xref: /titanic_44/usr/src/lib/print/mod_ipp/httpd-standalone-ipp.conf (revision b0e753dd6a955fb2f10a0ce17d32bd33172e0400) 
1#
2# CDDL HEADER START
3#
4# The contents of this file are subject to the terms of the
5# Common Development and Distribution License (the "License").
6# You may not use this file except in compliance with the License.
7#
8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9# or http://www.opensolaris.org/os/licensing.
10# See the License for the specific language governing permissions
11# and limitations under the License.
12#
13# When distributing Covered Code, include this CDDL HEADER in each
14# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15# If applicable, add the following below this CDDL HEADER, with the
16# fields enclosed by brackets "[]" replaced with your own identifying
17# information: Portions Copyright [yyyy] [name of copyright owner]
18#
19# CDDL HEADER END
20#
21
22#
23# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
24# Use is subject to license terms.
25#
26
27#
28# "$Id: httpd-standalone-ipp.conf,v 1.4 2006/03/24 00:26:54 njacobs Exp $"
29#
30
31##
32## httpd-standalone-ipp.conf -- Apache HTTP server configuration file for
33##	an Internet Print Protocol (IPP) listener
34##
35
36#
37# Based upon the NCSA server configuration files originally by Rob McCool.
38#
39# This is the main Apache server configuration file.  It contains the
40# configuration directives that give the server its instructions.
41# See <URL:http://www.apache.org/docs/> for detailed information about
42# the directives.  mod_ipp specific directives are described in the
43# mod_ipp(4) man page.
44#
45
46### Section 1: Global Environment
47#
48# The directives in this section affect the overall operation of Apache,
49# such as the number of concurrent requests it can handle or where it
50# can find its configuration files.
51#
52
53#
54# ServerRoot: The top of the directory tree under which the server's
55# configuration, error, and log files are kept.
56#
57# NOTE!  If you intend to place this on an NFS (or otherwise network)
58# mounted filesystem then please read the LockFile documentation
59# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
60# you will save yourself a lot of trouble.
61#
62# Change /usr/apache2/... if Apache 2.x is elsewhere.
63ServerRoot "/usr/apache2/2.2"
64
65#
66# The LockFile directive sets the path to the lockfile used when Apache
67# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
68# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
69# its default value. The main reason for changing it is if the logs
70# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
71# DISK. The PID of the main server process is automatically appended to
72# the filename.
73#
74#LockFile /var/run/httpd.lock
75LockFile /var/run/httpd-standalone-ipp.lock
76
77#
78# PidFile: The file in which the server should record its process
79# identification number when it starts.
80#
81PidFile /var/run/httpd-standalone-ipp.pid
82
83#
84# ScoreBoardFile: File used to store internal server process information.
85# Not all architectures require this.  But if yours does (you'll know because
86# this file will be  created when you run Apache) then you *must* ensure that
87# no two invocations of Apache share the same scoreboard file.
88#
89ScoreBoardFile /var/run/httpd-standalone-ipp.scoreboard
90
91#
92# In the standard configuration, the server will process httpd.conf (this
93# file, specified by the -f command line option), srm.conf, and access.conf
94# in that order.  The latter two files are now distributed empty, as it is
95# recommended that all directives be kept in a single file for simplicity.
96# The commented-out values below are the built-in defaults.  You can have the
97# server ignore these files altogether by using "/dev/null" (for Unix) or
98# "nul" (for Win32) for the arguments to the directives.
99#
100#ResourceConfig conf/srm.conf
101#AccessConfig conf/access.conf
102
103#
104# Timeout: The number of seconds before receives and sends time out.
105#
106Timeout 300
107
108#
109# KeepAlive: Whether or not to allow persistent connections (more than
110# one request per connection). Set to "Off" to deactivate.
111#
112KeepAlive On
113
114#
115# MaxKeepAliveRequests: The maximum number of requests to allow
116# during a persistent connection. Set to 0 to allow an unlimited amount.
117# We recommend you leave this number high, for maximum performance.
118#
119MaxKeepAliveRequests 100
120
121#
122# KeepAliveTimeout: Number of seconds to wait for the next request from the
123# same client on the same connection.
124#
125KeepAliveTimeout 15
126
127#
128# Server-pool size regulation.  Rather than making you guess how many
129# server processes you need, Apache dynamically adapts to the load it
130# sees --- that is, it tries to maintain enough server processes to
131# handle the current load, plus a few spare servers to handle transient
132# load spikes (e.g., multiple simultaneous requests from a single
133# Netscape browser).
134#
135# It does this by periodically checking how many servers are waiting
136# for a request.  If there are fewer than MinSpareServers, it creates
137# a new spare.  If there are more than MaxSpareServers, some of the
138# spares die off.  The default values are probably OK for most sites.
139#
140MinSpareServers 1
141MaxSpareServers 2
142
143#
144# Number of servers to start initially --- should be a reasonable ballpark
145# figure.
146#
147StartServers 1
148
149#
150# Limit on total number of servers running, i.e., limit on the number
151# of clients who can simultaneously connect --- if this limit is ever
152# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
153# It is intended mainly as a brake to keep a runaway server from taking
154# the system with it as it spirals down...
155#
156MaxClients 150
157
158#
159# MaxRequestsPerChild: the number of requests each child process is
160# allowed to process before the child dies.  The child will exit so
161# as to avoid problems after prolonged use when Apache (and maybe the
162# libraries it uses) leak memory or other resources.  On most systems, this
163# isn't really needed, but a few (such as Solaris) do have notable leaks
164# in the libraries. For these platforms, set to something like 10000
165# or so; a setting of 0 means unlimited.
166#
167# NOTE: This value does not include keepalive requests after the initial
168#       request per connection. For example, if a child process handles
169#       an initial request and 10 subsequent "keptalive" requests, it
170#       would only count as 1 request towards this limit.
171#
172MaxRequestsPerChild 10
173
174#
175# Dynamic Shared Object (DSO) Support
176#
177# To be able to use the functionality of a module which was built as a DSO you
178# have to place corresponding `LoadModule' lines at this location so the
179# directives contained in it are actually available _before_ they are used.
180# Please read the file http://httpd.apache.org/docs/dso.html for more
181# details about the DSO mechanism and run `httpd -l' for the list of already
182# built-in (statically linked and thus always available) modules in your httpd
183# binary.
184#
185# Note: The order in which modules are loaded is important.  Don't change
186# the order below without expert advice.
187#
188LoadModule alias_module libexec/mod_alias.so
189LoadModule auth_basic_module libexec/mod_auth_basic.so
190LoadModule authn_file_module libexec/mod_authn_file.so
191LoadModule authz_host_module libexec/mod_authz_host.so
192LoadModule authz_user_module libexec/mod_authz_user.so
193LoadModule mime_module libexec/mod_mime.so
194LoadModule mime_magic_module libexec/mod_mime_magic.so
195LoadModule ipp_module /usr/lib/lp/ipp/mod_ipp.so
196
197### Section 2: 'Main' server configuration
198#
199# The directives in this section set up the values used by the 'main'
200# server, which responds to any requests that aren't handled by a
201# <VirtualHost> definition.  These values also provide defaults for
202# any <VirtualHost> containers you may define later in the file.
203#
204# All of these directives may appear inside <VirtualHost> containers,
205# in which case these default settings will be overridden for the
206# virtual host being defined.
207#
208
209#
210# If your ServerType directive (set earlier in the 'Global Environment'
211# section) is set to "inetd", the next few directives don't have any
212# effect since their settings are defined by the inetd configuration.
213# Skip ahead to the ServerAdmin directive.
214#
215
216#
217# Port: The port to which the standalone server listens. For
218# ports < 1023, you will need httpd to be run as root initially.
219#
220Listen 631
221
222#
223# If you wish httpd to run as a different user or group, you must run
224# httpd as root initially and it will switch.
225#
226# User/Group: The name (or #number) of the user/group to run httpd as.
227#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
228#  . On HPUX you may not be able to use shared memory as nobody, and the
229#    suggested workaround is to create a user www and use that user.
230#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
231#  when the value of (unsigned)Group is above 60000;
232#  don't use Group nobody on these systems!
233#
234User lp
235Group lp
236
237#
238# ServerAdmin: Your address, where problems with the server should be
239# e-mailed.  This address appears on some server-generated pages, such
240# as error documents.
241#
242ServerAdmin lp@localhost
243
244#
245# ServerName allows you to set a host name which is sent back to clients for
246# your server if it's different than the one the program would get (i.e., use
247# "www" instead of the host's real name).
248#
249# Note: You cannot just invent host names and hope they work. The name you
250# define here must be a valid DNS name for your host. If you don't understand
251# this, ask your network administrator.
252# If your host doesn't have a registered DNS name, enter its IP address here.
253# You will have to access it by its address (e.g., http://123.45.67.89/)
254# anyway, and this will make redirections work in a sensible way.
255#
256# 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
257# machine always knows itself by this address. If you use Apache strictly for
258# local testing and development, you may use 127.0.0.1 as the server name.
259#
260#Servername printserver.some_company.com
261
262DefaultType application/ipp
263
264ErrorLog	/var/lp/logs/ipp-errors
265LogLevel	warn
266
267DocumentRoot /var/lp/ipp-listener
268
269# Allow passing PPD files from this service as well
270Alias /etc/lp/ppd/ /etc/lp/ppd/
271<Directory /etc/lp/ppd>
272	SetHandler send-as-is
273	<LimitExcept GET>
274		Deny from all
275	</LimitExcept>
276</Directory>
277
278# mod_ipp specific configuration
279<IfModule mod_ipp.c>
280
281	<Location />
282		# ipp-conformance automatic     # default
283		# ipp-default-user nobody
284		ipp-default-service lpsched
285		#
286		# By default, only turn on operations that are not
287		# likely to cause real problems when the user can't
288		# be trusted.
289		#
290		ipp-operation all off
291		ipp-operation print-job on
292		ipp-operation validate-job on
293		ipp-operation create-job on
294		ipp-operation get-jobs on
295		ipp-operation get-printer-attributes on
296		ipp-operation send-document on
297		ipp-operation cancel-job on
298		ipp-operation get-job-attributes on
299		ipp-operation cups-get-default on
300		ipp-operation cups-get-printers on
301		ipp-operation cups-get-classes on
302		ipp-operation cups-move-job on
303
304		# redirect non-IPP requests
305		ErrorDocument 404 /index.html
306	</Location>
307
308	<Location /admin>
309		# ipp-conformance automatic     # default
310		# ipp-default-user nobody
311		ipp-default-service lpsched
312
313		# To be more restrictive, use this intead:
314		# ipp-operation required on
315		ipp-operation all on
316
317		AuthType Basic
318		AuthName "IPP Server"
319		AuthUserFile /etc/ipp-users
320		Require valid-user
321
322		# redirect non-IPP requests
323		ErrorDocument 404 /index.html
324	</Location>
325</IfModule>
326