#
# koji-hub is an xmlrpc interface to the Koji database
#
Alias /kojihub /usr/share/koji-hub/kojixmlrpc.py
Options ExecCGI
SetHandler wsgi-script
WSGIApplicationGroup %{GLOBAL}
# ^ works around a hub issue with OpenSSL
# see: https://cryptography.io/en/latest/faq/#starting-cryptography-using-mod-wsgi-produces-an-internalerror-during-a-call-in-register-osrandom-engine
WSGIScriptReloading Off
# ^ reloading breaks hub "firstcall" check
# see: https://pagure.io/koji/issue/875
Order allow,deny
Allow from all
= 2.4>
Require all granted
# Also serve /mnt/koji
Alias /kojifiles "/mnt/koji/"
Options Indexes SymLinksIfOwnerMatch
#If your top /mnt/koji directory is not owned by the httpd user, then
#you will need to follow all symlinks instead, e.g.
#Options Indexes FollowSymLinks
AllowOverride None
IndexOptions +NameWidth=*
Order allow,deny
Allow from all
= 2.4>
Require all granted
# uncomment this to enable authentication via SSL client certificates
#
# SSLVerifyClient require
# SSLVerifyDepth 10
# SSLOptions +StdEnvVars
#
# If you need to support koji < 1.4.0 clients using SSL authentication, then use the following instead:
#
# SSLOptions +StdEnvVars
#
# In this case, you will need to enable these options globally (in ssl.conf):
# SSLVerifyClient require
# SSLVerifyDepth 10
# uncomment this to enable authentication via GSSAPI
AuthType GSSAPI
AuthName "GSSAPI Single Sign On Login"
GssapiCredStore keytab:/etc/koji.keytab
Require valid-user