Include conf.d/ssl.include SSLCertificateFile {{ apache_ssl_certificate }} SSLCertificateKeyFile {{ apache_ssl_certificate_key }} SSLCertificateChainFile {{ apache_ssl_certificate }} SSLCACertificateFile {{ apache_ssl_ca_certificate }} RewriteEngine On RewriteRule ^/?$ /koji/ [R=301,L] RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule /koji/.* https://{{ kojiweb_hostname }}$0 [R=301,L] #We use wsgi by default #Alias /koji "/usr/share/koji-web/scripts/wsgi_publisher.py" #(configuration goes in /etc/kojiweb/web.conf) WSGIDaemonProcess kojiweb \ user=koji \ group=koji \ display-name=%{GROUP} WSGIScriptAlias /koji /usr/share/koji-web/scripts/wsgi_publisher.py \ process-group=koji Order allow,deny Allow from all = 2.4> Require all granted # uncomment this to enable authentication via Kerberos # # AuthType Kerberos # AuthName "Koji Web UI" # KrbMethodNegotiate on # KrbMethodK5Passwd off # KrbServiceName HTTP # KrbAuthRealm EXAMPLE.COM # Krb5Keytab /etc/httpd.keytab # KrbSaveCredentials off # Require valid-user # ErrorDocument 401 /koji-static/errors/unauthorized.html # # uncomment this to enable authentication via SSL client certificates SSLVerifyClient optional SSLVerifyDepth 10 SSLOptions +StdEnvVars ErrorDocument 401 /koji-static/errors/unauthorized.html Alias /koji-static/ "/usr/share/koji-web/static/" Options None AllowOverride None Order allow,deny Allow from all = 2.4> Require all granted