Skip to main content

Buildout recipes for apache.

Project description

Apache buildout recipe

This package provides buildout recipes for the configuration of apache. This has a number of features that we have found useful in production, such as support for long CA chains, htpasswd authentication protection and the support for optional templates provided with the buildout.

We use the system apache, so this recipe will not install apache for you. If you wish to install apache, use zc.recipe.cmmi perhaps.

Mandatory Parameters


The IP address of the interface on which to listen


The name of the site, used to identify the correct virtual host


The email address of the administrator of the server


The port to which requests are forwarded

Optional Parameters


The name of the HTTP Authentication realm, if you wish to password protect this site


The filename of the htpasswd file to secure the realm, defaults to “passwd” in the part directory


The username used in the htpasswd file


The IP address of a server that is permitted to send PURGE requests to this server


The name of the portal object in the zope server, defaults to “portal”


The filename of the template file to use, if you do not wish to use the default


The name of the config file written by the recipe, defaults to “apache.cfg” in the part directory


Should ssl be on or off. By default this isn’t needed, setting the ssl options is enough to turn it on. Useful to force SSL off, even if your base buildout set defaults.


A list of full pathnames to certificate authority certificate files


The full pathname of the ssl certificate, if required


The full pathname of the key for the ssl certificate


A list of other domains to forward to this domain


A list source;destination;flags that gets expanded to ‘RewriteRule source destination [flags]’


If true, the recipe will have a Redirect for www.${sitename}. If your sitename already has a www prefix, the alias will be sitename with the prefix trimmed.


Where to store apache logs (Default: /var/log/apache2)


What apache logformat to use (Default: combined)


A list of locations to set a basic auth password on, should be a list of lines of the format: <URI>:<realm>:<username>:<password>


Set to true to stop it logging IP addresses (Default: IP addresses are logged)

Domain-level Redirects

When using isotoma.recipe.apache:redirect you can listen on an interface and redirect any hits for a domain to any url.

Mandatory Paramaters


The IP and port to listen on, e.g.


The email address of the administrator of the server


A list of domain;url pairs, seperated by ‘;’. E.g.;


This software is available from our recipe repository on github.


Copyright 2010 Isotoma Limited

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.


0.6.13 (2011-12-19)

  • Allow recipe to set RequestHeaders:

    requestheader.plone_skin = Sunburst

0.6.12 (2011-11-29)

  • Fixed an issue with PURGE not being received if basic authentication is enabled.

  • Added an “indexes” option to the wsgi recipe to limit access to directory indexes unless “indexes = on”.

0.6.11 (2011-11-28)

  • Lots of template whitespace removal to produce more legible apache configs.

  • Fixed bug where RewriteRule directives were being concatenated on a single line.

0.6.10 (2011-11-26)

  • Redirects (such as those used by the auto-www option) now pay attention to the “ssl” option, redirecting to https:// or http:// as required.

  • Updated doctests with unused option ordering.

0.6.9 (2011-09-14)

  • Brown paper bag.

0.6.8 (2011-09-14)

  • Support ${:ssl} ‘only’ option, to turn off the HTTP -> HTTP redirect

0.6.7 (2011-09-06)

  • Fix WSGI static_aliases to add a newline between each.

  • Improve output formatting of basic_auth option

0.6.6 (2011-09-05)

  • SSL now works with WSGI using either the ‘protected’ argument for multiple ‘Location’s or the ‘realm’, ‘username’, ‘password’ for ‘<Location />’

0.6.5 (2011-08-24)

  • Nothing changed yet.

0.6.4 (2011-08-22)

  • Use FileSystemLoader

0.6.3 (2011-08-17)

  • Don’t turn on auth if realm is empty

0.6.0 (2011-08-13)

  • Don’t hard code Jinja2 dependency

  • Move entirely to Jinja2

  • Remove Cheetah

  • Remove zope.testing from test dependencies

  • Remove Standalone

  • Define a ‘body’ block that can be overriden

  • Tests now use difflib to give ‘git diff’ style output when there are problems

  • Add an ssl flag so we can provide sensible ssl defaults but still turn it on and off

  • Merge apache and apache-ssl into a single template

0.5.10 (2011-07-13)

  • Pinning Jinja to stop projects using this having to pin Jinja as well

0.5.9 (2011-07-13)

  • Pinned all versions and disabled buildout’s allow-picked-verions to stablise release from dependencies.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution (25.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page