Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:latest:ssoaas [2019/06/02 21:42]
maxbes [Using front reverse-proxies] fix socket address
documentation:latest:ssoaas [2019/08/29 19:33] (current)
maxbes add comments in apache config
Line 19: Line 19:
   * Using a [[psgi|global FastCGI (or uWSGI) server]]   * Using a [[psgi|global FastCGI (or uWSGI) server]]
   * Using front reverse-proxies //(some cloud installations use reverse-proxies in front-end)//​   * Using front reverse-proxies //(some cloud installations use reverse-proxies in front-end)//​
 +
 +Example of a global FastCGI architecture:​
 +
 +{{:​documentation:​devops.png|}}
  
 In both case, Handler type must be set to [[devopshandler|DevOps]]. In both case, Handler type must be set to [[devopshandler|DevOps]].
Line 73: Line 77:
 === Apache === === Apache ===
  
-There is an experimental FactCGI client in LLNG. You just have to install FCGI::​Client and add this in your apache2.conf:+There is an experimental FactCGI client in LLNG. You just have to install FCGI::​Client and add this in the apache2.conf ​or your web applications or proxies. 
 + 
 +The following configuration example assumes that you are in a "​central FastCGI"​ configuration.
  
 <file apache apache2.conf>​ <file apache apache2.conf>​
 <​VirtualHost ...> <​VirtualHost ...>
 +    ServerName app.tls
     PerlHeaderParserHandler Lemonldap::​NG::​Handler::​ApacheMP2::​FCGIClient     PerlHeaderParserHandler Lemonldap::​NG::​Handler::​ApacheMP2::​FCGIClient
-    PerlSetVar LLNG_SERVER ​127.0.0.1:9090+    ​ 
 +    # This must point to the central FastCGI server 
 +    ​PerlSetVar LLNG_SERVER ​192.0.2.1:9090 
 +     
 +    # Declare this vhost as a DevOps vhost, so that we do not have 
 +    # to declare it in the LemonLDAP::​NG Manager
     PerlSetVar VHOSTTYPE DevOps     PerlSetVar VHOSTTYPE DevOps
 +    ​
 +    # This URL will be fetched by the central FastCGI server and
 +    # used to make the authentication decision about this virtualhost
 +    # Make sure the central FastCGI server can reach it
     PerlSetVar RULES_URL http://​app.tld/​rules.json     PerlSetVar RULES_URL http://​app.tld/​rules.json
     ...     ...