xref: /titanic_44/usr/src/lib/print/mod_ipp/httpd-standalone-ipp.conf (revision d2ec54f7875f7e05edd56195adbeb593c947763f)
1#
2# CDDL HEADER START
3#
4# The contents of this file are subject to the terms of the
5# Common Development and Distribution License (the "License").
6# You may not use this file except in compliance with the License.
7#
8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9# or http://www.opensolaris.org/os/licensing.
10# See the License for the specific language governing permissions
11# and limitations under the License.
12#
13# When distributing Covered Code, include this CDDL HEADER in each
14# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15# If applicable, add the following below this CDDL HEADER, with the
16# fields enclosed by brackets "[]" replaced with your own identifying
17# information: Portions Copyright [yyyy] [name of copyright owner]
18#
19# CDDL HEADER END
20#
21
22#
23# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
24# Use is subject to license terms.
25#
26
27#
28# "$Id: httpd-standalone-ipp.conf,v 1.4 2006/03/24 00:26:54 njacobs Exp $"
29#
30
31# ident	"%Z%%M%	%I%	%E% SMI"
32
33##
34## httpd-standalone-ipp.conf -- Apache HTTP server configuration file for
35##	an Internet Print Protocol (IPP) listener
36##
37
38#
39# Based upon the NCSA server configuration files originally by Rob McCool.
40#
41# This is the main Apache server configuration file.  It contains the
42# configuration directives that give the server its instructions.
43# See <URL:http://www.apache.org/docs/> for detailed information about
44# the directives.  mod_ipp specific directives are described in the
45# mod_ipp(4) man page.
46#
47
48### Section 1: Global Environment
49#
50# The directives in this section affect the overall operation of Apache,
51# such as the number of concurrent requests it can handle or where it
52# can find its configuration files.
53#
54
55#
56# ServerType is either inetd, or standalone.  Inetd mode is only supported on
57# Unix platforms.
58#
59ServerType standalone
60
61#
62# ServerRoot: The top of the directory tree under which the server's
63# configuration, error, and log files are kept.
64#
65# NOTE!  If you intend to place this on an NFS (or otherwise network)
66# mounted filesystem then please read the LockFile documentation
67# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
68# you will save yourself a lot of trouble.
69#
70ServerRoot "/usr/apache"
71
72#
73# The LockFile directive sets the path to the lockfile used when Apache
74# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
75# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
76# its default value. The main reason for changing it is if the logs
77# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
78# DISK. The PID of the main server process is automatically appended to
79# the filename.
80#
81#LockFile /var/run/httpd.lock
82LockFile /var/run/httpd-standalone-ipp.lock
83
84#
85# PidFile: The file in which the server should record its process
86# identification number when it starts.
87#
88PidFile /var/run/httpd-standalone-ipp.pid
89
90#
91# ScoreBoardFile: File used to store internal server process information.
92# Not all architectures require this.  But if yours does (you'll know because
93# this file will be  created when you run Apache) then you *must* ensure that
94# no two invocations of Apache share the same scoreboard file.
95#
96ScoreBoardFile /var/run/httpd-standalone-ipp.scoreboard
97
98#
99# In the standard configuration, the server will process httpd.conf (this
100# file, specified by the -f command line option), srm.conf, and access.conf
101# in that order.  The latter two files are now distributed empty, as it is
102# recommended that all directives be kept in a single file for simplicity.
103# The commented-out values below are the built-in defaults.  You can have the
104# server ignore these files altogether by using "/dev/null" (for Unix) or
105# "nul" (for Win32) for the arguments to the directives.
106#
107#ResourceConfig conf/srm.conf
108#AccessConfig conf/access.conf
109
110#
111# Timeout: The number of seconds before receives and sends time out.
112#
113Timeout 300
114
115#
116# KeepAlive: Whether or not to allow persistent connections (more than
117# one request per connection). Set to "Off" to deactivate.
118#
119KeepAlive On
120
121#
122# MaxKeepAliveRequests: The maximum number of requests to allow
123# during a persistent connection. Set to 0 to allow an unlimited amount.
124# We recommend you leave this number high, for maximum performance.
125#
126MaxKeepAliveRequests 100
127
128#
129# KeepAliveTimeout: Number of seconds to wait for the next request from the
130# same client on the same connection.
131#
132KeepAliveTimeout 15
133
134#
135# Server-pool size regulation.  Rather than making you guess how many
136# server processes you need, Apache dynamically adapts to the load it
137# sees --- that is, it tries to maintain enough server processes to
138# handle the current load, plus a few spare servers to handle transient
139# load spikes (e.g., multiple simultaneous requests from a single
140# Netscape browser).
141#
142# It does this by periodically checking how many servers are waiting
143# for a request.  If there are fewer than MinSpareServers, it creates
144# a new spare.  If there are more than MaxSpareServers, some of the
145# spares die off.  The default values are probably OK for most sites.
146#
147MinSpareServers 1
148MaxSpareServers 2
149
150#
151# Number of servers to start initially --- should be a reasonable ballpark
152# figure.
153#
154StartServers 1
155
156#
157# Limit on total number of servers running, i.e., limit on the number
158# of clients who can simultaneously connect --- if this limit is ever
159# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
160# It is intended mainly as a brake to keep a runaway server from taking
161# the system with it as it spirals down...
162#
163MaxClients 150
164
165#
166# MaxRequestsPerChild: the number of requests each child process is
167# allowed to process before the child dies.  The child will exit so
168# as to avoid problems after prolonged use when Apache (and maybe the
169# libraries it uses) leak memory or other resources.  On most systems, this
170# isn't really needed, but a few (such as Solaris) do have notable leaks
171# in the libraries. For these platforms, set to something like 10000
172# or so; a setting of 0 means unlimited.
173#
174# NOTE: This value does not include keepalive requests after the initial
175#       request per connection. For example, if a child process handles
176#       an initial request and 10 subsequent "keptalive" requests, it
177#       would only count as 1 request towards this limit.
178#
179MaxRequestsPerChild 10
180
181#
182# Dynamic Shared Object (DSO) Support
183#
184# To be able to use the functionality of a module which was built as a DSO you
185# have to place corresponding `LoadModule' lines at this location so the
186# directives contained in it are actually available _before_ they are used.
187# Please read the file http://httpd.apache.org/docs/dso.html for more
188# details about the DSO mechanism and run `httpd -l' for the list of already
189# built-in (statically linked and thus always available) modules in your httpd
190# binary.
191#
192# Note: The order in which modules are loaded is important.  Don't change
193# the order below without expert advice.
194#
195LoadModule access_module libexec/mod_access.so
196LoadModule alias_module libexec/mod_alias.so
197LoadModule auth_module libexec/mod_auth.so
198LoadModule mime_module libexec/mod_mime.so
199LoadModule mime_magic_module libexec/mod_mime_magic.so
200LoadModule ipp_module libexec/mod_ipp.so
201
202#  Reconstruction of the complete module list from all available modules
203#  (static and shared ones) to achieve correct module execution order.
204#  [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
205ClearModuleList
206AddModule mod_access.c
207AddModule mod_alias.c
208AddModule mod_auth.c
209AddModule mod_mime.c
210AddModule mod_mime_magic.c
211AddModule mod_ipp.c
212AddModule mod_so.c
213
214### Section 2: 'Main' server configuration
215#
216# The directives in this section set up the values used by the 'main'
217# server, which responds to any requests that aren't handled by a
218# <VirtualHost> definition.  These values also provide defaults for
219# any <VirtualHost> containers you may define later in the file.
220#
221# All of these directives may appear inside <VirtualHost> containers,
222# in which case these default settings will be overridden for the
223# virtual host being defined.
224#
225
226#
227# If your ServerType directive (set earlier in the 'Global Environment'
228# section) is set to "inetd", the next few directives don't have any
229# effect since their settings are defined by the inetd configuration.
230# Skip ahead to the ServerAdmin directive.
231#
232
233#
234# Port: The port to which the standalone server listens. For
235# ports < 1023, you will need httpd to be run as root initially.
236#
237Port 631
238
239#
240# If you wish httpd to run as a different user or group, you must run
241# httpd as root initially and it will switch.
242#
243# User/Group: The name (or #number) of the user/group to run httpd as.
244#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
245#  . On HPUX you may not be able to use shared memory as nobody, and the
246#    suggested workaround is to create a user www and use that user.
247#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
248#  when the value of (unsigned)Group is above 60000;
249#  don't use Group nobody on these systems!
250#
251User lp
252Group lp
253
254#
255# ServerAdmin: Your address, where problems with the server should be
256# e-mailed.  This address appears on some server-generated pages, such
257# as error documents.
258#
259ServerAdmin lp@localhost
260
261#
262# ServerName allows you to set a host name which is sent back to clients for
263# your server if it's different than the one the program would get (i.e., use
264# "www" instead of the host's real name).
265#
266# Note: You cannot just invent host names and hope they work. The name you
267# define here must be a valid DNS name for your host. If you don't understand
268# this, ask your network administrator.
269# If your host doesn't have a registered DNS name, enter its IP address here.
270# You will have to access it by its address (e.g., http://123.45.67.89/)
271# anyway, and this will make redirections work in a sensible way.
272#
273# 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
274# machine always knows itself by this address. If you use Apache strictly for
275# local testing and development, you may use 127.0.0.1 as the server name.
276#
277#Servername printserver.some_company.com
278
279DefaultType application/ipp
280
281ErrorLog	/var/lp/logs/ipp-errors
282LogLevel	warn
283
284DocumentRoot /var/lp/ipp-listener
285
286# Allow passing PPD files from this service as well
287Alias /etc/lp/ppd/ /etc/lp/ppd/
288<Directory /etc/lp/ppd>
289	SetHandler send-as-is
290	<LimitExcept GET>
291		Deny from all
292	</LimitExcept>
293</Directory>
294
295# mod_ipp specific configuration
296<IfModule mod_ipp.c>
297
298	<Location />
299		# ipp-conformance automatic     # default
300		# ipp-default-user nobody
301		ipp-default-service lpsched
302		#
303		# By default, only turn on operations that are not
304		# likely to cause real problems when the user can't
305		# be trusted.
306		#
307		ipp-operation all off
308		ipp-operation print-job on
309		ipp-operation validate-job on
310		ipp-operation create-job on
311		ipp-operation get-jobs on
312		ipp-operation get-printer-attributes on
313		ipp-operation send-document on
314		ipp-operation cancel-job on
315		ipp-operation get-job-attributes on
316		ipp-operation cups-get-default on
317		ipp-operation cups-get-printers on
318		ipp-operation cups-get-classes on
319		ipp-operation cups-move-job on
320
321		# redirect non-IPP requests
322		ErrorDocument 404 /index.html
323	</Location>
324
325	<Location /admin>
326		# ipp-conformance automatic     # default
327		# ipp-default-user nobody
328		ipp-default-service lpsched
329
330		ipp-operation all on
331
332		AuthType Basic
333		AuthName "IPP Server"
334		AuthUserFile /etc/ipp-users
335		Require valid-user
336
337		# redirect non-IPP requests
338		ErrorDocument 404 /index.html
339	</Location>
340</IfModule>
341
342