Changeset 380

Timestamp:

11/03/06 01:28:55 (22 months ago)

Author:

gandalf

Message:

Update vhost conf, varions hooks, add doxygen scripts

Location:

tools

Files:

• apache2 (moved) (moved from tools/apache)
• apache2/www.museek-plus.org (modified) (4 diffs)
• doxygen (added)
• doxygen/generate-doxygen-docs (added)
• doxygen/generate-museek+-doxygen-docs (added)
• subversion/create-release-tarball (modified) (1 diff)
• subversion/post-commit (modified) (2 diffs)
• subversion/trac-post-commit-hook (added)

tools/apache2/www.museek-plus.org

@@ -60 +60 @@
         Alias /ubuntu "/data/repos/museek+/ubuntu/"
         Alias /files "/data/repos/museek+/files/"
-        
+        Alias /doxygen "/data/repos/museek+/doxygen/"
+
         <Directory "/data/repos/museek+/">
                 Options Indexes FollowSymLinks MultiViews
@@ -80 +81 @@
         </Location>
 
-        ### Disable python handler on /icons (indexer)
-        <Location /icons>
-                SetHandler None
-        </Location>
-
+        <Location /doxygen>
+                SetHandler None
+        </Location>
 
         ### Enable CGIs
@@ -104 +103 @@
         </Location>
 
-
-
         ### Awstats access stats
         Alias /awstats-icon/ /usr/share/awstats/icon/
@@ -119 +116 @@
         ServerSignature On
 
+
+
+
+######################## Get rid of spammers....
+######################## See: http://madwifi.org/wiki/FightingTracSpam
+
+        ### Enable CGIs
+        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+
+        <Directory /usr/lib/cgi-bin/>
+                AllowOverride none
+                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+                Order allow,deny
+                Allow from all
+                AuthType Basic
+                AuthName "Museek+'s Access Stats"
+                AuthUserFile /data/trac/auth/museek+.le-vert.net
+                Require valid-user
+        </Directory>
+        
+        <Location /cgi-bin>
+                SetHandler None
+        </Location>
+
+        ### Awstats access stats
+        Alias /awstats-icon/ /usr/share/awstats/icon/
+        
+        <Location /awstats-icon>
+                SetHandler None
+        </Location>
+
+        ErrorLog /var/log/apache2/museekplus.le-vert.net-error.log
+        LogLevel warn
+        
+        CustomLog /var/log/apache2/museekplus.le-vert.net-access.log combined
+        ServerSignature On
+
+
+
+
+######################## Get rid of spammers....
+######################## See: http://madwifi.org/wiki/FightingTracSpam
+
+<IfModule mod_security.c>
+    #
+    # anti trac-spam rules v7
+    # http://madwifi.org/wiki/FightingTracSpam
+    #
+
+    SecFilterDebugLevel     0
+    # uncomment the following line if you enable debugging:
+    #SecFilterDebugLog /path/to/somewhere/trac-spam.log
+
+    SecFilterEngine         On
+    SecFilterScanPOST       On
+    SecFilterCheckURLEncoding On
+    SecFilterCheckCookieFormat On
+    SecFilterCheckUnicodeEncoding Off
+
+    # default rule: if a request matches, we want mod-security to
+    # put a notice about it into the (v)hosts' error log and
+    # deny the request with status 402 ("Payment required")
+    SecFilterDefaultAction "deny,log,status:402"
+
+    # have a look at POST requests only, since they are what is used
+    # to submit the spam - this helps to reduce the load that is
+    # caused by mod-security
+    SecFilterSelective REQUEST_METHOD "!(^POST$)" "nolog,allow"
+
+    # allow all POST requests that are not directed to one of the
+    # handlers we take into account below
+    SecFilterSelective REQUEST_URI "!(/(wiki|newticket|ticket).*$)" "nolog,allow"
+
+    # block POSTs to /ticket/<number>#preview and /newticket#preview
+    # this catches spam type 1
+    SecFilterSelective REQUEST_URI "^/(newticket|ticket/[0-9]+).*\#preview"
+
+    # block POSTs to /wiki, /ticket and /newticket from users who
+    # don't have a trac cookie
+    # this catches spam type 2
+    # 
+    # CAUTION: these rules likely cause false positives, as some users tend
+    # to turn off cookie support in their browser. Don't activate them unless
+    # you're sure that this won't offend your visitors, or at least warn
+    # visitors.
+    #SecFilterSelective REQUEST_URI "^/(wiki/|newticket|ticket/).*$" chain
+    #SecFilterSelective HTTP_COOKIE "!(trac_auth|trac_session)"
+
+    # don't accept usage of HTML processor in tickets / ticket comments
+    # this catches spam type 3
+    SecFilterSelective REQUEST_URI "^/(newticket|ticket/).*$" chain
+    SecFilterSelective "ARG_description|ARG_comment" "#!html"
+
+    # block new ticket and ticket comment POSTs if they contain more
+    # than one URL 
+    # this catches spam type 4
+    SecFilterSelective "REQUEST_URI" "^/(newticket|ticket/).*$" chain
+    SecFilterSelective "ARGS" "http\:/.*http\:/"
+
+    # block LED spammer; his spam is not blocked by the previous
+    # rule, since he only includes only one URL to the spamvertised
+    # website
+    # last but not least, this catches spam type 5
+    SecFilterSelective REQUEST_URI "^/(newticket|ticket/).*$" chain
+    SecFilterSelective "ARG_description|ARG_comment" "www.tideled.com"
+
+    # block tickets or comments with an http://-URL in it, if user is
+    # not properly authenticated; throw a 403 that allows to present
+    # users with a custom error page which explains what is going
+    # on (see below)
+    SecFilterSelective "REQUEST_URI" "/(newticket|ticket/).*$" chain
+    SecFilterSelective HTTP_COOKIE "!trac_auth" chain
+    SecFilterSelective HTTP_Authorization "!Basic" chain
+    SecFilterSelective "ARGS" "(http|https):/" "deny,log,status:403"
+
+
+    # Apache allows to present users with customized error pages,
+    # and we can make use of that feature to let spammers know what
+    # we think of 'em.
+    # Tell Apache what file to use as error page for 402, and
+    # let it know that requests to this file should not be handled
+    # by Trac.
+    # 
+    # Uncomment the following lines if you want to make use of this
+    # feature (see also step 3 of the recipe):
+    Alias /error402.html /data/trac/museek+/htdocs/error402.html 
+    ErrorDocument   402     /error402.html
+    <Location /error402.html>
+    #        XBitHack On
+        SetHandler None
+    </Location>
+    #
+    # Another use for customized error pages is, as mentioned above,
+    # to let users know why they are not allowed to give URLs in
+    # their tickets and what they can do to circumvent this
+    # limitation.
+    Alias /error403.html /data/trac/museek+/htdocs/error403.html 
+    ErrorDocument   403     /error403.html
+    <Location /error403.html>
+        SetHandler  None
+    </Location>
+</IfModule>
+
 </VirtualHost>
 

tools/subversion/create-release-tarball

@@ -1 +1 @@
 #!/usr/bin/python
 #
-# Copyright (C) 2006, Adam Cécile
+# Copyright (C) 2006, Adam Cecile
 #
 # This program is free software; you can redistribute it and/or modify

tools/subversion/post-commit

@@ -24 +24 @@
 LOG="`/usr/bin/svnlook log -r ${REV} ${REPOS}`"
 AUTHOR="`/usr/bin/svnlook author -r $REV ${REPOS}`"
-TRAC_ENV="/data/trac/museek+/"
-SVN_URL="http://www.museek-plus.org/svn"
-SVN_TAGS_BASE="/${NAME}/tags/"
-SVN_TAGS_APPEND="/sources"
+TRAC_ENV="/data/trac/nicotine+/"
+SVN_URL="http://www.nicotine-plus.org/svn"
+SVN_TAGS_BASE="/tags/"
+SVN_TAGS_APPEND="${NAME}"
 TARBALL_DIR="/data/repos/${NAME}/files/tarballs/"
 
-/usr/bin/python /data/trac/scripts/trac-ticket-post-commit-hook \
+/usr/bin/python /data/trac/scripts/trac-post-commit-hook \
   -p "${TRAC_ENV}"  \
-  -r "${REV}"       \
+  -r "${REV}"       
   -u "${AUTHOR}"    \
   -m "${LOG}"       \
@@ -45 +45 @@
   "${TARBALL_DIR}"
 
-
-#/usr/lib/subversion/hook-scripts/commit-email.pl "$REPOS" "$REV" commit-watchers@example.org
+/usr/share/subversion/hook-scripts/commit-email.pl --from svn-commit-bot@nicotine-plus.org "$REPOS" "$REV" nicotine-plus-svn@lists.sourceforge.net