowercased 20-char aws access key>glance
# Do we create the bucket if it does not exist?
s3_store_create_bucket_on_put = False
# When sending images to S3, the data will first be written to a
# temporary buffer on disk. By default the platform's temporary directory
# will be used. If required, an alternative directory can be specified here.
#s3_store_object_buffer_dir = /path/to/dir
# When forming a bucket url, boto will either set the bucket name as the
# subdomain or as the first token of the path. Amazon's S3 service will
# accept it as the subdomain, but Swift's S3 middleware requires it be
# in the path. Set this to 'path' or 'subdomain' - defaults to 'subdomain'.
#s3_store_bucket_url_format = subdomain
# ============ RBD Store Options =============================
# Ceph configuration file path
# If using cephx authentication, this file should
# include a reference to the right keyring
# in a client.<USER> section
rbd_store_ceph_conf = /etc/ceph/ceph.conf
# RADOS user to authenticate as (only applicable if using cephx)
rbd_store_user = glance
# RADOS pool in which images are stored
rbd_store_pool = images
# Images will be chunked into objects of this size (in megabytes).
# For best performance, this should be a power of two
rbd_store_chunk_size = 8
# ============ Delayed Delete Options =============================
# Turn on/off delayed delete
delayed_delete = False
# Delayed delete time in seconds
scrub_time = 43200
# Directory that the scrubber will use to remind itself of what to delete
# Make sure this is also set in glance-scrubber.conf
scrubber_datadir = /var/lib/glance/scrubber
# =============== Image Cache Options =============================
# Base directory that the Image Cache uses
image_cache_dir = /var/lib/glance/image-cache/
log_config=/etc/glance/logging.conf
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = services
admin_user = glance
admin_password = HJhOWm8t
signing_dirname=/tmp/keystone-signing-glance
auth_uri=http://127.0.0.1:35357
signing_dir=/tmp/keystone-signing-glance
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
#config_file = glance-api-paste.ini
# Partial name of a pipeline in your paste configuration file with the
# service name removed. For example, if your paste section name is
# [pipeline:glance-api-keystone], you would configure the flavor below
# as 'keystone'.
#flavor=
flavor=keystone+cachemanagement

149
config_samples/config/host1/root/etc/glance/glance-cache.conf
View File

@ -1,149 +0,0 @@
[DEFAULT]
# Show more verbose log output (sets INFO log level output)
#verbose = False
verbose = true
# Show debugging output in logs (sets DEBUG log level output)
#debug = False
debug = true
log_file = /var/log/glance/image-cache.log
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
#use_syslog = False
use_syslog = true
# Directory that the Image Cache writes data to
image_cache_dir = /var/lib/glance/image-cache/
# Number of seconds after which we should consider an incomplete image to be
# stalled and eligible for reaping
image_cache_stall_time = 86400
# image_cache_invalid_entry_grace_period - seconds
#
# If an exception is raised as we're writing to the cache, the cache-entry is
# deemed invalid and moved to <image_cache_datadir>/invalid so that it can be
# inspected for debugging purposes.
#
# This is number of seconds to leave these invalid images around before they
# are elibible to be reaped.
image_cache_invalid_entry_grace_period = 3600
# Max cache size in bytes
image_cache_max_size = 10737418240
# Address to find the registry server
registry_host = 127.0.0.1
# Port the registry server is listening on
registry_port = 9191
# Auth settings if using Keystone
# auth_url = http://127.0.0.1:5000/v2.0/
auth_url = http://127.0.0.1:35357
# admin_tenant_name = %SERVICE_TENANT_NAME%
admin_tenant_name = services
# admin_user = %SERVICE_USER%
admin_user = glance
# admin_password = %SERVICE_PASSWORD%
admin_password = HJhOWm8t
# List of which store classes and store class locations are
# currently known to glance at startup.
# known_stores = glance.store.filesystem.Store,
# glance.store.http.Store,
# glance.store.rbd.Store,
# glance.store.s3.Store,
# glance.store.swift.Store,
# ============ Filesystem Store Options ========================
# Directory that the Filesystem backend store
# writes image data to
filesystem_store_datadir = /var/lib/glance/images/
# ============ Swift Store Options =============================
# Version of the authentication service to use
# Valid versions are '2' for keystone and '1' for swauth and rackspace
swift_store_auth_version = 2
# Address where the Swift authentication service lives
# Valid schemes are 'http://' and 'https://'
# If no scheme specified, default to 'https://'
# For swauth, use something like '127.0.0.1:8080/v1.0/'
swift_store_auth_address = 127.0.0.1:5000/v2.0/
# User to authenticate against the Swift authentication service
# If you use Swift authentication service, set it to 'account':'user'
# where 'account' is a Swift storage account and 'user'
# is a user in that account
swift_store_user = jdoe:jdoe
# Auth key for the user authenticating against the
# Swift authentication service
swift_store_key = a86850deb2742ec3cb41518e26aa2d89
# Container within the account that the account should use
# for storing images in Swift
swift_store_container = glance
# Do we create the container if it does not exist?
swift_store_create_container_on_put = False
# What size, in MB, should Glance start chunking image files
# and do a large object manifest in Swift? By default, this is
# the maximum object size in Swift, which is 5GB
swift_store_large_object_size = 5120
# When doing a large object manifest, what size, in MB, should
# Glance write chunks to Swift? This amount of data is written
# to a temporary disk buffer during the process of chunking
# the image file, and the default is 200MB
swift_store_large_object_chunk_size = 200
# Whether to use ServiceNET to communicate with the Swift storage servers.
# (If you aren't RACKSPACE, leave this False!)
#
# To use ServiceNET for authentication, prefix hostname of
# `swift_store_auth_address` with 'snet-'.
# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/
swift_enable_snet = False
# ============ S3 Store Options =============================
# Address where the S3 authentication service lives
# Valid schemes are 'http://' and 'https://'
# If no scheme specified, default to 'http://'
s3_store_host = 127.0.0.1:8080/v1.0/
# User to authenticate against the S3 authentication service
s3_store_access_key = <20-char AWS access key>
# Auth key for the user authenticating against the
# S3 authentication service
s3_store_secret_key = <40-char AWS secret key>
# Container within the account that the account should use
# for storing images in S3. Note that S3 has a flat namespace,
# so you need a unique bucket name for your glance images. An
# easy way to do this is append your AWS access key to "glance".
# S3 buckets in AWS *must* be lowercased, so remember to lowercase
# your AWS access key if you use it in your bucket name below!
s3_store_bucket = <lowercased 20-char aws access key>glance
# Do we create the bucket if it does not exist?
s3_store_create_bucket_on_put = False
# When sending images to S3, the data will first be written to a
# temporary buffer on disk. By default the platform's temporary directory
# will be used. If required, an alternative directory can be specified here.
# s3_store_object_buffer_dir = /path/to/dir
# ================= Security Options ==========================
# AES key for encrypting store 'location' metadata, including
# -- if used -- Swift or S3 credentials
# Should be set to a random string of length 16, 24 or 32 bytes
# metadata_encryption_key = <16, 24 or 32 char registry metadata key>

19
config_samples/config/host1/root/etc/glance/glance-registry-paste.ini
View File

@ -1,19 +0,0 @@
# Use this pipeline for no auth - DEFAULT
[pipeline:glance-registry]
pipeline = unauthenticated-context registryapp
# Use this pipeline for keystone auth
[pipeline:glance-registry-keystone]
pipeline = authtoken context registryapp
[app:registryapp]
paste.app_factory = glance.registry.api.v1:API.factory
[filter:context]
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
[filter:unauthenticated-context]
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

96
config_samples/config/host1/root/etc/glance/glance-registry.conf
View File

@ -1,96 +0,0 @@
[DEFAULT]
# Show more verbose log output (sets INFO log level output)
#verbose = False
verbose = true
# Show debugging output in logs (sets DEBUG log level output)
#debug = False
debug = true
# Address to bind the registry server
bind_host = 0.0.0.0
# Port the bind the registry server to
bind_port = 9191
# Log to this file. Make sure you do not set the same log
# file for both the API and registry servers!
# Backlog requests when creating socket
backlog = 4096
# TCP_KEEPIDLE value in seconds when creating socket.
# Not supported on OS X.
#tcp_keepidle = 600
# SQLAlchemy connection string for the reference implementation
# registry server. Any valid SQLAlchemy connection string is fine.
# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
sql_connection = mysql://glance:fXcrTaoy@127.0.0.1/glance
# Period in seconds after which SQLAlchemy should reestablish its connection
# to the database.
#
# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop
# idle connections. This can result in 'MySQL Gone Away' exceptions. If you
# notice this, you can lower this value to ensure that SQLAlchemy reconnects
# before MySQL can drop the connection.
sql_idle_timeout = 3600
# Limit the api to return `param_limit_max` items in a call to a container. If
# a larger `limit` query param is provided, it will be reduced to this value.
api_limit_max = 1000
# If a `limit` query param is not provided in an api request, it will
# default to `limit_param_default`
limit_param_default = 25
# Role used to identify an authenticated user as administrator
#admin_role = admin
# Whether to automatically create the database tables.
# Default: False
#db_auto_create = False
# ================= Syslog Options ============================
# Send logs to syslog (/dev/log) instead of to file specified
# by `log_file`
#use_syslog = False
use_syslog = true
# Facility to use. If unset defaults to LOG_USER.
#syslog_log_facility = LOG_LOCAL1
# ================= SSL Options ===============================
# Certificate file to use when starting registry server securely
#cert_file = /path/to/certfile
# Private key file to use when starting registry server securely
#key_file = /path/to/keyfile
# CA certificate file to use to verify connecting clients
#ca_file = /path/to/cafile
log_config=/etc/glance/logging.conf
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = services
admin_user = glance
admin_password = HJhOWm8t
signing_dir=/tmp/keystone-signing-glance
signing_dirname=/tmp/keystone-signing-glance
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
#config_file = glance-registry-paste.ini
# Partial name of a pipeline in your paste configuration file with the
# service name removed. For example, if your paste section name is
# [pipeline:glance-registry-keystone], you would configure the flavor below
# as 'keystone'.
#flavor=
flavor=keystone

40
config_samples/config/host1/root/etc/glance/glance-scrubber.conf
View File

@ -1,40 +0,0 @@
[DEFAULT]
# Show more verbose log output (sets INFO log level output)
#verbose = False
# Show debugging output in logs (sets DEBUG log level output)
#debug = False
# Log to this file. Make sure you do not set the same log
# file for both the API and registry servers!
log_file = /var/log/glance/scrubber.log
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
#use_syslog = False
# Should we run our own loop or rely on cron/scheduler to run us
daemon = False
# Loop time between checking for new items to schedule for delete
wakeup_time = 300
# Directory that the scrubber will use to remind itself of what to delete
# Make sure this is also set in glance-api.conf
scrubber_datadir = /var/lib/glance/scrubber
# Only one server in your deployment should be designated the cleanup host
cleanup_scrubber = False
# pending_delete items older than this time are candidates for cleanup
cleanup_scrubber_time = 86400
# Address to find the registry server for cleanups
registry_host = 0.0.0.0
# Port the registry server is listening on
registry_port = 9191
# AES key for encrypting store 'location' metadata, including
# -- if used -- Swift or S3 credentials
# Should be set to a random string of length 16, 24 or 32 bytes
#metadata_encryption_key = <16, 24 or 32 char registry metadata key>

35
config_samples/config/host1/root/etc/glance/logging.conf
View File

@ -1,35 +0,0 @@
[loggers]
keys = root
# devel is reserved for future usage
[handlers]
keys = production,devel
[formatters]
keys = normal,debug
[logger_root]
level = NOTSET
handlers = production
propagate = 1
#qualname = glance
[formatter_debug]
format = glance-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s
[formatter_normal]
format = glance-%(name)s %(levelname)s: %(message)s
# Extended logging info to LOG_LOCAL2 with debug:true and verbose:true
# Note: local copy goes to /var/log/glance-all.log
[handler_production]
class = handlers.SysLogHandler
level = DEBUG
args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL2)
formatter = normal
# TODO find out how it could be usefull and how it should be used
[handler_devel]
class = StreamHandler
formatter = debug
args = (sys.stdout,)

4
config_samples/config/host1/root/etc/glance/policy.json
View File

@ -1,4 +0,0 @@
{
"default": "",
"manage_image_cache": "role:admin"
}

28
config_samples/config/host1/root/etc/glance/schema-image.json
View File

@ -1,28 +0,0 @@
{
"kernel_id": {
"type": "string",
"pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
"description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image."
},
"ramdisk_id": {
"type": "string",
"pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$",
"description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image."
},
"instance_uuid": {
"type": "string",
"description": "ID of instance used to create this image."
},
"architecture": {
"description": "Operating system architecture as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html",
"type": "string"
},
"os_distro": {
"description": "Common name of operating system distribution as specified in http://docs.openstack.org/trunk/openstack-compute/admin/content/adding-images.html",
"type": "string"
},
"os_version": {
"description": "Operating system version as specified by the distributor",
"type": "string"
}
}

9
config_samples/config/host1/services.json
View File

@ -1,9 +0,0 @@
{
"cinder": {
"version": "2013.1"
},
"glance": {
"version": "2013.1"
}
}

16
config_samples/config/host2/filesystem
View File

@ -1,16 +0,0 @@
# type | source filesystem | reference file | owner | group | permissions
dir|/etc/keystone|keystone|keystone|0750
file|/etc/keystone/logging.conf|etc/keystone/logging.conf|keystone|keystone|0640
file|/etc/keystone/default_catalog.templates|etc/keystone/default_catalog.templates|keystone|keystone|0640
file|/etc/keystone/policy.json|etc/keystone/policy.json|keystone|keystone|0640
file|/etc/keystone/keystone.conf|etc/keystone/keystone.conf|keystone|keystone|0640
dir|/etc/nova|nova|nova|0750
file|/etc/nova/logging.conf|etc/nova/logging.conf|nova|nova|0640
file|/etc/nova/api-paste.ini|etc/nova/api-paste.ini|nova|nova|0640
file|/etc/nova/policy.json|etc/nova/policy.json|nova|nova|0640
file|/etc/nova/rootwrap.conf|etc/nova/rootwrap.conf|nova|nova|0640
file|/etc/nova/release|etc/nova/release|nova|nova|0640
file|/etc/nova/nova.conf|etc/nova/nova.conf|nova|nova|0640

27
config_samples/config/host2/root/etc/keystone/default_catalog.templates
View File

@ -1,27 +0,0 @@
# config for TemplatedCatalog, using camelCase because I don't want to do
# translations for keystone compat
catalog.RegionOne.identity.publicURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://localhost:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://localhost:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service
# fake compute service for now to help novaclient tests work
catalog.RegionOne.compute.publicURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://localhost:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service
catalog.RegionOne.volume.publicURL = http://localhost:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://localhost:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://localhost:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service
catalog.RegionOne.ec2.publicURL = http://localhost:8773/services/Cloud
catalog.RegionOne.ec2.adminURL = http://localhost:8773/services/Admin
catalog.RegionOne.ec2.internalURL = http://localhost:8773/services/Cloud
catalog.RegionOne.ec2.name = EC2 Service
catalog.RegionOne.image.publicURL = http://localhost:9292/v1
catalog.RegionOne.image.adminURL = http://localhost:9292/v1
catalog.RegionOne.image.internalURL = http://localhost:9292/v1
catalog.RegionOne.image.name = Image Service

320
config_samples/config/host2/root/etc/keystone/keystone.conf
View File

@ -1,320 +0,0 @@
[DEFAULT]
# A "shared secret" between keystone and other openstack services
# admin_token = ADMIN
admin_token = 5nP3wXsf
# The IP address of the network interface to listen on
# bind_host = 0.0.0.0
bind_host = 0.0.0.0
# The port number which the public service listens on
# public_port = 5000
public_port = 5000
# The port number which the public admin listens on
# admin_port = 35357
admin_port = 35357
# The base endpoint URLs for keystone that are advertised to clients
# (NOTE: this does NOT affect how keystone listens for connections)
# public_endpoint = http://localhost:%(public_port)d/
# admin_endpoint = http://localhost:%(admin_port)d/
# The port number which the OpenStack Compute service listens on
# compute_port = 8774
compute_port = 3000
# Path to your policy definition containing identity actions
# policy_file = policy.json
# Rule to check if no matching policy definition is found
# FIXME(dolph): This should really be defined as [policy] default_rule
# policy_default_rule = admin_required
# Role for migrating membership relationships
# During a SQL upgrade, the following values will be used to create a new role
# that will replace records in the user_tenant_membership table with explicit
# role grants. After migration, the member_role_id will be used in the API
# add_user_to_project, and member_role_name will be ignored.
# member_role_id = 9fe2ff9ee4384b1894a90878d3e92bab
# member_role_name = _member_
# === Logging Options ===
# Print debugging output
# (includes plaintext request logging, potentially including passwords)
# debug = False
debug = true
# Print more verbose output
# verbose = False
verbose = true
# Name of log file to output to. If not set, logging will go to stdout.
# log_file = keystone.log
# The directory to keep log files in (will be prepended to --logfile)
# log_dir = /var/log/keystone
# Use syslog for logging.
# use_syslog = False
use_syslog = true
# syslog facility to receive log lines
# syslog_log_facility = LOG_USER
# If this option is specified, the logging configuration file specified is
# used and overrides any other logging options specified. Please see the
# Python logging module documentation for details on logging configuration
# files.
# log_config = logging.conf
log_config = /etc/keystone/logging.conf
# A logging.Formatter log message format string which may use any of the
# available logging.LogRecord attributes.
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
# Format string for %(asctime)s in log records.
# log_date_format = %Y-%m-%d %H:%M:%S
# onready allows you to send a notification when the process is ready to serve
# For example, to have it notify using systemd, one could set shell command:
# onready = systemd-notify --ready
# or a module with notify() method:
# onready = keystone.common.systemd
[sql]
connection = mysql://keystone:8aInLVPS@127.0.0.1/keystone
# The SQLAlchemy connection string used to connect to the database
# connection = sqlite:///keystone.db
# the timeout before idle sql connections are reaped
# idle_timeout = 200
idle_timeout = 200
[identity]
driver = keystone.identity.backends.sql.Identity
# driver = keystone.identity.backends.sql.Identity
# This references the domain to use for all Identity API v2 requests (which are
# not aware of domains). A domain with this ID will be created for you by
# keystone-manage db_sync in migration 008. The domain referenced by this ID
# cannot be deleted on the v3 API, to prevent accidentally breaking the v2 API.
# There is nothing special about this domain, other than the fact that it must
# exist to order to maintain support for your v2 clients.
# default_domain_id = default
[trust]
# driver = keystone.trust.backends.sql.Trust
# delegation and impersonation features can be optionally disabled
# enabled = True
[catalog]
template_file = /etc/keystone/default_catalog.templates
driver = keystone.catalog.backends.sql.Catalog
# dynamic, sql-based backend (supports API/CLI-based management commands)
# driver = keystone.catalog.backends.sql.Catalog
# static, file-based backend (does *NOT* support any management commands)
# driver = keystone.catalog.backends.templated.TemplatedCatalog
# template_file = default_catalog.templates
[token]
driver = keystone.token.backends.sql.Token
# driver = keystone.token.backends.kvs.Token
# Amount of time a token should remain valid (in seconds)
# expiration = 86400
[policy]
# driver = keystone.policy.backends.sql.Policy
driver = keystone.policy.backends.rules.Policy
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
# driver = keystone.contrib.ec2.backends.kvs.Ec2
[ssl]
#enable = True
#certfile = /etc/keystone/ssl/certs/keystone.pem
#keyfile = /etc/keystone/ssl/private/keystonekey.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#cert_required = True
[signing]
#token_format = PKI
token_format = UUID
#certfile = /etc/keystone/ssl/certs/signing_cert.pem
#keyfile = /etc/keystone/ssl/private/signing_key.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#key_size = 1024
#valid_days = 3650
#ca_password = None
[ldap]
# url = ldap://localhost
# user = dc=Manager,dc=example,dc=com
# password = None
# suffix = cn=example,cn=com
# use_dumb_member = False
# allow_subtree_delete = False
# dumb_member = cn=dumb,dc=example,dc=com
# Maximum results per page; a value of zero ('0') disables paging (default)
# page_size = 0
# The LDAP dereferencing option for queries. This can be either 'never',
# 'searching', 'always', 'finding' or 'default'. The 'default' option falls
# back to using default dereferencing configured by your ldap.conf.
# alias_dereferencing = default
# The LDAP scope for queries, this can be either 'one'
# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)
# query_scope = one
# user_tree_dn = ou=Users,dc=example,dc=com
# user_filter =
# user_objectclass = inetOrgPerson
# user_domain_id_attribute = businessCategory
# user_id_attribute = cn
# user_name_attribute = sn
# user_mail_attribute = email
# user_pass_attribute = userPassword
# user_enabled_attribute = enabled
# user_enabled_mask = 0
# user_enabled_default = True
# user_attribute_ignore = tenant_id,tenants
# user_allow_create = True
# user_allow_update = True
# user_allow_delete = True
# user_enabled_emulation = False
# user_enabled_emulation_dn =
# tenant_tree_dn = ou=Groups,dc=example,dc=com
# tenant_filter =
# tenant_objectclass = groupOfNames
# tenant_domain_id_attribute = businessCategory
# tenant_id_attribute = cn
# tenant_member_attribute = member
# tenant_name_attribute = ou
# tenant_desc_attribute = desc
# tenant_enabled_attribute = enabled
# tenant_attribute_ignore =
# tenant_allow_create = True
# tenant_allow_update = True
# tenant_allow_delete = True
# tenant_enabled_emulation = False
# tenant_enabled_emulation_dn =
# role_tree_dn = ou=Roles,dc=example,dc=com
# role_filter =
# role_objectclass = organizationalRole
# role_id_attribute = cn
# role_name_attribute = ou
# role_member_attribute = roleOccupant
# role_attribute_ignore =
# role_allow_create = True
# role_allow_update = True
# role_allow_delete = True
# group_tree_dn =
# group_filter =
# group_objectclass = groupOfNames
# group_id_attribute = cn
# group_name_attribute = ou
# group_member_attribute = member
# group_desc_attribute = desc
# group_attribute_ignore =
# group_allow_create = True
# group_allow_update = True
# group_allow_delete = True
[auth]
methods = password,token
password = keystone.auth.plugins.password.Password
token = keystone.auth.plugins.token.Token
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:sizelimit]
paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log]
paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:service_v3]
paste.app_factory = keystone.service:v3_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
[pipeline:api_v3]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = stats_monitoring url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = stats_monitoring url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/v3 = api_v3
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api

35
config_samples/config/host2/root/etc/keystone/logging.conf
View File

@ -1,35 +0,0 @@
[loggers]
keys = root
# devel is reserved for future usage
[handlers]
keys = production,devel
[formatters]
keys = normal,debug
[logger_root]
level = NOTSET
handlers = production
propagate = 1
#qualname = keystone
[formatter_debug]
format = keystone-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s
[formatter_normal]
format = keystone-%(name)s %(levelname)s: %(message)s
# Extended logging info to LOG_LOCAL7 with debug:true and verbose:true
# Note: local copy goes to /var/log/keystone-all.log
[handler_production]
class = handlers.SysLogHandler
level = DEBUG
args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL7)
formatter = normal
# TODO find out how it could be usefull and how it should be used
[handler_devel]
class = StreamHandler
formatter = debug
args = (sys.stdout,)

86
config_samples/config/host2/root/etc/keystone/policy.json
View File

@ -1,86 +0,0 @@
{
"admin_required": [["role:admin"], ["is_admin:1"]],
"owner" : [["user_id:%(user_id)s"]],
"admin_or_owner": [["rule:admin_required"], ["rule:owner"]],
"default": [["rule:admin_required"]],
"identity:get_service": [["rule:admin_required"]],
"identity:list_services": [["rule:admin_required"]],
"identity:create_service": [["rule:admin_required"]],
"identity:update_service": [["rule:admin_required"]],
"identity:delete_service": [["rule:admin_required"]],
"identity:get_endpoint": [["rule:admin_required"]],
"identity:list_endpoints": [["rule:admin_required"]],
"identity:create_endpoint": [["rule:admin_required"]],
"identity:update_endpoint": [["rule:admin_required"]],
"identity:delete_endpoint": [["rule:admin_required"]],
"identity:get_domain": [["rule:admin_required"]],
"identity:list_domains": [["rule:admin_required"]],
"identity:create_domain": [["rule:admin_required"]],
"identity:update_domain": [["rule:admin_required"]],
"identity:delete_domain": [["rule:admin_required"]],
"identity:get_project": [["rule:admin_required"]],
"identity:list_projects": [["rule:admin_required"]],
"identity:list_user_projects": [["rule:admin_or_owner"]],
"identity:create_project": [["rule:admin_or_owner"]],
"identity:update_project": [["rule:admin_required"]],
"identity:delete_project": [["rule:admin_required"]],
"identity:get_user": [["rule:admin_required"]],
"identity:list_users": [["rule:admin_required"]],
"identity:create_user": [["rule:admin_required"]],
"identity:update_user": [["rule:admin_or_owner"]],
"identity:delete_user": [["rule:admin_required"]],
"identity:get_group": [["rule:admin_required"]],
"identity:list_groups": [["rule:admin_required"]],
"identity:list_groups_for_user": [["rule:admin_or_owner"]],
"identity:create_group": [["rule:admin_required"]],
"identity:update_group": [["rule:admin_required"]],
"identity:delete_group": [["rule:admin_required"]],
"identity:list_users_in_group": [["rule:admin_required"]],
"identity:remove_user_from_group": [["rule:admin_required"]],
"identity:check_user_in_group": [["rule:admin_required"]],
"identity:add_user_to_group": [["rule:admin_required"]],
"identity:get_credential": [["rule:admin_required"]],
"identity:list_credentials": [["rule:admin_required"]],
"identity:create_credential": [["rule:admin_required"]],
"identity:update_credential": [["rule:admin_required"]],
"identity:delete_credential": [["rule:admin_required"]],
"identity:get_role": [["rule:admin_required"]],
"identity:list_roles": [["rule:admin_required"]],
"identity:create_role": [["rule:admin_required"]],
"identity:update_role": [["rule:admin_required"]],
"identity:delete_role": [["rule:admin_required"]],
"identity:check_grant": [["rule:admin_required"]],
"identity:list_grants": [["rule:admin_required"]],
"identity:create_grant": [["rule:admin_required"]],
"identity:revoke_grant": [["rule:admin_required"]],
"identity:get_policy": [["rule:admin_required"]],
"identity:list_policies": [["rule:admin_required"]],
"identity:create_policy": [["rule:admin_required"]],
"identity:update_policy": [["rule:admin_required"]],
"identity:delete_policy": [["rule:admin_required"]],
"identity:check_token": [["rule:admin_required"]],
"identity:validate_token": [["rule:admin_required"]],
"identity:revocation_list": [["rule:admin_required"]],
"identity:revoke_token": [["rule:admin_required"],
["user_id:%(user_id)s"]],
"identity:create_trust": [["user_id:%(trust.trustor_user_id)s"]],
"identity:get_trust": [["rule:admin_or_owner"]],
"identity:list_trusts": [["@"]],
"identity:list_roles_for_trust": [["@"]],
"identity:check_role_for_trust": [["@"]],
"identity:get_role_for_trust": [["@"]],
"identity:delete_trust": [["@"]]
}

107
config_samples/config/host2/root/etc/nova/api-paste.ini
View File

@ -1,107 +0,0 @@
############
# Metadata #
############
[composite:metadata]
use = egg:Paste#urlmap
/: meta
[pipeline:meta]
pipeline = ec2faultwrap logrequest metaapp
[app:metaapp]
paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
#######
# EC2 #
#######
[composite:ec2]
use = egg:Paste#urlmap
/services/Cloud: ec2cloud
[composite:ec2cloud]
use = call:nova.api.auth:pipeline_factory
noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor
[filter:ec2faultwrap]
paste.filter_factory = nova.api.ec2:FaultWrapper.factory
[filter:logrequest]
paste.filter_factory = nova.api.ec2:RequestLogging.factory
[filter:ec2lockout]
paste.filter_factory = nova.api.ec2:Lockout.factory
[filter:ec2keystoneauth]
paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory
[filter:ec2noauth]
paste.filter_factory = nova.api.ec2:NoAuth.factory
[filter:cloudrequest]
controller = nova.api.ec2.cloud.CloudController
paste.filter_factory = nova.api.ec2:Requestify.factory
[filter:authorizer]
paste.filter_factory = nova.api.ec2:Authorizer.factory
[filter:validator]
paste.filter_factory = nova.api.ec2:Validator.factory
[app:ec2executor]
paste.app_factory = nova.api.ec2:Executor.factory
#############
# Openstack #
#############
[composite:osapi_compute]
use = call:nova.api.openstack.urlmap:urlmap_factory
/: oscomputeversions
/v1.1: openstack_compute_api_v2
/v2: openstack_compute_api_v2
[composite:openstack_compute_api_v2]
use = call:nova.api.auth:pipeline_factory
noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2
keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2
[filter:faultwrap]
paste.filter_factory = nova.api.openstack:FaultWrapper.factory
[filter:noauth]
paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory
[filter:ratelimit]
paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory
limits=(POST, "*", .*, 1000, MINUTE);(POST, "*/servers", ^/servers, 1000, DAY);(PUT, "*", .*, 1000, MINUTE);(GET, "*changes-since*", .*changes-since.*, 1000, MINUTE);(DELETE, "*", .*, 1000, MINUTE)
[filter:sizelimit]
paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory
[app:osapi_compute_app_v2]
paste.app_factory = nova.api.openstack.compute:APIRouter.factory
[pipeline:oscomputeversions]
pipeline = faultwrap oscomputeversionapp
[app:oscomputeversionapp]
paste.app_factory = nova.api.openstack.compute.versions:Versions.factory
##########
# Shared #
##########
[filter:keystonecontext]
paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
# signing_dir is configurable, but the default behavior of the authtoken
# middleware should be sufficient. It will create a temporary directory
# in the home directory for the user the nova process is running as.
#signing_dir = /var/lib/nova/keystone-signing
# Workaround for https://bugs.launchpad.net/nova/+bug/1154809
auth_version = v2.0

35
config_samples/config/host2/root/etc/nova/logging.conf
View File

@ -1,35 +0,0 @@
[loggers]
keys = root
# devel is reserved for future usage
[handlers]
keys = production,devel
[formatters]
keys = normal,debug
[logger_root]
level = NOTSET
handlers = production
propagate = 1
#qualname = nova
[formatter_debug]
format = nova-%(name)s %(levelname)s: %(module)s %(funcName)s %(message)s
[formatter_normal]
format = nova-%(name)s %(levelname)s: %(message)s
# Extended logging info to LOG_LOCAL6 with debug:true and verbose:true
# Note: local copy goes to /var/log/nova-all.log
[handler_production]
class = handlers.SysLogHandler
level = DEBUG
args = ('/dev/log', handlers.SysLogHandler.LOG_LOCAL6)
formatter = normal
# TODO find out how it could be usefull and how it should be used
[handler_devel]
class = StreamHandler
formatter = debug
args = (sys.stdout,)

71
config_samples/config/host2/root/etc/nova/nova.conf
View File

@ -1,71 +0,0 @@
[DEFAULT]
state_path = /var/lib/nova
lock_path = /var/lib/nova/tmp
volumes_dir = /etc/nova/volumes
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf
force_dhcp_release = true
injected_network_template = /usr/share/nova/interfaces.template
libvirt_nonblocking = True
libvirt_inject_partition = -1
network_manager = nova.network.manager.VlanManager
iscsi_helper = tgtadm
sql_connection = mysql://nova:4ZDJNk2l@192.168.0.2/nova
compute_driver = libvirt.LibvirtDriver
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
rpc_backend = nova.rpc.impl_kombu
rootwrap_config = /etc/nova/rootwrap.conf
debug=true
vncserver_proxyclient_address=192.168.0.3
rabbit_hosts=192.168.0.2:5672
osapi_compute_listen=192.168.0.3
ec2_listen=192.168.0.3
glance_api_servers=192.168.0.2:9292
rabbit_userid=nova
rabbit_ha_queues=True
rabbit_password=HNmMv5tY
verbose=true
logging_default_format_string=%(levelname)s %(name)s [-] %(instance)s %(message)s
logging_context_format_string=%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(instance)s %(message)s
enabled_apis=metadata
vnc_enabled=true
rabbit_virtual_host=/
image_service=nova.image.glance.GlanceImageService
volume_api_class=nova.volume.cinder.API
log_config=/etc/nova/logging.conf
rabbit_port=5672
vlan_start=383
api_paste_config=/etc/nova/api-paste.ini
novncproxy_base_url=http://172.18.165.37:6080/vnc_auto.html
public_interface=eth1
service_down_time=60
syslog_log_facility=LOCAL6
vncserver_listen=192.168.0.3
osapi_volume_listen=192.168.0.3
metadata_listen=192.168.0.3
auth_strategy=keystone
fixed_range=10.0.1.0/24
use_syslog=True
dhcp_domain=novalocal
use_cow_images=true
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
start_guests_on_host_boot=true
metadata_host=192.168.0.3
memcached_servers=127.0.0.1:11211
send_arp_for_ha=True
multi_host=True
allow_resize_to_same_host=True
libvirt_type=kvm
vlan_interface=eth0
connection_type=libvirt
[keystone_authtoken]
admin_tenant_name = services
admin_user = nova
admin_password = 8UKGDGt8
auth_host = 192.168.0.2
auth_port = 35357
auth_protocol = http
signing_dir = /tmp/keystone-signing-nova
signing_dirname=/tmp/keystone-signing-nova

161
config_samples/config/host2/root/etc/nova/policy.json
View File

@ -1,161 +0,0 @@
{
"context_is_admin": "role:admin",
"admin_or_owner": "is_admin:True or project_id:%(project_id)s",
"default": "rule:admin_or_owner",
"compute:create": "",
"compute:create:attach_network": "",
"compute:create:attach_volume": "",
"compute:create:forced_host": "is_admin:True",
"compute:get_all": "",
"compute:get_all_tenants": "",
"admin_api": "is_admin:True",
"compute_extension:accounts": "rule:admin_api",
"compute_extension:admin_actions": "rule:admin_api",
"compute_extension:admin_actions:pause": "rule:admin_or_owner",
"compute_extension:admin_actions:unpause": "rule:admin_or_owner",
"compute_extension:admin_actions:suspend": "rule:admin_or_owner",
"compute_extension:admin_actions:resume": "rule:admin_or_owner",
"compute_extension:admin_actions:lock": "rule:admin_api",
"compute_extension:admin_actions:unlock": "rule:admin_api",
"compute_extension:admin_actions:resetNetwork": "rule:admin_api",
"compute_extension:admin_actions:injectNetworkInfo": "rule:admin_api",
"compute_extension:admin_actions:createBackup": "rule:admin_or_owner",
"compute_extension:admin_actions:migrateLive": "rule:admin_api",
"compute_extension:admin_actions:resetState": "rule:admin_api",
"compute_extension:admin_actions:migrate": "rule:admin_api",
"compute_extension:aggregates": "rule:admin_api",
"compute_extension:agents": "rule:admin_api",
"compute_extension:attach_interfaces": "",
"compute_extension:baremetal_nodes": "rule:admin_api",
"compute_extension:cells": "rule:admin_api",
"compute_extension:certificates": "",
"compute_extension:cloudpipe": "rule:admin_api",
"compute_extension:cloudpipe_update": "rule:admin_api",
"compute_extension:console_output": "",
"compute_extension:consoles": "",
"compute_extension:coverage_ext": "rule:admin_api",
"compute_extension:createserverext": "",
"compute_extension:deferred_delete": "",
"compute_extension:disk_config": "",
"compute_extension:evacuate": "rule:admin_api",
"compute_extension:extended_server_attributes": "rule:admin_api",
"compute_extension:extended_status": "",
"compute_extension:extended_availability_zone": "",
"compute_extension:extended_ips": "",
"compute_extension:fixed_ips": "rule:admin_api",
"compute_extension:flavor_access": "",
"compute_extension:flavor_disabled": "",
"compute_extension:flavor_rxtx": "",
"compute_extension:flavor_swap": "",
"compute_extension:flavorextradata": "",
"compute_extension:flavorextraspecs:index": "",
"compute_extension:flavorextraspecs:show": "",
"compute_extension:flavorextraspecs:create": "rule:admin_api",
"compute_extension:flavorextraspecs:update": "rule:admin_api",
"compute_extension:flavorextraspecs:delete": "rule:admin_api",
"compute_extension:flavormanage": "rule:admin_api",
"compute_extension:floating_ip_dns": "",
"compute_extension:floating_ip_pools": "",
"compute_extension:floating_ips": "",
"compute_extension:floating_ips_bulk": "rule:admin_api",
"compute_extension:fping": "",
"compute_extension:fping:all_tenants": "rule:admin_api",
"compute_extension:hide_server_addresses": "is_admin:False",
"compute_extension:hosts": "rule:admin_api",
"compute_extension:hypervisors": "rule:admin_api",
"compute_extension:image_size": "",
"compute_extension:instance_actions": "",
"compute_extension:instance_actions:events": "rule:admin_api",
"compute_extension:instance_usage_audit_log": "rule:admin_api",
"compute_extension:keypairs": "",
"compute_extension:multinic": "",
"compute_extension:networks": "rule:admin_api",
"compute_extension:networks:view": "",
"compute_extension:networks_associate": "rule:admin_api",
"compute_extension:quotas:show": "",
"compute_extension:quotas:update": "rule:admin_api",
"compute_extension:quota_classes": "",
"compute_extension:rescue": "",
"compute_extension:security_group_default_rules": "rule:admin_api",
"compute_extension:security_groups": "",
"compute_extension:server_diagnostics": "rule:admin_api",
"compute_extension:server_password": "",
"compute_extension:services": "rule:admin_api",
"compute_extension:simple_tenant_usage:show": "rule:admin_or_owner",
"compute_extension:simple_tenant_usage:list": "rule:admin_api",
"compute_extension:users": "rule:admin_api",
"compute_extension:virtual_interfaces": "",
"compute_extension:virtual_storage_arrays": "",
"compute_extension:volumes": "",
"compute_extension:volume_attachments:index": "",
"compute_extension:volume_attachments:show": "",
"compute_extension:volume_attachments:create": "",
"compute_extension:volume_attachments:delete": "",
"compute_extension:volumetypes": "",
"compute_extension:availability_zone:list": "",
"compute_extension:availability_zone:detail": "rule:admin_api",
"volume:create": "",
"volume:get_all": "",
"volume:get_volume_metadata": "",
"volume:get_snapshot": "",
"volume:get_all_snapshots": "",
"volume_extension:types_manage": "rule:admin_api",
"volume_extension:types_extra_specs": "rule:admin_api",
"volume_extension:volume_admin_actions:reset_status": "rule:admin_api",
"volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api",
"volume_extension:volume_admin_actions:force_delete": "rule:admin_api",
"network:get_all": "",
"network:get": "",
"network:create": "",
"network:delete": "",
"network:associate": "",
"network:disassociate": "",
"network:get_vifs_by_instance": "",
"network:allocate_for_instance": "",
"network:deallocate_for_instance": "",
"network:validate_networks": "",
"network:get_instance_uuids_by_ip_filter": "",
"network:get_instance_id_by_floating_address": "",
"network:setup_networks_on_host": "",
"network:get_backdoor_port": "",
"network:get_floating_ip": "",
"network:get_floating_ip_pools": "",
"network:get_floating_ip_by_address": "",
"network:get_floating_ips_by_project": "",
"network:get_floating_ips_by_fixed_address": "",
"network:allocate_floating_ip": "",
"network:deallocate_floating_ip": "",
"network:associate_floating_ip": "",
"network:disassociate_floating_ip": "",
"network:release_floating_ip": "",
"network:migrate_instance_start": "",
"network:migrate_instance_finish": "",
"network:get_fixed_ip": "",
"network:get_fixed_ip_by_address": "",
"network:add_fixed_ip_to_instance": "",
"network:remove_fixed_ip_from_instance": "",
"network:add_network_to_project": "",
"network:get_instance_nw_info": "",
"network:get_dns_domains": "",
"network:add_dns_entry": "",
"network:modify_dns_entry": "",
"network:delete_dns_entry": "",
"network:get_dns_entries_by_address": "",
"network:get_dns_entries_by_name": "",
"network:create_private_dns_domain": "",
"network:create_public_dns_domain": "",
"network:delete_dns_domain": ""
}

4
config_samples/config/host2/root/etc/nova/release
View File

@ -1,4 +0,0 @@
[Nova]
vendor = Red Hat Inc.
product = OpenStack Nova
package = mira.1

27
config_samples/config/host2/root/etc/nova/rootwrap.conf
View File

@ -1,27 +0,0 @@
# Configuration for nova-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, user0, user1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR

9
config_samples/config/host2/services.json
View File

@ -1,9 +0,0 @@
{
"keystone": {
"version": "2013.1"
},
"nova": {
"version": "2013.1"
}
}

237
config_samples/devstack/host1/apache2/apache2.conf
View File

@ -1,237 +0,0 @@
#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "foo.log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include all the user configurations:
Include httpd.conf
# Include ports listing
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host configurations:
Include sites-enabled/

6
config_samples/devstack/host1/apache2/conf.d/charset
View File

@ -1,6 +0,0 @@
# Read the documentation before enabling AddDefaultCharset.
# In general, it is only a good idea if you know that all your files
# have this encoding. It will override any encoding given in the files
# in meta http-equiv or xml encoding tags.
#AddDefaultCharset UTF-8

5
config_samples/devstack/host1/apache2/conf.d/javascript-common.conf
View File

@ -1,5 +0,0 @@
Alias /javascript /usr/share/javascript/
<Directory "/usr/share/javascript/">
Options FollowSymLinks MultiViews
</Directory>

79
config_samples/devstack/host1/apache2/conf.d/localized-error-pages
View File

@ -1,79 +0,0 @@
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. If you include the Alias in the global server
# context, is has to come _before_ the 'Alias /error/ ...' line.
#
# The default include files will display your Apache version number and your
# ServerAdmin email address regardless of the setting of ServerSignature.
#
# WARNING: The configuration below will NOT work out of the box if you have a
# SetHandler directive in a <Location /> context somewhere. Adding
# the following three lines AFTER the <Location /> context should
# make it work in most cases:
# <Location /error/>
# SetHandler none
# </Location>
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 37 lines.
#<IfModule mod_negotiation.c>
# <IfModule mod_include.c>
# <IfModule mod_alias.c>
#
# Alias /error/ "/usr/share/apache2/error/"
#
# <Directory "/usr/share/apache2/error">
# AllowOverride None
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en cs de es fr it nl sv pt-br ro
# ForceLanguagePriority Prefer Fallback
# </Directory>
#
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
# </IfModule>
# </IfModule>
#</IfModule>

2
config_samples/devstack/host1/apache2/conf.d/other-vhosts-access-log
View File

@ -1,2 +0,0 @@
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined

51
config_samples/devstack/host1/apache2/conf.d/security
View File

@ -1,51 +0,0 @@
#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages.
#
#<Directory />
# AllowOverride None
# Order Deny,Allow
# Deny from all
#</Directory>
# Changing the following options will not really affect the security of the
# server, but might make attacks slightly more difficult in some cases.
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
#
#ServerTokens Minimal
ServerTokens OS
#ServerTokens Full
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
#ServerSignature Off
ServerSignature On
#
# Allow TRACE method
#
# Set to "extended" to also reflect the request body (only for testing and
# diagnostic purposes).
#
# Set to one of: On | Off | extended
#
TraceEnable Off
#TraceEnable On

37
config_samples/devstack/host1/apache2/envvars
View File

@ -1,37 +0,0 @@
# envvars - default environment variables for apache2ctl
# this won't be correct after changing uid
unset HOME
# for supporting multiple apache2 instances
if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
else
SUFFIX=
fi
# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
## The locale used by some modules like mod_dav
export LANG=C
## Uncomment the following line to use the system default locale instead:
#. /etc/default/locale
export LANG
## The command to get the status for 'apache2ctl status'.
## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
#export APACHE_LYNX='www-browser -dump'
## If you need a higher file descriptor limit, uncomment and adjust the
## following line (default is 8192):
#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'

0
config_samples/devstack/host1/apache2/httpd.conf
View File

935
config_samples/devstack/host1/apache2/magic
View File

@ -1,935 +0,0 @@
# Magic data for mod_mime_magic (originally for file(1) command)
#
# The format is 4-5 columns:
# Column #1: byte number to begin checking from, ">" indicates continuation
# Column #2: type of data to match
# Column #3: contents of data to match
# Column #4: MIME type of result
# Column #5: MIME encoding of result (optional)
#------------------------------------------------------------------------------
# Localstuff: file(1) magic for locally observed files
# Add any locally observed files here.
# Real Audio (Magic .ra\0375)
0 belong 0x2e7261fd audio/x-pn-realaudio
0 string .RMF application/vnd.rn-realmedia
#video/x-pn-realvideo
#video/vnd.rn-realvideo
#application/vnd.rn-realmedia
# sigh, there are many mimes for that but the above are the most common.
# Taken from magic, converted to magic.mime
# mime types according to http://www.geocities.com/nevilo/mod.htm:
# audio/it .it
# audio/x-zipped-it .itz
# audio/xm fasttracker modules
# audio/x-s3m screamtracker modules
# audio/s3m screamtracker modules
# audio/x-zipped-mod mdz
# audio/mod mod
# audio/x-mod All modules (mod, s3m, 669, mtm, med, xm, it, mdz, stm, itz, xmz, s3z)
# Taken from loader code from mikmod version 2.14
# by Steve McIntyre (stevem@chiark.greenend.org.uk)
# <doj@cubic.org> added title printing on 2003-06-24
0 string MAS_UTrack_V00
>14 string >/0 audio/x-mod
#audio/x-tracker-module
#0 string UN05 MikMod UNI format module sound data
0 string Extended\ Module: audio/x-mod
#audio/x-tracker-module
##>17 string >\0 Title: "%s"
21 string/c \!SCREAM! audio/x-mod
#audio/x-screamtracker-module
21 string BMOD2STM audio/x-mod
#audio/x-screamtracker-module
1080 string M.K. audio/x-mod
#audio/x-protracker-module
#>0 string >\0 Title: "%s"
1080 string M!K! audio/x-mod
#audio/x-protracker-module
#>0 string >\0 Title: "%s"
1080 string FLT4 audio/x-mod
#audio/x-startracker-module
#>0 string >\0 Title: "%s"
1080 string FLT8 audio/x-mod
#audio/x-startracker-module
#>0 string >\0 Title: "%s"
1080 string 4CHN audio/x-mod
#audio/x-fasttracker-module
#>0 string >\0 Title: "%s"
1080 string 6CHN audio/x-mod
#audio/x-fasttracker-module
#>0 string >\0 Title: "%s"
1080 string 8CHN audio/x-mod
#audio/x-fasttracker-module
#>0 string >\0 Title: "%s"
1080 string CD81 audio/x-mod
#audio/x-oktalyzer-tracker-module
#>0 string >\0 Title: "%s"
1080 string OKTA audio/x-mod
#audio/x-oktalyzer-tracker-module
#>0 string >\0 Title: "%s"
# Not good enough.
#1082 string CH
#>1080 string >/0 %.2s-channel Fasttracker "oktalyzer" module sound data
1080 string 16CN audio/x-mod
#audio/x-taketracker-module
#>0 string >\0 Title: "%s"
1080 string 32CN audio/x-mod
#audio/x-taketracker-module
#>0 string >\0 Title: "%s"
# Impuse tracker module (it)
0 string IMPM audio/x-mod
#>4 string >\0 "%s"
#>40 leshort !0 compatible w/ITv%x
#>42 leshort !0 created w/ITv%x
#------------------------------------------------------------------------------
# end local stuff
#------------------------------------------------------------------------------
# xml based formats!
# svg
0 string \<?xml
# text/xml
>38 string \<\!DOCTYPE\040svg image/svg+xml
# xml
0 string \<?xml text/xml
#------------------------------------------------------------------------------
# Java
0 short 0xcafe
>2 short 0xbabe application/java
#------------------------------------------------------------------------------
# audio: file(1) magic for sound formats
#
# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
#
# Sun/NeXT audio data
0 string .snd
>12 belong 1 audio/basic
>12 belong 2 audio/basic
>12 belong 3 audio/basic
>12 belong 4 audio/basic
>12 belong 5 audio/basic
>12 belong 6 audio/basic
>12 belong 7 audio/basic
>12 belong 23 audio/x-adpcm
# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
# that uses little-endian encoding and has a different magic number
# (0x0064732E in little-endian encoding).
0 lelong 0x0064732E
>12 lelong 1 audio/x-dec-basic
>12 lelong 2 audio/x-dec-basic
>12 lelong 3 audio/x-dec-basic
>12 lelong 4 audio/x-dec-basic
>12 lelong 5 audio/x-dec-basic
>12 lelong 6 audio/x-dec-basic
>12 lelong 7 audio/x-dec-basic
# compressed (G.721 ADPCM)
>12 lelong 23 audio/x-dec-adpcm
# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
# AIFF audio data
8 string AIFF audio/x-aiff
# AIFF-C audio data
8 string AIFC audio/x-aiff
# IFF/8SVX audio data
8 string 8SVX audio/x-aiff
# Creative Labs AUDIO stuff
# Standard MIDI data
0 string MThd audio/unknown
#>9 byte >0 (format %d)
#>11 byte >1 using %d channels
# Creative Music (CMF) data
0 string CTMF audio/unknown
# SoundBlaster instrument data
0 string SBI audio/unknown
# Creative Labs voice data
0 string Creative\ Voice\ File audio/unknown
## is this next line right? it came this way...
#>19 byte 0x1A
#>23 byte >0 - version %d
#>22 byte >0 \b.%d
# [GRR 950115: is this also Creative Labs? Guessing that first line
# should be string instead of unknown-endian long...]
#0 long 0x4e54524b MultiTrack sound data
#0 string NTRK MultiTrack sound data
#>4 long x - version %ld
# Microsoft WAVE format (*.wav)
# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
# Microsoft RIFF
0 string RIFF
# - WAVE format
>8 string WAVE audio/x-wav
>8 string/B AVI video/x-msvideo
#
>8 string CDRA image/x-coreldraw
# AAC (aka MPEG-2 NBC)
0 beshort&0xfff6 0xfff0 audio/X-HX-AAC-ADTS
0 string ADIF audio/X-HX-AAC-ADIF
0 beshort&0xffe0 0x56e0 audio/MP4A-LATM
0 beshort 0x4De1 audio/MP4A-LATM
# MPEG Layer 3 sound files
0 beshort&0xfffe =0xfffa audio/mpeg
#MP3 with ID3 tag
0 string ID3 audio/mpeg
# Ogg/Vorbis
0 string OggS application/ogg
#------------------------------------------------------------------------------
# c-lang: file(1) magic for C programs or various scripts
#
# XPM icons (Greg Roelofs, newt@uchicago.edu)
# ideally should go into "images", but entries below would tag XPM as C source
0 string /*\ XPM image/x-xpmi 7bit
# 3DS (3d Studio files)
#16 beshort 0x3d3d image/x-3ds
# this first will upset you if you're a PL/1 shop... (are there any left?)
# in which case rm it; ascmagic will catch real C programs
# C or REXX program text
#0 string /* text/x-c
# C++ program text
#0 string // text/x-c++
#------------------------------------------------------------------------------
# commands: file(1) magic for various shells and interpreters
#
#0 string :\ shell archive or commands for antique kernel text
0 string #!/bin/sh application/x-shellscript
0 string #!\ /bin/sh application/x-shellscript
0 string #!/bin/csh application/x-shellscript
0 string #!\ /bin/csh application/x-shellscript
# korn shell magic, sent by George Wu, gwu@clyde.att.com
0 string #!/bin/ksh application/x-shellscript
0 string #!\ /bin/ksh application/x-shellscript
0 string #!/bin/tcsh application/x-shellscript
0 string #!\ /bin/tcsh application/x-shellscript
0 string #!/usr/local/tcsh application/x-shellscript
0 string #!\ /usr/local/tcsh application/x-shellscript
0 string #!/usr/local/bin/tcsh application/x-shellscript
0 string #!\ /usr/local/bin/tcsh application/x-shellscript
# bash shell magic, from Peter Tobias (tobias@server.et-inf.fho-emden.de)
0 string #!/bin/bash application/x-shellscript
0 string #!\ /bin/bash application/x-shellscript
0 string #!/usr/local/bin/bash application/x-shellscript
0 string #!\ /usr/local/bin/bash application/x-shellscript
#
# zsh/ash/ae/nawk/gawk magic from cameron@cs.unsw.oz.au (Cameron Simpson)
0 string #!/bin/zsh application/x-shellscript
0 string #!/usr/bin/zsh application/x-shellscript
0 string #!/usr/local/bin/zsh application/x-shellscript
0 string #!\ /usr/local/bin/zsh application/x-shellscript
0 string #!/usr/local/bin/ash application/x-shellscript
0 string #!\ /usr/local/bin/ash application/x-shellscript
#0 string #!/usr/local/bin/ae Neil Brown's ae
#0 string #!\ /usr/local/bin/ae Neil Brown's ae
0 string #!/bin/nawk application/x-nawk
0 string #!\ /bin/nawk application/x-nawk
0 string #!/usr/bin/nawk application/x-nawk
0 string #!\ /usr/bin/nawk application/x-nawk
0 string #!/usr/local/bin/nawk application/x-nawk
0 string #!\ /usr/local/bin/nawk application/x-nawk
0 string #!/bin/gawk application/x-gawk
0 string #!\ /bin/gawk application/x-gawk
0 string #!/usr/bin/gawk application/x-gawk
0 string #!\ /usr/bin/gawk application/x-gawk
0 string #!/usr/local/bin/gawk application/x-gawk
0 string #!\ /usr/local/bin/gawk application/x-gawk
#
0 string #!/bin/awk application/x-awk
0 string #!\ /bin/awk application/x-awk
0 string #!/usr/bin/awk application/x-awk
0 string #!\ /usr/bin/awk application/x-awk
# update to distinguish from *.vcf files by Joerg Jenderek: joerg dot jenderek at web dot de
#0 regex BEGIN[[:space:]]*[{] application/x-awk
# For Larry Wall's perl language. The ``eval'' line recognizes an
# outrageously clever hack for USG systems.
# Keith Waclena <keith@cerberus.uchicago.edu>
0 string #!/bin/perl application/x-perl
0 string #!\ /bin/perl application/x-perl
0 string eval\ "exec\ /bin/perl application/x-perl
0 string #!/usr/bin/perl application/x-perl
0 string #!\ /usr/bin/perl application/x-perl
0 string eval\ "exec\ /usr/bin/perl application/x-perl
0 string #!/usr/local/bin/perl application/x-perl
0 string #!\ /usr/local/bin/perl application/x-perl
0 string eval\ "exec\ /usr/local/bin/perl application/x-perl
#------------------------------------------------------------------------------
# compress: file(1) magic for pure-compression formats (no archives)
#
# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
#
# Formats for various forms of compressed data
# Formats for "compress" proper have been moved into "compress.c",
# because it tries to uncompress it to figure out what's inside.
# standard unix compress
#0 string \037\235 application/x-compress
# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
#0 string \037\213 application/x-gzip
0 string PK\003\004 application/x-zip
# RAR archiver (Greg Roelofs, newt@uchicago.edu)
0 string Rar! application/x-rar
# According to gzip.h, this is the correct byte order for packed data.
0 string \037\036 application/octet-stream
#
# This magic number is byte-order-independent.
#
0 short 017437 application/octet-stream
# XXX - why *two* entries for "compacted data", one of which is
# byte-order independent, and one of which is byte-order dependent?
#
# compacted data
0 short 0x1fff application/octet-stream
0 string \377\037 application/octet-stream
# huf output
0 short 0145405 application/octet-stream
# Squeeze and Crunch...
# These numbers were gleaned from the Unix versions of the programs to
# handle these formats. Note that I can only uncrunch, not crunch, and
# I didn't have a crunched file handy, so the crunch number is untested.
# Keith Waclena <keith@cerberus.uchicago.edu>
#0 leshort 0x76FF squeezed data (CP/M, DOS)
#0 leshort 0x76FE crunched data (CP/M, DOS)
# Freeze
#0 string \037\237 Frozen file 2.1
#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
# lzh?
#0 string \037\240 LZH compressed data
257 string ustar\0 application/x-tar posix
257 string ustar\040\040\0 application/x-tar gnu
0 short 070707 application/x-cpio
0 short 0143561 application/x-cpio swapped
0 string =<ar> application/x-archive
0 string \!<arch> application/x-archive
>8 string debian application/x-debian-package
#------------------------------------------------------------------------------
#
# RPM: file(1) magic for Red Hat Packages Erik Troan (ewt@redhat.com)
#
0 beshort 0xedab
>2 beshort 0xeedb application/x-rpm
0 lelong&0x8080ffff 0x0000081a application/x-arc lzw
0 lelong&0x8080ffff 0x0000091a application/x-arc squashed
0 lelong&0x8080ffff 0x0000021a application/x-arc uncompressed
0 lelong&0x8080ffff 0x0000031a application/x-arc packed
0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed
0 lelong&0x8080ffff 0x0000061a application/x-arc crunched
0 leshort 0xea60 application/x-arj
# LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu)
2 string -lh0- application/x-lharc lh0
2 string -lh1- application/x-lharc lh1
2 string -lz4- application/x-lharc lz4
2 string -lz5- application/x-lharc lz5
# [never seen any but the last; -lh4- reported in comp.compression:]
2 string -lzs- application/x-lha lzs
2 string -lh\ - application/x-lha lh
2 string -lhd- application/x-lha lhd
2 string -lh2- application/x-lha lh2
2 string -lh3- application/x-lha lh3
2 string -lh4- application/x-lha lh4
2 string -lh5- application/x-lha lh5
2 string -lh6- application/x-lha lh6
2 string -lh7- application/x-lha lh7
# Shell archives
10 string #\ This\ is\ a\ shell\ archive application/octet-stream x-shell
#------------------------------------------------------------------------------
# frame: file(1) magic for FrameMaker files
#
# This stuff came on a FrameMaker demo tape, most of which is
# copyright, but this file is "published" as witness the following:
#
0 string \<MakerFile application/x-frame
0 string \<MIFFile application/x-frame
0 string \<MakerDictionary application/x-frame
0 string \<MakerScreenFon application/x-frame
0 string \<MML application/x-frame
0 string \<Book application/x-frame
0 string \<Maker application/x-frame
#------------------------------------------------------------------------------
# html: file(1) magic for HTML (HyperText Markup Language) docs
#
# from Daniel Quinlan <quinlan@yggdrasil.com>
#
0 string/cB \<!DOCTYPE\ html text/html
0 string/cb \<head text/html
0 string/cb \<title text/html
0 string/bc \<html text/html
0 string \<!-- text/html
0 string/c \<h1 text/html
0 string \<?xml text/xml
#------------------------------------------------------------------------------
# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
#
# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
# additions by janl@ifi.uio.no as well as others. Jan also suggested
# merging several one- and two-line files into here.
#
# XXX - byte order for GIF and TIFF fields?
# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
#
# [GRR: what the hell is this doing in here?]
#0 string xbtoa btoa'd file
# PBMPLUS
# PBM file
0 string P1 image/x-portable-bitmap 7bit
# PGM file
0 string P2 image/x-portable-greymap 7bit
# PPM file
0 string P3 image/x-portable-pixmap 7bit
# PBM "rawbits" file
0 string P4 image/x-portable-bitmap
# PGM "rawbits" file
0 string P5 image/x-portable-greymap
# PPM "rawbits" file
0 string P6 image/x-portable-pixmap
# NIFF (Navy Interchange File Format, a modification of TIFF)
# [GRR: this *must* go before TIFF]
0 string IIN1 image/x-niff
# TIFF and friends
# TIFF file, big-endian
0 string MM image/tiff
# TIFF file, little-endian
0 string II image/tiff
# possible GIF replacements; none yet released!
# (Greg Roelofs, newt@uchicago.edu)
#
# GRR 950115: this was mine ("Zip GIF"):
# ZIF image (GIF+deflate alpha)
0 string GIF94z image/unknown
#
# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
# FGF image (GIF+deflate beta)
0 string FGF95a image/unknown
#
# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
# (best; not yet implemented):
# PBF image (deflate compression)
0 string PBF image/unknown
# GIF
0 string GIF image/gif
# JPEG images
0 beshort 0xffd8 image/jpeg
# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
0 string BM image/x-ms-bmp
#>14 byte 12 (OS/2 1.x format)
#>14 byte 64 (OS/2 2.x format)
#>14 byte 40 (Windows 3.x format)
#0 string IC icon
#0 string PI pointer
#0 string CI color icon
#0 string CP color pointer
#0 string BA bitmap array
# CDROM Filesystems
32769 string CD001 application/x-iso9660
# Newer StuffIt archives (grant@netbsd.org)
0 string StuffIt application/x-stuffit
#>162 string >0 : %s
# BinHex is the Macintosh ASCII-encoded file format (see also "apple")
# Daniel Quinlan, quinlan@yggdrasil.com
11 string must\ be\ converted\ with\ BinHex\ 4 application/mac-binhex40
##>41 string x \b, version %.3s
#------------------------------------------------------------------------------
# lisp: file(1) magic for lisp programs
#
# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
0 string ;; text/plain 8bit
# Emacs 18 - this is always correct, but not very magical.
0 string \012( application/x-elc
# Emacs 19
0 string ;ELC\023\000\000\000 application/x-elc
#------------------------------------------------------------------------------
# mail.news: file(1) magic for mail and news
#
# There are tests to ascmagic.c to cope with mail and news.
0 string Relay-Version: message/rfc822 7bit
0 string #!\ rnews message/rfc822 7bit
0 string N#!\ rnews message/rfc822 7bit
0 string Forward\ to message/rfc822 7bit
0 string Pipe\ to message/rfc822 7bit
0 string Return-Path: message/rfc822 7bit
0 string Received: message/rfc822
0 string Path: message/news 8bit
0 string Xref: message/news 8bit
0 string From: message/rfc822 7bit
0 string Article message/news 8bit
#------------------------------------------------------------------------------
# msword: file(1) magic for MS Word files
#
# Contributor claims:
# Reversed-engineered MS Word magic numbers
#
0 string \376\067\0\043 application/msword
0 string \320\317\021\340\241\261 application/msword
0 string \333\245-\0\0\0 application/msword
#------------------------------------------------------------------------------
# printer: file(1) magic for printer-formatted files
#
# PostScript
0 string %! application/postscript
0 string \004%! application/postscript
# Acrobat
# (due to clamen@cs.cmu.edu)
0 string %PDF- application/pdf
#------------------------------------------------------------------------------
# sc: file(1) magic for "sc" spreadsheet
#
38 string Spreadsheet application/x-sc
#------------------------------------------------------------------------------
# tex: file(1) magic for TeX files
#
# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
#
# From <conklin@talisman.kaleida.com>
# Although we may know the offset of certain text fields in TeX DVI
# and font files, we can't use them reliably because they are not
# zero terminated. [but we do anyway, christos]
0 string \367\002 application/x-dvi
#0 string \367\203 TeX generic font data
#0 string \367\131 TeX packed font data
#0 string \367\312 TeX virtual font data
#0 string This\ is\ TeX, TeX transcript text
#0 string This\ is\ METAFONT, METAFONT transcript text
# There is no way to detect TeX Font Metric (*.tfm) files without
# breaking them apart and reading the data. The following patterns
# match most *.tfm files generated by METAFONT or afm2tfm.
2 string \000\021 application/x-tex-tfm
2 string \000\022 application/x-tex-tfm
#>34 string >\0 (%s)
# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
0 string \\input\ texinfo text/x-texinfo
0 string This\ is\ Info\ file text/x-info
# correct TeX magic for Linux (and maybe more)
# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
#
0 leshort 0x02f7 application/x-dvi
# RTF - Rich Text Format
0 string {\\rtf text/rtf
#------------------------------------------------------------------------------
# animation: file(1) magic for animation/movie formats
#
# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
# MPEG file
# MPEG sequences
0 belong 0x000001BA
>4 byte &0x40 video/mp2p
>4 byte ^0x40 video/mpeg
0 belong 0x000001BB video/mpeg
0 belong 0x000001B0 video/mp4v-es
0 belong 0x000001B5 video/mp4v-es
0 belong 0x000001B3 video/mpv
0 belong&0xFF5FFF1F 0x47400010 video/mp2t
0 belong 0x00000001
>4 byte&0x1F 0x07 video/h264
# FLI animation format
0 leshort 0xAF11 video/fli
# FLC animation format
0 leshort 0xAF12 video/flc
#
# SGI and Apple formats
# Added ISO mimes
0 string MOVI video/sgi
4 string moov video/quicktime
4 string mdat video/quicktime
4 string wide video/quicktime
4 string skip video/quicktime
4 string free video/quicktime
4 string idsc image/x-quicktime
4 string idat image/x-quicktime
4 string pckg application/x-quicktime
4 string/B jP image/jp2
4 string ftyp
>8 string isom video/mp4
>8 string mp41 video/mp4
>8 string mp42 video/mp4
>8 string/B jp2 image/jp2
>8 string 3gp video/3gpp
>8 string avc1 video/3gpp
>8 string mmp4 video/mp4
>8 string/B M4A audio/mp4
>8 string/B qt video/quicktime
# The contributor claims:
# I couldn't find a real magic number for these, however, this
# -appears- to work. Note that it might catch other files, too,
# so BE CAREFUL!
#
# Note that title and author appear in the two 20-byte chunks
# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
# 255 (hex FF)! DL format SUCKS BIG ROCKS.
#
# DL file version 1 , medium format (160x100, 4 images/screen)
0 byte 1 video/unknown
0 byte 2 video/unknown
#
# Databases
#
# GDBM magic numbers
# Will be maintained as part of the GDBM distribution in the future.
# <downsj@teeny.org>
0 belong 0x13579ace application/x-gdbm
0 lelong 0x13579ace application/x-gdbm
0 string GDBM application/x-gdbm
#
0 belong 0x061561 application/x-dbm
#
# Executables
#
0 string \177ELF
>16 leshort 0 application/octet-stream
>16 leshort 1 application/x-object
>16 leshort 2 application/x-executable
>16 leshort 3 application/x-sharedlib
>16 leshort 4 application/x-coredump
>16 beshort 0 application/octet-stream
>16 beshort 1 application/x-object
>16 beshort 2 application/x-executable
>16 beshort 3 application/x-sharedlib
>16 beshort 4 application/x-coredump
#
# DOS
0 string MZ application/x-dosexec
#
# KDE
0 string [KDE\ Desktop\ Entry] application/x-kdelnk
0 string \#\ KDE\ Config\ File application/x-kdelnk
# xmcd database file for kscd
0 string \#\ xmcd text/xmcd
#------------------------------------------------------------------------------
# pkgadd: file(1) magic for SysV R4 PKG Datastreams
#
0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package
#PNG Image Format
0 string \x89PNG image/png
# MNG Video Format, <URL:http://www.libpng.org/pub/mng/spec/>
0 string \x8aMNG video/x-mng
0 string \x8aJNG video/x-jng
#------------------------------------------------------------------------------
# Hierarchical Data Format, used to facilitate scientific data exchange
# specifications at http://hdf.ncsa.uiuc.edu/
#Hierarchical Data Format (version 4) data
0 belong 0x0e031301 application/x-hdf
#Hierarchical Data Format (version 5) data
0 string \211HDF\r\n\032 application/x-hdf
# Adobe Photoshop
0 string 8BPS image/x-photoshop
# Felix von Leitner <felix-file@fefe.de>
0 string d8:announce application/x-bittorrent
# lotus 1-2-3 document
0 belong 0x00001a00 application/x-123
0 belong 0x00000200 application/x-123
# MS Access database
4 string Standard\ Jet\ DB application/msaccess
## magic for XBase files
#0 byte 0x02
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x03
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x04
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x05
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x30
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x43
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x7b
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x83
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x8b
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0x8e
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0xb3
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 byte 0xf5
#>8 leshort >0
#>>12 leshort 0 application/x-dbf
#
#0 leshort 0x0006 application/x-dbt
# Debian has entries for the old PGP formats:
# pgp: file(1) magic for Pretty Good Privacy
# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
#text/PGP key public ring
0 beshort 0x9900 application/pgp
#text/PGP key security ring
0 beshort 0x9501 application/pgp
#text/PGP key security ring
0 beshort 0x9500 application/pgp
#text/PGP encrypted data
0 beshort 0xa600 application/pgp-encrypted
#text/PGP armored data
##public key block
2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- application/pgp-keys
0 string -----BEGIN\040PGP\40MESSAGE- application/pgp
0 string -----BEGIN\040PGP\40SIGNATURE- application/pgp-signature
#
# GnuPG Magic:
#
#
#text/GnuPG key public ring
0 beshort 0x9901 application/pgp
#text/OpenPGP data
0 beshort 0x8501 application/pgp-encrypted
# flash: file(1) magic for Macromedia Flash file format
#
# See
#
# http://www.macromedia.com/software/flash/open/
#
0 string FWS
>3 byte x application/x-shockwave-flash
# The following paramaters are created for Namazu.
# <http://www.namazu.org/>
#
# 1999/08/13
#0 string \<!--\ MHonArc text/html; x-type=mhonarc
0 string BZh application/x-bzip2
# 1999/09/09
# VRML (suggested by Masao Takaku)
0 string #VRML\ V1.0\ ascii model/vrml
0 string #VRML\ V2.0\ utf8 model/vrml
#------------------------------------------------------------------------------
# ichitaro456: file(1) magic for Just System Word Processor Ichitaro
#
# Contributor kenzo-:
# Reversed-engineered JS Ichitaro magic numbers
#
0 string DOC
>43 byte 0x14 application/ichitaro4
>144 string JDASH application/ichitaro4
0 string DOC
>43 byte 0x15 application/ichitaro5
0 string DOC
>43 byte 0x16 application/ichitaro6
#------------------------------------------------------------------------------
# office97: file(1) magic for MicroSoft Office files
#
# Contributor kenzo-:
# Reversed-engineered MS Office magic numbers
#
#0 string \320\317\021\340\241\261\032\341
#>48 byte 0x1B application/excel
2080 string Microsoft\ Excel\ 5.0\ Worksheet application/excel
2114 string Biff5 application/excel
0 string \224\246\056 application/msword
0 belong 0x31be0000 application/msword
0 string PO^Q` application/msword
0 string \320\317\021\340\241\261\032\341
>546 string bjbj application/msword
>546 string jbjb application/msword
512 string R\0o\0o\0t\0\ \0E\0n\0t\0r\0y application/msword
2080 string Microsoft\ Word\ 6.0\ Document application/msword
2080 string Documento\ Microsoft\ Word\ 6 application/msword
2112 string MSWordDoc application/msword
#0 string \320\317\021\340\241\261\032\341 application/powerpoint
0 string \320\317\021\340\241\261\032\341 application/msword
0 string #\ PaCkAgE\ DaTaStReAm application/x-svr4-package
# WinNT/WinCE PE files (Warner Losh, imp@village.org)
#
128 string PE\000\000 application/octet-stream
0 string PE\000\000 application/octet-stream
# miscellaneous formats
0 string LZ application/octet-stream
# .EXE formats (Greg Roelofs, newt@uchicago.edu)
#
0 string MZ
>24 string @ application/octet-stream
0 string MZ
>30 string Copyright\ 1989-1990\ PKWARE\ Inc. application/x-zip
0 string MZ
>30 string PKLITE\ Copr. application/x-zip
0 string MZ
>36 string LHa's\ SFX application/x-lha
0 string MZ application/octet-stream
# LHA archiver
2 string -lh
>6 string - application/x-lha
# Zoo archiver
20 lelong 0xfdc4a7dc application/x-zoo
# ARC archiver
0 lelong&0x8080ffff 0x0000081a application/x-arc
0 lelong&0x8080ffff 0x0000091a application/x-arc
0 lelong&0x8080ffff 0x0000021a application/x-arc
0 lelong&0x8080ffff 0x0000031a application/x-arc
0 lelong&0x8080ffff 0x0000041a application/x-arc
0 lelong&0x8080ffff 0x0000061a application/x-arc
# Microsoft Outlook's Transport Neutral Encapsulation Format (TNEF)
0 lelong 0x223e9f78 application/ms-tnef
# From: stephane.loeuillet@tiscali.f
# http://www.djvuzone.org/
0 string AT&TFORM image/x.djvu
# Danny Milosavljevic <danny.milo@gmx.net>
# this are adrift (adventure game standard) game files, extension .taf
# depending on version magic continues with 0x93453E6139FA (V 4.0)
# 0x9445376139FA (V 3.90)
# 0x9445366139FA (V 3.80)
# this is from source (http://www.adrift.org.uk/) and I have some taf
# files, and checked them.
#0 belong 0x3C423FC9
#>4 belong 0x6A87C2CF application/x-adrift
#0 string \000\000\001\000 image/x-ico
# Quark Xpress 3 Files:
# (made the mimetype up)
0 string \0\0MMXPR3\0 application/x-quark-xpress-3
# EET archive
# From: Tilman Sauerbeck <tilman@code-monkey.de>
0 belong 0x1ee7ff00 application/x-eet
# From: Denis Knauf, via gentoo.
0 string fLaC audio/x-flac
0 string CWS application/x-shockwave-flash
# Gnumeric spreadsheet
# This entry is only semi-helpful, as Gnumeric compresses its files, so
# they will ordinarily reported as "compressed", but at least -z helps
39 string =<gmr:Workbook application/x-gnumeric

10
config_samples/devstack/host1/apache2/mods-available/actions.conf
View File

@ -1,10 +0,0 @@
# a2enmod-note: needs-configuration
#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

1
config_samples/devstack/host1/apache2/mods-available/actions.load
View File

@ -1 +0,0 @@
LoadModule actions_module /usr/lib/apache2/modules/mod_actions.so

24
config_samples/devstack/host1/apache2/mods-available/alias.conf
View File

@ -1,24 +0,0 @@
<IfModule alias_module>
#
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/". If the fakename is slash-terminated, then the
# realname must also be slash terminated, and if the fakename omits the
# trailing slash, the realname must also omit it.
#
# We include the /icons/ alias for FancyIndexed directory listings. If
# you do not use FancyIndexing, you may comment this out.
#
Alias /icons/ "/usr/share/apache2/icons/"
<Directory "/usr/share/apache2/icons">
Options FollowSymlinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/alias.load
View File

@ -1 +0,0 @@
LoadModule alias_module /usr/lib/apache2/modules/mod_alias.so

1
config_samples/devstack/host1/apache2/mods-available/asis.load
View File

@ -1 +0,0 @@
LoadModule asis_module /usr/lib/apache2/modules/mod_asis.so

1
config_samples/devstack/host1/apache2/mods-available/auth_basic.load
View File

@ -1 +0,0 @@
LoadModule auth_basic_module /usr/lib/apache2/modules/mod_auth_basic.so

1
config_samples/devstack/host1/apache2/mods-available/auth_digest.load
View File

@ -1 +0,0 @@
LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so

1
config_samples/devstack/host1/apache2/mods-available/authn_alias.load
View File

@ -1 +0,0 @@
LoadModule authn_alias_module /usr/lib/apache2/modules/mod_authn_alias.so

1
config_samples/devstack/host1/apache2/mods-available/authn_anon.load
View File

@ -1 +0,0 @@
LoadModule authn_anon_module /usr/lib/apache2/modules/mod_authn_anon.so

2
config_samples/devstack/host1/apache2/mods-available/authn_dbd.load
View File

@ -1,2 +0,0 @@
# Depends: dbd
LoadModule authn_dbd_module /usr/lib/apache2/modules/mod_authn_dbd.so

1
config_samples/devstack/host1/apache2/mods-available/authn_dbm.load
View File

@ -1 +0,0 @@
LoadModule authn_dbm_module /usr/lib/apache2/modules/mod_authn_dbm.so

1
config_samples/devstack/host1/apache2/mods-available/authn_default.load
View File

@ -1 +0,0 @@
LoadModule authn_default_module /usr/lib/apache2/modules/mod_authn_default.so

1
config_samples/devstack/host1/apache2/mods-available/authn_file.load
View File

@ -1 +0,0 @@
LoadModule authn_file_module /usr/lib/apache2/modules/mod_authn_file.so

2
config_samples/devstack/host1/apache2/mods-available/authnz_ldap.load
View File

@ -1,2 +0,0 @@
# Depends: ldap
LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so

1
config_samples/devstack/host1/apache2/mods-available/authz_dbm.load
View File

@ -1 +0,0 @@
LoadModule authz_dbm_module /usr/lib/apache2/modules/mod_authz_dbm.so

1
config_samples/devstack/host1/apache2/mods-available/authz_default.load
View File

@ -1 +0,0 @@
LoadModule authz_default_module /usr/lib/apache2/modules/mod_authz_default.so

1
config_samples/devstack/host1/apache2/mods-available/authz_groupfile.load
View File

@ -1 +0,0 @@
LoadModule authz_groupfile_module /usr/lib/apache2/modules/mod_authz_groupfile.so

1
config_samples/devstack/host1/apache2/mods-available/authz_host.load
View File

@ -1 +0,0 @@
LoadModule authz_host_module /usr/lib/apache2/modules/mod_authz_host.so

1
config_samples/devstack/host1/apache2/mods-available/authz_owner.load
View File

@ -1 +0,0 @@
LoadModule authz_owner_module /usr/lib/apache2/modules/mod_authz_owner.so

1
config_samples/devstack/host1/apache2/mods-available/authz_user.load
View File

@ -1 +0,0 @@
LoadModule authz_user_module /usr/lib/apache2/modules/mod_authz_user.so

101
config_samples/devstack/host1/apache2/mods-available/autoindex.conf
View File

@ -1,101 +0,0 @@
<IfModule mod_autoindex.c>
#
# Directives controlling the display of server-generated directory listings.
#
#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
# Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
#
IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
#
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
#
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
# It's a suffix rule, so simply matching "core" matches "score" as well !
AddIcon /icons/bomb.gif /core
AddIcon (SND,/icons/sound2.gif) .ogg
AddIcon (VID,/icons/movie.gif) .ogm
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
# Default icons for OpenDocument format
AddIcon /icons/odf6odt-20x22.png .odt
AddIcon /icons/odf6ods-20x22.png .ods
AddIcon /icons/odf6odp-20x22.png .odp
AddIcon /icons/odf6odg-20x22.png .odg
AddIcon /icons/odf6odc-20x22.png .odc
AddIcon /icons/odf6odf-20x22.png .odf
AddIcon /icons/odf6odb-20x22.png .odb
AddIcon /icons/odf6odi-20x22.png .odi
AddIcon /icons/odf6odm-20x22.png .odm
AddIcon /icons/odf6ott-20x22.png .ott
AddIcon /icons/odf6ots-20x22.png .ots
AddIcon /icons/odf6otp-20x22.png .otp
AddIcon /icons/odf6otg-20x22.png .otg
AddIcon /icons/odf6otc-20x22.png .otc
AddIcon /icons/odf6otf-20x22.png .otf
AddIcon /icons/odf6oti-20x22.png .oti
AddIcon /icons/odf6oth-20x22.png .oth
#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.gif
#
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
#
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
#
# HeaderName is the name of a file which should be prepended to
# directory indexes.
ReadmeName README.html
HeaderName HEADER.html
#
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
#
IndexIgnore .??* *~ *# RCS CVS *,v *,t
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/autoindex.load
View File

@ -1 +0,0 @@
LoadModule autoindex_module /usr/lib/apache2/modules/mod_autoindex.so

1
config_samples/devstack/host1/apache2/mods-available/cache.load
View File

@ -1 +0,0 @@
LoadModule cache_module /usr/lib/apache2/modules/mod_cache.so

1
config_samples/devstack/host1/apache2/mods-available/cern_meta.load
View File

@ -1 +0,0 @@
LoadModule cern_meta_module /usr/lib/apache2/modules/mod_cern_meta.so

1
config_samples/devstack/host1/apache2/mods-available/cgi.load
View File

@ -1 +0,0 @@
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so

2
config_samples/devstack/host1/apache2/mods-available/cgid.conf
View File

@ -1,2 +0,0 @@
# Socket for cgid communication
ScriptSock ${APACHE_RUN_DIR}/cgisock

1
config_samples/devstack/host1/apache2/mods-available/cgid.load
View File

@ -1 +0,0 @@
LoadModule cgid_module /usr/lib/apache2/modules/mod_cgid.so

1
config_samples/devstack/host1/apache2/mods-available/charset_lite.load
View File

@ -1 +0,0 @@
LoadModule charset_lite_module /usr/lib/apache2/modules/mod_charset_lite.so

1
config_samples/devstack/host1/apache2/mods-available/dav.load
View File

@ -1 +0,0 @@
LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so

1
config_samples/devstack/host1/apache2/mods-available/dav_fs.conf
View File

@ -1 +0,0 @@
DAVLockDB ${APACHE_LOCK_DIR}/DAVLock

2
config_samples/devstack/host1/apache2/mods-available/dav_fs.load
View File

@ -1,2 +0,0 @@
# Depends: dav
LoadModule dav_fs_module /usr/lib/apache2/modules/mod_dav_fs.so

1
config_samples/devstack/host1/apache2/mods-available/dav_lock.load
View File

@ -1 +0,0 @@
LoadModule dav_lock_module /usr/lib/apache2/modules/mod_dav_lock.so

1
config_samples/devstack/host1/apache2/mods-available/dbd.load
View File

@ -1 +0,0 @@
LoadModule dbd_module /usr/lib/apache2/modules/mod_dbd.so

9
config_samples/devstack/host1/apache2/mods-available/deflate.conf
View File

@ -1,9 +0,0 @@
<IfModule mod_deflate.c>
# these are known to be safe with MSIE 6
AddOutputFilterByType DEFLATE text/html text/plain text/xml
# everything else may cause problems with MSIE 6
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript
AddOutputFilterByType DEFLATE application/rss+xml
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/deflate.load
View File

@ -1 +0,0 @@
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so

5
config_samples/devstack/host1/apache2/mods-available/dir.conf
View File

@ -1,5 +0,0 @@
<IfModule mod_dir.c>
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/dir.load
View File

@ -1 +0,0 @@
LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so

19
config_samples/devstack/host1/apache2/mods-available/disk_cache.conf
View File

@ -1,19 +0,0 @@
<IfModule mod_disk_cache.c>
# cache cleaning is done by htcacheclean, which can be configured in
# /etc/default/apache2
#
# For further information, see the comments in that file,
# /usr/share/doc/apache2.2-common/README.Debian, and the htcacheclean(8)
# man page.
# This path must be the same as the one in /etc/default/apache2
CacheRoot /var/cache/apache2/mod_disk_cache
# This will also cache local documents. It usually makes more sense to
# put this into the configuration for just one virtual host.
#CacheEnable disk /
CacheDirLevels 5
CacheDirLength 3
</IfModule>

2
config_samples/devstack/host1/apache2/mods-available/disk_cache.load
View File

@ -1,2 +0,0 @@
# Depends: cache
LoadModule disk_cache_module /usr/lib/apache2/modules/mod_disk_cache.so

1
config_samples/devstack/host1/apache2/mods-available/dump_io.load
View File

@ -1 +0,0 @@
LoadModule dumpio_module /usr/lib/apache2/modules/mod_dumpio.so

1
config_samples/devstack/host1/apache2/mods-available/env.load
View File

@ -1 +0,0 @@
LoadModule env_module /usr/lib/apache2/modules/mod_env.so

1
config_samples/devstack/host1/apache2/mods-available/expires.load
View File

@ -1 +0,0 @@
LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so

1
config_samples/devstack/host1/apache2/mods-available/ext_filter.load
View File

@ -1 +0,0 @@
LoadModule ext_filter_module /usr/lib/apache2/modules/mod_ext_filter.so

2
config_samples/devstack/host1/apache2/mods-available/file_cache.load
View File

@ -1,2 +0,0 @@
# Depends: cache
LoadModule file_cache_module /usr/lib/apache2/modules/mod_file_cache.so

1
config_samples/devstack/host1/apache2/mods-available/filter.load
View File

@ -1 +0,0 @@
LoadModule filter_module /usr/lib/apache2/modules/mod_filter.so

1
config_samples/devstack/host1/apache2/mods-available/headers.load
View File

@ -1 +0,0 @@
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so

1
config_samples/devstack/host1/apache2/mods-available/ident.load
View File

@ -1 +0,0 @@
LoadModule ident_module /usr/lib/apache2/modules/mod_ident.so

1
config_samples/devstack/host1/apache2/mods-available/imagemap.load
View File

@ -1 +0,0 @@
LoadModule imagemap_module /usr/lib/apache2/modules/mod_imagemap.so

1
config_samples/devstack/host1/apache2/mods-available/include.load
View File

@ -1 +0,0 @@
LoadModule include_module /usr/lib/apache2/modules/mod_include.so

16
config_samples/devstack/host1/apache2/mods-available/info.conf
View File

@ -1,16 +0,0 @@
<IfModule mod_info.c>
#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Uncomment and change the "192.0.2.0/24" to allow access from other hosts.
#
<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1
# Allow from 192.0.2.0/24
</Location>
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/info.load
View File

@ -1 +0,0 @@
LoadModule info_module /usr/lib/apache2/modules/mod_info.so

8
config_samples/devstack/host1/apache2/mods-available/ldap.conf
View File

@ -1,8 +0,0 @@
<Location /ldap-status>
SetHandler ldap-status
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1
# Allow from 192.0.2.0/24
Satisfy all
</Location>

1
config_samples/devstack/host1/apache2/mods-available/ldap.load
View File

@ -1 +0,0 @@
LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so

1
config_samples/devstack/host1/apache2/mods-available/log_forensic.load
View File

@ -1 +0,0 @@
LoadModule log_forensic_module /usr/lib/apache2/modules/mod_log_forensic.so

7
config_samples/devstack/host1/apache2/mods-available/mem_cache.conf
View File

@ -1,7 +0,0 @@
<IfModule mod_mem_cache.c>
CacheEnable mem /
MCacheSize 4096
MCacheMaxObjectCount 100
MCacheMinObjectSize 1
MCacheMaxObjectSize 2048
</IfModule>

2
config_samples/devstack/host1/apache2/mods-available/mem_cache.load
View File

@ -1,2 +0,0 @@
# Depends: cache
LoadModule mem_cache_module /usr/lib/apache2/modules/mod_mem_cache.so

246
config_samples/devstack/host1/apache2/mods-available/mime.conf
View File

@ -1,246 +0,0 @@
<IfModule mod_mime.c>
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig /etc/mime.types
#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
#AddType application/x-gzip .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
# Despite the name similarity, the following Add* directives have
# nothing to do with the FancyIndexing customization directives above.
#
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
#AddEncoding x-bzip2 .bz2
#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-bzip2 .bz2
#
# DefaultLanguage and AddLanguage allows you to specify the language of
# a document. You can then use content negotiation to give a browser a
# file in a language the user can understand.
#
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
#
# * It is generally better to not mark a page as
# * being a certain language than marking it with the wrong
# * language!
#
# DefaultLanguage nl
#
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
#
# Note 2: The example entries below illustrate that in some cases
# the two character 'Language' abbreviation is not identical to
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
#
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
#
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
#
AddLanguage am .amh
AddLanguage ar .ara
AddLanguage be .be
AddLanguage bg .bg
AddLanguage bn .bn
AddLanguage br .br
AddLanguage bs .bs
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage cy .cy
AddLanguage da .dk
AddLanguage de .de
AddLanguage dz .dz
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
# es is ecmascript in /etc/mime.types
RemoveType es
AddLanguage es .es
AddLanguage et .et
AddLanguage eu .eu
AddLanguage fa .fa
AddLanguage fi .fi
AddLanguage fr .fr
AddLanguage ga .ga
AddLanguage gl .glg
AddLanguage gu .gu
AddLanguage he .he
AddLanguage hi .hi
AddLanguage hr .hr
AddLanguage hu .hu
AddLanguage hy .hy
AddLanguage id .id
AddLanguage is .is
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ka .ka
AddLanguage kk .kk
AddLanguage km .km
AddLanguage kn .kn
AddLanguage ko .ko
AddLanguage ku .ku
AddLanguage lo .lo
AddLanguage lt .lt
AddLanguage ltz .ltz
AddLanguage lv .lv
AddLanguage mg .mg
AddLanguage mk .mk
AddLanguage ml .ml
AddLanguage mr .mr
AddLanguage ms .msa
AddLanguage nb .nob
AddLanguage ne .ne
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pa .pa
AddLanguage pl .po
AddLanguage pt-BR .pt-br
AddLanguage pt .pt
AddLanguage ro .ro
AddLanguage ru .ru
AddLanguage sa .sa
AddLanguage se .se
AddLanguage si .si
AddLanguage sk .sk
AddLanguage sl .sl
AddLanguage sq .sq
AddLanguage sr .sr
AddLanguage sv .sv
AddLanguage ta .ta
AddLanguage te .te
AddLanguage th .th
AddLanguage tl .tl
RemoveType tr
# tr is troff in /etc/mime.types
AddLanguage tr .tr
AddLanguage uk .uk
AddLanguage ur .ur
AddLanguage vi .vi
AddLanguage wo .wo
AddLanguage xh .xh
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
#
# Commonly used filename extensions to character sets. You probably
# want to avoid clashes with the language extensions, unless you
# are good at carefully testing your setup after each change.
# See http://www.iana.org/assignments/character-sets for the
# official list of charset names and their respective RFCs.
#
AddCharset us-ascii .ascii .us-ascii
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
AddCharset ISO-8859-7 .iso8859-7 .grk .greek
AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
AddCharset ISO-8859-10 .iso8859-10 .latin6
AddCharset ISO-8859-13 .iso8859-13
AddCharset ISO-8859-14 .iso8859-14 .latin8
AddCharset ISO-8859-15 .iso8859-15 .latin9
AddCharset ISO-8859-16 .iso8859-16 .latin10
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5 .b5
AddCharset cn-Big5 .cn-big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8 .koi8
AddCharset KOI8-E .koi8-e
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-U .koi8-u
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-7 .utf7
AddCharset UTF-8 .utf8
AddCharset UTF-16 .utf16
AddCharset UTF-16BE .utf16be
AddCharset UTF-16LE .utf16le
AddCharset UTF-32 .utf32
AddCharset UTF-32BE .utf32be
AddCharset UTF-32LE .utf32le
AddCharset euc-cn .euc-cn
AddCharset euc-gb .euc-gb
AddCharset euc-jp .euc-jp
AddCharset euc-kr .euc-kr
#Not sure how euc-tw got in - IANA doesn't list it???
AddCharset EUC-TW .euc-tw
AddCharset gb2312 .gb2312 .gb
AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
AddCharset shift_jis .shift_jis .sjis
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
#AddHandler cgi-script .cgi
#
# For files that include their own HTTP headers:
#
#AddHandler send-as-is asis
#
# For server-parsed imagemap files:
#
#AddHandler imap-file map
#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
#
AddHandler type-map var
#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/mime.load
View File

@ -1 +0,0 @@
LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so

3
config_samples/devstack/host1/apache2/mods-available/mime_magic.conf
View File

@ -1,3 +0,0 @@
<IfModule mod_mime_magic.c>
MIMEMagicFile /etc/apache2/magic
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/mime_magic.load
View File

@ -1 +0,0 @@
LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so

18
config_samples/devstack/host1/apache2/mods-available/negotiation.conf
View File

@ -1,18 +0,0 @@
<IfModule mod_negotiation.c>
#
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
#
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
#
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
#
# ForceLanguagePriority allows you to serve a result page rather than
# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
# [in case no accepted languages matched the available variants]
#
ForceLanguagePriority Prefer Fallback
</IfModule>

1
config_samples/devstack/host1/apache2/mods-available/negotiation.load
View File

@ -1 +0,0 @@
LoadModule negotiation_module /usr/lib/apache2/modules/mod_negotiation.so

26
config_samples/devstack/host1/apache2/mods-available/proxy.conf
View File

@ -1,26 +0,0 @@
<IfModule mod_proxy.c>
# If you want to use apache2 as a forward proxy, uncomment the
# 'ProxyRequests On' line and the <Proxy *> block below.
# WARNING: Be careful to restrict access inside the <Proxy *> block.
# Open proxy servers are dangerous both to your network and to the
# Internet at large.
#
# If you only want to use apache2 as a reverse proxy/gateway in
# front of some web application server, you DON'T need
# 'ProxyRequests On'.
#ProxyRequests On
#<Proxy *>
# AddDefaultCharset off
# Order deny,allow
# Deny from all
# #Allow from .example.com
#</Proxy>
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#ProxyVia Off
</IfModule>

Some files were not shown because too many files have changed in this diff Show More