-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathINSTALL
52 lines (36 loc) · 1.45 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
To get started:
1. Download nginx source.
2. Download this module.
3. From nginx directory, run:
./configure --add-module=/path/to/module/dir
make
make install (will land in "/usr/local/nginx")
4. Make a location configuration something like this:
error_log logs/error.log info; # Optional, but useful to see some messages
* * * * *
location /test{
RavenActive on;
RavenLogin https://demo.raven.cam.ac.uk/auth/authenticate.html;
RavenLogin https://demo.raven.cam.ac.uk/auth/logout.html;
RavenSecretKey qwertyui;
RavenLazyClock on;
RavenAllow test0001;
RavenDeny test0002;
RavenAllow test0003;
RavenDeny test0004;
RavenAllow test0005;
}
* * * * *
5. Get a copy of the public key for the test server from here:
https://raven.cam.ac.uk/project/keys/demo_server/pubkey901.crt
6. Convert key to suitable format like this:
openssl x509 -pubkey -noout -in pubkey901.crt > raven.pem
7. Make sure key is in the nginx "/usr/local/nginx/conf" directory (or modify code to suit).
8. Start nginx:
/usr/local/nginx/sbin
A quick note about how the "RavenAllow" and "RavenDeny" directives work:
- First match in rule chain wins (from top to bottom).
- If there are no rules, there is an implicit "RavenAllow all".
- If there are some rules, there is an implicit trailing "RavenDeny all" rule.
- You can create a "blacklist" by preceding "RavenAllow all" with deny rules.
- You can create a "whitelist" by preceding "RavenDeny all" with allow rules.