From 1f3e2a9f59e83dc3f0fcbecf096a7e7b40d36ed7 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Wed, 28 Feb 2018 23:46:55 +0100
Subject: First running prototype
---
.gitmodules | 3 +
anslib/ansible-ghetto-json | 1 +
anslib/openshift-ansible | 2 +-
.../openshift-ds-allow-upgrade-to-371.patch | 45 +
group_vars/OSEv3.yml | 3 +
group_vars/all.yml | 2 -
group_vars/ands.yml | 5 +
library/ghetto_json | 1 +
opts.sh | 3 +-
playbooks/library | 1 +
playbooks/openshift-setup-project.yml | 13 +
roles/ands_kaas/defaults/main.yml | 10 +-
roles/ands_kaas/tasks/do_project.yml | 13 +-
roles/ands_kaas/tasks/file.yml | 8 +-
roles/ands_kaas/tasks/main.yml | 2 +-
roles/ands_kaas/tasks/project.yml | 11 +-
roles/ands_kaas/tasks/search.yml | 2 +-
roles/ands_kaas/tasks/sync.yml | 22 +-
roles/ands_kaas/tasks/template.yml | 4 +-
roles/ands_kaas/tasks/templates.yml | 2 +
roles/ands_kaas/tasks/volume.yml | 34 +
roles/ands_kaas/templates/00-gfs-volumes.yml.j2 | 6 +-
roles/ands_kaas/templates/50-kaas-pods.yml.j2 | 14 +-
roles/ands_openshift/tasks/security_resources.yml | 36 +-
roles/ands_openshift/tasks/storage_resources.yml | 7 +-
roles/ands_openshift/tasks/users_resources.yml | 8 +
roles/common/tasks/main.yml | 9 +
roles/docker/defaults/main.yml | 5 +-
roles/docker/handlers/main.yml | 3 +
roles/docker/tasks/main.yml | 11 +-
roles/glusterfs/tasks/data | 1 -
roles/glusterfs/tasks/data/vols2.yml | 13 +
roles/glusterfs/tasks/data/vols3.yml | 14 +
roles/glusterfs/tasks/la/vols2.yml | 1 +
roles/glusterfs/tasks/la/vols3.yml | 11 +
roles/glusterfs/tasks/tmp | 1 +
roles/glusterfs/tasks/tmp/vols2.yml | 1 -
roles/glusterfs/tasks/tmp/vols3.yml | 11 -
roles/openshift_resource/tasks/main.yml | 23 +-
roles/openshift_resource/tasks/resource.yml | 6 +-
roles/openshift_resource/tasks/template.yml | 6 +-
setup.sh | 6 +
setup/configs/openshift.yml | 21 +-
setup/configs/security.yml | 9 +-
setup/configs/volumes.yml | 25 +-
setup/projects/adei/templates/60-adei.yml.j2 | 1 +
setup/projects/adei/vars/volumes.yml | 36 +-
setup/projects/kaas/files/data/www/index.html | 1 +
.../files/etc/apache2/extra/httpd-autoindex.conf | 93 ++
.../kaas/files/etc/apache2/extra/httpd-dav.conf | 52 +
.../files/etc/apache2/extra/httpd-default.conf | 75 +
.../kaas/files/etc/apache2/extra/httpd-info.conf | 37 +
.../files/etc/apache2/extra/httpd-languages.conf | 141 ++
.../kaas/files/etc/apache2/extra/httpd-manual.conf | 31 +
.../kaas/files/etc/apache2/extra/httpd-mpm.conf | 110 ++
.../apache2/extra/httpd-multilang-errordoc.conf | 52 +
.../kaas/files/etc/apache2/extra/httpd-ssl.conf | 269 ++++
.../files/etc/apache2/extra/httpd-userdir.conf | 28 +
.../kaas/files/etc/apache2/extra/httpd-vhosts.conf | 45 +
setup/projects/kaas/files/etc/apache2/httpd.conf | 496 ++++++
.../kaas/files/etc/apache2/kaas/router.conf | 2 +
setup/projects/kaas/files/etc/apache2/magic | 382 +++++
setup/projects/kaas/files/etc/apache2/mime.types | 1588 ++++++++++++++++++++
setup/projects/kaas/keys/kaas.crt | 22 +
setup/projects/kaas/keys/kaas.key | 90 ++
.../projects/kaas/templates/10-kaas-builder.yml.j2 | 42 +
.../projects/kaas/templates/40-kaas-manager.yml.j2 | 91 ++
setup/projects/kaas/vars/globals.yml | 1 +
setup/projects/kaas/vars/pods.yml | 15 +
setup/projects/kaas/vars/volumes.yml | 10 +
.../apache2-kaas-centos/conf.d.disabled/ssl.conf | 217 ---
.../conf.d.disabled/userdir.conf | 36 -
.../files/etc/apache2-kaas-centos/conf.d/README | 9 -
.../etc/apache2-kaas-centos/conf.d/autoindex.conf | 94 --
.../etc/apache2-kaas-centos/conf.d/router.conf | 6 -
.../files/etc/apache2-kaas-centos/conf.d/ssl.conf | 0
.../etc/apache2-kaas-centos/conf.d/welcome.conf | 18 -
.../conf.modules.d/00-base.conf | 67 -
.../apache2-kaas-centos/conf.modules.d/00-mpm.conf | 19 -
.../conf.modules.d/00-proxy.conf | 4 -
.../conf.modules.disabled/00-dav.conf | 3 -
.../conf.modules.disabled/00-lua.conf | 1 -
.../conf.modules.disabled/00-optional.conf | 20 -
.../conf.modules.disabled/00-proxy.conf | 16 -
.../conf.modules.disabled/00-ssl.conf | 1 -
.../conf.modules.disabled/00-systemd.conf | 2 -
.../conf.modules.disabled/01-cgi.conf | 14 -
.../files/etc/apache2-kaas-centos/conf/httpd.conf | 353 -----
.../files/etc/apache2-kaas-centos/conf/magic | 385 -----
.../apache2-kaas-docker/extra/httpd-autoindex.conf | 93 --
.../etc/apache2-kaas-docker/extra/httpd-dav.conf | 52 -
.../apache2-kaas-docker/extra/httpd-default.conf | 75 -
.../etc/apache2-kaas-docker/extra/httpd-info.conf | 37 -
.../apache2-kaas-docker/extra/httpd-languages.conf | 141 --
.../apache2-kaas-docker/extra/httpd-manual.conf | 31 -
.../etc/apache2-kaas-docker/extra/httpd-mpm.conf | 110 --
.../extra/httpd-multilang-errordoc.conf | 52 -
.../etc/apache2-kaas-docker/extra/httpd-ssl.conf | 269 ----
.../apache2-kaas-docker/extra/httpd-userdir.conf | 28 -
.../apache2-kaas-docker/extra/httpd-vhosts.conf | 45 -
.../files/etc/apache2-kaas-docker/httpd.conf | 496 ------
.../files/etc/apache2-kaas-docker/kaas/router.conf | 2 -
.../katrin/files/etc/apache2-kaas-docker/magic | 382 -----
.../files/etc/apache2-kaas-docker/mime.types | 1588 --------------------
.../original/extra/httpd-autoindex.conf | 93 --
.../original/extra/httpd-dav.conf | 52 -
.../original/extra/httpd-default.conf | 75 -
.../original/extra/httpd-info.conf | 37 -
.../original/extra/httpd-languages.conf | 141 --
.../original/extra/httpd-manual.conf | 31 -
.../original/extra/httpd-mpm.conf | 110 --
.../original/extra/httpd-multilang-errordoc.conf | 52 -
.../original/extra/httpd-ssl.conf | 269 ----
.../original/extra/httpd-userdir.conf | 28 -
.../original/extra/httpd-vhosts.conf | 45 -
.../etc/apache2-kaas-docker/original/httpd.conf | 494 ------
setup/projects/katrin/files/www/kaas/index.html | 1 -
setup/projects/katrin/keys/kaas.crt | 22 -
setup/projects/katrin/keys/kaas.key | 90 --
.../templates/00-katrin-restricted.yml.j2.excl | 43 -
.../katrin/templates/40-kaas-manager.yml.j2 | 1 +
setup/projects/katrin/templates/katrin.yml.j2.bk | 135 --
setup/projects/katrin/vars/globals.yml | 2 -
setup/projects/katrin/vars/katrin.yml | 7 -
setup/projects/katrin/vars/pods.yml | 42 -
setup/projects/katrin/vars/volumes.yml | 11 +
126 files changed, 4037 insertions(+), 6555 deletions(-)
create mode 160000 anslib/ansible-ghetto-json
create mode 100644 anslib/patches/openshift-ds-allow-upgrade-to-371.patch
create mode 120000 library/ghetto_json
create mode 120000 playbooks/library
create mode 100644 playbooks/openshift-setup-project.yml
create mode 100644 roles/docker/handlers/main.yml
delete mode 120000 roles/glusterfs/tasks/data
create mode 100644 roles/glusterfs/tasks/data/vols2.yml
create mode 100644 roles/glusterfs/tasks/data/vols3.yml
create mode 120000 roles/glusterfs/tasks/la/vols2.yml
create mode 100644 roles/glusterfs/tasks/la/vols3.yml
create mode 120000 roles/glusterfs/tasks/tmp
delete mode 120000 roles/glusterfs/tasks/tmp/vols2.yml
delete mode 100644 roles/glusterfs/tasks/tmp/vols3.yml
create mode 100644 setup/projects/kaas/files/data/www/index.html
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-autoindex.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-dav.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-default.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-info.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-languages.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-manual.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-mpm.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-multilang-errordoc.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-ssl.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-userdir.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/extra/httpd-vhosts.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/httpd.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/kaas/router.conf
create mode 100644 setup/projects/kaas/files/etc/apache2/magic
create mode 100644 setup/projects/kaas/files/etc/apache2/mime.types
create mode 100644 setup/projects/kaas/keys/kaas.crt
create mode 100644 setup/projects/kaas/keys/kaas.key
create mode 100644 setup/projects/kaas/templates/10-kaas-builder.yml.j2
create mode 100644 setup/projects/kaas/templates/40-kaas-manager.yml.j2
create mode 100644 setup/projects/kaas/vars/globals.yml
create mode 100644 setup/projects/kaas/vars/pods.yml
create mode 100644 setup/projects/kaas/vars/volumes.yml
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/ssl.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/userdir.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/README
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/autoindex.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/router.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/ssl.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/welcome.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-base.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-mpm.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-proxy.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-dav.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-lua.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-optional.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-proxy.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-ssl.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-systemd.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/01-cgi.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf/httpd.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-centos/conf/magic
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-autoindex.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-dav.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-default.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-info.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-languages.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-manual.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-mpm.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-multilang-errordoc.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-ssl.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-userdir.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-vhosts.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/httpd.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/kaas/router.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/magic
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/mime.types
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-autoindex.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-dav.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-default.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-info.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-languages.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-manual.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-mpm.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-multilang-errordoc.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-ssl.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-userdir.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-vhosts.conf
delete mode 100644 setup/projects/katrin/files/etc/apache2-kaas-docker/original/httpd.conf
delete mode 100644 setup/projects/katrin/files/www/kaas/index.html
delete mode 100644 setup/projects/katrin/keys/kaas.crt
delete mode 100644 setup/projects/katrin/keys/kaas.key
delete mode 100644 setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
create mode 120000 setup/projects/katrin/templates/40-kaas-manager.yml.j2
delete mode 100644 setup/projects/katrin/templates/katrin.yml.j2.bk
delete mode 100644 setup/projects/katrin/vars/globals.yml
delete mode 100644 setup/projects/katrin/vars/katrin.yml
delete mode 100644 setup/projects/katrin/vars/pods.yml
create mode 100644 setup/projects/katrin/vars/volumes.yml
diff --git a/.gitmodules b/.gitmodules
index 2a57e55..1401d9b 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,6 @@
[submodule "anslib/openshift-ansible"]
path = anslib/openshift-ansible
url = https://github.com/openshift/openshift-ansible.git
+[submodule "anslib/ansible-ghetto-json"]
+ path = anslib/ansible-ghetto-json
+ url = https://github.com/FauxFaux/ansible-ghetto-json.git
diff --git a/anslib/ansible-ghetto-json b/anslib/ansible-ghetto-json
new file mode 160000
index 0000000..a09b9fc
--- /dev/null
+++ b/anslib/ansible-ghetto-json
@@ -0,0 +1 @@
+Subproject commit a09b9fc089cada6172f9401ba4eaf48f89452c67
diff --git a/anslib/openshift-ansible b/anslib/openshift-ansible
index ec3bc59..a462739 160000
--- a/anslib/openshift-ansible
+++ b/anslib/openshift-ansible
@@ -1 +1 @@
-Subproject commit ec3bc59ab20c4c21b7cfd27065c1a9b811bd9518
+Subproject commit a46273949c39d6bd20ee65eb89aa96a73ffe9aef
diff --git a/anslib/patches/openshift-ds-allow-upgrade-to-371.patch b/anslib/patches/openshift-ds-allow-upgrade-to-371.patch
new file mode 100644
index 0000000..2bae14e
--- /dev/null
+++ b/anslib/patches/openshift-ds-allow-upgrade-to-371.patch
@@ -0,0 +1,45 @@
+diff --git a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
+index cc2ec27..6c4ccf8 100644
+--- a/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
++++ b/playbooks/common/openshift-cluster/upgrades/v3_7/upgrade.yml
+@@ -12,7 +12,7 @@
+ - pre_upgrade
+ tasks:
+ - set_fact:
+- openshift_upgrade_target: '3.7'
++ openshift_upgrade_target: '3.7.1'
+ openshift_upgrade_min: '3.6'
+
+ - import_playbook: ../pre/config.yml
+diff --git a/roles/openshift_repos/templates/CentOS-OpenShift-Origin371.repo.j2 b/roles/openshift_repos/templates/CentOS-OpenShift-Origin371.repo.j2
+new file mode 100644
+index 0000000..3118c7c
+--- /dev/null
++++ b/roles/openshift_repos/templates/CentOS-OpenShift-Origin371.repo.j2
+@@ -0,0 +1,26 @@
++[centos-openshift-origin371]
++name=CentOS OpenShift Origin
++baseurl=http://ufo.kit.edu/ands/repos/openshift74/
++enabled=1
++gpgcheck=0
++
++[centos-openshift-origin37-testing]
++name=CentOS OpenShift Origin Testing
++baseurl=http://buildlogs.centos.org/centos/7/paas/x86_64/openshift-origin37/
++enabled={{ 1 if openshift_repos_enable_testing else 0 }}
++gpgcheck=0
++gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
++
++[centos-openshift-origin37-debuginfo]
++name=CentOS OpenShift Origin DebugInfo
++baseurl=http://debuginfo.centos.org/centos/7/paas/x86_64/
++enabled=0
++gpgcheck=1
++gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
++
++[centos-openshift-origin37-source]
++name=CentOS OpenShift Origin Source
++baseurl=http://vault.centos.org/centos/7/paas/Source/openshift-origin37/
++enabled=0
++gpgcheck=1
++gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-PaaS
diff --git a/group_vars/OSEv3.yml b/group_vars/OSEv3.yml
index 1636c6d..537e5d7 100644
--- a/group_vars/OSEv3.yml
+++ b/group_vars/OSEv3.yml
@@ -105,3 +105,6 @@ openshift_install_examples: true
# Required for IPFailover
openshift_clock_enabled: true
+
+#This is required by OpenShift upgrade (may be something else)
+g_ssh_user: "{{ ansible_ssh_user }}"
diff --git a/group_vars/all.yml b/group_vars/all.yml
index 1a1d11f..aef2251 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -2,5 +2,3 @@ ansible_ssh_user: root
ansible_ssh_private_key_file: /home/csa/.ssh/id_dsa
glusterfs_version: 312
-#This is required by OpenShift upgrade (may be something else)
-g_ssh_user: "{{ ansible_ssh_user }}"
diff --git a/group_vars/ands.yml b/group_vars/ands.yml
index d3121c1..d9639f3 100644
--- a/group_vars/ands.yml
+++ b/group_vars/ands.yml
@@ -3,3 +3,8 @@
#ands_master_id: "{{ ('masters' in group_names) | ternary(groups.masters.index(('masters' in group_names) | ternary(inventory_hostname, groups.masters[0])), -1) }}"
ands_storage_hostname: "{{ ands_storage_network | default(false) | ternary(ands_storage_network | default('') | ipaddr(ands_host_id) | ipaddr('address'), ansible_fqdn) }}"
ands_configure_heketi: false
+
+ands_repo_url: http://ufo.kit.edu/ands/repos
+ands_repositories:
+ - name: ands-updates
+ url: "{{ ands_repo_url }}/centos74/"
diff --git a/library/ghetto_json b/library/ghetto_json
new file mode 120000
index 0000000..9a303be
--- /dev/null
+++ b/library/ghetto_json
@@ -0,0 +1 @@
+../anslib/ansible-ghetto-json/ghetto_json
\ No newline at end of file
diff --git a/opts.sh b/opts.sh
index 6c34d04..7e6d16f 100644
--- a/opts.sh
+++ b/opts.sh
@@ -34,8 +34,9 @@ Actions:
Configuration of new resources, etc.
users - configure user roles & passwords
- storage - reconfigure Gluster and OpenShift volumes
+ storage - reconfigures Gluster and OpenShift volumes
projects - reconfigures OpenShift resources if necessary
+ project <name> - reconfigures a single OpenShift namespace
vpn - reconfigure VPN tunnels
certs - re-generate OpenShift x509 certificates
check - check current setup and report if any maintenace should be peformed
diff --git a/playbooks/library b/playbooks/library
new file mode 120000
index 0000000..d6bf720
--- /dev/null
+++ b/playbooks/library
@@ -0,0 +1 @@
+../library/
\ No newline at end of file
diff --git a/playbooks/openshift-setup-project.yml b/playbooks/openshift-setup-project.yml
new file mode 100644
index 0000000..ab95933
--- /dev/null
+++ b/playbooks/openshift-setup-project.yml
@@ -0,0 +1,13 @@
+- name: Configure users & user projects
+ hosts: masters
+ roles:
+ - { role: ands_facts }
+
+- name: "Configure project {{ kaas_single_project }}"
+ hosts: masters
+ roles:
+ - { role: ands_kaas }
+ vars:
+ kaas_openshift_volumes: "{{ ands_openshift_volumes }}"
+ kaas_projects: "{{ ands_openshift_projects.keys() }}"
+ kaas_single_project: "{{ ands_configure_project }}"
diff --git a/roles/ands_kaas/defaults/main.yml b/roles/ands_kaas/defaults/main.yml
index 3835453..b2bfaf5 100644
--- a/roles/ands_kaas/defaults/main.yml
+++ b/roles/ands_kaas/defaults/main.yml
@@ -4,8 +4,16 @@ kaas_projects: "{{ ands_openshift_projects.keys() }}"
kaas_template_root: "{{ ands_paths.provision }}/kaas/"
kaas_glusterfs_endpoints: gfs
-kaas_openshift_volumes: "{{ ands_openshift_volumes }}"
+kaas_openshift_volumes: "{{ ands_openshift_volumes | default({}) }}"
+kaas_openshift_files: "{{ ands_openshift_files | default([]) }}"
+
+kaas_openshift_uids: "{{ ands_openshift_uids | default({}) }}"
+kaas_openshift_gids: "{{ ands_openshift_gids | default({}) }}"
+kaas_openshift_gid_ranges: "{{ ands_openshift_gid_ranges | default({}) }}"
+
kaas_default_volume_capacity: "1Ti"
kaas_default_file_owner: root
kaas_default_file_group: root
+
+kaas_pod_history_limit: 1
diff --git a/roles/ands_kaas/tasks/do_project.yml b/roles/ands_kaas/tasks/do_project.yml
index a876d94..4fac6c6 100644
--- a/roles/ands_kaas/tasks/do_project.yml
+++ b/roles/ands_kaas/tasks/do_project.yml
@@ -6,13 +6,15 @@
include_tasks: volume.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_dict: "{{ kaas_project_config.volumes | default(kaas_openshift_volumes) }}"
+ with_dict: "{{ kaas_project_volumes }}"
loop_control:
loop_var: osv
vars:
query: "[*].volumes.{{osv.value.volume}}.mount"
mntpath: "{{ (ands_storage_domains | json_query(query)) }}"
- path: "{{ mntpath[0] ~ (osv.value.path | default('')) }}"
+ osvpath: "{{ osv.value.path | default('') }}"
+ prefix: "{{ ( osvpath[:1] == '/' ) | ternary('', '/' ~ kaas_project ~ '/') }}"
+ path: "{{ mntpath[0] ~ prefix ~ osvpath }}"
name: "{{osv.key}}"
volume: "{{osv.value}}"
when: ( mntpath | length ) > 0
@@ -29,19 +31,19 @@
include_tasks: file.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_items: "{{ kaas_project_config.files | default(ands_openshift_files) }}"
+ with_items: "{{ kaas_project_config.files | default(kaas_openshift_files) | default([]) }}"
loop_control:
loop_var: file
vars:
pvar: "kaas_{{ file.osv }}_path"
path: "{{ hostvars[inventory_hostname][pvar] }}/{{ file.path }}"
- when: file.osv in ( kaas_project_config.volumes | default(kaas_openshift_volumes) )
+ when: file.osv in kaas_project_volumes
- name: Load OpenSSL keys
include_tasks: keys.yml
# delegate_to: "{{ groups.masters[0] }}"
run_once: true
- with_dict: "{{ kaas_project_config.pods }}"
+ with_dict: "{{ kaas_project_config.pods | default({}) }}"
loop_control:
loop_var: pod
@@ -57,5 +59,4 @@
run_once: true
when:
- kaas_project_config.oc is undefined
- - kaas_project_config.pods != {}
diff --git a/roles/ands_kaas/tasks/file.yml b/roles/ands_kaas/tasks/file.yml
index e6b2e8d..a839473 100644
--- a/roles/ands_kaas/tasks/file.yml
+++ b/roles/ands_kaas/tasks/file.yml
@@ -3,15 +3,15 @@
set_fact: group="{{ file.group | default(kaas_project_config.file_group | default(ands_default_file_group)) }}"
- name : Resolve project groups
- set_fact: group="{{ (kaas_project_config.gids | default(ands_openshift_gids))[group].id }}"
- when: group in ( kaas_project_config.gids | default(ands_openshift_gids) )
+ set_fact: group="{{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}"
+ when: group in ( kaas_project_config.gids | default(kaas_openshift_gids) )
- name: Set owner
set_fact: owner="{{ file.owner | default(kaas_project_config.file_owner | default(ands_default_file_owner)) }}"
- name : Resolve project uids
- set_fact: owner="{{ (kaas_project_config.uids | default(ands_openshift_uids) )[owner].id }}"
- when: owner in ( kaas_project_config.uids | default(ands_openshift_uids) )
+ set_fact: owner="{{ (kaas_project_config.uids | default(kaas_openshift_uids) )[owner].id }}"
+ when: owner in ( kaas_project_config.uids | default(kaas_openshift_uids) )
- name: "Setting up files in {{ path }}"
file:
diff --git a/roles/ands_kaas/tasks/main.yml b/roles/ands_kaas/tasks/main.yml
index 0931f80..85110cb 100644
--- a/roles/ands_kaas/tasks/main.yml
+++ b/roles/ands_kaas/tasks/main.yml
@@ -4,7 +4,7 @@
include_tasks: project.yml
run_once: true
# delegate_to: "{{ groups.masters[0] }}"
- with_items: "{{ kaas_projects }}"
+ with_items: "{{ (kaas_single_project is defined) | ternary([kaas_single_project], kaas_projects) }}"
loop_control:
loop_var: kaas_project
vars:
diff --git a/roles/ands_kaas/tasks/project.yml b/roles/ands_kaas/tasks/project.yml
index 40b5180..f7eb1df 100644
--- a/roles/ands_kaas/tasks/project.yml
+++ b/roles/ands_kaas/tasks/project.yml
@@ -1,11 +1,15 @@
---
- name: Load global variables
include_vars: "{{kaas_project_path}}/vars/globals.yml"
- when: "'{{kaas_project_path}}/vars/globals.yml' | is_file"
+ when: path | is_file
+ vars:
+ path: "{{ kaas_project_path }}/vars/globals.yml"
- name: Load variables
include_vars: dir="{{kaas_project_path}}/vars" name="var_{{kaas_project}}_config"
- when: "'{{kaas_project_path}}/vars' | is_dir"
+ when: path | is_dir
+ vars:
+ path: "{{ kaas_project_path }}/vars"
- set_fact: "var_{{kaas_project}}_config={{var_empty}}"
vars:
@@ -24,4 +28,5 @@
- include_tasks: do_project.yml
vars:
var_name: "var_{{kaas_project}}_config"
- kaas_project_config: "{{hostvars[inventory_hostname][var_name]}}"
+ kaas_project_config: "{{ hostvars[inventory_hostname][var_name] }}"
+ kaas_project_volumes: "{{ kaas_project_config.volumes | default(kaas_project_config.extra_volumes | default({}) | combine(kaas_openshift_volumes)) }}"
\ No newline at end of file
diff --git a/roles/ands_kaas/tasks/search.yml b/roles/ands_kaas/tasks/search.yml
index 9844ee8..1cefb7d 100644
--- a/roles/ands_kaas/tasks/search.yml
+++ b/roles/ands_kaas/tasks/search.yml
@@ -12,5 +12,5 @@
local_path: "{{ osv_path }}"
remote_path: "{{ hostvars[inventory_hostname][pvar] }}"
when:
- - osv in (kaas_project_config.volumes | default(kaas_openshift_volumes))
+ - osv in kaas_project_volumes
- hostvars[inventory_hostname][pvar] is defined
diff --git a/roles/ands_kaas/tasks/sync.yml b/roles/ands_kaas/tasks/sync.yml
index 07764ca..a4febe7 100644
--- a/roles/ands_kaas/tasks/sync.yml
+++ b/roles/ands_kaas/tasks/sync.yml
@@ -4,5 +4,23 @@
register: result
- name: "Sync '{{ item_name }}'"
- local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes
- when: (result.stat.exists == False) or (kaas_resync | default(false))
+ local_action: synchronize src="{{ item_src }}" dest="{{ remote_path }}/" archive=yes delete=yes
+ register: sync
+ when: (result.stat.exists == False) or (kaas_resync | default(false)) or (kaas_project_config.resync | default(false))
+
+- name: "Ensure the data is writeable by project pods"
+ vars:
+ grp: "{{ kaas_project_config.sync_set_gid }}"
+ gid: "{{ ((kaas_project_config.gids | default(kaas_openshift_gids))[grp] is defined) | ternary((kaas_project_config.gids | default(kaas_openshift_gids))[grp].id, grp) }}"
+ file:
+ path: "{{ remote_path }}"
+ state: "directory"
+ recurse: "yes"
+ mode: "g+w"
+ owner: "{{ kaas_project_config.sync_set_uid | default('root') }}"
+ group: "{{ gid }}"
+ register: chmod
+ when:
+ - sync | changed
+ - kaas_openshift_gid_ranges[kaas_project] is defined
+ - kaas_project_config.sync_set_gid | default(false)
diff --git a/roles/ands_kaas/tasks/template.yml b/roles/ands_kaas/tasks/template.yml
index 6a81dd7..6c90b3d 100644
--- a/roles/ands_kaas/tasks/template.yml
+++ b/roles/ands_kaas/tasks/template.yml
@@ -1,4 +1,4 @@
-- name: Populate template
+- name: "Populate template {{ tmpl_name }}"
template: src="{{ item }}" dest="{{ kaas_template_path }}/{{ item | basename | regex_replace('\.j2','') }}" owner=root group=root mode="0644"
register: result
with_first_found:
@@ -8,7 +8,7 @@
files:
- "{{ tmpl_name }}"
-- name: Configure KaaS resources
+- name: "Configure KaaS resources defined in {{ tmpl_name }}"
include_role: name="openshift_resource"
vars:
template: "{{ tmpl_name | basename | regex_replace('\\.j2','') }}"
diff --git a/roles/ands_kaas/tasks/templates.yml b/roles/ands_kaas/tasks/templates.yml
index e1612bc..2de4fad 100644
--- a/roles/ands_kaas/tasks/templates.yml
+++ b/roles/ands_kaas/tasks/templates.yml
@@ -4,10 +4,12 @@
command: "echo {{ item | quote }}"
register: results
changed_when: false
+ when: (kaas_project_config.pods | default([]) | length > 0) or not (item | regex_search('kaas-pods'))
with_fileglob:
- "{{ role_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
- "{{ kaas_project_path }}/templates/{{ kaas_template_glob | default('*') }}.j2"
+
#- debug: msg="{{ results }}"
- name: "Sort and execute KaaS templates"
diff --git a/roles/ands_kaas/tasks/volume.yml b/roles/ands_kaas/tasks/volume.yml
index b82e55f..ff51fb0 100644
--- a/roles/ands_kaas/tasks/volume.yml
+++ b/roles/ands_kaas/tasks/volume.yml
@@ -6,6 +6,40 @@
file:
path: "{{ path }}"
state: "directory"
+ recurse: "no"
+ register: mkdir
+
+- name: "Ensure the {{ path }} is writeable by project pods"
+ vars:
+ default_group: "{{ kaas_openshift_gid_ranges[kaas_project] | default('') | regex_replace('^([0-9]+)[^0-9]*.*$', '\\1') }}"
+ file:
+ path: "{{ path }}"
+ state: "directory"
+ recurse: "no"
+ mode: "{{ volume.mode | default(0775) }}"
+ owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}"
+ group: "{{ volume.group | default(kaas_project_config.file_group) | default(default_group) }}"
+ register: chmod
+ when:
+ - mkdir | changed
+ - kaas_openshift_gid_ranges[kaas_project] is defined
+ - osvpath[:1] != "/"
+
+# There is no other way to write for users. There will be just two osv's one writeable and one not.
+# We may create a dir with the wrong one and have permissions not set
+# - volume.write | default(false)
+
+- name: "Setting default permissions for non standard locations"
+ file:
+ path: "{{ path }}"
+ state: "directory"
+ recurse: "no"
mode: "{{ volume.mode | default(0755) }}"
owner: "{{ volume.owner | default(kaas_project_config.file_owner) | default(kaas_default_file_owner) }}"
group: "{{ volume.group | default(kaas_project_config.file_group) | default(kaas_default_file_group) }}"
+ when:
+ - mkdir | changed
+ - chmod | skipped
+
+
+
diff --git a/roles/ands_kaas/templates/00-gfs-volumes.yml.j2 b/roles/ands_kaas/templates/00-gfs-volumes.yml.j2
index c90c610..c9341ed 100644
--- a/roles/ands_kaas/templates/00-gfs-volumes.yml.j2
+++ b/roles/ands_kaas/templates/00-gfs-volumes.yml.j2
@@ -6,8 +6,10 @@ metadata:
annotations:
descriptions: "KATRIN Volumes"
objects:
-{% for name, vol in (kaas_project_config.volumes | default(kaas_openshift_volumes)).iteritems() %}
+{% for name, vol in kaas_project_volumes.iteritems() %}
{% set oc_name = vol.name | default(name) | regex_replace('_','-') %}
+{% set cfgpath = vol.path | default("") %}
+{% set path = cfgpath if cfgpath[:1] == "/" else "/" + kaas_project + "/" + cfgpath %}
- apiVersion: v1
kind: PersistentVolume
metadata:
@@ -16,7 +18,7 @@ objects:
persistentVolumeReclaimPolicy: Retain
glusterfs:
endpoints: {{ kaas_glusterfs_endpoints }}
- path: "{{ vol.volume }}{{vol.path}}"
+ path: "{{ vol.volume }}{{path}}"
readOnly: {{ not (vol.write | default(false)) }}
accessModes:
- {{ vol.access | default(vol.write | default(false) | ternary('ReadWriteMany', 'ReadOnlyMany')) }}
diff --git a/roles/ands_kaas/templates/50-kaas-pods.yml.j2 b/roles/ands_kaas/templates/50-kaas-pods.yml.j2
index 9782f75..2ed7462 100644
--- a/roles/ands_kaas/templates/50-kaas-pods.yml.j2
+++ b/roles/ands_kaas/templates/50-kaas-pods.yml.j2
@@ -7,7 +7,7 @@ metadata:
annotations:
descriptions: {{ kaas_project_config.description | default(kaas_project ~ "auto-generated pod template") }}
objects:
-{% for name, pod in (kaas_project_config.pods | default(kaas_openshift_volumes)).iteritems() %}
+{% for name, pod in (kaas_project_config.pods | default({})).iteritems() %}
{% set pubkey = "kaas_" ~ name ~ "_pubkey" %}
{% set privkey = "kaas_" ~ name ~ "_privkey" %}
{% set cakey = "kaas_" ~ name ~ "_ca" %}
@@ -68,10 +68,10 @@ objects:
metadata:
name: {{ pod.name | default(name) }}
spec:
- replicas: {{ pod.sched.replicas | default(1) }}
+ replicas: {{ ( pod.sched | default({})).replicas | default(1) }}
revisionHistoryLimit: 2
strategy:
- type: {{ pod.sched.strategy | default('Rolling') }}
+ type: {{ (pod.sched | default({})).strategy | default('Rolling') }}
triggers:
- type: ConfigChange
selector:
@@ -105,18 +105,18 @@ objects:
securityContext:
{% if (pod.run_as is defined) %}
{% if (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as] is defined %}
- - {{ (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as].id }}
+ runAsUser: {{ (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as].id }}
{% else %}
- - {{ pod.run_as }}
+ runAsUser: {{ pod.run_as }}
{% endif %}
{% endif %}
{% if (pod.groups is defined) %}
supplementalGroups:
{% for group in pod.groups %}
{% if (kaas_project_config.gids | default(kaas_openshift_gids))[group] is defined %}
- - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}
+ - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}
{% else %}
- - {{ group }}
+ - {{ group }}
{% endif %}
{% endfor %}
{% endif %}
diff --git a/roles/ands_openshift/tasks/security_resources.yml b/roles/ands_openshift/tasks/security_resources.yml
index 5644723..5b80f1e 100644
--- a/roles/ands_openshift/tasks/security_resources.yml
+++ b/roles/ands_openshift/tasks/security_resources.yml
@@ -6,49 +6,41 @@
- name: Patch group range in project configuration
include_role: name="openshift_resource" tasks_from="patch.yml"
vars:
- project: "{{ prj_item }}"
- resource: "ns/{{ prj_item }}"
- patch: '{"metadata":{"annotations":{"openshift.io/sa.scc.supplemental-groups":"{{ands_openshift_gid_ranges[prj_item]}}"}}}'
+ project: "{{ item.key }}"
+ resource: "ns/{{ item.key }}"
+ patch: '{"metadata":{"annotations":{"openshift.io/sa.scc.supplemental-groups":"{{ item.value }}"}}}'
patch_path: "{{ ands_openshift_patch_path }}"
- with_items: "{{ (ands_openshift_gid_ranges | default({})).keys() }}"
- loop_control:
- loop_var: prj_item
+ with_dict: "{{ ands_openshift_gid_ranges | default({}) }}"
- name: Patch uid range in project configuration
include_role: name="openshift_resource" tasks_from="patch.yml"
vars:
- project: "{{ prj_item }}"
- resource: "ns/{{ prj_item }}"
- patch: '{"metadata":{"annotations":{"openshift.io/sa.scc.uid-range":"{{ands_openshift_uid_ranges[prj_item]}}"}}}'
+ project: "{{ item.key }}"
+ resource: "ns/{{ item.key }}"
+ patch: '{"metadata":{"annotations":{"openshift.io/sa.scc.uid-range":"{{ item.value }}"}}}'
patch_path: "{{ ands_openshift_patch_path }}"
- with_items: "{{ (ands_openshift_uid_ranges | default({})).keys() }}"
- loop_control:
- loop_var: prj_item
+ with_dict: "{{ ands_openshift_uid_ranges | default({}) }}"
- name: Restrict supplementalGroups
include_role: name="openshift_resource" tasks_from="patch.yml"
vars:
- project: "{{ prj_item }}"
+ project: "{{ item.key }}"
resource: "scc/restricted"
modes: "{{ ands_openshift_gid_mode | default({}) }}"
- mode: "{{ (modes[prj_item] is defined) | ternary(modes[prj_item], modes['ands_default'] | default(false)) }}"
+ mode: "{{ modes[item.key] | default(modes['ands_default'] | default(false)) }}"
patch: '{"supplementalGroups":{"type":"{{mode}}"}}'
patch_path: "{{ ands_openshift_patch_path }}"
when: mode != false
- with_items: "{{ (ands_openshift_projects | default({})).keys() }}"
- loop_control:
- loop_var: prj_item
+ with_dict: "{{ ands_openshift_projects | default({}) }}"
- name: Configure runAsUser
include_role: name="openshift_resource" tasks_from="patch.yml"
vars:
- project: "{{ prj_item }}"
+ project: "{{ item.key }}"
resource: "scc/restricted"
modes: "{{ ands_openshift_uid_mode | default({}) }}"
- mode: "{{ (modes[prj_item] is defined) | ternary(modes[prj_item], modes['ands_default'] | default(false)) }}"
+ mode: "{{ modes[item.key] | default(modes['ands_default'] | default(false)) }}"
patch: '{"runAsUser":{"type":"{{mode}}"}}'
patch_path: "{{ ands_openshift_patch_path }}"
when: mode != false
- with_items: "{{ (ands_openshift_projects | default({})).keys() }}"
- loop_control:
- loop_var: prj_item
+ with_dict: "{{ ands_openshift_projects | default({}) }}"
diff --git a/roles/ands_openshift/tasks/storage_resources.yml b/roles/ands_openshift/tasks/storage_resources.yml
index 5adf69e..c83c677 100644
--- a/roles/ands_openshift/tasks/storage_resources.yml
+++ b/roles/ands_openshift/tasks/storage_resources.yml
@@ -13,7 +13,7 @@
template_path: "{{ storage_template_path }}"
project: "{{ prj_item }}"
recreate: "{{ result | changed | ternary (true, false) }}"
- with_items: "{{ ands_openshift_projects.keys() | union(['default']) }}"
+ with_items: "{{ ands_openshift_projects.keys() }}"
loop_control:
loop_var: prj_item
@@ -28,6 +28,9 @@
template_path: "{{ storage_template_path }}"
project: "{{ prj_item }}"
recreate: "{{ result | changed | ternary (true, false) }}"
- with_items: "{{ ands_openshift_projects.keys() | union(['default']) }}"
+ with_items: "{{ ands_openshift_projects.keys() }}"
loop_control:
loop_var: prj_item
+
+
+
\ No newline at end of file
diff --git a/roles/ands_openshift/tasks/users_resources.yml b/roles/ands_openshift/tasks/users_resources.yml
index 5bc748c..722e1eb 100644
--- a/roles/ands_openshift/tasks/users_resources.yml
+++ b/roles/ands_openshift/tasks/users_resources.yml
@@ -19,6 +19,14 @@
command: "oc adm new-project --description '{{ ands_openshift_projects[item] }}' {{ item }}"
with_items: "{{ new_projects | default([]) }}"
+- name: Allow projects to pull images from KaaS imagestreams
+ command: "oc policy add-role-to-group system:image-puller system:serviceaccounts:{{ prj_item }} --namespace=kaas"
+ with_items: "{{ ands_openshift_projects.keys() }}"
+ when:
+ prj_item != "kaas"
+ loop_control:
+ loop_var: prj_item
+
- name: Configure per project roles
command: "oc adm policy add-role-to-user -n {{ item.key.split('/')[0] }} {{ item.key.split('/')[1] }} {{ item.value.replace(' ','').split(',') | join(' ') }}"
with_dict: "{{ ands_openshift_roles }}"
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 7f6922b..9bd820a 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -4,6 +4,10 @@
- epel-release
- centos-release-openshift-origin
+- name: Add our repository with updates and overrides
+ yum_repository: name="{{ item.name }}" description= "{{ item.description | default('Ands repository') }}" baseurl="{{ item.url }}" enabled="yes" gpgcheck="no" cost="{{ item.cost | default(1) }}"
+ with_items: "{{ ands_repositories | default([]) }}"
+
- name: Ensure GlusterFS repositories are present
yum: name="centos-release-gluster{{ glusterfs_version }}" state=present
@@ -25,6 +29,11 @@
- python-rhsm-certificates
- glusterfs-fuse
+#- name: Add NodeJS required by a few used Ansible extensions
+# package: name={{item}} state=present
+# with_items:
+# - nodejs
+
- name: Ensure all extra packages are installed
package: name={{item}} state=present
with_items: "{{ extra_packages | default([]) }}"
diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml
index 6542789..f7b96f5 100644
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -1,3 +1,6 @@
-docker_min_size: 100
docker_exclude_vgs: "{{ ands_data_vg is defined | ternary( [ ands_data_vg ], [] ) }}"
docker_lv: "docker-pool"
+
+docker_min_size: 100
+docker_max_log_size: "2m"
+docker_max_log_files: "3"
diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml
new file mode 100644
index 0000000..43016e0
--- /dev/null
+++ b/roles/docker/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+- name: restart docker
+ service: name=docker state=restarted
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
index e424e01..a7bd700 100644
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -27,6 +27,15 @@
lvol: vg="{{ ansible_lvm['lvs'][docker_lv]['vg'] }}" lv="docker_lv" size="{{ docker_volume_size }}"
when: docker_volume_size is defined
-- name: stop docker
+- name: Limit size of container log files
+ ghetto_json:
+ path: "/etc/docker/daemon.json"
+ log-driver: "json-file"
+ log-opts.max-size: "{{ docker_max_log_size }}"
+ log-opts.max-file: "{{ docker_max_log_files }}"
+ notify:
+ - restart docker
+
+- name: start docker
service: name="docker" enabled=yes state=started
\ No newline at end of file
diff --git a/roles/glusterfs/tasks/data b/roles/glusterfs/tasks/data
deleted file mode 120000
index 31bb52e..0000000
--- a/roles/glusterfs/tasks/data
+++ /dev/null
@@ -1 +0,0 @@
-cfg
\ No newline at end of file
diff --git a/roles/glusterfs/tasks/data/vols2.yml b/roles/glusterfs/tasks/data/vols2.yml
new file mode 100644
index 0000000..d094797
--- /dev/null
+++ b/roles/glusterfs/tasks/data/vols2.yml
@@ -0,0 +1,13 @@
+---
+- name: "Create {{ name }} volume"
+ gluster_volume:
+ state: present
+ name: "{{ name }}"
+ cluster: "{{ domain_servers | join(',') }}"
+ replicas: "{{ domain_servers | length }}"
+ bricks: "{{ glusterfs_bricks_path }}/brick-{{ name }}"
+ transport: "{{ glusterfs_transport }}"
+
+
+- name: "Start {{ name }} volume"
+ gluster_volume: state="started" name="{{ name }}"
diff --git a/roles/glusterfs/tasks/data/vols3.yml b/roles/glusterfs/tasks/data/vols3.yml
new file mode 100644
index 0000000..866480c
--- /dev/null
+++ b/roles/glusterfs/tasks/data/vols3.yml
@@ -0,0 +1,14 @@
+---
+- name: "Create {{ name }} volume"
+ gluster_volume:
+ state: present
+ name: "{{ name }}"
+ cluster: "{{ domain_servers | join(',') }}"
+ replicas: 3
+ arbiters: 1
+ bricks: "{{ glusterfs_bricks_path }}/brick-{{ name }}"
+ transport: "{{ glusterfs_transport }}"
+
+
+- name: "Start {{ name }} volume"
+ gluster_volume: state="started" name="{{ name }}"
diff --git a/roles/glusterfs/tasks/la/vols2.yml b/roles/glusterfs/tasks/la/vols2.yml
new file mode 120000
index 0000000..b6a3e8f
--- /dev/null
+++ b/roles/glusterfs/tasks/la/vols2.yml
@@ -0,0 +1 @@
+vols3.yml
\ No newline at end of file
diff --git a/roles/glusterfs/tasks/la/vols3.yml b/roles/glusterfs/tasks/la/vols3.yml
new file mode 100644
index 0000000..9565bb3
--- /dev/null
+++ b/roles/glusterfs/tasks/la/vols3.yml
@@ -0,0 +1,11 @@
+---
+- name: "Create {{ name }} volume"
+ gluster_volume:
+ state: present
+ name: "{{ name }}"
+ cluster: "{{ domain_servers | join(',') }}"
+ bricks: "{{ glusterfs_bricks_path }}/brick-{{ name }}"
+ transport: "{{ glusterfs_transport }}"
+
+- name: "Start {{ name }} volume"
+ gluster_volume: state="started" name="{{ name }}"
diff --git a/roles/glusterfs/tasks/tmp b/roles/glusterfs/tasks/tmp
new file mode 120000
index 0000000..6320cd2
--- /dev/null
+++ b/roles/glusterfs/tasks/tmp
@@ -0,0 +1 @@
+data
\ No newline at end of file
diff --git a/roles/glusterfs/tasks/tmp/vols2.yml b/roles/glusterfs/tasks/tmp/vols2.yml
deleted file mode 120000
index b6a3e8f..0000000
--- a/roles/glusterfs/tasks/tmp/vols2.yml
+++ /dev/null
@@ -1 +0,0 @@
-vols3.yml
\ No newline at end of file
diff --git a/roles/glusterfs/tasks/tmp/vols3.yml b/roles/glusterfs/tasks/tmp/vols3.yml
deleted file mode 100644
index 9565bb3..0000000
--- a/roles/glusterfs/tasks/tmp/vols3.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-- name: "Create {{ name }} volume"
- gluster_volume:
- state: present
- name: "{{ name }}"
- cluster: "{{ domain_servers | join(',') }}"
- bricks: "{{ glusterfs_bricks_path }}/brick-{{ name }}"
- transport: "{{ glusterfs_transport }}"
-
-- name: "Start {{ name }} volume"
- gluster_volume: state="started" name="{{ name }}"
diff --git a/roles/openshift_resource/tasks/main.yml b/roles/openshift_resource/tasks/main.yml
index af071f9..8606aa3 100644
--- a/roles/openshift_resource/tasks/main.yml
+++ b/roles/openshift_resource/tasks/main.yml
@@ -5,18 +5,27 @@
changed_when: false
register: results
- - name: Parse JSON templates
+ - name: "Parse JSON templates {{ template }}"
set_fact: tmpl="{{ results.stdout | from_json }}"
when: template.find(".json") != -1
- - name: Parse YaML templates
+ - name: "Parse YaML templates {{ template }}"
set_fact: tmpl="{{ results.stdout | from_yaml }}"
when: template.find(".json") == -1
- - include_tasks: template.yml
- when: (tmpl.kind == "Template") and (tmpl.parameters is not defined)
-
- - include_tasks: resource.yml
- when: (tmpl.parameters is defined) or (tmpl.kind != "Template")
+ - name: "Populating resources defined in {{ template }} template"
+ include_tasks: template.yml
+ register: results
+ vars:
+ metadata: "{{ tmpl.metadata | default({}) }}"
+ annotations: "{{ metadata.annotations | default({}) }}"
+ strategy: "{{ annotations['kaas/strategy'] | default('auto') }}"
+ when:
+ - tmpl.kind == "Template"
+ - strategy == "auto"
+
+ - name: "Creating template/resources defined in {{ template }}"
+ include_tasks: resource.yml
+ when: results | skipped
run_once: true
diff --git a/roles/openshift_resource/tasks/resource.yml b/roles/openshift_resource/tasks/resource.yml
index 769a89c..4e6e7ac 100644
--- a/roles/openshift_resource/tasks/resource.yml
+++ b/roles/openshift_resource/tasks/resource.yml
@@ -3,20 +3,20 @@
- name: Find out which resources we are going to configure
set_fact: rkind="{{ tmpl.kind }}" rname="{{ tmpl.metadata.name }}"
- - name: Lookup the specified resource
+ - name: "Lookup the specified resource {{rkind}}/{{rname}}"
command: "oc get -n {{project}} {{rkind}}/{{rname}}"
register: find_result
changed_when: false
failed_when: false
- - name: Detroy existing resources
+ - name: "Detroy existing resources {{rkind}}/{{rname}}"
command: "oc delete -n {{project}} {{rkind}}/{{rname}}"
register: rm_result
failed_when: false
changed_when: (rm_result | succeeded)
when: (recreate|default(false))
- - name: Create resources defined in template
+ - name: "Create resources defined in {{ template }}"
command: "oc create -n {{project}} -f '{{ template_path }}/{{ template }}' {{ create_args | default('') }}"
when: (recreate|default(false)) or (find_result.rc != 0)
run_once: true
diff --git a/roles/openshift_resource/tasks/template.yml b/roles/openshift_resource/tasks/template.yml
index c93dec5..6c9340b 100644
--- a/roles/openshift_resource/tasks/template.yml
+++ b/roles/openshift_resource/tasks/template.yml
@@ -5,7 +5,7 @@
vars:
query: "objects[*].{kind: kind, name: metadata.name}"
- - name: Lookup the specified resource
+ - name: "{{ template }}: Lookup the specified resource"
command: "oc get -n {{project}} {{item.kind}}/{{item.name}}"
register: results
failed_when: false
@@ -13,13 +13,13 @@
with_items: "{{ resources | default([]) }}"
# when: not (recreate|default(false))
- - name: Detroy existing resources
+ - name: "{{ template }}: Detroy existing resources"
command: "oc delete -n {{project}} {{resources[item|int].kind}}/{{resources[item|int].name}}"
failed_when: false
with_sequence: start=0 count="{{resources | default([]) | length}}"
when: ((recreate|default(false)) or (results | changed)) and (results.results[item|int].rc == 0)
- - name: Create resources defined in template
+ - name: "{{ template }}: Create resources defined"
shell: "oc process -f '{{ template_path }}/{{template}}' {{ template_args | default('') }} | oc create -n {{project}} -f - {{ create_args | default('') }}"
when: (recreate|default(false)) or (results | changed)
run_once: true
diff --git a/setup.sh b/setup.sh
index b7d12b3..83b8a52 100755
--- a/setup.sh
+++ b/setup.sh
@@ -35,6 +35,12 @@ case "${1}" in
projects)
apply playbooks/openshift-setup-projects.yml || exit 1
;;
+ project)
+ project=$2
+ shift
+ [ -z "$project" ] && { echo 'project name should be specified...' ; exit 1; }
+ apply playbooks/openshift-setup-project.yml --extra-vars "ands_configure_project=$project" || exit 1
+ ;;
openshift-nodes)
apply playbooks/openshift-add-nodes.yml || exit 1
;;
diff --git a/setup/configs/openshift.yml b/setup/configs/openshift.yml
index 17351ac..e6e4c75 100644
--- a/setup/configs/openshift.yml
+++ b/setup/configs/openshift.yml
@@ -1,15 +1,26 @@
---
ands_openshift_projects:
- adei: ADEI
-
-# katrin: KArlsruhe TRItium Neutrino
-# test: Tesing
+ kaas: KaaS router and common resources
+ katrin: KArlsruhe TRItium Neutrino
+ adei: ADEI
+ bora: Build Once Run Always
+ web: Web Sites
+ mon: OpenShift monitoring
+ test: Namespace for testing and prototyping
ands_openshift_users:
pdv: IPE Administation Account
katrin: KATRIN Project
csa: Suren A. Chilingaryan <csa@suren.me>
+ kopmann: Andreas Kopmann <kopmann@kit.edu>
+ ntj: Nicholas Tan Jerome <nicholas.jerome@kit.edu>
ands_openshift_roles:
- cluster-admin: csa, pdv
+ cluster-admin: csa
+ kaas/admin: csa, kopmann
katrin/admin: katrin
+ adei/admin: csa
+ bora/admin: ntj
+ web/admin: kopmann
+ mon/admin: csa
+ test/admin: csa, ntj, kopmann, katrin
diff --git a/setup/configs/security.yml b/setup/configs/security.yml
index 413f57e..b870c55 100644
--- a/setup/configs/security.yml
+++ b/setup/configs/security.yml
@@ -1,6 +1,6 @@
ands_openshift_gid_mode:
-# adei: "RunAsAny"
ands_default: "MustRunAs"
+# sample: "RunAsAny"
#ands_openshift_uid_mode:
# ands_default: "MustRunAsRange"
@@ -8,8 +8,13 @@ ands_openshift_gid_mode:
#ands_openshift_uid_ranges:
ands_openshift_gid_ranges:
+ kaas: "4000/10"
katrin: "5000/10"
- adei: "5010/10"
+ test: "7100/10"
+ adei: "6000/10"
+ bora: "6100/10"
+ web: "6200/10"
+ mon: "7000/10"
ands_openshift_uids:
kaas: { id: 6000 }
diff --git a/setup/configs/volumes.yml b/setup/configs/volumes.yml
index d93f177..f400eed 100644
--- a/setup/configs/volumes.yml
+++ b/setup/configs/volumes.yml
@@ -4,6 +4,7 @@ ands_paths:
openshift: /mnt/openshift
temporary: /mnt/temporary
databases: /mnt/databases
+ datastore: /mnt/datastore
katrin_data: /mnt/katrin
ands_heketi_domain:
@@ -15,10 +16,11 @@ ands_storage_domains:
- servers: "ands_storage_servers"
clients: "masters"
volumes:
- provision: { type: "cfg", mount: "{{ ands_paths.provision }}" }
- openshift: { type: "cfg", mount: "{{ ands_paths.openshift }}" }
- databases: { type: "db", mount: "{{ ands_paths.databases }}" }
- temporary: { type: "tmp", mount: "{{ ands_paths.temporary }}" }
+ provision: { type: "cfg", mount: "{{ ands_paths.provision }}" }
+ openshift: { type: "cfg", mount: "{{ ands_paths.openshift }}" }
+ databases: { type: "db", mount: "{{ ands_paths.databases }}" }
+ temporary: { type: "tmp", mount: "{{ ands_paths.temporary }}" }
+ datastore: { type: "data", mount: "{{ ands_paths.datastore }}" }
katrin_data: { type: "data", mount: "{{ ands_paths.katrin_data }}" }
# - servers: "storage_nodes"
# clients: "nodes"
@@ -30,13 +32,14 @@ ands_storage_domains:
# Per project list (to distribute in multiple namespaces later)
+# If not started with '/' will be prepended with project name
ands_openshift_volumes:
- etc: { volume: "openshift", path: "/etc" }
- src: { volume: "openshift", path: "/src" }
- www: { volume: "openshift", path: "/www" }
- log: { volume: "temporary", path: "/log", write: true}
- tmp: { volume: "temporary", path: "/tmp", write: true}
+ etc: { volume: "openshift", path: "" }
+ etcw: { volume: "openshift", path: "", write: true }
+ data: { volume: "datastore", path: "", write: true }
+ db: { volume: "databases", path: "", write: true }
+ tmp: { volume: "temporary", path: "", write: true }
# Global list, we only take things from the volume of project
-ands_openshift_files:
- - { osv: "log", path: "apache2-kaas", state: "directory", mode: "0777" }
+#ands_openshift_files:
+# - { osv: "log", path: "apache2-kaas", state: "directory", mode: "0777" }
diff --git a/setup/projects/adei/templates/60-adei.yml.j2 b/setup/projects/adei/templates/60-adei.yml.j2
index 1bff206..537368f 100644
--- a/setup/projects/adei/templates/60-adei.yml.j2
+++ b/setup/projects/adei/templates/60-adei.yml.j2
@@ -8,6 +8,7 @@ metadata:
openshift.io/provider-display-name: "KIT"
openshift.io/documentation-url: "http://adei.info"
openshift.io/support-url: "http://adei.info"
+ kaas/strategy: "manual"
labels:
app: "adei"
objects:
diff --git a/setup/projects/adei/vars/volumes.yml b/setup/projects/adei/vars/volumes.yml
index 69d291c..cdeb4e7 100644
--- a/setup/projects/adei/vars/volumes.yml
+++ b/setup/projects/adei/vars/volumes.yml
@@ -1,20 +1,22 @@
-volumes:
- adei_init: { volume: "openshift", path: "/adei/init" } # mysql
- adei_etc: { volume: "openshift", path: "/adei/etc" } # mysql
- adei_src: { volume: "openshift", path: "/adei/src", write: true } # prod & debug (init creates setup links)
- adei_cfg: { volume: "openshift", path: "/adei/cfg", write: true } # per-setup configs (ADEI/wiki modifies setup)
- adei_sys: { volume: "openshift", path: "/adei/sys" } # per-setup cron-jon overrides
- adei_tmp: { volume: "temporary", path: "/adei/tmp", write: true } # per-setup temporary files
- adei_log: { volume: "temporary", path: "/adei/log", write: true } # per-replica (should be fine) temporary files
- adei_db: { volume: "databases", path: "/adei", write: true}
-
gids:
- adei: { id: 5010 }
- adei_db: { id: 5011 }
+ adei: { id: 6000 }
+ adei_db: { id: 6001 }
+
+volumes:
+ adei_init: { volume: "openshift", path: "/adei/init"} # mysql
+ adei_etc: { volume: "openshift", path: "/adei/etc"} # mysql (maybe)
+ adei_src: { volume: "openshift", path: "/adei/src", write: true } # prod & debug (init creates setup links)
+ adei_cfg: { volume: "openshift", path: "/adei/cfg", write: true } # per-setup configs (ADEI/wiki modifies setup)
+ adei_sys: { volume: "openshift", path: "/adei/sys" } # per-setup cron-jon overrides
+ adei_tmp: { volume: "temporary", path: "/adei/tmp", write: true } # per-setup temporary files
+ adei_log: { volume: "temporary", path: "/adei/log", write: true } # per-replica (should be fine) temporary files
+ adei_db: { volume: "databases", path: "/adei", write: true } # mysql
files:
- - { osv: "adei_cfg", path: "/", state: "directory", group: "adei", mode: "0775" }
- - { osv: "adei_src", path: "/", state: "directory", group: "adei", mode: "0775" }
- - { osv: "adei_log", path: "/", state: "directory", group: "adei", mode: "0775" }
- - { osv: "adei_tmp", path: "/", state: "directory", group: "adei", mode: "0775" }
- - { osv: "adei_db", path: "mysql", state: "directory", group: "adei_db", mode: "0775" }
+ - { osv: "adei_cfg", path: "/", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_cfg", path: "/prod", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_cfg", path: "/dbg", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_src", path: "/", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_log", path: "/", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_tmp", path: "/", state: "directory", group: "adei", mode: "0775" }
+ - { osv: "adei_db", path: "mysql", state: "directory", group: "adei_db", mode: "0775" }
diff --git a/setup/projects/kaas/files/data/www/index.html b/setup/projects/kaas/files/data/www/index.html
new file mode 100644
index 0000000..906ee19
--- /dev/null
+++ b/setup/projects/kaas/files/data/www/index.html
@@ -0,0 +1 @@
+<html><body>KAAS</body></html>
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-autoindex.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-autoindex.conf
new file mode 100644
index 0000000..c581e97
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-autoindex.conf
@@ -0,0 +1,93 @@
+#
+# Directives controlling the display of server-generated directory listings.
+#
+# Required modules: mod_autoindex, mod_alias
+#
+# To see the listing of a directory, the Options directive for the
+# directory must include "Indexes", and the directory must not contain
+# a file matching those listed in the DirectoryIndex directive.
+#
+
+#
+# IndexOptions: Controls the appearance of server-generated directory
+# listings.
+#
+IndexOptions FancyIndexing HTMLTable VersionSort
+
+# We include the /icons/ alias for FancyIndexed directory listings. If
+# you do not use FancyIndexing, you may comment this out.
+#
+Alias /icons/ "/usr/local/apache2/icons/"
+
+<Directory "/usr/local/apache2/icons">
+ Options Indexes MultiViews
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+#
+# AddIcon* directives tell the server which icon to show for different
+# files or filename extensions. These are only displayed for
+# FancyIndexed directories.
+#
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+#
+# DefaultIcon is which icon to show for files which do not have an icon
+# explicitly set.
+#
+DefaultIcon /icons/unknown.gif
+
+#
+# AddDescription allows you to place a short description after a file in
+# server-generated indexes. These are only displayed for FancyIndexed
+# directories.
+# Format: AddDescription "description" filename
+#
+#AddDescription "GZIP compressed document" .gz
+#AddDescription "tar archive" .tar
+#AddDescription "GZIP compressed tar archive" .tgz
+
+#
+# ReadmeName is the name of the README file the server will look for by
+# default, and append to directory listings.
+#
+# HeaderName is the name of a file which should be prepended to
+# directory indexes.
+ReadmeName README.html
+HeaderName HEADER.html
+
+#
+# IndexIgnore is a set of filenames which directory indexing should ignore
+# and not include in the listing. Shell-style wildcarding is permitted.
+#
+IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-dav.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-dav.conf
new file mode 100644
index 0000000..29dfb72
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-dav.conf
@@ -0,0 +1,52 @@
+#
+# Distributed authoring and versioning (WebDAV)
+#
+# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
+# mod_auth_digest, mod_authn_file
+#
+
+# The following example gives DAV write access to a directory called
+# "uploads" under the ServerRoot directory.
+#
+# The User/Group specified in httpd.conf needs to have write permissions
+# on the directory where the DavLockDB is placed and on any directory where
+# "Dav On" is specified.
+
+DavLockDB "/usr/local/apache2/var/DavLock"
+
+Alias /uploads "/usr/local/apache2/uploads"
+
+<Directory "/usr/local/apache2/uploads">
+ Dav On
+
+ Order Allow,Deny
+ Allow from all
+
+ AuthType Digest
+ AuthName DAV-upload
+
+ # You can use the htdigest program to create the password database:
+ # htdigest -c "/usr/local/apache2/user.passwd" DAV-upload admin
+ AuthUserFile "/usr/local/apache2/user.passwd"
+ AuthDigestProvider file
+
+ # Allow universal read-access, but writes are restricted
+ # to the admin user.
+ <LimitExcept GET OPTIONS>
+ require user admin
+ </LimitExcept>
+</Directory>
+
+#
+# The following directives disable redirects on non-GET requests for
+# a directory that does not include the trailing slash. This fixes a
+# problem with several clients that do not appropriately handle
+# redirects for folders with DAV methods.
+#
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "MS FrontPage" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+BrowserMatch "^XML Spy" redirect-carefully
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-default.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-default.conf
new file mode 100644
index 0000000..efeca05
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-default.conf
@@ -0,0 +1,75 @@
+#
+# This configuration file reflects default settings for Apache HTTP Server.
+#
+# You may change these, but chances are that you may not need to.
+#
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+#
+# UseCanonicalName: Determines how Apache constructs self-referencing
+# URLs and the SERVER_NAME and SERVER_PORT variables.
+# When set "Off", Apache will use the Hostname and Port supplied
+# by the client. When set "On", Apache will use the value of the
+# ServerName directive.
+#
+UseCanonicalName Off
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of: Full | OS | Minor | Minimal | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of: On | Off | EMail
+#
+ServerSignature On
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-info.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-info.conf
new file mode 100644
index 0000000..db316c0
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-info.conf
@@ -0,0 +1,37 @@
+#
+# Get information about the requests being processed by the server
+# and the configuration of the server.
+#
+# Required modules: mod_status (for the server-status handler),
+# mod_info (for the server-info handler)
+
+#
+# Allow server status reports generated by mod_status,
+# with the URL of http://servername/server-status
+# Change the ".example.com" to match your domain to enable.
+
+<Location /server-status>
+ SetHandler server-status
+ Order deny,allow
+ Deny from all
+ Allow from .example.com
+</Location>
+
+#
+# ExtendedStatus controls whether Apache will generate "full" status
+# information (ExtendedStatus On) or just basic information (ExtendedStatus
+# Off) when the "server-status" handler is called. The default is Off.
+#
+#ExtendedStatus On
+
+#
+# Allow remote server configuration reports, with the URL of
+# http://servername/server-info (requires that mod_info.c be loaded).
+# Change the ".example.com" to match your domain to enable.
+#
+<Location /server-info>
+ SetHandler server-info
+ Order deny,allow
+ Deny from all
+ Allow from .example.com
+</Location>
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-languages.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-languages.conf
new file mode 100644
index 0000000..7f66461
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-languages.conf
@@ -0,0 +1,141 @@
+#
+# Settings for hosting different languages.
+#
+# Required modules: mod_mime, mod_negotiation
+
+# DefaultLanguage and AddLanguage allows you to specify the language of
+# a document. You can then use content negotiation to give a browser a
+# file in a language the user can understand.
+#
+# Specify a default language. This means that all data
+# going out without a specific language tag (see below) will
+# be marked with this one. You probably do NOT want to set
+# this unless you are sure it is correct for all cases.
+#
+# * It is generally better to not mark a page as
+# * being a certain language than marking it with the wrong
+# * language!
+#
+# DefaultLanguage nl
+#
+# Note 1: The suffix does not have to be the same as the language
+# keyword --- those with documents in Polish (whose net-standard
+# language code is pl) may wish to use "AddLanguage pl .po" to
+# avoid the ambiguity with the common suffix for perl scripts.
+#
+# Note 2: The example entries below illustrate that in some cases
+# the two character 'Language' abbreviation is not identical to
+# the two character 'Country' code for its country,
+# E.g. 'Danmark/dk' versus 'Danish/da'.
+#
+# Note 3: In the case of 'ltz' we violate the RFC by using a three char
+# specifier. There is 'work in progress' to fix this and get
+# the reference data for rfc1766 cleaned up.
+#
+# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+# Norwegian (no) - Polish (pl) - Portugese (pt)
+# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
+# Traditional Chinese (zh-TW)
+#
+AddLanguage ca .ca
+AddLanguage cs .cz .cs
+AddLanguage da .dk
+AddLanguage de .de
+AddLanguage el .el
+AddLanguage en .en
+AddLanguage eo .eo
+AddLanguage es .es
+AddLanguage et .et
+AddLanguage fr .fr
+AddLanguage he .he
+AddLanguage hr .hr
+AddLanguage it .it
+AddLanguage ja .ja
+AddLanguage ko .ko
+AddLanguage ltz .ltz
+AddLanguage nl .nl
+AddLanguage nn .nn
+AddLanguage no .no
+AddLanguage pl .po
+AddLanguage pt .pt
+AddLanguage pt-BR .pt-br
+AddLanguage ru .ru
+AddLanguage sv .sv
+AddLanguage tr .tr
+AddLanguage zh-CN .zh-cn
+AddLanguage zh-TW .zh-tw
+
+# LanguagePriority allows you to give precedence to some languages
+# in case of a tie during content negotiation.
+#
+# Just list the languages in decreasing order of preference. We have
+# more or less alphabetized them here. You probably want to change this.
+#
+LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
+
+#
+# ForceLanguagePriority allows you to serve a result page rather than
+# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+# [in case no accepted languages matched the available variants]
+#
+ForceLanguagePriority Prefer Fallback
+
+#
+# Commonly used filename extensions to character sets. You probably
+# want to avoid clashes with the language extensions, unless you
+# are good at carefully testing your setup after each change.
+# See http://www.iana.org/assignments/character-sets for the
+# official list of charset names and their respective RFCs.
+#
+AddCharset us-ascii.ascii .us-ascii
+AddCharset ISO-8859-1 .iso8859-1 .latin1
+AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
+AddCharset ISO-8859-3 .iso8859-3 .latin3
+AddCharset ISO-8859-4 .iso8859-4 .latin4
+AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
+AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
+AddCharset ISO-8859-7 .iso8859-7 .grk .greek
+AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
+AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
+AddCharset ISO-8859-10 .iso8859-10 .latin6
+AddCharset ISO-8859-13 .iso8859-13
+AddCharset ISO-8859-14 .iso8859-14 .latin8
+AddCharset ISO-8859-15 .iso8859-15 .latin9
+AddCharset ISO-8859-16 .iso8859-16 .latin10
+AddCharset ISO-2022-JP .iso2022-jp .jis
+AddCharset ISO-2022-KR .iso2022-kr .kis
+AddCharset ISO-2022-CN .iso2022-cn .cis
+AddCharset Big5.Big5 .big5 .b5
+AddCharset cn-Big5 .cn-big5
+# For russian, more than one charset is used (depends on client, mostly):
+AddCharset WINDOWS-1251 .cp-1251 .win-1251
+AddCharset CP866 .cp866
+AddCharset KOI8 .koi8
+AddCharset KOI8-E .koi8-e
+AddCharset KOI8-r .koi8-r .koi8-ru
+AddCharset KOI8-U .koi8-u
+AddCharset KOI8-ru .koi8-uk .ua
+AddCharset ISO-10646-UCS-2 .ucs2
+AddCharset ISO-10646-UCS-4 .ucs4
+AddCharset UTF-7 .utf7
+AddCharset UTF-8 .utf8
+AddCharset UTF-16 .utf16
+AddCharset UTF-16BE .utf16be
+AddCharset UTF-16LE .utf16le
+AddCharset UTF-32 .utf32
+AddCharset UTF-32BE .utf32be
+AddCharset UTF-32LE .utf32le
+AddCharset euc-cn .euc-cn
+AddCharset euc-gb .euc-gb
+AddCharset euc-jp .euc-jp
+AddCharset euc-kr .euc-kr
+#Not sure how euc-tw got in - IANA doesn't list it???
+AddCharset EUC-TW .euc-tw
+AddCharset gb2312 .gb2312 .gb
+AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+AddCharset shift_jis .shift_jis .sjis
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-manual.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-manual.conf
new file mode 100644
index 0000000..fc12fb9
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-manual.conf
@@ -0,0 +1,31 @@
+#
+# Provide access to the documentation on your server as
+# http://yourserver.example.com/manual/
+# The documentation is always available at
+# http://httpd.apache.org/docs/2.2/
+#
+# Required modules: mod_alias, mod_setenvif, mod_negotiation
+#
+
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "/usr/local/apache2/manual$1"
+
+<Directory "/usr/local/apache2/manual">
+ Options Indexes
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+
+ <Files *.html>
+ SetHandler type-map
+ </Files>
+ # .tr is text/troff in mime.types!
+ <Files *.html.tr.utf8>
+ ForceType "text/html; charset=utf-8"
+ </Files>
+
+ SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1
+ RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2
+
+ LanguagePriority en de es fr ja ko pt-br ru tr
+ ForceLanguagePriority Prefer Fallback
+</Directory>
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-mpm.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-mpm.conf
new file mode 100644
index 0000000..8c44c60
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-mpm.conf
@@ -0,0 +1,110 @@
+#
+# Server-Pool Management (MPM specific)
+#
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+# Note that this is the default PidFile for most MPMs.
+#
+<IfModule !mpm_netware_module>
+ PidFile "logs/httpd.pid"
+</IfModule>
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+<IfModule !mpm_winnt_module>
+<IfModule !mpm_netware_module>
+LockFile "logs/accept.lock"
+</IfModule>
+</IfModule>
+
+#
+# Only one of the below sections will be relevant on your
+# installed httpd. Use "apachectl -l" to find out the
+# active mpm.
+#
+
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxClients: maximum number of server processes allowed to start
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_prefork_module>
+ StartServers 5
+ MinSpareServers 5
+ MaxSpareServers 10
+ MaxClients 150
+ MaxRequestsPerChild 0
+</IfModule>
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MaxClients: maximum number of simultaneous client connections
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_worker_module>
+ StartServers 2
+ MaxClients 150
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestsPerChild 0
+</IfModule>
+
+# BeOS MPM
+# StartThreads: how many threads do we initially spawn?
+# MaxClients: max number of threads we can have (1 thread == 1 client)
+# MaxRequestsPerThread: maximum number of requests each thread will process
+<IfModule mpm_beos_module>
+ StartThreads 10
+ MaxClients 50
+ MaxRequestsPerThread 10000
+</IfModule>
+
+# NetWare MPM
+# ThreadStackSize: Stack size allocated for each worker thread
+# StartThreads: Number of worker threads launched at server startup
+# MinSpareThreads: Minimum number of idle threads, to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads
+# MaxThreads: Maximum number of worker threads alive at the same time
+# MaxRequestsPerChild: Maximum number of requests a thread serves. It is
+# recommended that the default value of 0 be set for this
+# directive on NetWare. This will allow the thread to
+# continue to service requests indefinitely.
+<IfModule mpm_netware_module>
+ ThreadStackSize 65536
+ StartThreads 250
+ MinSpareThreads 25
+ MaxSpareThreads 250
+ MaxThreads 1000
+ MaxRequestsPerChild 0
+ MaxMemFree 100
+</IfModule>
+
+# OS/2 MPM
+# StartServers: Number of server processes to maintain
+# MinSpareThreads: Minimum number of idle threads per process,
+# to handle request spikes
+# MaxSpareThreads: Maximum number of idle threads per process
+# MaxRequestsPerChild: Maximum number of connections per server process
+<IfModule mpm_mpmt_os2_module>
+ StartServers 2
+ MinSpareThreads 5
+ MaxSpareThreads 10
+ MaxRequestsPerChild 0
+</IfModule>
+
+# WinNT MPM
+# ThreadsPerChild: constant number of worker threads in the server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_winnt_module>
+ ThreadsPerChild 150
+ MaxRequestsPerChild 0
+</IfModule>
+
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-multilang-errordoc.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-multilang-errordoc.conf
new file mode 100644
index 0000000..8ff9a45
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-multilang-errordoc.conf
@@ -0,0 +1,52 @@
+#
+# The configuration below implements multi-language error documents through
+# content-negotiation.
+#
+# Required modules: mod_alias, mod_include, mod_negotiation
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections. We use
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+# Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,
+# even on a per-VirtualHost basis. The default include files will display
+# your Apache version number and your ServerAdmin email address regardless
+# of the setting of ServerSignature.
+
+Alias /error/ "/usr/local/apache2/error/"
+
+<Directory "/usr/local/apache2/error">
+ AllowOverride None
+ Options IncludesNoExec
+ AddOutputFilter Includes html
+ AddHandler type-map var
+ Order allow,deny
+ Allow from all
+ LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
+ ForceLanguagePriority Prefer Fallback
+</Directory>
+
+ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+ErrorDocument 410 /error/HTTP_GONE.html.var
+ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-ssl.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-ssl.conf
new file mode 100644
index 0000000..f8c023e
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-ssl.conf
@@ -0,0 +1,269 @@
+#
+# This is the Apache server configuration file providing SSL support.
+# It contains the configuration directives to instruct the server how to
+# serve pages over an https connection. For detailed information about these
+# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do. They're here only as hints or reminders. If you are unsure
+# consult the online docs. You have been warned.
+#
+
+#
+# Pseudo Random Number Generator (PRNG):
+# Configure one or more sources to seed the PRNG of the SSL library.
+# The seed data should be of good random quality.
+# WARNING! On some platforms /dev/random blocks if not enough entropy
+# is available. This means you then cannot use the /dev/random device
+# because it would lead to very long connection times (as long as
+# it requires to make more entropy available). But usually those
+# platforms additionally provide a /dev/urandom device which doesn't
+# block. So, if available, use this one instead. Read the mod_ssl User
+# Manual for more details.
+#
+#SSLRandomSeed startup file:/dev/random 512
+#SSLRandomSeed startup file:/dev/urandom 512
+#SSLRandomSeed connect file:/dev/random 512
+#SSLRandomSeed connect file:/dev/urandom 512
+
+
+#
+# When we also provide SSL we have to listen to the
+# standard HTTP port (see above) and to the HTTPS port
+#
+# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
+# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
+#
+Listen 8443
+
+##
+## SSL Global Context
+##
+## All SSL configuration in this context applies both to
+## the main server and all SSL-enabled virtual hosts.
+##
+
+#
+# Some MIME-types for downloading Certificates and CRLs
+#
+AddType application/x-x509-ca-cert .crt
+AddType application/x-pkcs7-crl .crl
+
+# SSL Cipher Suite:
+# List the ciphers that the client is permitted to negotiate,
+# and that httpd will negotiate as the client of a proxied server.
+# See the OpenSSL documentation for a complete list of ciphers, and
+# ensure these follow appropriate best practices for this deployment.
+# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
+# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
+SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
+SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
+
+# By the end of 2016, only TLSv1.2 ciphers should remain in use.
+# Older ciphers should be disallowed as soon as possible, while the
+# kRSA ciphers do not offer forward secrecy. These changes inhibit
+# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy
+# non-browser tooling) from successfully connecting.
+#
+# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable
+# those protocols which do not support forward secrecy, replace
+# the SSLCipherSuite and SSLProxyCipherSuite directives above with
+# the following two directives, as soon as practical.
+# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
+# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
+
+# User agents such as web browsers are not configured for the user's
+# own preference of either security or performance, therefore this
+# must be the prerogative of the web server administrator who manages
+# cpu load versus confidentiality, so enforce the server's cipher order.
+SSLHonorCipherOrder on
+
+# SSL Protocol support:
+# List the protocol versions which clients are allowed to connect with.
+# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0)
+# should be disabled as quickly as practical. By the end of 2016, only
+# the TLSv1.2 protocol or later should remain in use.
+SSLProtocol all -SSLv2 -SSLv3
+SSLProxyProtocol all -SSLv2 -SSLv3
+
+# Pass Phrase Dialog:
+# Configure the pass phrase gathering process.
+# The filtering dialog program (`builtin' is a internal
+# terminal dialog) has to provide the pass phrase on stdout.
+SSLPassPhraseDialog builtin
+
+# Inter-Process Session Cache:
+# Configure the SSL Session Cache: First the mechanism
+# to use and second the expiring timeout (in seconds).
+#SSLSessionCache "dbm:/usr/local/apache2/logs/ssl_scache"
+SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
+SSLSessionCacheTimeout 300
+
+# Semaphore:
+# Configure the path to the mutual exclusion semaphore the
+# SSL engine uses internally for inter-process synchronization.
+SSLMutex "file:/usr/local/apache2/logs/ssl_mutex"
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:443>
+
+# General setup for the virtual host
+DocumentRoot "/usr/local/apache2/htdocs"
+ServerName www.example.com:443
+ServerAdmin you@example.com
+ErrorLog "/usr/local/apache2/logs/error_log"
+TransferLog "/usr/local/apache2/logs/access_log"
+
+# SSL Engine Switch:
+# Enable/Disable SSL for this virtual host.
+SSLEngine on
+
+# Server Certificate:
+# Point SSLCertificateFile at a PEM encoded certificate. If
+# the certificate is encrypted, then you will be prompted for a
+# pass phrase. Note that a kill -HUP will prompt again. Keep
+# in mind that if you have both an RSA and a DSA certificate you
+# can configure both in parallel (to also allow the use of DSA
+# ciphers, etc.)
+# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
+# require an ECC certificate which can also be configured in
+# parallel.
+SSLCertificateFile "/usr/local/apache2/conf/server.crt"
+#SSLCertificateFile "/usr/local/apache2/conf/server-dsa.crt"
+#SSLCertificateFile "/usr/local/apache2/conf/server-ecc.crt"
+
+# Server Private Key:
+# If the key is not combined with the certificate, use this
+# directive to point at the key file. Keep in mind that if
+# you've both a RSA and a DSA private key you can configure
+# both in parallel (to also allow the use of DSA ciphers, etc.)
+# ECC keys, when in use, can also be configured in parallel
+SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
+#SSLCertificateKeyFile "/usr/local/apache2/conf/server-dsa.key"
+#SSLCertificateKeyFile "/usr/local/apache2/conf/server-ecc.key"
+
+# Server Certificate Chain:
+# Point SSLCertificateChainFile at a file containing the
+# concatenation of PEM encoded CA certificates which form the
+# certificate chain for the server certificate. Alternatively
+# the referenced file can be the same as SSLCertificateFile
+# when the CA certificates are directly appended to the server
+# certificate for convenience.
+#SSLCertificateChainFile "/usr/local/apache2/conf/server-ca.crt"
+
+# Certificate Authority (CA):
+# Set the CA certificate verification path where to find CA
+# certificates for client authentication or alternatively one
+# huge file containing all of them (file must be PEM encoded)
+# Note: Inside SSLCACertificatePath you need hash symlinks
+# to point to the certificate files. Use the provided
+# Makefile to update the hash symlinks after changes.
+#SSLCACertificatePath "/usr/local/apache2/conf/ssl.crt"
+#SSLCACertificateFile "/usr/local/apache2/conf/ssl.crt/ca-bundle.crt"
+
+# Certificate Revocation Lists (CRL):
+# Set the CA revocation path where to find CA CRLs for client
+# authentication or alternatively one huge file containing all
+# of them (file must be PEM encoded)
+# Note: Inside SSLCARevocationPath you need hash symlinks
+# to point to the certificate files. Use the provided
+# Makefile to update the hash symlinks after changes.
+#SSLCARevocationPath "/usr/local/apache2/conf/ssl.crl"
+#SSLCARevocationFile "/usr/local/apache2/conf/ssl.crl/ca-bundle.crl"
+
+# Client Authentication (Type):
+# Client certificate verification type and depth. Types are
+# none, optional, require and optional_no_ca. Depth is a
+# number which specifies how deeply to verify the certificate
+# issuer chain before deciding the certificate is not valid.
+#SSLVerifyClient require
+#SSLVerifyDepth 10
+
+# Access Control:
+# With SSLRequire you can do per-directory access control based
+# on arbitrary complex boolean expressions containing server
+# variable checks and other lookup directives. The syntax is a
+# mixture between C and Perl. See the mod_ssl documentation
+# for more details.
+#<Location />
+#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
+# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
+# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
+# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
+# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
+# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
+#</Location>
+
+# SSL Engine Options:
+# Set various options for the SSL engine.
+# o FakeBasicAuth:
+# Translate the client X.509 into a Basic Authorisation. This means that
+# the standard Auth/DBMAuth methods can be used for access control. The
+# user name is the `one line' version of the client's X.509 certificate.
+# Note that no password is obtained from the user. Every entry in the user
+# file needs this password: `xxj31ZMTZzkVA'.
+# o ExportCertData:
+# This exports two additional environment variables: SSL_CLIENT_CERT and
+# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+# server (always existing) and the client (only existing when client
+# authentication is used). This can be used to import the certificates
+# into CGI scripts.
+# o StdEnvVars:
+# This exports the standard SSL/TLS related `SSL_*' environment variables.
+# Per default this exportation is switched off for performance reasons,
+# because the extraction step is an expensive operation and is usually
+# useless for serving static content. So one usually enables the
+# exportation for CGI and SSI requests only.
+# o StrictRequire:
+# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
+# under a "Satisfy any" situation, i.e. when it applies access is denied
+# and no other module can change it.
+# o OptRenegotiate:
+# This enables optimized SSL connection renegotiation handling when SSL
+# directives are used in per-directory context.
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+<FilesMatch "\.(cgi|shtml|phtml|php)$">
+ SSLOptions +StdEnvVars
+</FilesMatch>
+<Directory "/usr/local/apache2/cgi-bin">
+ SSLOptions +StdEnvVars
+</Directory>
+
+# SSL Protocol Adjustments:
+# The safe and default but still SSL/TLS standard compliant shutdown
+# approach is that mod_ssl sends the close notify alert but doesn't wait for
+# the close notify alert from client. When you need a different shutdown
+# approach you can use one of the following variables:
+# o ssl-unclean-shutdown:
+# This forces an unclean shutdown when the connection is closed, i.e. no
+# SSL close notify alert is sent or allowed to be received. This violates
+# the SSL/TLS standard but is needed for some brain-dead browsers. Use
+# this when you receive I/O errors because of the standard approach where
+# mod_ssl sends the close notify alert.
+# o ssl-accurate-shutdown:
+# This forces an accurate shutdown when the connection is closed, i.e. a
+# SSL close notify alert is send and mod_ssl waits for the close notify
+# alert of the client. This is 100% SSL/TLS standard compliant, but in
+# practice often causes hanging connections with brain-dead browsers. Use
+# this only for browsers where you know that their SSL implementation
+# works correctly.
+# Notice: Most problems of broken clients are also related to the HTTP
+# keep-alive facility, so you usually additionally want to disable
+# keep-alive for those clients, too. Use variable "nokeepalive" for this.
+# Similarly, one has to force some clients to use HTTP/1.0 to workaround
+# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
+# "force-response-1.0" for this.
+BrowserMatch "MSIE [2-5]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+
+# Per-Server Logging:
+# The home of a custom SSL log file. Use this when you want a
+# compact non-error SSL logfile on a virtual host basis.
+CustomLog "/usr/local/apache2/logs/ssl_request_log" \
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-userdir.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-userdir.conf
new file mode 100644
index 0000000..567bd6d
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-userdir.conf
@@ -0,0 +1,28 @@
+# Settings for user home directories
+#
+# Required module: mod_userdir
+
+#
+# UserDir: The name of the directory that is appended onto a user's home
+# directory if a ~user request is received. Note that you must also set
+# the default access control for these directories, as in the example below.
+#
+UserDir public_html
+
+#
+# Control access to UserDir directories. The following is an example
+# for a site where these directories are restricted to read-only.
+#
+<Directory "/home/*/public_html">
+ AllowOverride FileInfo AuthConfig Limit Indexes
+ Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+ <Limit GET POST OPTIONS>
+ Order allow,deny
+ Allow from all
+ </Limit>
+ <LimitExcept GET POST OPTIONS>
+ Order deny,allow
+ Deny from all
+ </LimitExcept>
+</Directory>
+
diff --git a/setup/projects/kaas/files/etc/apache2/extra/httpd-vhosts.conf b/setup/projects/kaas/files/etc/apache2/extra/httpd-vhosts.conf
new file mode 100644
index 0000000..01a73f3
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/extra/httpd-vhosts.conf
@@ -0,0 +1,45 @@
+#
+# Virtual Hosts
+#
+# If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them. Most configurations
+# use only name-based virtual hosts so the server doesn't need to worry about
+# IP addresses. This is indicated by the asterisks in the directives below.
+#
+# Please see the documentation at
+# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
+# for further details before you try to setup virtual hosts.
+#
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+
+#
+# Use name-based virtual hosting.
+#
+NameVirtualHost *:8080
+
+#
+# VirtualHost example:
+# Almost any Apache directive may go into a VirtualHost container.
+# The first VirtualHost section is used for all requests that do not
+# match a ServerName or ServerAlias in any <VirtualHost> block.
+#
+<VirtualHost *:8080>
+ ServerAdmin webmaster@dummy-host.example.com
+ DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com"
+ ServerName dummy-host.example.com
+ ServerAlias www.dummy-host.example.com
+ ErrorLog "logs/dummy-host.example.com-error_log"
+ CustomLog "logs/dummy-host.example.com-access_log" common
+</VirtualHost>
+
+<VirtualHost *:8080>
+ ServerAdmin webmaster@dummy-host2.example.com
+ DocumentRoot "/usr/local/apache2/docs/dummy-host2.example.com"
+ ServerName dummy-host2.example.com
+ ErrorLog "logs/dummy-host2.example.com-error_log"
+ CustomLog "logs/dummy-host2.example.com-access_log" common
+</VirtualHost>
+
+
+
diff --git a/setup/projects/kaas/files/etc/apache2/httpd.conf b/setup/projects/kaas/files/etc/apache2/httpd.conf
new file mode 100644
index 0000000..4b05e71
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/httpd.conf
@@ -0,0 +1,496 @@
+#
+# This is the main Apache HTTP server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
+# In particular, see
+# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
+# for a discussion of each configuration directive.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do. They're here only as hints or reminders. If you are unsure
+# consult the online docs. You have been warned.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path. If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so 'log/access_log'
+# with ServerRoot set to '/www' will be interpreted by the
+# server as '/www/log/access_log', where as '/log/access_log' will be
+# interpreted as '/log/access_log'.
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# Do not add a slash at the end of the directory path. If you point
+# ServerRoot at a non-local disk, be sure to point the LockFile directive
+# at a local disk. If you wish to share the same ServerRoot for multiple
+# httpd daemons, you will need to change at least LockFile and PidFile.
+#
+ServerRoot "/usr/local/apache2"
+
+#
+# Listen: Allows you to bind Apache to specific IP addresses and/or
+# ports, instead of the default. See also the <VirtualHost>
+# directive.
+#
+# Change this to Listen on specific IP addresses as shown below to
+# prevent Apache from glomming onto all bound IP addresses.
+#
+#Listen 12.34.56.78:80
+Listen 8080
+
+#
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Statically compiled modules (those listed by `httpd -l') do not need
+# to be loaded here.
+#
+# Example:
+# LoadModule foo_module modules/mod_foo.so
+#
+LoadModule authn_file_module modules/mod_authn_file.so
+LoadModule authn_dbm_module modules/mod_authn_dbm.so
+LoadModule authn_anon_module modules/mod_authn_anon.so
+LoadModule authn_dbd_module modules/mod_authn_dbd.so
+LoadModule authn_default_module modules/mod_authn_default.so
+LoadModule authn_alias_module modules/mod_authn_alias.so
+LoadModule authz_host_module modules/mod_authz_host.so
+LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule authz_dbm_module modules/mod_authz_dbm.so
+LoadModule authz_owner_module modules/mod_authz_owner.so
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
+LoadModule authz_default_module modules/mod_authz_default.so
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule auth_digest_module modules/mod_auth_digest.so
+LoadModule file_cache_module modules/mod_file_cache.so
+LoadModule cache_module modules/mod_cache.so
+LoadModule disk_cache_module modules/mod_disk_cache.so
+LoadModule mem_cache_module modules/mod_mem_cache.so
+LoadModule dbd_module modules/mod_dbd.so
+LoadModule dumpio_module modules/mod_dumpio.so
+LoadModule reqtimeout_module modules/mod_reqtimeout.so
+LoadModule ext_filter_module modules/mod_ext_filter.so
+LoadModule include_module modules/mod_include.so
+LoadModule filter_module modules/mod_filter.so
+LoadModule substitute_module modules/mod_substitute.so
+LoadModule charset_lite_module modules/mod_charset_lite.so
+LoadModule deflate_module modules/mod_deflate.so
+LoadModule ldap_module modules/mod_ldap.so
+LoadModule log_config_module modules/mod_log_config.so
+LoadModule log_forensic_module modules/mod_log_forensic.so
+LoadModule logio_module modules/mod_logio.so
+LoadModule env_module modules/mod_env.so
+LoadModule mime_magic_module modules/mod_mime_magic.so
+LoadModule cern_meta_module modules/mod_cern_meta.so
+LoadModule expires_module modules/mod_expires.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule ident_module modules/mod_ident.so
+LoadModule usertrack_module modules/mod_usertrack.so
+LoadModule unique_id_module modules/mod_unique_id.so
+LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule version_module modules/mod_version.so
+LoadModule proxy_module modules/mod_proxy.so
+LoadModule proxy_connect_module modules/mod_proxy_connect.so
+LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
+LoadModule proxy_http_module modules/mod_proxy_http.so
+LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
+LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
+LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
+LoadModule ssl_module modules/mod_ssl.so
+LoadModule mime_module modules/mod_mime.so
+LoadModule dav_module modules/mod_dav.so
+LoadModule status_module modules/mod_status.so
+LoadModule autoindex_module modules/mod_autoindex.so
+LoadModule asis_module modules/mod_asis.so
+LoadModule info_module modules/mod_info.so
+LoadModule cgi_module modules/mod_cgi.so
+LoadModule dav_fs_module modules/mod_dav_fs.so
+LoadModule dav_lock_module modules/mod_dav_lock.so
+LoadModule vhost_alias_module modules/mod_vhost_alias.so
+LoadModule negotiation_module modules/mod_negotiation.so
+LoadModule dir_module modules/mod_dir.so
+LoadModule imagemap_module modules/mod_imagemap.so
+LoadModule actions_module modules/mod_actions.so
+LoadModule speling_module modules/mod_speling.so
+LoadModule userdir_module modules/mod_userdir.so
+LoadModule alias_module modules/mod_alias.so
+LoadModule rewrite_module modules/mod_rewrite.so
+
+<IfModule !mpm_netware_module>
+<IfModule !mpm_winnt_module>
+#
+# If you wish httpd to run as a different user or group, you must run
+# httpd as root initially and it will switch.
+#
+# User/Group: The name (or #number) of the user/group to run httpd as.
+# It is usually good practice to create a dedicated user and group for
+# running httpd, as with most system services.
+#
+User daemon
+Group daemon
+
+</IfModule>
+</IfModule>
+
+# 'Main' server configuration
+#
+# The directives in this section set up the values used by the 'main'
+# server, which responds to any requests that aren't handled by a
+# <VirtualHost> definition. These values also provide defaults for
+# any <VirtualHost> containers you may define later in the file.
+#
+# All of these directives may appear inside <VirtualHost> containers,
+# in which case these default settings will be overridden for the
+# virtual host being defined.
+#
+
+#
+# ServerAdmin: Your address, where problems with the server should be
+# e-mailed. This address appears on some server-generated pages, such
+# as error documents. e.g. admin@your-domain.com
+#
+ServerAdmin you@example.com
+
+#
+# ServerName gives the name and port that the server uses to identify itself.
+# This can often be determined automatically, but we recommend you specify
+# it explicitly to prevent problems during startup.
+#
+# If your host doesn't have a registered DNS name, enter its IP address here.
+#
+#ServerName www.example.com:80
+
+#
+# DocumentRoot: The directory out of which you will serve your
+# documents. By default, all requests are taken from this directory, but
+# symbolic links and aliases may be used to point to other locations.
+#
+DocumentRoot "/usr/local/apache2/htdocs"
+
+#
+# Each directory to which Apache has access can be configured with respect
+# to which services and features are allowed and/or disabled in that
+# directory (and its subdirectories).
+#
+# First, we configure the "default" to be a very restrictive set of
+# features.
+#
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Order deny,allow
+ Deny from all
+</Directory>
+
+#
+# Note that from this point forward you must specifically allow
+# particular features to be enabled - so if something's not working as
+# you might expect, make sure that you have specifically enabled it
+# below.
+#
+
+#
+# This should be changed to whatever you set DocumentRoot to.
+#
+<Directory "/usr/local/apache2/htdocs">
+ #
+ # Possible values for the Options directive are "None", "All",
+ # or any combination of:
+ # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
+ #
+ # Note that "MultiViews" must be named *explicitly* --- "Options All"
+ # doesn't give it to you.
+ #
+ # The Options directive is both complicated and important. Please see
+ # http://httpd.apache.org/docs/2.2/mod/core.html#options
+ # for more information.
+ #
+ Options Indexes FollowSymLinks
+
+ #
+ # AllowOverride controls what directives may be placed in .htaccess files.
+ # It can be "All", "None", or any combination of the keywords:
+ # Options FileInfo AuthConfig Limit
+ #
+ AllowOverride None
+
+ #
+ # Controls who can get stuff from this server.
+ #
+ Order allow,deny
+ Allow from all
+
+</Directory>
+
+#
+# DirectoryIndex: sets the file that Apache will serve if a directory
+# is requested.
+#
+<IfModule dir_module>
+ DirectoryIndex index.html
+</IfModule>
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<FilesMatch "^\.ht">
+ Order allow,deny
+ Deny from all
+ Satisfy All
+</FilesMatch>
+
+#
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog /proc/self/fd/2
+
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+LogLevel warn
+
+<IfModule log_config_module>
+ #
+ # The following directives define some format nicknames for use with
+ # a CustomLog directive (see below).
+ #
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+ LogFormat "%h %l %u %t \"%r\" %>s %b" common
+
+ <IfModule logio_module>
+ # You need to enable mod_logio.c to use %I and %O
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+ </IfModule>
+
+ #
+ # The location and format of the access logfile (Common Logfile Format).
+ # If you do not define any access logfiles within a <VirtualHost>
+ # container, they will be logged here. Contrariwise, if you *do*
+ # define per-<VirtualHost> access logfiles, transactions will be
+ # logged therein and *not* in this file.
+ #
+ CustomLog /proc/self/fd/1 common
+
+ #
+ # If you prefer a logfile with access, agent, and referer information
+ # (Combined Logfile Format) you can use the following directive.
+ #
+ #CustomLog "logs/access_log" combined
+</IfModule>
+
+<IfModule alias_module>
+ #
+ # Redirect: Allows you to tell clients about documents that used to
+ # exist in your server's namespace, but do not anymore. The client
+ # will make a new request for the document at its new location.
+ # Example:
+ # Redirect permanent /foo http://www.example.com/bar
+
+ #
+ # Alias: Maps web paths into filesystem paths and is used to
+ # access content that does not live under the DocumentRoot.
+ # Example:
+ # Alias /webpath /full/filesystem/path
+ #
+ # If you include a trailing / on /webpath then the server will
+ # require it to be present in the URL. You will also likely
+ # need to provide a <Directory> section to allow access to
+ # the filesystem path.
+
+ #
+ # ScriptAlias: This controls which directories contain server scripts.
+ # ScriptAliases are essentially the same as Aliases, except that
+ # documents in the target directory are treated as applications and
+ # run by the server when requested rather than as documents sent to the
+ # client. The same rules about trailing "/" apply to ScriptAlias
+ # directives as to Alias.
+ #
+ ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"
+
+</IfModule>
+
+<IfModule cgid_module>
+ #
+ # ScriptSock: On threaded servers, designate the path to the UNIX
+ # socket used to communicate with the CGI daemon of mod_cgid.
+ #
+ #Scriptsock logs/cgisock
+</IfModule>
+
+#
+# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased
+# CGI directory exists, if you have that configured.
+#
+<Directory "/usr/local/apache2/cgi-bin">
+ AllowOverride None
+ Options None
+ Order allow,deny
+ Allow from all
+</Directory>
+
+#
+# DefaultType: the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value. If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+DefaultType text/plain
+
+<IfModule headers_module>
+ #
+ # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
+ # backend servers which have lingering "httpoxy" defects.
+ # 'Proxy' request header is undefined by the IETF, not listed by IANA
+ #
+ RequestHeader unset Proxy early
+</IfModule>
+
+<IfModule mime_module>
+ #
+ # TypesConfig points to the file containing the list of mappings from
+ # filename extension to MIME-type.
+ #
+ TypesConfig conf/mime.types
+
+ #
+ # AddType allows you to add to or override the MIME configuration
+ # file specified in TypesConfig for specific file types.
+ #
+ #AddType application/x-gzip .tgz
+ #
+ # AddEncoding allows you to have certain browsers uncompress
+ # information on the fly. Note: Not all browsers support this.
+ #
+ #AddEncoding x-compress .Z
+ #AddEncoding x-gzip .gz .tgz
+ #
+ # If the AddEncoding directives above are commented-out, then you
+ # probably should define those extensions to indicate media types:
+ #
+ AddType application/x-compress .Z
+ AddType application/x-gzip .gz .tgz
+
+ #
+ # AddHandler allows you to map certain file extensions to "handlers":
+ # actions unrelated to filetype. These can be either built into the server
+ # or added with the Action directive (see below)
+ #
+ # To use CGI scripts outside of ScriptAliased directories:
+ # (You will also need to add "ExecCGI" to the "Options" directive.)
+ #
+ #AddHandler cgi-script .cgi
+
+ # For type maps (negotiated resources):
+ #AddHandler type-map var
+
+ #
+ # Filters allow you to process content before it is sent to the client.
+ #
+ # To parse .shtml files for server-side includes (SSI):
+ # (You will also need to add "Includes" to the "Options" directive.)
+ #
+ #AddType text/html .shtml
+ #AddOutputFilter INCLUDES .shtml
+</IfModule>
+
+#
+# The mod_mime_magic module allows the server to use various hints from the
+# contents of the file itself to determine its type. The MIMEMagicFile
+# directive tells the module where the hint definitions are located.
+#
+#MIMEMagicFile conf/magic
+
+#
+# Customizable error responses come in three flavors:
+# 1) plain text 2) local redirects 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# MaxRanges: Maximum number of Ranges in a request before
+# returning the entire resource, or one of the special
+# values 'default', 'none' or 'unlimited'.
+# Default setting is to accept 200 Ranges.
+#MaxRanges unlimited
+
+#
+# EnableMMAP and EnableSendfile: On systems that support it,
+# memory-mapping or the sendfile syscall is used to deliver
+# files. This usually improves server performance, but must
+# be turned off when serving from networked-mounted
+# filesystems or if support for these functions is otherwise
+# broken on your system.
+#
+#EnableMMAP off
+#EnableSendfile off
+
+# Supplemental configuration
+#
+# The configuration files in the conf/extra/ directory can be
+# included to add extra features or to modify the default configuration of
+# the server, or you may simply copy their contents here and change as
+# necessary.
+
+# Server-pool management (MPM specific)
+#Include conf/extra/httpd-mpm.conf
+
+# Multi-language error messages
+#Include conf/extra/httpd-multilang-errordoc.conf
+
+# Fancy directory listings
+#Include conf/extra/httpd-autoindex.conf
+
+# Language settings
+#Include conf/extra/httpd-languages.conf
+
+# User home directories
+#Include conf/extra/httpd-userdir.conf
+
+# Real-time info on requests and configuration
+#Include conf/extra/httpd-info.conf
+
+# Virtual hosts
+#Include conf/extra/httpd-vhosts.conf
+
+# Local access to the Apache HTTP Server Manual
+#Include conf/extra/httpd-manual.conf
+
+# Distributed authoring and versioning (WebDAV)
+#Include conf/extra/httpd-dav.conf
+
+# Various default settings
+#Include conf/extra/httpd-default.conf
+
+# Secure (SSL/TLS) connections
+#Include conf/extra/httpd-ssl.conf
+#
+# Note: The following must must be present to support
+# starting without SSL on platforms with no /dev/random equivalent
+# but a statically compiled-in mod_ssl.
+#
+<IfModule ssl_module>
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+</IfModule>
+
+Include conf/kaas/router.conf
diff --git a/setup/projects/kaas/files/etc/apache2/kaas/router.conf b/setup/projects/kaas/files/etc/apache2/kaas/router.conf
new file mode 100644
index 0000000..4afa6dd
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/kaas/router.conf
@@ -0,0 +1,2 @@
+ProxyPass /adei http://katrin.kit.edu/adei-katrin
+ProxyPass /katrin-ng http://katrin.kit.edu/katrin-ng
diff --git a/setup/projects/kaas/files/etc/apache2/magic b/setup/projects/kaas/files/etc/apache2/magic
new file mode 100644
index 0000000..0de7336
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/magic
@@ -0,0 +1,382 @@
+# Magic data for mod_mime_magic Apache module (originally for file(1) command)
+# The module is described in /manual/mod/mod_mime_magic.html
+#
+# The format is 4-5 columns:
+# Column #1: byte number to begin checking from, ">" indicates continuation
+# Column #2: type of data to match
+# Column #3: contents of data to match
+# Column #4: MIME type of result
+# Column #5: MIME encoding of result (optional)
+
+#------------------------------------------------------------------------------
+# Localstuff: file(1) magic for locally observed files
+# Add any locally observed files here.
+
+#------------------------------------------------------------------------------
+# end local stuff
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Java
+
+0 short 0xcafe
+>2 short 0xbabe application/java
+
+#------------------------------------------------------------------------------
+# audio: file(1) magic for sound formats
+#
+# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
+#
+
+# Sun/NeXT audio data
+0 string .snd
+>12 belong 1 audio/basic
+>12 belong 2 audio/basic
+>12 belong 3 audio/basic
+>12 belong 4 audio/basic
+>12 belong 5 audio/basic
+>12 belong 6 audio/basic
+>12 belong 7 audio/basic
+
+>12 belong 23 audio/x-adpcm
+
+# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
+# that uses little-endian encoding and has a different magic number
+# (0x0064732E in little-endian encoding).
+0 lelong 0x0064732E
+>12 lelong 1 audio/x-dec-basic
+>12 lelong 2 audio/x-dec-basic
+>12 lelong 3 audio/x-dec-basic
+>12 lelong 4 audio/x-dec-basic
+>12 lelong 5 audio/x-dec-basic
+>12 lelong 6 audio/x-dec-basic
+>12 lelong 7 audio/x-dec-basic
+# compressed (G.721 ADPCM)
+>12 lelong 23 audio/x-dec-adpcm
+
+# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
+# AIFF audio data
+8 string AIFF audio/x-aiff
+# AIFF-C audio data
+8 string AIFC audio/x-aiff
+# IFF/8SVX audio data
+8 string 8SVX audio/x-aiff
+
+# Creative Labs AUDIO stuff
+# Standard MIDI data
+0 string MThd audio/unknown
+#>9 byte >0 (format %d)
+#>11 byte >1 using %d channels
+# Creative Music (CMF) data
+0 string CTMF audio/unknown
+# SoundBlaster instrument data
+0 string SBI audio/unknown
+# Creative Labs voice data
+0 string Creative\ Voice\ File audio/unknown
+## is this next line right? it came this way...
+#>19 byte 0x1A
+#>23 byte >0 - version %d
+#>22 byte >0 \b.%d
+
+# [GRR 950115: is this also Creative Labs? Guessing that first line
+# should be string instead of unknown-endian long...]
+#0 long 0x4e54524b MultiTrack sound data
+#0 string NTRK MultiTrack sound data
+#>4 long x - version %ld
+
+# Microsoft WAVE format (*.wav)
+# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
+# Microsoft RIFF
+0 string RIFF audio/unknown
+# - WAVE format
+>8 string WAVE audio/x-wav
+# MPEG audio.
+0 beshort&0xfff0 0xfff0 audio/mpeg
+# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
+0 string PSID audio/prs.sid
+
+#------------------------------------------------------------------------------
+# c-lang: file(1) magic for C programs or various scripts
+#
+
+# XPM icons (Greg Roelofs, newt@uchicago.edu)
+# ideally should go into "images", but entries below would tag XPM as C source
+0 string /*\ XPM image/x-xbm 7bit
+
+# this first will upset you if you're a PL/1 shop... (are there any left?)
+# in which case rm it; ascmagic will catch real C programs
+# C or REXX program text
+0 string /* text/plain
+# C++ program text
+0 string // text/plain
+
+#------------------------------------------------------------------------------
+# compress: file(1) magic for pure-compression formats (no archives)
+#
+# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
+#
+# Formats for various forms of compressed data
+# Formats for "compress" proper have been moved into "compress.c",
+# because it tries to uncompress it to figure out what's inside.
+
+# standard unix compress
+0 string \037\235 application/octet-stream x-compress
+
+# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
+0 string \037\213 application/octet-stream x-gzip
+
+# According to gzip.h, this is the correct byte order for packed data.
+0 string \037\036 application/octet-stream
+#
+# This magic number is byte-order-independent.
+#
+0 short 017437 application/octet-stream
+
+# XXX - why *two* entries for "compacted data", one of which is
+# byte-order independent, and one of which is byte-order dependent?
+#
+# compacted data
+0 short 0x1fff application/octet-stream
+0 string \377\037 application/octet-stream
+# huf output
+0 short 0145405 application/octet-stream
+
+# Squeeze and Crunch...
+# These numbers were gleaned from the Unix versions of the programs to
+# handle these formats. Note that I can only uncrunch, not crunch, and
+# I didn't have a crunched file handy, so the crunch number is untested.
+# Keith Waclena <keith@cerberus.uchicago.edu>
+#0 leshort 0x76FF squeezed data (CP/M, DOS)
+#0 leshort 0x76FE crunched data (CP/M, DOS)
+
+# Freeze
+#0 string \037\237 Frozen file 2.1
+#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
+
+# lzh?
+#0 string \037\240 LZH compressed data
+
+#------------------------------------------------------------------------------
+# frame: file(1) magic for FrameMaker files
+#
+# This stuff came on a FrameMaker demo tape, most of which is
+# copyright, but this file is "published" as witness the following:
+#
+0 string \<MakerFile application/x-frame
+0 string \<MIFFile application/x-frame
+0 string \<MakerDictionary application/x-frame
+0 string \<MakerScreenFon application/x-frame
+0 string \<MML application/x-frame
+0 string \<Book application/x-frame
+0 string \<Maker application/x-frame
+
+#------------------------------------------------------------------------------
+# html: file(1) magic for HTML (HyperText Markup Language) docs
+#
+# from Daniel Quinlan <quinlan@yggdrasil.com>
+# and Anna Shergold <anna@inext.co.uk>
+#
+0 string \<!DOCTYPE\ HTML text/html
+0 string \<!doctype\ html text/html
+0 string \<HEAD text/html
+0 string \<head text/html
+0 string \<TITLE text/html
+0 string \<title text/html
+0 string \<html text/html
+0 string \<HTML text/html
+0 string \<!-- text/html
+0 string \<h1 text/html
+0 string \<H1 text/html
+
+# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
+0 string \<?xml text/xml
+
+#------------------------------------------------------------------------------
+# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
+#
+# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
+# additions by janl@ifi.uio.no as well as others. Jan also suggested
+# merging several one- and two-line files into here.
+#
+# XXX - byte order for GIF and TIFF fields?
+# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
+#
+
+# [GRR: what the hell is this doing in here?]
+#0 string xbtoa btoa'd file
+
+# PBMPLUS
+# PBM file
+0 string P1 image/x-portable-bitmap 7bit
+# PGM file
+0 string P2 image/x-portable-greymap 7bit
+# PPM file
+0 string P3 image/x-portable-pixmap 7bit
+# PBM "rawbits" file
+0 string P4 image/x-portable-bitmap
+# PGM "rawbits" file
+0 string P5 image/x-portable-greymap
+# PPM "rawbits" file
+0 string P6 image/x-portable-pixmap
+
+# NIFF (Navy Interchange File Format, a modification of TIFF)
+# [GRR: this *must* go before TIFF]
+0 string IIN1 image/x-niff
+
+# TIFF and friends
+# TIFF file, big-endian
+0 string MM image/tiff
+# TIFF file, little-endian
+0 string II image/tiff
+
+# possible GIF replacements; none yet released!
+# (Greg Roelofs, newt@uchicago.edu)
+#
+# GRR 950115: this was mine ("Zip GIF"):
+# ZIF image (GIF+deflate alpha)
+0 string GIF94z image/unknown
+#
+# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
+# FGF image (GIF+deflate beta)
+0 string FGF95a image/unknown
+#
+# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
+# (best; not yet implemented):
+# PBF image (deflate compression)
+0 string PBF image/unknown
+
+# GIF
+0 string GIF image/gif
+
+# JPEG images
+0 beshort 0xffd8 image/jpeg
+
+# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
+0 string BM image/bmp
+#>14 byte 12 (OS/2 1.x format)
+#>14 byte 64 (OS/2 2.x format)
+#>14 byte 40 (Windows 3.x format)
+#0 string IC icon
+#0 string PI pointer
+#0 string CI color icon
+#0 string CP color pointer
+#0 string BA bitmap array
+
+
+#------------------------------------------------------------------------------
+# lisp: file(1) magic for lisp programs
+#
+# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
+0 string ;; text/plain 8bit
+# Emacs 18 - this is always correct, but not very magical.
+0 string \012( application/x-elc
+# Emacs 19
+0 string ;ELC\023\000\000\000 application/x-elc
+
+#------------------------------------------------------------------------------
+# mail.news: file(1) magic for mail and news
+#
+# There are tests to ascmagic.c to cope with mail and news.
+0 string Relay-Version: message/rfc822 7bit
+0 string #!\ rnews message/rfc822 7bit
+0 string N#!\ rnews message/rfc822 7bit
+0 string Forward\ to message/rfc822 7bit
+0 string Pipe\ to message/rfc822 7bit
+0 string Return-Path: message/rfc822 7bit
+0 string Path: message/news 8bit
+0 string Xref: message/news 8bit
+0 string From: message/rfc822 7bit
+0 string Article message/news 8bit
+#------------------------------------------------------------------------------
+# msword: file(1) magic for MS Word files
+#
+# Contributor claims:
+# Reversed-engineered MS Word magic numbers
+#
+
+0 string \376\067\0\043 application/msword
+0 string \333\245-\0\0\0 application/msword
+
+# disable this one because it applies also to other
+# Office/OLE documents for which msword is not correct. See PR#2608.
+#0 string \320\317\021\340\241\261 application/msword
+
+
+
+#------------------------------------------------------------------------------
+# printer: file(1) magic for printer-formatted files
+#
+
+# PostScript
+0 string %! application/postscript
+0 string \004%! application/postscript
+
+# Acrobat
+# (due to clamen@cs.cmu.edu)
+0 string %PDF- application/pdf
+
+#------------------------------------------------------------------------------
+# sc: file(1) magic for "sc" spreadsheet
+#
+38 string Spreadsheet application/x-sc
+
+#------------------------------------------------------------------------------
+# tex: file(1) magic for TeX files
+#
+# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
+#
+# From <conklin@talisman.kaleida.com>
+
+# Although we may know the offset of certain text fields in TeX DVI
+# and font files, we can't use them reliably because they are not
+# zero terminated. [but we do anyway, christos]
+0 string \367\002 application/x-dvi
+#0 string \367\203 TeX generic font data
+#0 string \367\131 TeX packed font data
+#0 string \367\312 TeX virtual font data
+#0 string This\ is\ TeX, TeX transcript text
+#0 string This\ is\ METAFONT, METAFONT transcript text
+
+# There is no way to detect TeX Font Metric (*.tfm) files without
+# breaking them apart and reading the data. The following patterns
+# match most *.tfm files generated by METAFONT or afm2tfm.
+#2 string \000\021 TeX font metric data
+#2 string \000\022 TeX font metric data
+#>34 string >\0 (%s)
+
+# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
+#0 string \\input\ texinfo Texinfo source text
+#0 string This\ is\ Info\ file GNU Info text
+
+# correct TeX magic for Linux (and maybe more)
+# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+#
+0 leshort 0x02f7 application/x-dvi
+
+# RTF - Rich Text Format
+0 string {\\rtf application/rtf
+
+#------------------------------------------------------------------------------
+# animation: file(1) magic for animation/movie formats
+#
+# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+# MPEG file
+0 string \000\000\001\263 video/mpeg
+#
+# The contributor claims:
+# I couldn't find a real magic number for these, however, this
+# -appears- to work. Note that it might catch other files, too,
+# so BE CAREFUL!
+#
+# Note that title and author appear in the two 20-byte chunks
+# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
+# 255 (hex FF)! DL format SUCKS BIG ROCKS.
+#
+# DL file version 1 , medium format (160x100, 4 images/screen)
+0 byte 1 video/unknown
+0 byte 2 video/unknown
+# Quicktime video, from Linus Walleij <triad@df.lth.se>
+# from Apple quicktime file format documentation.
+4 string moov video/quicktime
+4 string mdat video/quicktime
+
diff --git a/setup/projects/kaas/files/etc/apache2/mime.types b/setup/projects/kaas/files/etc/apache2/mime.types
new file mode 100644
index 0000000..5175242
--- /dev/null
+++ b/setup/projects/kaas/files/etc/apache2/mime.types
@@ -0,0 +1,1588 @@
+# This file maps Internet media types to unique file extension(s).
+# Although created for httpd, this file is used by many software systems
+# and has been placed in the public domain for unlimited redisribution.
+#
+# The table below contains both registered and (common) unregistered types.
+# A type that has no unique extension can be ignored -- they are listed
+# here to guide configurations toward known types and to make it easier to
+# identify "new" types. File extensions are also commonly used to indicate
+# content languages and encodings, so choose them carefully.
+#
+# Internet media types should be registered as described in RFC 4288.
+# The registry is at <http://www.iana.org/assignments/media-types/>.
+#
+# MIME type (lowercased) Extensions
+# ============================================ ==========
+# application/1d-interleaved-parityfec
+# application/3gpp-ims+xml
+# application/activemessage
+application/andrew-inset ez
+# application/applefile
+application/applixware aw
+application/atom+xml atom
+application/atomcat+xml atomcat
+# application/atomicmail
+application/atomsvc+xml atomsvc
+# application/auth-policy+xml
+# application/batch-smtp
+# application/beep+xml
+# application/calendar+xml
+# application/cals-1840
+# application/ccmp+xml
+application/ccxml+xml ccxml
+application/cdmi-capability cdmia
+application/cdmi-container cdmic
+application/cdmi-domain cdmid
+application/cdmi-object cdmio
+application/cdmi-queue cdmiq
+# application/cea-2018+xml
+# application/cellml+xml
+# application/cfw
+# application/cnrp+xml
+# application/commonground
+# application/conference-info+xml
+# application/cpl+xml
+# application/csta+xml
+# application/cstadata+xml
+application/cu-seeme cu
+# application/cybercash
+application/davmount+xml davmount
+# application/dca-rft
+# application/dec-dx
+# application/dialog-info+xml
+# application/dicom
+# application/dns
+application/docbook+xml dbk
+# application/dskpp+xml
+application/dssc+der dssc
+application/dssc+xml xdssc
+# application/dvcs
+application/ecmascript ecma
+# application/edi-consent
+# application/edi-x12
+# application/edifact
+application/emma+xml emma
+# application/epp+xml
+application/epub+zip epub
+# application/eshop
+# application/example
+application/exi exi
+# application/fastinfoset
+# application/fastsoap
+# application/fits
+application/font-tdpfr pfr
+# application/framework-attributes+xml
+application/gml+xml gml
+application/gpx+xml gpx
+application/gxf gxf
+# application/h224
+# application/held+xml
+# application/http
+application/hyperstudio stk
+# application/ibe-key-request+xml
+# application/ibe-pkg-reply+xml
+# application/ibe-pp-data
+# application/iges
+# application/im-iscomposing+xml
+# application/index
+# application/index.cmd
+# application/index.obj
+# application/index.response
+# application/index.vnd
+application/inkml+xml ink inkml
+# application/iotp
+application/ipfix ipfix
+# application/ipp
+# application/isup
+application/java-archive jar
+application/java-serialized-object ser
+application/java-vm class
+application/javascript js
+application/json json
+application/jsonml+json jsonml
+# application/kpml-request+xml
+# application/kpml-response+xml
+application/lost+xml lostxml
+application/mac-binhex40 hqx
+application/mac-compactpro cpt
+# application/macwriteii
+application/mads+xml mads
+application/marc mrc
+application/marcxml+xml mrcx
+application/mathematica ma nb mb
+# application/mathml-content+xml
+# application/mathml-presentation+xml
+application/mathml+xml mathml
+# application/mbms-associated-procedure-description+xml
+# application/mbms-deregister+xml
+# application/mbms-envelope+xml
+# application/mbms-msk+xml
+# application/mbms-msk-response+xml
+# application/mbms-protection-description+xml
+# application/mbms-reception-report+xml
+# application/mbms-register+xml
+# application/mbms-register-response+xml
+# application/mbms-user-service-description+xml
+application/mbox mbox
+# application/media_control+xml
+application/mediaservercontrol+xml mscml
+application/metalink+xml metalink
+application/metalink4+xml meta4
+application/mets+xml mets
+# application/mikey
+application/mods+xml mods
+# application/moss-keys
+# application/moss-signature
+# application/mosskey-data
+# application/mosskey-request
+application/mp21 m21 mp21
+application/mp4 mp4s
+# application/mpeg4-generic
+# application/mpeg4-iod
+# application/mpeg4-iod-xmt
+# application/msc-ivr+xml
+# application/msc-mixer+xml
+application/msword doc dot
+application/mxf mxf
+# application/nasdata
+# application/news-checkgroups
+# application/news-groupinfo
+# application/news-transmission
+# application/nss
+# application/ocsp-request
+# application/ocsp-response
+application/octet-stream bin dms lrf mar so dist distz pkg bpk dump elc deploy
+application/oda oda
+application/oebps-package+xml opf
+application/ogg ogx
+application/omdoc+xml omdoc
+application/onenote onetoc onetoc2 onetmp onepkg
+application/oxps oxps
+# application/parityfec
+application/patch-ops-error+xml xer
+application/pdf pdf
+application/pgp-encrypted pgp
+# application/pgp-keys
+application/pgp-signature asc sig
+application/pics-rules prf
+# application/pidf+xml
+# application/pidf-diff+xml
+application/pkcs10 p10
+application/pkcs7-mime p7m p7c
+application/pkcs7-signature p7s
+application/pkcs8 p8
+application/pkix-attr-cert ac
+application/pkix-cert cer
+application/pkix-crl crl
+application/pkix-pkipath pkipath
+application/pkixcmp pki
+application/pls+xml pls
+# application/poc-settings+xml
+application/postscript ai eps ps
+# application/prs.alvestrand.titrax-sheet
+application/prs.cww cww
+# application/prs.nprend
+# application/prs.plucker
+# application/prs.rdf-xml-crypt
+# application/prs.xsf+xml
+application/pskc+xml pskcxml
+# application/qsig
+application/rdf+xml rdf
+application/reginfo+xml rif
+application/relax-ng-compact-syntax rnc
+# application/remote-printing
+application/resource-lists+xml rl
+application/resource-lists-diff+xml rld
+# application/riscos
+# application/rlmi+xml
+application/rls-services+xml rs
+application/rpki-ghostbusters gbr
+application/rpki-manifest mft
+application/rpki-roa roa
+# application/rpki-updown
+application/rsd+xml rsd
+application/rss+xml rss
+application/rtf rtf
+# application/rtx
+# application/samlassertion+xml
+# application/samlmetadata+xml
+application/sbml+xml sbml
+application/scvp-cv-request scq
+application/scvp-cv-response scs
+application/scvp-vp-request spq
+application/scvp-vp-response spp
+application/sdp sdp
+# application/set-payment
+application/set-payment-initiation setpay
+# application/set-registration
+application/set-registration-initiation setreg
+# application/sgml
+# application/sgml-open-catalog
+application/shf+xml shf
+# application/sieve
+# application/simple-filter+xml
+# application/simple-message-summary
+# application/simplesymbolcontainer
+# application/slate
+# application/smil
+application/smil+xml smi smil
+# application/soap+fastinfoset
+# application/soap+xml
+application/sparql-query rq
+application/sparql-results+xml srx
+# application/spirits-event+xml
+application/srgs gram
+application/srgs+xml grxml
+application/sru+xml sru
+application/ssdl+xml ssdl
+application/ssml+xml ssml
+# application/tamp-apex-update
+# application/tamp-apex-update-confirm
+# application/tamp-community-update
+# application/tamp-community-update-confirm
+# application/tamp-error
+# application/tamp-sequence-adjust
+# application/tamp-sequence-adjust-confirm
+# application/tamp-status-query
+# application/tamp-status-response
+# application/tamp-update
+# application/tamp-update-confirm
+application/tei+xml tei teicorpus
+application/thraud+xml tfi
+# application/timestamp-query
+# application/timestamp-reply
+application/timestamped-data tsd
+# application/tve-trigger
+# application/ulpfec
+# application/vcard+xml
+# application/vemmi
+# application/vividence.scriptfile
+# application/vnd.3gpp.bsf+xml
+application/vnd.3gpp.pic-bw-large plb
+application/vnd.3gpp.pic-bw-small psb
+application/vnd.3gpp.pic-bw-var pvb
+# application/vnd.3gpp.sms
+# application/vnd.3gpp2.bcmcsinfo+xml
+# application/vnd.3gpp2.sms
+application/vnd.3gpp2.tcap tcap
+application/vnd.3m.post-it-notes pwn
+application/vnd.accpac.simply.aso aso
+application/vnd.accpac.simply.imp imp
+application/vnd.acucobol acu
+application/vnd.acucorp atc acutc
+application/vnd.adobe.air-application-installer-package+zip air
+application/vnd.adobe.formscentral.fcdt fcdt
+application/vnd.adobe.fxp fxp fxpl
+# application/vnd.adobe.partial-upload
+application/vnd.adobe.xdp+xml xdp
+application/vnd.adobe.xfdf xfdf
+# application/vnd.aether.imp
+# application/vnd.ah-barcode
+application/vnd.ahead.space ahead
+application/vnd.airzip.filesecure.azf azf
+application/vnd.airzip.filesecure.azs azs
+application/vnd.amazon.ebook azw
+application/vnd.americandynamics.acc acc
+application/vnd.amiga.ami ami
+# application/vnd.amundsen.maze+xml
+application/vnd.android.package-archive apk
+application/vnd.anser-web-certificate-issue-initiation cii
+application/vnd.anser-web-funds-transfer-initiation fti
+application/vnd.antix.game-component atx
+application/vnd.apple.installer+xml mpkg
+application/vnd.apple.mpegurl m3u8
+# application/vnd.arastra.swi
+application/vnd.aristanetworks.swi swi
+application/vnd.astraea-software.iota iota
+application/vnd.audiograph aep
+# application/vnd.autopackage
+# application/vnd.avistar+xml
+application/vnd.blueice.multipass mpm
+# application/vnd.bluetooth.ep.oob
+application/vnd.bmi bmi
+application/vnd.businessobjects rep
+# application/vnd.cab-jscript
+# application/vnd.canon-cpdl
+# application/vnd.canon-lips
+# application/vnd.cendio.thinlinc.clientconf
+application/vnd.chemdraw+xml cdxml
+application/vnd.chipnuts.karaoke-mmd mmd
+application/vnd.cinderella cdy
+# application/vnd.cirpack.isdn-ext
+application/vnd.claymore cla
+application/vnd.cloanto.rp9 rp9
+application/vnd.clonk.c4group c4g c4d c4f c4p c4u
+application/vnd.cluetrust.cartomobile-config c11amc
+application/vnd.cluetrust.cartomobile-config-pkg c11amz
+# application/vnd.collection+json
+# application/vnd.commerce-battelle
+application/vnd.commonspace csp
+application/vnd.contact.cmsg cdbcmsg
+application/vnd.cosmocaller cmc
+application/vnd.crick.clicker clkx
+application/vnd.crick.clicker.keyboard clkk
+application/vnd.crick.clicker.palette clkp
+application/vnd.crick.clicker.template clkt
+application/vnd.crick.clicker.wordbank clkw
+application/vnd.criticaltools.wbs+xml wbs
+application/vnd.ctc-posml pml
+# application/vnd.ctct.ws+xml
+# application/vnd.cups-pdf
+# application/vnd.cups-postscript
+application/vnd.cups-ppd ppd
+# application/vnd.cups-raster
+# application/vnd.cups-raw
+# application/vnd.curl
+application/vnd.curl.car car
+application/vnd.curl.pcurl pcurl
+# application/vnd.cybank
+application/vnd.dart dart
+application/vnd.data-vision.rdz rdz
+application/vnd.dece.data uvf uvvf uvd uvvd
+application/vnd.dece.ttml+xml uvt uvvt
+application/vnd.dece.unspecified uvx uvvx
+application/vnd.dece.zip uvz uvvz
+application/vnd.denovo.fcselayout-link fe_launch
+# application/vnd.dir-bi.plate-dl-nosuffix
+application/vnd.dna dna
+application/vnd.dolby.mlp mlp
+# application/vnd.dolby.mobile.1
+# application/vnd.dolby.mobile.2
+application/vnd.dpgraph dpg
+application/vnd.dreamfactory dfac
+application/vnd.ds-keypoint kpxx
+application/vnd.dvb.ait ait
+# application/vnd.dvb.dvbj
+# application/vnd.dvb.esgcontainer
+# application/vnd.dvb.ipdcdftnotifaccess
+# application/vnd.dvb.ipdcesgaccess
+# application/vnd.dvb.ipdcesgaccess2
+# application/vnd.dvb.ipdcesgpdd
+# application/vnd.dvb.ipdcroaming
+# application/vnd.dvb.iptv.alfec-base
+# application/vnd.dvb.iptv.alfec-enhancement
+# application/vnd.dvb.notif-aggregate-root+xml
+# application/vnd.dvb.notif-container+xml
+# application/vnd.dvb.notif-generic+xml
+# application/vnd.dvb.notif-ia-msglist+xml
+# application/vnd.dvb.notif-ia-registration-request+xml
+# application/vnd.dvb.notif-ia-registration-response+xml
+# application/vnd.dvb.notif-init+xml
+# application/vnd.dvb.pfr
+application/vnd.dvb.service svc
+# application/vnd.dxr
+application/vnd.dynageo geo
+# application/vnd.easykaraoke.cdgdownload
+# application/vnd.ecdis-update
+application/vnd.ecowin.chart mag
+# application/vnd.ecowin.filerequest
+# application/vnd.ecowin.fileupdate
+# application/vnd.ecowin.series
+# application/vnd.ecowin.seriesrequest
+# application/vnd.ecowin.seriesupdate
+# application/vnd.emclient.accessrequest+xml
+application/vnd.enliven nml
+# application/vnd.eprints.data+xml
+application/vnd.epson.esf esf
+application/vnd.epson.msf msf
+application/vnd.epson.quickanime qam
+application/vnd.epson.salt slt
+application/vnd.epson.ssf ssf
+# application/vnd.ericsson.quickcall
+application/vnd.eszigno3+xml es3 et3
+# application/vnd.etsi.aoc+xml
+# application/vnd.etsi.cug+xml
+# application/vnd.etsi.iptvcommand+xml
+# application/vnd.etsi.iptvdiscovery+xml
+# application/vnd.etsi.iptvprofile+xml
+# application/vnd.etsi.iptvsad-bc+xml
+# application/vnd.etsi.iptvsad-cod+xml
+# application/vnd.etsi.iptvsad-npvr+xml
+# application/vnd.etsi.iptvservice+xml
+# application/vnd.etsi.iptvsync+xml
+# application/vnd.etsi.iptvueprofile+xml
+# application/vnd.etsi.mcid+xml
+# application/vnd.etsi.overload-control-policy-dataset+xml
+# application/vnd.etsi.sci+xml
+# application/vnd.etsi.simservs+xml
+# application/vnd.etsi.tsl+xml
+# application/vnd.etsi.tsl.der
+# application/vnd.eudora.data
+application/vnd.ezpix-album ez2
+application/vnd.ezpix-package ez3
+# application/vnd.f-secure.mobile
+application/vnd.fdf fdf
+application/vnd.fdsn.mseed mseed
+application/vnd.fdsn.seed seed dataless
+# application/vnd.ffsns
+# application/vnd.fints
+application/vnd.flographit gph
+application/vnd.fluxtime.clip ftc
+# application/vnd.font-fontforge-sfd
+application/vnd.framemaker fm frame maker book
+application/vnd.frogans.fnc fnc
+application/vnd.frogans.ltf ltf
+application/vnd.fsc.weblaunch fsc
+application/vnd.fujitsu.oasys oas
+application/vnd.fujitsu.oasys2 oa2
+application/vnd.fujitsu.oasys3 oa3
+application/vnd.fujitsu.oasysgp fg5
+application/vnd.fujitsu.oasysprs bh2
+# application/vnd.fujixerox.art-ex
+# application/vnd.fujixerox.art4
+# application/vnd.fujixerox.hbpl
+application/vnd.fujixerox.ddd ddd
+application/vnd.fujixerox.docuworks xdw
+application/vnd.fujixerox.docuworks.binder xbd
+# application/vnd.fut-misnet
+application/vnd.fuzzysheet fzs
+application/vnd.genomatix.tuxedo txd
+# application/vnd.geocube+xml
+application/vnd.geogebra.file ggb
+application/vnd.geogebra.tool ggt
+application/vnd.geometry-explorer gex gre
+application/vnd.geonext gxt
+application/vnd.geoplan g2w
+application/vnd.geospace g3w
+# application/vnd.globalplatform.card-content-mgt
+# application/vnd.globalplatform.card-content-mgt-response
+application/vnd.gmx gmx
+application/vnd.google-earth.kml+xml kml
+application/vnd.google-earth.kmz kmz
+application/vnd.grafeq gqf gqs
+# application/vnd.gridmp
+application/vnd.groove-account gac
+application/vnd.groove-help ghf
+application/vnd.groove-identity-message gim
+application/vnd.groove-injector grv
+application/vnd.groove-tool-message gtm
+application/vnd.groove-tool-template tpl
+application/vnd.groove-vcard vcg
+# application/vnd.hal+json
+application/vnd.hal+xml hal
+application/vnd.handheld-entertainment+xml zmm
+application/vnd.hbci hbci
+# application/vnd.hcl-bireports
+application/vnd.hhe.lesson-player les
+application/vnd.hp-hpgl hpgl
+application/vnd.hp-hpid hpid
+application/vnd.hp-hps hps
+application/vnd.hp-jlyt jlt
+application/vnd.hp-pcl pcl
+application/vnd.hp-pclxl pclxl
+# application/vnd.httphone
+application/vnd.hydrostatix.sof-data sfd-hdstx
+# application/vnd.hzn-3d-crossword
+# application/vnd.ibm.afplinedata
+# application/vnd.ibm.electronic-media
+application/vnd.ibm.minipay mpy
+application/vnd.ibm.modcap afp listafp list3820
+application/vnd.ibm.rights-management irm
+application/vnd.ibm.secure-container sc
+application/vnd.iccprofile icc icm
+application/vnd.igloader igl
+application/vnd.immervision-ivp ivp
+application/vnd.immervision-ivu ivu
+# application/vnd.informedcontrol.rms+xml
+# application/vnd.informix-visionary
+# application/vnd.infotech.project
+# application/vnd.infotech.project+xml
+# application/vnd.innopath.wamp.notification
+application/vnd.insors.igm igm
+application/vnd.intercon.formnet xpw xpx
+application/vnd.intergeo i2g
+# application/vnd.intertrust.digibox
+# application/vnd.intertrust.nncp
+application/vnd.intu.qbo qbo
+application/vnd.intu.qfx qfx
+# application/vnd.iptc.g2.conceptitem+xml
+# application/vnd.iptc.g2.knowledgeitem+xml
+# application/vnd.iptc.g2.newsitem+xml
+# application/vnd.iptc.g2.newsmessage+xml
+# application/vnd.iptc.g2.packageitem+xml
+# application/vnd.iptc.g2.planningitem+xml
+application/vnd.ipunplugged.rcprofile rcprofile
+application/vnd.irepository.package+xml irp
+application/vnd.is-xpr xpr
+application/vnd.isac.fcs fcs
+application/vnd.jam jam
+# application/vnd.japannet-directory-service
+# application/vnd.japannet-jpnstore-wakeup
+# application/vnd.japannet-payment-wakeup
+# application/vnd.japannet-registration
+# application/vnd.japannet-registration-wakeup
+# application/vnd.japannet-setstore-wakeup
+# application/vnd.japannet-verification
+# application/vnd.japannet-verification-wakeup
+application/vnd.jcp.javame.midlet-rms rms
+application/vnd.jisp jisp
+application/vnd.joost.joda-archive joda
+application/vnd.kahootz ktz ktr
+application/vnd.kde.karbon karbon
+application/vnd.kde.kchart chrt
+application/vnd.kde.kformula kfo
+application/vnd.kde.kivio flw
+application/vnd.kde.kontour kon
+application/vnd.kde.kpresenter kpr kpt
+application/vnd.kde.kspread ksp
+application/vnd.kde.kword kwd kwt
+application/vnd.kenameaapp htke
+application/vnd.kidspiration kia
+application/vnd.kinar kne knp
+application/vnd.koan skp skd skt skm
+application/vnd.kodak-descriptor sse
+application/vnd.las.las+xml lasxml
+# application/vnd.liberty-request+xml
+application/vnd.llamagraphics.life-balance.desktop lbd
+application/vnd.llamagraphics.life-balance.exchange+xml lbe
+application/vnd.lotus-1-2-3 123
+application/vnd.lotus-approach apr
+application/vnd.lotus-freelance pre
+application/vnd.lotus-notes nsf
+application/vnd.lotus-organizer org
+application/vnd.lotus-screencam scm
+application/vnd.lotus-wordpro lwp
+application/vnd.macports.portpkg portpkg
+# application/vnd.marlin.drm.actiontoken+xml
+# application/vnd.marlin.drm.conftoken+xml
+# application/vnd.marlin.drm.license+xml
+# application/vnd.marlin.drm.mdcf
+application/vnd.mcd mcd
+application/vnd.medcalcdata mc1
+application/vnd.mediastation.cdkey cdkey
+# application/vnd.meridian-slingshot
+application/vnd.mfer mwf
+application/vnd.mfmp mfm
+application/vnd.micrografx.flo flo
+application/vnd.micrografx.igx igx
+application/vnd.mif mif
+# application/vnd.minisoft-hp3000-save
+# application/vnd.mitsubishi.misty-guard.trustweb
+application/vnd.mobius.daf daf
+application/vnd.mobius.dis dis
+application/vnd.mobius.mbk mbk
+application/vnd.mobius.mqy mqy
+application/vnd.mobius.msl msl
+application/vnd.mobius.plc plc
+application/vnd.mobius.txf txf
+application/vnd.mophun.application mpn
+application/vnd.mophun.certificate mpc
+# application/vnd.motorola.flexsuite
+# application/vnd.motorola.flexsuite.adsi
+# application/vnd.motorola.flexsuite.fis
+# application/vnd.motorola.flexsuite.gotap
+# application/vnd.motorola.flexsuite.kmr
+# application/vnd.motorola.flexsuite.ttc
+# application/vnd.motorola.flexsuite.wem
+# application/vnd.motorola.iprm
+application/vnd.mozilla.xul+xml xul
+application/vnd.ms-artgalry cil
+# application/vnd.ms-asf
+application/vnd.ms-cab-compressed cab
+# application/vnd.ms-color.iccprofile
+application/vnd.ms-excel xls xlm xla xlc xlt xlw
+application/vnd.ms-excel.addin.macroenabled.12 xlam
+application/vnd.ms-excel.sheet.binary.macroenabled.12 xlsb
+application/vnd.ms-excel.sheet.macroenabled.12 xlsm
+application/vnd.ms-excel.template.macroenabled.12 xltm
+application/vnd.ms-fontobject eot
+application/vnd.ms-htmlhelp chm
+application/vnd.ms-ims ims
+application/vnd.ms-lrm lrm
+# application/vnd.ms-office.activex+xml
+application/vnd.ms-officetheme thmx
+# application/vnd.ms-opentype
+# application/vnd.ms-package.obfuscated-opentype
+application/vnd.ms-pki.seccat cat
+application/vnd.ms-pki.stl stl
+# application/vnd.ms-playready.initiator+xml
+application/vnd.ms-powerpoint ppt pps pot
+application/vnd.ms-powerpoint.addin.macroenabled.12 ppam
+application/vnd.ms-powerpoint.presentation.macroenabled.12 pptm
+application/vnd.ms-powerpoint.slide.macroenabled.12 sldm
+application/vnd.ms-powerpoint.slideshow.macroenabled.12 ppsm
+application/vnd.ms-powerpoint.template.macroenabled.12 potm
+# application/vnd.ms-printing.printticket+xml
+application/vnd.ms-project mpp mpt
+# application/vnd.ms-tnef
+# application/vnd.ms-wmdrm.lic-chlg-req
+# application/vnd.ms-wmdrm.lic-resp
+# application/vnd.ms-wmdrm.meter-chlg-req
+# application/vnd.ms-wmdrm.meter-resp
+application/vnd.ms-word.document.macroenabled.12 docm
+application/vnd.ms-word.template.macroenabled.12 dotm
+application/vnd.ms-works wps wks wcm wdb
+application/vnd.ms-wpl wpl
+application/vnd.ms-xpsdocument xps
+application/vnd.mseq mseq
+# application/vnd.msign
+# application/vnd.multiad.creator
+# application/vnd.multiad.creator.cif
+# application/vnd.music-niff
+application/vnd.musician mus
+application/vnd.muvee.style msty
+application/vnd.mynfc taglet
+# application/vnd.ncd.control
+# application/vnd.ncd.reference
+# application/vnd.nervana
+# application/vnd.netfpx
+application/vnd.neurolanguage.nlu nlu
+application/vnd.nitf ntf nitf
+application/vnd.noblenet-directory nnd
+application/vnd.noblenet-sealer nns
+application/vnd.noblenet-web nnw
+# application/vnd.nokia.catalogs
+# application/vnd.nokia.conml+wbxml
+# application/vnd.nokia.conml+xml
+# application/vnd.nokia.isds-radio-presets
+# application/vnd.nokia.iptv.config+xml
+# application/vnd.nokia.landmark+wbxml
+# application/vnd.nokia.landmark+xml
+# application/vnd.nokia.landmarkcollection+xml
+# application/vnd.nokia.n-gage.ac+xml
+application/vnd.nokia.n-gage.data ngdat
+application/vnd.nokia.n-gage.symbian.install n-gage
+# application/vnd.nokia.ncd
+# application/vnd.nokia.pcd+wbxml
+# application/vnd.nokia.pcd+xml
+application/vnd.nokia.radio-preset rpst
+application/vnd.nokia.radio-presets rpss
+application/vnd.novadigm.edm edm
+application/vnd.novadigm.edx edx
+application/vnd.novadigm.ext ext
+# application/vnd.ntt-local.file-transfer
+# application/vnd.ntt-local.sip-ta_remote
+# application/vnd.ntt-local.sip-ta_tcp_stream
+application/vnd.oasis.opendocument.chart odc
+application/vnd.oasis.opendocument.chart-template otc
+application/vnd.oasis.opendocument.database odb
+application/vnd.oasis.opendocument.formula odf
+application/vnd.oasis.opendocument.formula-template odft
+application/vnd.oasis.opendocument.graphics odg
+application/vnd.oasis.opendocument.graphics-template otg
+application/vnd.oasis.opendocument.image odi
+application/vnd.oasis.opendocument.image-template oti
+application/vnd.oasis.opendocument.presentation odp
+application/vnd.oasis.opendocument.presentation-template otp
+application/vnd.oasis.opendocument.spreadsheet ods
+application/vnd.oasis.opendocument.spreadsheet-template ots
+application/vnd.oasis.opendocument.text odt
+application/vnd.oasis.opendocument.text-master odm
+application/vnd.oasis.opendocument.text-template ott
+application/vnd.oasis.opendocument.text-web oth
+# application/vnd.obn
+# application/vnd.oftn.l10n+json
+# application/vnd.oipf.contentaccessdownload+xml
+# application/vnd.oipf.contentaccessstreaming+xml
+# application/vnd.oipf.cspg-hexbinary
+# application/vnd.oipf.dae.svg+xml
+# application/vnd.oipf.dae.xhtml+xml
+# application/vnd.oipf.mippvcontrolmessage+xml
+# application/vnd.oipf.pae.gem
+# application/vnd.oipf.spdiscovery+xml
+# application/vnd.oipf.spdlist+xml
+# application/vnd.oipf.ueprofile+xml
+# application/vnd.oipf.userprofile+xml
+application/vnd.olpc-sugar xo
+# application/vnd.oma-scws-config
+# application/vnd.oma-scws-http-request
+# application/vnd.oma-scws-http-response
+# application/vnd.oma.bcast.associated-procedure-parameter+xml
+# application/vnd.oma.bcast.drm-trigger+xml
+# application/vnd.oma.bcast.imd+xml
+# application/vnd.oma.bcast.ltkm
+# application/vnd.oma.bcast.notification+xml
+# application/vnd.oma.bcast.provisioningtrigger
+# application/vnd.oma.bcast.sgboot
+# application/vnd.oma.bcast.sgdd+xml
+# application/vnd.oma.bcast.sgdu
+# application/vnd.oma.bcast.simple-symbol-container
+# application/vnd.oma.bcast.smartcard-trigger+xml
+# application/vnd.oma.bcast.sprov+xml
+# application/vnd.oma.bcast.stkm
+# application/vnd.oma.cab-address-book+xml
+# application/vnd.oma.cab-feature-handler+xml
+# application/vnd.oma.cab-pcc+xml
+# application/vnd.oma.cab-user-prefs+xml
+# application/vnd.oma.dcd
+# application/vnd.oma.dcdc
+application/vnd.oma.dd2+xml dd2
+# application/vnd.oma.drm.risd+xml
+# application/vnd.oma.group-usage-list+xml
+# application/vnd.oma.pal+xml
+# application/vnd.oma.poc.detailed-progress-report+xml
+# application/vnd.oma.poc.final-report+xml
+# application/vnd.oma.poc.groups+xml
+# application/vnd.oma.poc.invocation-descriptor+xml
+# application/vnd.oma.poc.optimized-progress-report+xml
+# application/vnd.oma.push
+# application/vnd.oma.scidm.messages+xml
+# application/vnd.oma.xcap-directory+xml
+# application/vnd.omads-email+xml
+# application/vnd.omads-file+xml
+# application/vnd.omads-folder+xml
+# application/vnd.omaloc-supl-init
+application/vnd.openofficeorg.extension oxt
+# application/vnd.openxmlformats-officedocument.custom-properties+xml
+# application/vnd.openxmlformats-officedocument.customxmlproperties+xml
+# application/vnd.openxmlformats-officedocument.drawing+xml
+# application/vnd.openxmlformats-officedocument.drawingml.chart+xml
+# application/vnd.openxmlformats-officedocument.drawingml.chartshapes+xml
+# application/vnd.openxmlformats-officedocument.drawingml.diagramcolors+xml
+# application/vnd.openxmlformats-officedocument.drawingml.diagramdata+xml
+# application/vnd.openxmlformats-officedocument.drawingml.diagramlayout+xml
+# application/vnd.openxmlformats-officedocument.drawingml.diagramstyle+xml
+# application/vnd.openxmlformats-officedocument.extended-properties+xml
+# application/vnd.openxmlformats-officedocument.presentationml.commentauthors+xml
+# application/vnd.openxmlformats-officedocument.presentationml.comments+xml
+# application/vnd.openxmlformats-officedocument.presentationml.handoutmaster+xml
+# application/vnd.openxmlformats-officedocument.presentationml.notesmaster+xml
+# application/vnd.openxmlformats-officedocument.presentationml.notesslide+xml
+application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
+# application/vnd.openxmlformats-officedocument.presentationml.presentation.main+xml
+# application/vnd.openxmlformats-officedocument.presentationml.presprops+xml
+application/vnd.openxmlformats-officedocument.presentationml.slide sldx
+# application/vnd.openxmlformats-officedocument.presentationml.slide+xml
+# application/vnd.openxmlformats-officedocument.presentationml.slidelayout+xml
+# application/vnd.openxmlformats-officedocument.presentationml.slidemaster+xml
+application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
+# application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml
+# application/vnd.openxmlformats-officedocument.presentationml.slideupdateinfo+xml
+# application/vnd.openxmlformats-officedocument.presentationml.tablestyles+xml
+# application/vnd.openxmlformats-officedocument.presentationml.tags+xml
+application/vnd.openxmlformats-officedocument.presentationml.template potx
+# application/vnd.openxmlformats-officedocument.presentationml.template.main+xml
+# application/vnd.openxmlformats-officedocument.presentationml.viewprops+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.calcchain+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.chartsheet+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.comments+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.connections+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.dialogsheet+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.externallink+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcachedefinition+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcacherecords+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.pivottable+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.querytable+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionheaders+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionlog+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.sharedstrings+xml
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
+# application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.main+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.sheetmetadata+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.styles+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.table+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.tablesinglecells+xml
+application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
+# application/vnd.openxmlformats-officedocument.spreadsheetml.template.main+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.usernames+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.volatiledependencies+xml
+# application/vnd.openxmlformats-officedocument.spreadsheetml.worksheet+xml
+# application/vnd.openxmlformats-officedocument.theme+xml
+# application/vnd.openxmlformats-officedocument.themeoverride+xml
+# application/vnd.openxmlformats-officedocument.vmldrawing
+# application/vnd.openxmlformats-officedocument.wordprocessingml.comments+xml
+application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
+# application/vnd.openxmlformats-officedocument.wordprocessingml.document.glossary+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.fonttable+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.footer+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml
+application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
+# application/vnd.openxmlformats-officedocument.wordprocessingml.template.main+xml
+# application/vnd.openxmlformats-officedocument.wordprocessingml.websettings+xml
+# application/vnd.openxmlformats-package.core-properties+xml
+# application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml
+# application/vnd.openxmlformats-package.relationships+xml
+# application/vnd.quobject-quoxdocument
+# application/vnd.osa.netdeploy
+application/vnd.osgeo.mapguide.package mgp
+# application/vnd.osgi.bundle
+application/vnd.osgi.dp dp
+application/vnd.osgi.subsystem esa
+# application/vnd.otps.ct-kip+xml
+application/vnd.palm pdb pqa oprc
+# application/vnd.paos.xml
+application/vnd.pawaafile paw
+application/vnd.pg.format str
+application/vnd.pg.osasli ei6
+# application/vnd.piaccess.application-licence
+application/vnd.picsel efif
+application/vnd.pmi.widget wg
+# application/vnd.poc.group-advertisement+xml
+application/vnd.pocketlearn plf
+application/vnd.powerbuilder6 pbd
+# application/vnd.powerbuilder6-s
+# application/vnd.powerbuilder7
+# application/vnd.powerbuilder7-s
+# application/vnd.powerbuilder75
+# application/vnd.powerbuilder75-s
+# application/vnd.preminet
+application/vnd.previewsystems.box box
+application/vnd.proteus.magazine mgz
+application/vnd.publishare-delta-tree qps
+application/vnd.pvi.ptid1 ptid
+# application/vnd.pwg-multiplexed
+# application/vnd.pwg-xhtml-print+xml
+# application/vnd.qualcomm.brew-app-res
+application/vnd.quark.quarkxpress qxd qxt qwd qwt qxl qxb
+# application/vnd.radisys.moml+xml
+# application/vnd.radisys.msml+xml
+# application/vnd.radisys.msml-audit+xml
+# application/vnd.radisys.msml-audit-conf+xml
+# application/vnd.radisys.msml-audit-conn+xml
+# application/vnd.radisys.msml-audit-dialog+xml
+# application/vnd.radisys.msml-audit-stream+xml
+# application/vnd.radisys.msml-conf+xml
+# application/vnd.radisys.msml-dialog+xml
+# application/vnd.radisys.msml-dialog-base+xml
+# application/vnd.radisys.msml-dialog-fax-detect+xml
+# application/vnd.radisys.msml-dialog-fax-sendrecv+xml
+# application/vnd.radisys.msml-dialog-group+xml
+# application/vnd.radisys.msml-dialog-speech+xml
+# application/vnd.radisys.msml-dialog-transform+xml
+# application/vnd.rainstor.data
+# application/vnd.rapid
+application/vnd.realvnc.bed bed
+application/vnd.recordare.musicxml mxl
+application/vnd.recordare.musicxml+xml musicxml
+# application/vnd.renlearn.rlprint
+application/vnd.rig.cryptonote cryptonote
+application/vnd.rim.cod cod
+application/vnd.rn-realmedia rm
+application/vnd.rn-realmedia-vbr rmvb
+application/vnd.route66.link66+xml link66
+# application/vnd.rs-274x
+# application/vnd.ruckus.download
+# application/vnd.s3sms
+application/vnd.sailingtracker.track st
+# application/vnd.sbm.cid
+# application/vnd.sbm.mid2
+# application/vnd.scribus
+# application/vnd.sealed.3df
+# application/vnd.sealed.csf
+# application/vnd.sealed.doc
+# application/vnd.sealed.eml
+# application/vnd.sealed.mht
+# application/vnd.sealed.net
+# application/vnd.sealed.ppt
+# application/vnd.sealed.tiff
+# application/vnd.sealed.xls
+# application/vnd.sealedmedia.softseal.html
+# application/vnd.sealedmedia.softseal.pdf
+application/vnd.seemail see
+application/vnd.sema sema
+application/vnd.semd semd
+application/vnd.semf semf
+application/vnd.shana.informed.formdata ifm
+application/vnd.shana.informed.formtemplate itp
+application/vnd.shana.informed.interchange iif
+application/vnd.shana.informed.package ipk
+application/vnd.simtech-mindmapper twd twds
+application/vnd.smaf mmf
+# application/vnd.smart.notebook
+application/vnd.smart.teacher teacher
+# application/vnd.software602.filler.form+xml
+# application/vnd.software602.filler.form-xml-zip
+application/vnd.solent.sdkm+xml sdkm sdkd
+application/vnd.spotfire.dxp dxp
+application/vnd.spotfire.sfs sfs
+# application/vnd.sss-cod
+# application/vnd.sss-dtf
+# application/vnd.sss-ntf
+application/vnd.stardivision.calc sdc
+application/vnd.stardivision.draw sda
+application/vnd.stardivision.impress sdd
+application/vnd.stardivision.math smf
+application/vnd.stardivision.writer sdw vor
+application/vnd.stardivision.writer-global sgl
+application/vnd.stepmania.package smzip
+application/vnd.stepmania.stepchart sm
+# application/vnd.street-stream
+application/vnd.sun.xml.calc sxc
+application/vnd.sun.xml.calc.template stc
+application/vnd.sun.xml.draw sxd
+application/vnd.sun.xml.draw.template std
+application/vnd.sun.xml.impress sxi
+application/vnd.sun.xml.impress.template sti
+application/vnd.sun.xml.math sxm
+application/vnd.sun.xml.writer sxw
+application/vnd.sun.xml.writer.global sxg
+application/vnd.sun.xml.writer.template stw
+# application/vnd.sun.wadl+xml
+application/vnd.sus-calendar sus susp
+application/vnd.svd svd
+# application/vnd.swiftview-ics
+application/vnd.symbian.install sis sisx
+application/vnd.syncml+xml xsm
+application/vnd.syncml.dm+wbxml bdm
+application/vnd.syncml.dm+xml xdm
+# application/vnd.syncml.dm.notification
+# application/vnd.syncml.ds.notification
+application/vnd.tao.intent-module-archive tao
+application/vnd.tcpdump.pcap pcap cap dmp
+application/vnd.tmobile-livetv tmo
+application/vnd.trid.tpt tpt
+application/vnd.triscape.mxs mxs
+application/vnd.trueapp tra
+# application/vnd.truedoc
+# application/vnd.ubisoft.webplayer
+application/vnd.ufdl ufd ufdl
+application/vnd.uiq.theme utz
+application/vnd.umajin umj
+application/vnd.unity unityweb
+application/vnd.uoml+xml uoml
+# application/vnd.uplanet.alert
+# application/vnd.uplanet.alert-wbxml
+# application/vnd.uplanet.bearer-choice
+# application/vnd.uplanet.bearer-choice-wbxml
+# application/vnd.uplanet.cacheop
+# application/vnd.uplanet.cacheop-wbxml
+# application/vnd.uplanet.channel
+# application/vnd.uplanet.channel-wbxml
+# application/vnd.uplanet.list
+# application/vnd.uplanet.list-wbxml
+# application/vnd.uplanet.listcmd
+# application/vnd.uplanet.listcmd-wbxml
+# application/vnd.uplanet.signal
+application/vnd.vcx vcx
+# application/vnd.vd-study
+# application/vnd.vectorworks
+# application/vnd.verimatrix.vcas
+# application/vnd.vidsoft.vidconference
+application/vnd.visio vsd vst vss vsw
+application/vnd.visionary vis
+# application/vnd.vividence.scriptfile
+application/vnd.vsf vsf
+# application/vnd.wap.sic
+# application/vnd.wap.slc
+application/vnd.wap.wbxml wbxml
+application/vnd.wap.wmlc wmlc
+application/vnd.wap.wmlscriptc wmlsc
+application/vnd.webturbo wtb
+# application/vnd.wfa.wsc
+# application/vnd.wmc
+# application/vnd.wmf.bootstrap
+# application/vnd.wolfram.mathematica
+# application/vnd.wolfram.mathematica.package
+application/vnd.wolfram.player nbp
+application/vnd.wordperfect wpd
+application/vnd.wqd wqd
+# application/vnd.wrq-hp3000-labelled
+application/vnd.wt.stf stf
+# application/vnd.wv.csp+wbxml
+# application/vnd.wv.csp+xml
+# application/vnd.wv.ssp+xml
+application/vnd.xara xar
+application/vnd.xfdl xfdl
+# application/vnd.xfdl.webform
+# application/vnd.xmi+xml
+# application/vnd.xmpie.cpkg
+# application/vnd.xmpie.dpkg
+# application/vnd.xmpie.plan
+# application/vnd.xmpie.ppkg
+# application/vnd.xmpie.xlim
+application/vnd.yamaha.hv-dic hvd
+application/vnd.yamaha.hv-script hvs
+application/vnd.yamaha.hv-voice hvp
+application/vnd.yamaha.openscoreformat osf
+application/vnd.yamaha.openscoreformat.osfpvg+xml osfpvg
+# application/vnd.yamaha.remote-setup
+application/vnd.yamaha.smaf-audio saf
+application/vnd.yamaha.smaf-phrase spf
+# application/vnd.yamaha.through-ngn
+# application/vnd.yamaha.tunnel-udpencap
+application/vnd.yellowriver-custom-menu cmp
+application/vnd.zul zir zirz
+application/vnd.zzazz.deck+xml zaz
+application/voicexml+xml vxml
+# application/vq-rtcpxr
+# application/watcherinfo+xml
+# application/whoispp-query
+# application/whoispp-response
+application/widget wgt
+application/winhlp hlp
+# application/wita
+# application/wordperfect5.1
+application/wsdl+xml wsdl
+application/wspolicy+xml wspolicy
+application/x-7z-compressed 7z
+application/x-abiword abw
+application/x-ace-compressed ace
+# application/x-amf
+application/x-apple-diskimage dmg
+application/x-authorware-bin aab x32 u32 vox
+application/x-authorware-map aam
+application/x-authorware-seg aas
+application/x-bcpio bcpio
+application/x-bittorrent torrent
+application/x-blorb blb blorb
+application/x-bzip bz
+application/x-bzip2 bz2 boz
+application/x-cbr cbr cba cbt cbz cb7
+application/x-cdlink vcd
+application/x-cfs-compressed cfs
+application/x-chat chat
+application/x-chess-pgn pgn
+application/x-conference nsc
+# application/x-compress
+application/x-cpio cpio
+application/x-csh csh
+application/x-debian-package deb udeb
+application/x-dgc-compressed dgc
+application/x-director dir dcr dxr cst cct cxt w3d fgd swa
+application/x-doom wad
+application/x-dtbncx+xml ncx
+application/x-dtbook+xml dtb
+application/x-dtbresource+xml res
+application/x-dvi dvi
+application/x-envoy evy
+application/x-eva eva
+application/x-font-bdf bdf
+# application/x-font-dos
+# application/x-font-framemaker
+application/x-font-ghostscript gsf
+# application/x-font-libgrx
+application/x-font-linux-psf psf
+application/x-font-otf otf
+application/x-font-pcf pcf
+application/x-font-snf snf
+# application/x-font-speedo
+# application/x-font-sunos-news
+application/x-font-ttf ttf ttc
+application/x-font-type1 pfa pfb pfm afm
+application/x-font-woff woff
+# application/x-font-vfont
+application/x-freearc arc
+application/x-futuresplash spl
+application/x-gca-compressed gca
+application/x-glulx ulx
+application/x-gnumeric gnumeric
+application/x-gramps-xml gramps
+application/x-gtar gtar
+# application/x-gzip
+application/x-hdf hdf
+application/x-install-instructions install
+application/x-iso9660-image iso
+application/x-java-jnlp-file jnlp
+application/x-latex latex
+application/x-lzh-compressed lzh lha
+application/x-mie mie
+application/x-mobipocket-ebook prc mobi
+application/x-ms-application application
+application/x-ms-shortcut lnk
+application/x-ms-wmd wmd
+application/x-ms-wmz wmz
+application/x-ms-xbap xbap
+application/x-msaccess mdb
+application/x-msbinder obd
+application/x-mscardfile crd
+application/x-msclip clp
+application/x-msdownload exe dll com bat msi
+application/x-msmediaview mvb m13 m14
+application/x-msmetafile wmf wmz emf emz
+application/x-msmoney mny
+application/x-mspublisher pub
+application/x-msschedule scd
+application/x-msterminal trm
+application/x-mswrite wri
+application/x-netcdf nc cdf
+application/x-nzb nzb
+application/x-pkcs12 p12 pfx
+application/x-pkcs7-certificates p7b spc
+application/x-pkcs7-certreqresp p7r
+application/x-rar-compressed rar
+application/x-research-info-systems ris
+application/x-sh sh
+application/x-shar shar
+application/x-shockwave-flash swf
+application/x-silverlight-app xap
+application/x-sql sql
+application/x-stuffit sit
+application/x-stuffitx sitx
+application/x-subrip srt
+application/x-sv4cpio sv4cpio
+application/x-sv4crc sv4crc
+application/x-t3vm-image t3
+application/x-tads gam
+application/x-tar tar
+application/x-tcl tcl
+application/x-tex tex
+application/x-tex-tfm tfm
+application/x-texinfo texinfo texi
+application/x-tgif obj
+application/x-ustar ustar
+application/x-wais-source src
+application/x-x509-ca-cert der crt
+application/x-xfig fig
+application/x-xliff+xml xlf
+application/x-xpinstall xpi
+application/x-xz xz
+application/x-zmachine z1 z2 z3 z4 z5 z6 z7 z8
+# application/x400-bp
+application/xaml+xml xaml
+# application/xcap-att+xml
+# application/xcap-caps+xml
+application/xcap-diff+xml xdf
+# application/xcap-el+xml
+# application/xcap-error+xml
+# application/xcap-ns+xml
+# application/xcon-conference-info-diff+xml
+# application/xcon-conference-info+xml
+application/xenc+xml xenc
+application/xhtml+xml xhtml xht
+# application/xhtml-voice+xml
+application/xml xml xsl
+application/xml-dtd dtd
+# application/xml-external-parsed-entity
+# application/xmpp+xml
+application/xop+xml xop
+application/xproc+xml xpl
+application/xslt+xml xslt
+application/xspf+xml xspf
+application/xv+xml mxml xhvml xvml xvm
+application/yang yang
+application/yin+xml yin
+application/zip zip
+# audio/1d-interleaved-parityfec
+# audio/32kadpcm
+# audio/3gpp
+# audio/3gpp2
+# audio/ac3
+audio/adpcm adp
+# audio/amr
+# audio/amr-wb
+# audio/amr-wb+
+# audio/asc
+# audio/atrac-advanced-lossless
+# audio/atrac-x
+# audio/atrac3
+audio/basic au snd
+# audio/bv16
+# audio/bv32
+# audio/clearmode
+# audio/cn
+# audio/dat12
+# audio/dls
+# audio/dsr-es201108
+# audio/dsr-es202050
+# audio/dsr-es202211
+# audio/dsr-es202212
+# audio/dv
+# audio/dvi4
+# audio/eac3
+# audio/evrc
+# audio/evrc-qcp
+# audio/evrc0
+# audio/evrc1
+# audio/evrcb
+# audio/evrcb0
+# audio/evrcb1
+# audio/evrcwb
+# audio/evrcwb0
+# audio/evrcwb1
+# audio/example
+# audio/fwdred
+# audio/g719
+# audio/g722
+# audio/g7221
+# audio/g723
+# audio/g726-16
+# audio/g726-24
+# audio/g726-32
+# audio/g726-40
+# audio/g728
+# audio/g729
+# audio/g7291
+# audio/g729d
+# audio/g729e
+# audio/gsm
+# audio/gsm-efr
+# audio/gsm-hr-08
+# audio/ilbc
+# audio/ip-mr_v2.5
+# audio/isac
+# audio/l16
+# audio/l20
+# audio/l24
+# audio/l8
+# audio/lpc
+audio/midi mid midi kar rmi
+# audio/mobile-xmf
+audio/mp4 m4a mp4a
+# audio/mp4a-latm
+# audio/mpa
+# audio/mpa-robust
+audio/mpeg mpga mp2 mp2a mp3 m2a m3a
+# audio/mpeg4-generic
+# audio/musepack
+audio/ogg oga ogg spx
+# audio/opus
+# audio/parityfec
+# audio/pcma
+# audio/pcma-wb
+# audio/pcmu-wb
+# audio/pcmu
+# audio/prs.sid
+# audio/qcelp
+# audio/red
+# audio/rtp-enc-aescm128
+# audio/rtp-midi
+# audio/rtx
+audio/s3m s3m
+audio/silk sil
+# audio/smv
+# audio/smv0
+# audio/smv-qcp
+# audio/sp-midi
+# audio/speex
+# audio/t140c
+# audio/t38
+# audio/telephone-event
+# audio/tone
+# audio/uemclip
+# audio/ulpfec
+# audio/vdvi
+# audio/vmr-wb
+# audio/vnd.3gpp.iufp
+# audio/vnd.4sb
+# audio/vnd.audiokoz
+# audio/vnd.celp
+# audio/vnd.cisco.nse
+# audio/vnd.cmles.radio-events
+# audio/vnd.cns.anp1
+# audio/vnd.cns.inf1
+audio/vnd.dece.audio uva uvva
+audio/vnd.digital-winds eol
+# audio/vnd.dlna.adts
+# audio/vnd.dolby.heaac.1
+# audio/vnd.dolby.heaac.2
+# audio/vnd.dolby.mlp
+# audio/vnd.dolby.mps
+# audio/vnd.dolby.pl2
+# audio/vnd.dolby.pl2x
+# audio/vnd.dolby.pl2z
+# audio/vnd.dolby.pulse.1
+audio/vnd.dra dra
+audio/vnd.dts dts
+audio/vnd.dts.hd dtshd
+# audio/vnd.dvb.file
+# audio/vnd.everad.plj
+# audio/vnd.hns.audio
+audio/vnd.lucent.voice lvp
+audio/vnd.ms-playready.media.pya pya
+# audio/vnd.nokia.mobile-xmf
+# audio/vnd.nortel.vbk
+audio/vnd.nuera.ecelp4800 ecelp4800
+audio/vnd.nuera.ecelp7470 ecelp7470
+audio/vnd.nuera.ecelp9600 ecelp9600
+# audio/vnd.octel.sbc
+# audio/vnd.qcelp
+# audio/vnd.rhetorex.32kadpcm
+audio/vnd.rip rip
+# audio/vnd.sealedmedia.softseal.mpeg
+# audio/vnd.vmx.cvsd
+# audio/vorbis
+# audio/vorbis-config
+audio/webm weba
+audio/x-aac aac
+audio/x-aiff aif aiff aifc
+audio/x-caf caf
+audio/x-flac flac
+audio/x-matroska mka
+audio/x-mpegurl m3u
+audio/x-ms-wax wax
+audio/x-ms-wma wma
+audio/x-pn-realaudio ram ra
+audio/x-pn-realaudio-plugin rmp
+# audio/x-tta
+audio/x-wav wav
+audio/xm xm
+chemical/x-cdx cdx
+chemical/x-cif cif
+chemical/x-cmdf cmdf
+chemical/x-cml cml
+chemical/x-csml csml
+# chemical/x-pdb
+chemical/x-xyz xyz
+image/bmp bmp
+image/cgm cgm
+# image/example
+# image/fits
+image/g3fax g3
+image/gif gif
+image/ief ief
+# image/jp2
+image/jpeg jpeg jpg jpe
+# image/jpm
+# image/jpx
+image/ktx ktx
+# image/naplps
+image/png png
+image/prs.btif btif
+# image/prs.pti
+image/sgi sgi
+image/svg+xml svg svgz
+# image/t38
+image/tiff tiff tif
+# image/tiff-fx
+image/vnd.adobe.photoshop psd
+# image/vnd.cns.inf2
+image/vnd.dece.graphic uvi uvvi uvg uvvg
+image/vnd.dvb.subtitle sub
+image/vnd.djvu djvu djv
+image/vnd.dwg dwg
+image/vnd.dxf dxf
+image/vnd.fastbidsheet fbs
+image/vnd.fpx fpx
+image/vnd.fst fst
+image/vnd.fujixerox.edmics-mmr mmr
+image/vnd.fujixerox.edmics-rlc rlc
+# image/vnd.globalgraphics.pgb
+# image/vnd.microsoft.icon
+# image/vnd.mix
+image/vnd.ms-modi mdi
+image/vnd.ms-photo wdp
+image/vnd.net-fpx npx
+# image/vnd.radiance
+# image/vnd.sealed.png
+# image/vnd.sealedmedia.softseal.gif
+# image/vnd.sealedmedia.softseal.jpg
+# image/vnd.svf
+image/vnd.wap.wbmp wbmp
+image/vnd.xiff xif
+image/webp webp
+image/x-3ds 3ds
+image/x-cmu-raster ras
+image/x-cmx cmx
+image/x-freehand fh fhc fh4 fh5 fh7
+image/x-icon ico
+image/x-mrsid-image sid
+image/x-pcx pcx
+image/x-pict pic pct
+image/x-portable-anymap pnm
+image/x-portable-bitmap pbm
+image/x-portable-graymap pgm
+image/x-portable-pixmap ppm
+image/x-rgb rgb
+image/x-tga tga
+image/x-xbitmap xbm
+image/x-xpixmap xpm
+image/x-xwindowdump xwd
+# message/cpim
+# message/delivery-status
+# message/disposition-notification
+# message/example
+# message/external-body
+# message/feedback-report
+# message/global
+# message/global-delivery-status
+# message/global-disposition-notification
+# message/global-headers
+# message/http
+# message/imdn+xml
+# message/news
+# message/partial
+message/rfc822 eml mime
+# message/s-http
+# message/sip
+# message/sipfrag
+# message/tracking-status
+# message/vnd.si.simp
+# model/example
+model/iges igs iges
+model/mesh msh mesh silo
+model/vnd.collada+xml dae
+model/vnd.dwf dwf
+# model/vnd.flatland.3dml
+model/vnd.gdl gdl
+# model/vnd.gs-gdl
+# model/vnd.gs.gdl
+model/vnd.gtw gtw
+# model/vnd.moml+xml
+model/vnd.mts mts
+# model/vnd.parasolid.transmit.binary
+# model/vnd.parasolid.transmit.text
+model/vnd.vtu vtu
+model/vrml wrl vrml
+model/x3d+binary x3db x3dbz
+model/x3d+vrml x3dv x3dvz
+model/x3d+xml x3d x3dz
+# multipart/alternative
+# multipart/appledouble
+# multipart/byteranges
+# multipart/digest
+# multipart/encrypted
+# multipart/example
+# multipart/form-data
+# multipart/header-set
+# multipart/mixed
+# multipart/parallel
+# multipart/related
+# multipart/report
+# multipart/signed
+# multipart/voice-message
+# text/1d-interleaved-parityfec
+text/cache-manifest appcache
+text/calendar ics ifb
+text/css css
+text/csv csv
+# text/directory
+# text/dns
+# text/ecmascript
+# text/enriched
+# text/example
+# text/fwdred
+text/html html htm
+# text/javascript
+text/n3 n3
+# text/parityfec
+text/plain txt text conf def list log in
+# text/prs.fallenstein.rst
+text/prs.lines.tag dsc
+# text/vnd.radisys.msml-basic-layout
+# text/red
+# text/rfc822-headers
+text/richtext rtx
+# text/rtf
+# text/rtp-enc-aescm128
+# text/rtx
+text/sgml sgml sgm
+# text/t140
+text/tab-separated-values tsv
+text/troff t tr roff man me ms
+text/turtle ttl
+# text/ulpfec
+text/uri-list uri uris urls
+text/vcard vcard
+# text/vnd.abc
+text/vnd.curl curl
+text/vnd.curl.dcurl dcurl
+text/vnd.curl.scurl scurl
+text/vnd.curl.mcurl mcurl
+# text/vnd.dmclientscript
+text/vnd.dvb.subtitle sub
+# text/vnd.esmertec.theme-descriptor
+text/vnd.fly fly
+text/vnd.fmi.flexstor flx
+text/vnd.graphviz gv
+text/vnd.in3d.3dml 3dml
+text/vnd.in3d.spot spot
+# text/vnd.iptc.newsml
+# text/vnd.iptc.nitf
+# text/vnd.latex-z
+# text/vnd.motorola.reflex
+# text/vnd.ms-mediapackage
+# text/vnd.net2phone.commcenter.command
+# text/vnd.si.uricatalogue
+text/vnd.sun.j2me.app-descriptor jad
+# text/vnd.trolltech.linguist
+# text/vnd.wap.si
+# text/vnd.wap.sl
+text/vnd.wap.wml wml
+text/vnd.wap.wmlscript wmls
+text/x-asm s asm
+text/x-c c cc cxx cpp h hh dic
+text/x-fortran f for f77 f90
+text/x-java-source java
+text/x-opml opml
+text/x-pascal p pas
+text/x-nfo nfo
+text/x-setext etx
+text/x-sfv sfv
+text/x-uuencode uu
+text/x-vcalendar vcs
+text/x-vcard vcf
+# text/xml
+# text/xml-external-parsed-entity
+# video/1d-interleaved-parityfec
+video/3gpp 3gp
+# video/3gpp-tt
+video/3gpp2 3g2
+# video/bmpeg
+# video/bt656
+# video/celb
+# video/dv
+# video/example
+video/h261 h261
+video/h263 h263
+# video/h263-1998
+# video/h263-2000
+video/h264 h264
+# video/h264-rcdo
+# video/h264-svc
+video/jpeg jpgv
+# video/jpeg2000
+video/jpm jpm jpgm
+video/mj2 mj2 mjp2
+# video/mp1s
+# video/mp2p
+# video/mp2t
+video/mp4 mp4 mp4v mpg4
+# video/mp4v-es
+video/mpeg mpeg mpg mpe m1v m2v
+# video/mpeg4-generic
+# video/mpv
+# video/nv
+video/ogg ogv
+# video/parityfec
+# video/pointer
+video/quicktime qt mov
+# video/raw
+# video/rtp-enc-aescm128
+# video/rtx
+# video/smpte292m
+# video/ulpfec
+# video/vc1
+# video/vnd.cctv
+video/vnd.dece.hd uvh uvvh
+video/vnd.dece.mobile uvm uvvm
+# video/vnd.dece.mp4
+video/vnd.dece.pd uvp uvvp
+video/vnd.dece.sd uvs uvvs
+video/vnd.dece.video uvv uvvv
+# video/vnd.directv.mpeg
+# video/vnd.directv.mpeg-tts
+# video/vnd.dlna.mpeg-tts
+video/vnd.dvb.file dvb
+video/vnd.fvt fvt
+# video/vnd.hns.video
+# video/vnd.iptvforum.1dparityfec-1010
+# video/vnd.iptvforum.1dparityfec-2005
+# video/vnd.iptvforum.2dparityfec-1010
+# video/vnd.iptvforum.2dparityfec-2005
+# video/vnd.iptvforum.ttsavc
+# video/vnd.iptvforum.ttsmpeg2
+# video/vnd.motorola.video
+# video/vnd.motorola.videop
+video/vnd.mpegurl mxu m4u
+video/vnd.ms-playready.media.pyv pyv
+# video/vnd.nokia.interleaved-multimedia
+# video/vnd.nokia.videovoip
+# video/vnd.objectvideo
+# video/vnd.sealed.mpeg1
+# video/vnd.sealed.mpeg4
+# video/vnd.sealed.swf
+# video/vnd.sealedmedia.softseal.mov
+video/vnd.uvvu.mp4 uvu uvvu
+video/vnd.vivo viv
+video/webm webm
+video/x-f4v f4v
+video/x-fli fli
+video/x-flv flv
+video/x-m4v m4v
+video/x-matroska mkv mk3d mks
+video/x-mng mng
+video/x-ms-asf asf asx
+video/x-ms-vob vob
+video/x-ms-wm wm
+video/x-ms-wmv wmv
+video/x-ms-wmx wmx
+video/x-ms-wvx wvx
+video/x-msvideo avi
+video/x-sgi-movie movie
+video/x-smv smv
+x-conference/x-cooltalk ice
diff --git a/setup/projects/kaas/keys/kaas.crt b/setup/projects/kaas/keys/kaas.crt
new file mode 100644
index 0000000..82ef723
--- /dev/null
+++ b/setup/projects/kaas/keys/kaas.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAoGgAwIBAgIJAOnpyunJRkjVMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV
+BAYTAkRFMQswCQYDVQQIDAJCVzESMBAGA1UEBwwJS2FybHNydWhlMQwwCgYDVQQK
+DANLSVQxDDAKBgNVBAsMA0lQRTEXMBUGA1UEAwwOa2F0cmluLmtpdC5lZHUwHhcN
+MTQxMjE5MDEwMTEyWhcNMjQxMjE2MDEwMTEyWjBjMQswCQYDVQQGEwJERTELMAkG
+A1UECAwCQlcxEjAQBgNVBAcMCUthcmxzcnVoZTEMMAoGA1UECgwDS0lUMQwwCgYD
+VQQLDANJUEUxFzAVBgNVBAMMDmthdHJpbi5raXQuZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAyJ9+nKbhK4AaVyVH/jmAxPFC/o2shejmFL9jIE4I
+ryrdnirepxcgvd2xcpTYeOb5TMKKFtJmqeW3jPOB3jAEyLzvuy1aYwd/DNx4A9VU
+GO2shdqjPMaBOk4KjsjZnt+8toWJeABYsJ4nATpbM0ijkX6RqQoRboiaKWlvo10n
+qMfGmQjMR+lC5uhF5hWhHwD+qPigEFGYis73dgFDhydfl4pzPXBySv4hM4zHvHHH
+DO0QipGIxwmMrw4U/y4snN1hDCPFDJN3WehK4lt7tD8Ea1VwikCLh2eZ+v94BQC3
+060hHIC4lEhtTaDsNXrGIwzqVP9TPuOVEOgEAjxyN12D0wIDAQABo1AwTjAdBgNV
+HQ4EFgQUGTmlNR3S73QucufU1P+8TehunFQwHwYDVR0jBBgwFoAUGTmlNR3S73Qu
+cufU1P+8TehunFQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAfwuL
+ayz7Mg1YzX3RUISmN0rJYFS9u57qaWkGK5LX5s/6T9Ppzjd3sPcFwryycumcNJ3x
+G9iIuTX1n1/uPdwdulgGRtsq3vl1zLgI/at0UIZJxnQPxr73n8o5o9W5FFVRsJTs
+WN2t7DurOQi0nLiIG+qmHHrRmFpSsgeegM720VCS9Wf434r0XZVMNl1ngIk4ppo6
+/ecuRTxpv+iOM4j/QqFwXNZQwjGv3o1UZELJ9RMDVY7zGyL/77cu6Iz6aLVy3QrE
+qMexD5/zZTnrKc4dWmuQSDqgMJeLdyebxZnYT8LLLr/QtUMmm1iLCw1MuY4tmPIp
+j5rXZ3Oda5tHYrnPsA==
+-----END CERTIFICATE-----
diff --git a/setup/projects/kaas/keys/kaas.key b/setup/projects/kaas/keys/kaas.key
new file mode 100644
index 0000000..3d766c8
--- /dev/null
+++ b/setup/projects/kaas/keys/kaas.key
@@ -0,0 +1,90 @@
+$ANSIBLE_VAULT;1.1;AES256
+38323634333239303134316164343132636432356331393634343164663065353733323732656339
+6363343738363234626565343665326365343366363166370a623263626134646332393231656566
+37366136353864366562633832316338353233653930333430383235643337623433393464613765
+3734626432316164300a656139383462653761306435346433346637616565393132396137376661
+64643835393132633831386638613764613164663036356233663861653138613465663434643161
+36333666323862636665396261333532313833393038326339343136363239356235313463333661
+61316664366437333064336531333538333734356238323561626163313031383833613233386438
+64616337323230626463643535393831666363373864393432633539323732393266356232636663
+63303263393337643831376537386666373737656364663162663164353961323264373462366636
+38346163396139636131323134613337613164623533353163616539643333623264336434333662
+33386538646239336639303230653335626434633131336135393831656666326130383034656664
+65313766623466663138333062343061393532353630363532656139373939643362613265626461
+31666166393433646135353936373836636435613432646435643264653338306532656361316537
+62316164393638356635633931316537326262343561663165643837396365653461356432666433
+32326262336164376663343363353134373563653933616531653936333265383762613534363832
+36393765383032383762383961623462306334323463353739663362363336343130633935383064
+35396531343032656335623239373565376633313665313132656162626535656133633063396131
+31333936623738653435633562623061393961343736323539373464303735376266353232393639
+61353661663934313333363935346164316664616632396434353436646437313861303763326430
+34363335653564373963376162393836353234306534306334666263633261366434663265333134
+63633431303530616637633731366539613538313839653864336436633230303730653935366661
+62303765383834663230303334373865346630643739363336366537343465346361313530643436
+35653533313565663638363432656239366261316261613437353933643365623766353838386430
+39386539636332373732356334656365646362336539623934353337623264663866323866323966
+62633932316136623866393461333866396333373934333461323533323866303533333737366261
+33383131303932663231646238343661363565613466333463303262343831653839323162613134
+64633465343932643465653934646533366266656437616337643537383932623238633230346462
+39396263393431663631383931303063666539336432663730623338366439343739316539663364
+38626233333561313836616634306437653662323265633832343632336633396634326364323531
+38633836343063653037623666396534303032366136333737663562633763323831663265343466
+65643361643436613533386139336238633032616235363035396532646637383338383639393861
+65346661616534313764313738363131336235333662353735333466656635393233336332616435
+39326338323436646337313935373535396165386338626563363863633139353038373434613466
+35613565313734346361643664366533666663396664326164396534303638333831666631323063
+33343032636331643464633237363561653236656663346232663465663936633335643765666435
+62306536313464363333656437313264323065663436373464356338623264313464623937313934
+32623234393163653732376663333263633031626335353033613937393661336338383463626534
+30373261663732373535643831626565666136336666396130636434373034316132353238656234
+37646133383164356566306665393432376561383435653463363239343136303133373433346231
+38623833643863633433306466376639633066623733333435316233326539303239666232616264
+62306436613931303032653734633737613066653235623930386261626565643436653632336639
+36313066663933366562366236633965323534336361646131383432393634646564306532656162
+39303430643534333338663962346266663532623064303133366662313661626139373236636664
+63326435623838613039386134303663323439373639616634633266353334653737666434383037
+34306638306264393434653630373661373564613935303766363039666333303161373533316134
+36343632626265306239656361383939353736343139373437373162303437623236666137633666
+62626364353164373237306330313464623363643466343439653465353938663831323634363634
+37386635396261306366376630326534613337356235613863313632326435356461353730343339
+34393636316333373435326236363238656332616333393663653465326434396262313466336365
+38336635363762313530616666666335653865376363623965333064366462373030333735333630
+62653965666630613061646265376130626263313032323038626430383233666563646639373339
+30313032393237623634666464383635396431393866303530383235633265313161383563363532
+66336261336638616335356262303436633765363336616535633734313037383136313635313366
+33303963383135343064613637353432666461353661643834376666386633663964663565386465
+39616634343835323362613362376662326463633139653163313437636238386430623234663936
+63623566393434303937343461366361363661653364626265366630333036623735323435306332
+35666265383130313438353965353239343135663937613362323530323734626234633037326135
+32336266373734623534353239373238333333626537666433636261653333626137653335656331
+30326563666664316537316633643661626239366536333134376662643735386634396430633132
+39636266656131363063343731643366376664623062656262396235663636386564346364373533
+63633961656539386630643639383162303661656134363334373166303233346263646335393535
+37373131633834316239326265326266386230383430653564663138636334323736313363303561
+32353932366637316433333538353032396339366538636261613963613865396231646437313339
+63376635656466346165626361336161333638366166356431336361343761613431303161626462
+36613266393633643333386238656161393337326637353464646264356139326466353763393465
+33383564323333313861336565323762386539303737306362613930646330653636396466303238
+38636365343234663436363334303439666366366462633537393362623133376430616136376235
+33616561353764643236636633633561633230303338613136343537353236316666376537393836
+35383336626662353562383034653532303663613033316534623832333633633737613266343665
+34393235623231336533613331643566303237623238663762393331373636623065643666393137
+61383264356564663165326266626263303363376634303238323861633533396137666163343162
+64636633333033373138313133346539333634373265396231653665323062396432383435393864
+32633763646230343639646637626434353336346265643439653863366335363935343934623334
+32636534366435383863353065393731613361343336633364303061303432366230393431393939
+33666632656135343263373934326262643936383337343137353434633434636535623835346439
+30653437376538373961306439343966343039303262396339343866313937383231616465336332
+64663434643466336665376462356561353266313730336435623832643230376434636536356163
+34613964343132356233623966316462643737613234373466643164353133303837653237306536
+62616661373466383232353861653734363562343337343333353763656562616535373536306461
+66303131616163623835363366653737643933383938383735353635646234613064316533346330
+63633732326434653939323534366637333932313637326536316430326338666263343163363735
+35333435353238396236316132393838663430313137346362313865386135646234346530346261
+63373062303637336662373763393239646133633933613066643263326130396134343332633464
+32613061383665666266353264653732663765353832656364396235313339626565656133653735
+63663230316533666462396436396465363333363862356330656565633466363439363338383339
+37386462623035393931313938653064376239393863643831633431333633373938363132333030
+61623539636430316431616162383963663061353164313735306365353965336233663239656336
+30346531383561356439323062333263646536646232643263353533653563653634633962343933
+36356164306132386530373437396263393461373036333938343763386664653462
diff --git a/setup/projects/kaas/templates/10-kaas-builder.yml.j2 b/setup/projects/kaas/templates/10-kaas-builder.yml.j2
new file mode 100644
index 0000000..52066a5
--- /dev/null
+++ b/setup/projects/kaas/templates/10-kaas-builder.yml.j2
@@ -0,0 +1,42 @@
+apiVersion: v1
+kind: Template
+metadata:
+ name: kaas-manager-build
+ labels:
+ app: kaas-manager
+ annotations:
+ descriptions: "KaaS Data Manager Build"
+objects:
+ - kind: ImageStream
+ apiVersion: v1
+ metadata:
+ name: kaas-manager
+ - kind: "BuildConfig"
+ apiVersion: "v1"
+ metadata:
+ name: "kaas-manager"
+ spec:
+# runPolicy: "Serial"
+ successfulBuildsHistoryLimit: "{{ kaas_pod_history_limit }}"
+ failedBuildsHistoryLimit: "{{ kaas_pod_history_limit }}"
+ triggers:
+ - type: "ConfigChange"
+ source:
+ type: "Git"
+ git:
+ uri: "http://adei.info/git/csa/devops/docker/ands-management.git"
+ strategy:
+ dockerStrategy:
+ dockerfilePath: Dockerfile
+ output:
+ to:
+ kind: "ImageStreamTag"
+ name: "kaas-manager:latest"
+ imageLabels:
+ - name: "vendor"
+ value: "KIT"
+ - name: "author"
+ value: "Suren A. Chilingaryan"
+ - name: "authoritative-source-url"
+ value: "adei.info"
+
diff --git a/setup/projects/kaas/templates/40-kaas-manager.yml.j2 b/setup/projects/kaas/templates/40-kaas-manager.yml.j2
new file mode 100644
index 0000000..e181737
--- /dev/null
+++ b/setup/projects/kaas/templates/40-kaas-manager.yml.j2
@@ -0,0 +1,91 @@
+#jinja2: trim_blocks: "true", lstrip_blocks: "false"
+---
+{% set gid_range = kaas_openshift_gid_ranges[kaas_project].split("/") %}
+apiVersion: v1
+kind: Template
+metadata:
+ name: kaas-manager
+ annotations:
+ descriptions: KaaS Data Management Service
+objects:
+ - apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: kaas-manager
+ spec:
+ replicas: 1
+ revisionHistoryLimit: {{ kaas_pod_history_limit }}
+ strategy:
+ type: Rolling
+ triggers:
+ - type: ConfigChange
+ selector:
+ name: kaas-manager
+ triggers:
+ - type: ConfigChange
+ - type: ImageChange
+ imageChangeParams:
+ automatic: true
+ from:
+ kind: "ImageStreamTag"
+ name: "kaas-manager:latest"
+ namespace: "kaas"
+ containerNames:
+ - kaas-manager
+ template:
+ metadata:
+ name: kaas-manager
+ labels:
+ name: kaas-manager
+ spec:
+ securityContext:
+ supplementalGroups:
+{% for ofs in range(gid_range[1] | default(1) | int) %}
+ - {{ (gid_range[0] | int) + ofs }}
+{% endfor %}
+{% if (kaas_project_config.run_pods_as is defined) %}
+{% if ((kaas_project_config.uids | default(kaas_openshift_uids))[kaas_project_config.run_pods_as] is defined) %}
+ runAsUser: {{ (kaas_project_config.uids | default(kaas_openshift_uids))[kaas_project_config.run_pods_as].id }}
+{% else %}
+ runAsUser: {{ kaas_project_config.run_pods_as }}
+{% endif %}
+{% endif %}
+ volumes:
+{% for name, vol in kaas_project_volumes.iteritems() %}
+{% set oc_name = name | regex_replace('_','-') %}
+{% if (vol.write | default(false)) %}
+ - name: vol-{{ name }}
+ persistentVolumeClaim:
+ claimName: {{ oc_name }}
+{% endif %}
+{% endfor %}
+{% if ('data' not in kaas_project_volumes) %}
+ - name: home
+ emptyDir: {}
+{% endif %}
+ containers:
+ - name: kaas-manager
+ image: kaas-manager
+ command: [ "/docker-entrypoint.sh", "/bin/sx" ]
+ volumeMounts:
+{% for name, vol in kaas_project_volumes.iteritems() %}
+{% if (vol.write | default(false)) %}
+ - name: vol-{{ name }}
+ mountPath: /mnt/{{ name }}
+{% endif %}
+{% endfor %}
+{% if ('data' not in kaas_project_volumes) %}
+ - name: home
+ mountPath: /home
+{% endif %}
+ env:
+ - name: HOME
+{% if ('data' in kaas_project_volumes) %}
+ value: /mnt/data/home
+{% else %}
+ value: /tmp
+{% endif %}
+# lifecycle:
+# postStart:
+# exec:
+# command: [ "/bin/bash", "[ -d $HOME ] || mkdir -p $HOME" ]
diff --git a/setup/projects/kaas/vars/globals.yml b/setup/projects/kaas/vars/globals.yml
new file mode 100644
index 0000000..69b0bfe
--- /dev/null
+++ b/setup/projects/kaas/vars/globals.yml
@@ -0,0 +1 @@
+katrin_node: "katrin.{{ openshift_master_default_subdomain }}"
diff --git a/setup/projects/kaas/vars/pods.yml b/setup/projects/kaas/vars/pods.yml
new file mode 100644
index 0000000..41831ab
--- /dev/null
+++ b/setup/projects/kaas/vars/pods.yml
@@ -0,0 +1,15 @@
+pods:
+ kaas-router:
+ service: { host: "{{ katrin_node }}", ports: [ 80/8080, 443/8043 ] }
+ sched: { replicas: 1, selector: { master: 1 } }
+ selector: { master: 1 }
+ images:
+ - image: "httpd:2.2"
+ mappings:
+ - { name: "etc", path: "apache2", mount: "/usr/local/apache2/conf" }
+ - { name: "data", path: "www", mount: "/usr/local/apache2/htdocs" }
+ - { name: "tmp", path: "apache2", mount: "/usr/local/apache2/logs" }
+ probes:
+ - { port: 8080, path: '/index.html' }
+
+
\ No newline at end of file
diff --git a/setup/projects/kaas/vars/volumes.yml b/setup/projects/kaas/vars/volumes.yml
new file mode 100644
index 0000000..3554aa6
--- /dev/null
+++ b/setup/projects/kaas/vars/volumes.yml
@@ -0,0 +1,10 @@
+gids:
+ kaas: { id: 4000 }
+
+files:
+ - { osv: "data", path: "/www", state: "directory", group: "kaas", mode: "0775" }
+ - { osv: "etc", path: "/apache2", state: "directory", group: "kaas", mode: "0775" }
+ - { osv: "tmp", path: "/apache2", state: "directory", group: "kaas", mode: "0775" }
+
+#resync: true
+sync_set_gid: kaas
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/ssl.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/ssl.conf
deleted file mode 100644
index a70324b..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/ssl.conf
+++ /dev/null
@@ -1,217 +0,0 @@
-#
-# When we also provide SSL we have to listen to the
-# the HTTPS port in addition.
-#
-Listen 0.0.0.0:8443 https
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-# Pass Phrase Dialog:
-# Configure the pass phrase gathering process.
-# The filtering dialog program (`builtin' is a internal
-# terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog builtin
-
-# Inter-Process Session Cache:
-# Configure the SSL Session Cache: First the mechanism
-# to use and second the expiring timeout (in seconds).
-SSLSessionCache shmcb:/opt/rh/httpd24/root/var/run/httpd/sslcache(512000)
-SSLSessionCacheTimeout 300
-
-# Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the
-# SSL library. The seed data should be of good random quality.
-# WARNING! On some platforms /dev/random blocks if not enough entropy
-# is available. This means you then cannot use the /dev/random device
-# because it would lead to very long connection times (as long as
-# it requires to make more entropy available). But usually those
-# platforms additionally provide a /dev/urandom device which doesn't
-# block. So, if available, use this one instead. Read the mod_ssl User
-# Manual for more details.
-SSLRandomSeed startup file:/dev/urandom 256
-SSLRandomSeed connect builtin
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-#
-# Use "SSLCryptoDevice" to enable any supported hardware
-# accelerators. Use "openssl engine -v" to list supported
-# engine names. NOTE: If you enable an accelerator and the
-# server does not start, consult the error logs and ensure
-# your accelerator is functioning properly.
-#
-SSLCryptoDevice builtin
-#SSLCryptoDevice ubsec
-
-##
-## SSL Virtual Host Context
-##
-
-<VirtualHost _default_:8443>
-
-# General setup for the virtual host, inherited from global configuration
-#DocumentRoot "/var/www/html"
-#ServerName www.example.com:8443
-
-# Use separate log files for the SSL virtual host; note that LogLevel
-# is not inherited from httpd.conf.
-ErrorLog |/usr/bin/cat
-TransferLog |/usr/bin/cat
-LogLevel warn
-
-# SSL Engine Switch:
-# Enable/Disable SSL for this virtual host.
-SSLEngine on
-
-# SSL Protocol support:
-# List the enable protocol levels with which clients will be able to
-# connect. Disable SSLv2 access by default:
-SSLProtocol all -SSLv2
-
-# SSL Cipher Suite:
-# List the ciphers that the client is permitted to negotiate.
-# See the mod_ssl documentation for a complete list.
-SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
-
-# Speed-optimized SSL Cipher configuration:
-# If speed is your main concern (on busy HTTPS servers e.g.),
-# you might want to force clients to specific, performance
-# optimized ciphers. In this case, prepend those ciphers
-# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
-# Caveat: by giving precedence to RC4-SHA and AES128-SHA
-# (as in the example below), most connections will no longer
-# have perfect forward secrecy - if the server's key is
-# compromised, captures of past or future traffic must be
-# considered compromised, too.
-#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
-#SSLHonorCipherOrder on
-
-# Server Certificate:
-# Point SSLCertificateFile at a PEM encoded certificate. If
-# the certificate is encrypted, then you will be prompted for a
-# pass phrase. Note that a kill -HUP will prompt again. A new
-# certificate can be generated using the genkey(1) command.
-SSLCertificateFile /etc/pki/tls/certs/localhost.crt
-
-# Server Private Key:
-# If the key is not combined with the certificate, use this
-# directive to point at the key file. Keep in mind that if
-# you've both a RSA and a DSA private key you can configure
-# both in parallel (to also allow the use of DSA ciphers, etc.)
-SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
-
-# Server Certificate Chain:
-# Point SSLCertificateChainFile at a file containing the
-# concatenation of PEM encoded CA certificates which form the
-# certificate chain for the server certificate. Alternatively
-# the referenced file can be the same as SSLCertificateFile
-# when the CA certificates are directly appended to the server
-# certificate for convinience.
-#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
-
-# Certificate Authority (CA):
-# Set the CA certificate verification path where to find CA
-# certificates for client authentication or alternatively one
-# huge file containing all of them (file must be PEM encoded)
-#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
-
-# Client Authentication (Type):
-# Client certificate verification type and depth. Types are
-# none, optional, require and optional_no_ca. Depth is a
-# number which specifies how deeply to verify the certificate
-# issuer chain before deciding the certificate is not valid.
-#SSLVerifyClient require
-#SSLVerifyDepth 10
-
-# Access Control:
-# With SSLRequire you can do per-directory access control based
-# on arbitrary complex boolean expressions containing server
-# variable checks and other lookup directives. The syntax is a
-# mixture between C and Perl. See the mod_ssl documentation
-# for more details.
-#<Location />
-#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
-# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
-# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
-# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
-# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
-# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
-#</Location>
-
-# SSL Engine Options:
-# Set various options for the SSL engine.
-# o FakeBasicAuth:
-# Translate the client X.509 into a Basic Authorisation. This means that
-# the standard Auth/DBMAuth methods can be used for access control. The
-# user name is the `one line' version of the client's X.509 certificate.
-# Note that no password is obtained from the user. Every entry in the user
-# file needs this password: `xxj31ZMTZzkVA'.
-# o ExportCertData:
-# This exports two additional environment variables: SSL_CLIENT_CERT and
-# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
-# server (always existing) and the client (only existing when client
-# authentication is used). This can be used to import the certificates
-# into CGI scripts.
-# o StdEnvVars:
-# This exports the standard SSL/TLS related `SSL_*' environment variables.
-# Per default this exportation is switched off for performance reasons,
-# because the extraction step is an expensive operation and is usually
-# useless for serving static content. So one usually enables the
-# exportation for CGI and SSI requests only.
-# o StrictRequire:
-# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
-# under a "Satisfy any" situation, i.e. when it applies access is denied
-# and no other module can change it.
-# o OptRenegotiate:
-# This enables optimized SSL connection renegotiation handling when SSL
-# directives are used in per-directory context.
-#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
-<Files ~ "\.(cgi|shtml|phtml|php3?)$">
- SSLOptions +StdEnvVars
-</Files>
-<Directory "/var/www/cgi-bin">
- SSLOptions +StdEnvVars
-</Directory>
-
-# SSL Protocol Adjustments:
-# The safe and default but still SSL/TLS standard compliant shutdown
-# approach is that mod_ssl sends the close notify alert but doesn't wait for
-# the close notify alert from client. When you need a different shutdown
-# approach you can use one of the following variables:
-# o ssl-unclean-shutdown:
-# This forces an unclean shutdown when the connection is closed, i.e. no
-# SSL close notify alert is send or allowed to received. This violates
-# the SSL/TLS standard but is needed for some brain-dead browsers. Use
-# this when you receive I/O errors because of the standard approach where
-# mod_ssl sends the close notify alert.
-# o ssl-accurate-shutdown:
-# This forces an accurate shutdown when the connection is closed, i.e. a
-# SSL close notify alert is send and mod_ssl waits for the close notify
-# alert of the client. This is 100% SSL/TLS standard compliant, but in
-# practice often causes hanging connections with brain-dead browsers. Use
-# this only for browsers where you know that their SSL implementation
-# works correctly.
-# Notice: Most problems of broken clients are also related to the HTTP
-# keep-alive facility, so you usually additionally want to disable
-# keep-alive for those clients, too. Use variable "nokeepalive" for this.
-# Similarly, one has to force some clients to use HTTP/1.0 to workaround
-# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
-# "force-response-1.0" for this.
-BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
-
-# Per-Server Logging:
-# The home of a custom SSL log file. Use this when you want a
-# compact non-error SSL logfile on a virtual host basis.
-CustomLog |/usr/bin/cat \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
-</VirtualHost>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/userdir.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/userdir.conf
deleted file mode 100644
index b5d7a49..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d.disabled/userdir.conf
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# UserDir: The name of the directory that is appended onto a user's home
-# directory if a ~user request is received.
-#
-# The path to the end user account 'public_html' directory must be
-# accessible to the webserver userid. This usually means that ~userid
-# must have permissions of 711, ~userid/public_html must have permissions
-# of 755, and documents contained therein must be world-readable.
-# Otherwise, the client will only receive a "403 Forbidden" message.
-#
-<IfModule mod_userdir.c>
- #
- # UserDir is disabled by default since it can confirm the presence
- # of a username on the system (depending on home directory
- # permissions).
- #
- UserDir disabled
-
- #
- # To enable requests to /~user/ to serve the user's public_html
- # directory, remove the "UserDir disabled" line above, and uncomment
- # the following line instead:
- #
- #UserDir public_html
-</IfModule>
-
-#
-# Control access to UserDir directories. The following is an example
-# for a site where these directories are restricted to read-only.
-#
-<Directory "/home/*/public_html">
- AllowOverride FileInfo AuthConfig Limit Indexes
- Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
- Require method GET POST OPTIONS
-</Directory>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/README b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/README
deleted file mode 100644
index f5e9661..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/README
+++ /dev/null
@@ -1,9 +0,0 @@
-
-This directory holds configuration files for the Apache HTTP Server;
-any files in this directory which have the ".conf" extension will be
-processed as httpd configuration files. The directory is used in
-addition to the directory /etc/httpd/conf.modules.d/, which contains
-configuration files necessary to load modules.
-
-Files are processed in alphabetical order.
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/autoindex.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/autoindex.conf
deleted file mode 100644
index 55f658e..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/autoindex.conf
+++ /dev/null
@@ -1,94 +0,0 @@
-#
-# Directives controlling the display of server-generated directory listings.
-#
-# Required modules: mod_authz_core, mod_authz_host,
-# mod_autoindex, mod_alias
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-#
-
-#
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-#
-IndexOptions FancyIndexing HTMLTable VersionSort
-
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-#
-Alias /icons/ "/opt/rh/httpd24/root/usr/share/httpd/icons/"
-
-<Directory "/opt/rh/httpd24/root/usr/share/httpd/icons">
- Options Indexes MultiViews FollowSymlinks
- AllowOverride None
- Require all granted
-</Directory>
-
-#
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-#
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif /core
-AddIcon /icons/bomb.gif */core.*
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-#
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-#
-DefaultIcon /icons/unknown.gif
-
-#
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-#
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-#
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-#
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-#
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-#
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/router.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/router.conf
deleted file mode 100644
index 325d196..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/router.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-ProxyPass /adei http://katrin.kit.edu/adei
-ProxyPassReverse /adei http://katrin.kit.edu/adei
-ProxyPass /adei-katrin http://katrin.kit.edu/adei-katrin
-ProxyPassReverse /adei-katrin http://katrin.kit.edu/adei-katrin
-ProxyPass /katrin-ng http://katrin.kit.edu/katrin-ng
-ProxyPassReverse /katrin-ng http://katrin.kit.edu/katrin-ng
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/ssl.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/ssl.conf
deleted file mode 100644
index e69de29..0000000
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/welcome.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/welcome.conf
deleted file mode 100644
index 34b4b72..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.d/welcome.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-#
-# This configuration file enables the default "Welcome" page if there
-# is no default index page present for the root URL. To disable the
-# Welcome page, comment out all the lines below.
-#
-# NOTE: if this file is removed, it will be restored on upgrades.
-#
-<LocationMatch "^/+$">
- Options -Indexes
- ErrorDocument 403 /.noindex.html
-</LocationMatch>
-
-<Directory /opt/rh/httpd24/root/usr/share/httpd/noindex>
- AllowOverride None
- Require all granted
-</Directory>
-
-Alias /.noindex.html /opt/rh/httpd24/root/usr/share/httpd/noindex/index.html
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-base.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-base.conf
deleted file mode 100644
index 2e3ce8c..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-base.conf
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# This file loads most of the modules included with the Apache HTTP
-# Server itself.
-#
-
-LoadModule access_compat_module modules/mod_access_compat.so
-LoadModule actions_module modules/mod_actions.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule allowmethods_module modules/mod_allowmethods.so
-LoadModule auth_basic_module modules/mod_auth_basic.so
-LoadModule auth_digest_module modules/mod_auth_digest.so
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_core_module modules/mod_authn_core.so
-LoadModule authn_dbd_module modules/mod_authn_dbd.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_file_module modules/mod_authn_file.so
-LoadModule authn_socache_module modules/mod_authn_socache.so
-LoadModule authz_core_module modules/mod_authz_core.so
-LoadModule authz_dbd_module modules/mod_authz_dbd.so
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule autoindex_module modules/mod_autoindex.so
-LoadModule cache_module modules/mod_cache.so
-LoadModule cache_disk_module modules/mod_cache_disk.so
-LoadModule cache_socache_module modules/mod_cache_socache.so
-LoadModule data_module modules/mod_data.so
-LoadModule dbd_module modules/mod_dbd.so
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule dir_module modules/mod_dir.so
-LoadModule dumpio_module modules/mod_dumpio.so
-LoadModule echo_module modules/mod_echo.so
-LoadModule env_module modules/mod_env.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-LoadModule filter_module modules/mod_filter.so
-LoadModule headers_module modules/mod_headers.so
-#LoadModule http2_module modules/mod_http2.so
-LoadModule include_module modules/mod_include.so
-LoadModule info_module modules/mod_info.so
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule logio_module modules/mod_logio.so
-LoadModule macro_module modules/mod_macro.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule mime_module modules/mod_mime.so
-LoadModule negotiation_module modules/mod_negotiation.so
-LoadModule remoteip_module modules/mod_remoteip.so
-LoadModule reqtimeout_module modules/mod_reqtimeout.so
-LoadModule request_module modules/mod_request.so
-LoadModule rewrite_module modules/mod_rewrite.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
-LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
-LoadModule socache_dbm_module modules/mod_socache_dbm.so
-LoadModule socache_memcache_module modules/mod_socache_memcache.so
-LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
-LoadModule status_module modules/mod_status.so
-LoadModule substitute_module modules/mod_substitute.so
-LoadModule suexec_module modules/mod_suexec.so
-LoadModule unique_id_module modules/mod_unique_id.so
-LoadModule unixd_module modules/mod_unixd.so
-LoadModule userdir_module modules/mod_userdir.so
-LoadModule version_module modules/mod_version.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-mpm.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-mpm.conf
deleted file mode 100644
index 7bfd1d4..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-mpm.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-# Select the MPM module which should be used by uncommenting exactly
-# one of the following LoadModule lines:
-
-# prefork MPM: Implements a non-threaded, pre-forking web server
-# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
-LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
-
-# worker MPM: Multi-Processing Module implementing a hybrid
-# multi-threaded multi-process web server
-# See: http://httpd.apache.org/docs/2.4/mod/worker.html
-#
-#LoadModule mpm_worker_module modules/mod_mpm_worker.so
-
-# event MPM: A variant of the worker MPM with the goal of consuming
-# threads only for connections with active processing
-# See: http://httpd.apache.org/docs/2.4/mod/event.html
-#
-#LoadModule mpm_event_module modules/mod_mpm_event.so
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-proxy.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-proxy.conf
deleted file mode 100644
index b8003f4..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.d/00-proxy.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file configures all the proxy modules:
-LoadModule proxy_module modules/mod_proxy.so
-LoadModule proxy_http_module modules/mod_proxy_http.so
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-dav.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-dav.conf
deleted file mode 100644
index e6af8de..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-dav.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-LoadModule dav_module modules/mod_dav.so
-LoadModule dav_fs_module modules/mod_dav_fs.so
-LoadModule dav_lock_module modules/mod_dav_lock.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-lua.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-lua.conf
deleted file mode 100644
index 9e0d0db..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-lua.conf
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule lua_module modules/mod_lua.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-optional.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-optional.conf
deleted file mode 100644
index 70bda5e..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-optional.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-#
-# This file lists modules included with the Apache HTTP Server
-# which are not enabled by default.
-#
-
-#LoadModule asis_module modules/mod_asis.so
-#LoadModule buffer_module modules/mod_buffer.so
-#LoadModule file_cache_module modules/mod_file_cache.so
-#LoadModule watchdog_module modules/mod_watchdog.so
-#LoadModule heartbeat_module modules/mod_heartbeat.so
-#LoadModule heartmonitor_module modules/mod_heartmonitor.so
-#LoadModule usertrack_module modules/mod_usertrack.so
-#LoadModule dialup_module modules/mod_dialup.so
-#LoadModule charset_lite_module modules/mod_charset_lite.so
-#LoadModule log_debug_module modules/mod_log_debug.so
-#LoadModule log_forensic_module modules/mod_log_forensic.so
-#LoadModule ratelimit_module modules/mod_ratelimit.so
-#LoadModule reflector_module modules/mod_reflector.so
-#LoadModule sed_module modules/mod_sed.so
-#LoadModule speling_module modules/mod_speling.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-proxy.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-proxy.conf
deleted file mode 100644
index cc0bca0..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-proxy.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-# This file configures all the proxy modules:
-LoadModule proxy_module modules/mod_proxy.so
-LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
-LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
-LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
-LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
-LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
-LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-LoadModule proxy_connect_module modules/mod_proxy_connect.so
-LoadModule proxy_express_module modules/mod_proxy_express.so
-LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
-LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
-LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
-LoadModule proxy_http_module modules/mod_proxy_http.so
-LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
-LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-ssl.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-ssl.conf
deleted file mode 100644
index 53235cd..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-ssl.conf
+++ /dev/null
@@ -1 +0,0 @@
-LoadModule ssl_module modules/mod_ssl.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-systemd.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-systemd.conf
deleted file mode 100644
index b208c97..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/00-systemd.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-# This file configures systemd module:
-LoadModule systemd_module modules/mod_systemd.so
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/01-cgi.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/01-cgi.conf
deleted file mode 100644
index 5b8b936..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf.modules.disabled/01-cgi.conf
+++ /dev/null
@@ -1,14 +0,0 @@
-# This configuration file loads a CGI module appropriate to the MPM
-# which has been configured in 00-mpm.conf. mod_cgid should be used
-# with a threaded MPM; mod_cgi with the prefork MPM.
-
-<IfModule mpm_worker_module>
- LoadModule cgid_module modules/mod_cgid.so
-</IfModule>
-<IfModule mpm_event_module>
- LoadModule cgid_module modules/mod_cgid.so
-</IfModule>
-<IfModule mpm_prefork_module>
- LoadModule cgi_module modules/mod_cgi.so
-</IfModule>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/httpd.conf b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/httpd.conf
deleted file mode 100644
index 88fcb97..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/httpd.conf
+++ /dev/null
@@ -1,353 +0,0 @@
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so 'log/access_log'
-# with ServerRoot set to '/www' will be interpreted by the
-# server as '/www/log/access_log', where as '/log/access_log' will be
-# interpreted as '/log/access_log'.
-
-#
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to specify a local disk on the
-# Mutex directive, if file-based mutexes are used. If you wish to share the
-# same ServerRoot for multiple httpd daemons, you will need to change at
-# least PidFile.
-#
-ServerRoot "/opt/rh/httpd24/root/etc/httpd"
-
-#
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 0.0.0.0:8080
-
-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-Include conf.modules.d/*.conf
-
-#
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-#
-User default
-Group root
-
-# 'Main' server configuration
-#
-# The directives in this section set up the values used by the 'main'
-# server, which responds to any requests that aren't handled by a
-# <VirtualHost> definition. These values also provide defaults for
-# any <VirtualHost> containers you may define later in the file.
-#
-# All of these directives may appear inside <VirtualHost> containers,
-# in which case these default settings will be overridden for the
-# virtual host being defined.
-#
-
-#
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-#
-ServerAdmin root@localhost
-
-#
-# ServerName gives the name and port that the server uses to identify itself.
-# This can often be determined automatically, but we recommend you specify
-# it explicitly to prevent problems during startup.
-#
-# If your host doesn't have a registered DNS name, enter its IP address here.
-#
-#ServerName www.example.com:80
-
-#
-# Deny access to the entirety of your server's filesystem. You must
-# explicitly permit access to web content directories in other
-# <Directory> blocks below.
-#
-<Directory />
- AllowOverride none
- Require all denied
-</Directory>
-
-#
-# Note that from this point forward you must specifically allow
-# particular features to be enabled - so if something's not working as
-# you might expect, make sure that you have specifically enabled it
-# below.
-#
-
-#
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-DocumentRoot "/opt/rh/httpd24/root/var/www/html"
-
-#
-# Relax access to content within /opt/rh/httpd24/root/var/www.
-#
-<Directory "/opt/rh/httpd24/root/var/www">
- AllowOverride None
- # Allow open access:
- Require all granted
-</Directory>
-
-# Further relax access to the default document root:
-<Directory "/opt/rh/httpd24/root/var/www/html">
- #
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.4/mod/core.html#options
- # for more information.
- #
- Options Indexes FollowSymLinks
-
- #
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- #
- AllowOverride All
-
- #
- # Controls who can get stuff from this server.
- #
- Require all granted
-</Directory>
-
-#
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-<IfModule dir_module>
- DirectoryIndex index.html
-</IfModule>
-
-#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-#
-<Files ".ht*">
- Require all denied
-</Files>
-
-#
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-#
-ErrorLog |/usr/bin/cat
-
-#
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-#
-LogLevel warn
-
-<IfModule log_config_module>
- #
- # The following directives define some format nicknames for use with
- # a CustomLog directive (see below).
- #
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
-
- <IfModule logio_module>
- # You need to enable mod_logio.c to use %I and %O
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
- </IfModule>
-
- #
- # The location and format of the access logfile (Common Logfile Format).
- # If you do not define any access logfiles within a <VirtualHost>
- # container, they will be logged here. Contrariwise, if you *do*
- # define per-<VirtualHost> access logfiles, transactions will be
- # logged therein and *not* in this file.
- #
- #CustomLog "logs/access_log" common
-
- #
- # If you prefer a logfile with access, agent, and referer information
- # (Combined Logfile Format) you can use the following directive.
- #
- CustomLog |/usr/bin/cat combined
-</IfModule>
-
-<IfModule alias_module>
- #
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- #
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- #
- # ScriptAlias: This controls which directories contain server scripts.
- # ScriptAliases are essentially the same as Aliases, except that
- # documents in the target directory are treated as applications and
- # run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
- # directives as to Alias.
- #
- ScriptAlias /cgi-bin/ "/opt/rh/httpd24/root/var/www/cgi-bin/"
-
-</IfModule>
-
-#
-# "/opt/rh/httpd24/root/var/www/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-#
-<Directory "/opt/rh/httpd24/root/var/www/cgi-bin">
- AllowOverride None
- Options None
- Require all granted
-</Directory>
-
-<IfModule mime_module>
- #
- # TypesConfig points to the file containing the list of mappings from
- # filename extension to MIME-type.
- #
- TypesConfig /etc/mime.types
-
- #
- # AddType allows you to add to or override the MIME configuration
- # file specified in TypesConfig for specific file types.
- #
- #AddType application/x-gzip .tgz
- #
- # AddEncoding allows you to have certain browsers uncompress
- # information on the fly. Note: Not all browsers support this.
- #
- #AddEncoding x-compress .Z
- #AddEncoding x-gzip .gz .tgz
- #
- # If the AddEncoding directives above are commented-out, then you
- # probably should define those extensions to indicate media types:
- #
- AddType application/x-compress .Z
- AddType application/x-gzip .gz .tgz
-
- #
- # AddHandler allows you to map certain file extensions to "handlers":
- # actions unrelated to filetype. These can be either built into the server
- # or added with the Action directive (see below)
- #
- # To use CGI scripts outside of ScriptAliased directories:
- # (You will also need to add "ExecCGI" to the "Options" directive.)
- #
- #AddHandler cgi-script .cgi
-
- # For type maps (negotiated resources):
- #AddHandler type-map var
-
- #
- # Filters allow you to process content before it is sent to the client.
- #
- # To parse .shtml files for server-side includes (SSI):
- # (You will also need to add "Includes" to the "Options" directive.)
- #
- AddType text/html .shtml
- AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-#
-# Specify a default charset for all content served; this enables
-# interpretation of all content as UTF-8 by default. To use the
-# default browser choice (ISO-8859-1), or to allow the META tags
-# in HTML content to override this choice, comment out this
-# directive:
-#
-AddDefaultCharset UTF-8
-
-<IfModule mime_magic_module>
- #
- # The mod_mime_magic module allows the server to use various hints from the
- # contents of the file itself to determine its type. The MIMEMagicFile
- # directive tells the module where the hint definitions are located.
- #
- MIMEMagicFile conf/magic
-</IfModule>
-
-#
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#
-
-#
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall may be used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-# Defaults if commented: EnableMMAP On, EnableSendfile Off
-#
-#EnableMMAP off
-EnableSendfile on
-
-# Supplemental configuration
-#
-# Load config files in the "/etc/httpd/conf.d" directory, if any.
-IncludeOptional conf.d/*.conf
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/magic b/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/magic
deleted file mode 100644
index 7c56119..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-centos/conf/magic
+++ /dev/null
@@ -1,385 +0,0 @@
-# Magic data for mod_mime_magic Apache module (originally for file(1) command)
-# The module is described in /manual/mod/mod_mime_magic.html
-#
-# The format is 4-5 columns:
-# Column #1: byte number to begin checking from, ">" indicates continuation
-# Column #2: type of data to match
-# Column #3: contents of data to match
-# Column #4: MIME type of result
-# Column #5: MIME encoding of result (optional)
-
-#------------------------------------------------------------------------------
-# Localstuff: file(1) magic for locally observed files
-# Add any locally observed files here.
-
-#------------------------------------------------------------------------------
-# end local stuff
-#------------------------------------------------------------------------------
-
-#------------------------------------------------------------------------------
-# Java
-
-0 short 0xcafe
->2 short 0xbabe application/java
-
-#------------------------------------------------------------------------------
-# audio: file(1) magic for sound formats
-#
-# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
-#
-
-# Sun/NeXT audio data
-0 string .snd
->12 belong 1 audio/basic
->12 belong 2 audio/basic
->12 belong 3 audio/basic
->12 belong 4 audio/basic
->12 belong 5 audio/basic
->12 belong 6 audio/basic
->12 belong 7 audio/basic
-
->12 belong 23 audio/x-adpcm
-
-# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
-# that uses little-endian encoding and has a different magic number
-# (0x0064732E in little-endian encoding).
-0 lelong 0x0064732E
->12 lelong 1 audio/x-dec-basic
->12 lelong 2 audio/x-dec-basic
->12 lelong 3 audio/x-dec-basic
->12 lelong 4 audio/x-dec-basic
->12 lelong 5 audio/x-dec-basic
->12 lelong 6 audio/x-dec-basic
->12 lelong 7 audio/x-dec-basic
-# compressed (G.721 ADPCM)
->12 lelong 23 audio/x-dec-adpcm
-
-# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
-# AIFF audio data
-8 string AIFF audio/x-aiff
-# AIFF-C audio data
-8 string AIFC audio/x-aiff
-# IFF/8SVX audio data
-8 string 8SVX audio/x-aiff
-
-# Creative Labs AUDIO stuff
-# Standard MIDI data
-0 string MThd audio/unknown
-#>9 byte >0 (format %d)
-#>11 byte >1 using %d channels
-# Creative Music (CMF) data
-0 string CTMF audio/unknown
-# SoundBlaster instrument data
-0 string SBI audio/unknown
-# Creative Labs voice data
-0 string Creative\ Voice\ File audio/unknown
-## is this next line right? it came this way...
-#>19 byte 0x1A
-#>23 byte >0 - version %d
-#>22 byte >0 \b.%d
-
-# [GRR 950115: is this also Creative Labs? Guessing that first line
-# should be string instead of unknown-endian long...]
-#0 long 0x4e54524b MultiTrack sound data
-#0 string NTRK MultiTrack sound data
-#>4 long x - version %ld
-
-# Microsoft WAVE format (*.wav)
-# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
-# Microsoft RIFF
-0 string RIFF audio/unknown
-# - WAVE format
->8 string WAVE audio/x-wav
-# MPEG audio.
-0 beshort&0xfff0 0xfff0 audio/mpeg
-# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
-0 string PSID audio/prs.sid
-
-#------------------------------------------------------------------------------
-# c-lang: file(1) magic for C programs or various scripts
-#
-
-# XPM icons (Greg Roelofs, newt@uchicago.edu)
-# ideally should go into "images", but entries below would tag XPM as C source
-0 string /*\ XPM image/x-xbm 7bit
-
-# this first will upset you if you're a PL/1 shop... (are there any left?)
-# in which case rm it; ascmagic will catch real C programs
-# C or REXX program text
-0 string /* text/plain
-# C++ program text
-0 string // text/plain
-
-#------------------------------------------------------------------------------
-# compress: file(1) magic for pure-compression formats (no archives)
-#
-# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
-#
-# Formats for various forms of compressed data
-# Formats for "compress" proper have been moved into "compress.c",
-# because it tries to uncompress it to figure out what's inside.
-
-# standard unix compress
-0 string \037\235 application/octet-stream x-compress
-
-# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
-0 string \037\213 application/octet-stream x-gzip
-
-# According to gzip.h, this is the correct byte order for packed data.
-0 string \037\036 application/octet-stream
-#
-# This magic number is byte-order-independent.
-#
-0 short 017437 application/octet-stream
-
-# XXX - why *two* entries for "compacted data", one of which is
-# byte-order independent, and one of which is byte-order dependent?
-#
-# compacted data
-0 short 0x1fff application/octet-stream
-0 string \377\037 application/octet-stream
-# huf output
-0 short 0145405 application/octet-stream
-
-# Squeeze and Crunch...
-# These numbers were gleaned from the Unix versions of the programs to
-# handle these formats. Note that I can only uncrunch, not crunch, and
-# I didn't have a crunched file handy, so the crunch number is untested.
-# Keith Waclena <keith@cerberus.uchicago.edu>
-#0 leshort 0x76FF squeezed data (CP/M, DOS)
-#0 leshort 0x76FE crunched data (CP/M, DOS)
-
-# Freeze
-#0 string \037\237 Frozen file 2.1
-#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
-
-# lzh?
-#0 string \037\240 LZH compressed data
-
-#------------------------------------------------------------------------------
-# frame: file(1) magic for FrameMaker files
-#
-# This stuff came on a FrameMaker demo tape, most of which is
-# copyright, but this file is "published" as witness the following:
-#
-0 string \<MakerFile application/x-frame
-0 string \<MIFFile application/x-frame
-0 string \<MakerDictionary application/x-frame
-0 string \<MakerScreenFon application/x-frame
-0 string \<MML application/x-frame
-0 string \<Book application/x-frame
-0 string \<Maker application/x-frame
-
-#------------------------------------------------------------------------------
-# html: file(1) magic for HTML (HyperText Markup Language) docs
-#
-# from Daniel Quinlan <quinlan@yggdrasil.com>
-# and Anna Shergold <anna@inext.co.uk>
-#
-0 string \<!DOCTYPE\ HTML text/html
-0 string \<!doctype\ html text/html
-0 string \<HEAD text/html
-0 string \<head text/html
-0 string \<TITLE text/html
-0 string \<title text/html
-0 string \<html text/html
-0 string \<HTML text/html
-0 string \<!-- text/html
-0 string \<h1 text/html
-0 string \<H1 text/html
-
-# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
-0 string \<?xml text/xml
-
-#------------------------------------------------------------------------------
-# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
-#
-# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
-# additions by janl@ifi.uio.no as well as others. Jan also suggested
-# merging several one- and two-line files into here.
-#
-# XXX - byte order for GIF and TIFF fields?
-# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
-#
-
-# [GRR: what the hell is this doing in here?]
-#0 string xbtoa btoa'd file
-
-# PBMPLUS
-# PBM file
-0 string P1 image/x-portable-bitmap 7bit
-# PGM file
-0 string P2 image/x-portable-greymap 7bit
-# PPM file
-0 string P3 image/x-portable-pixmap 7bit
-# PBM "rawbits" file
-0 string P4 image/x-portable-bitmap
-# PGM "rawbits" file
-0 string P5 image/x-portable-greymap
-# PPM "rawbits" file
-0 string P6 image/x-portable-pixmap
-
-# NIFF (Navy Interchange File Format, a modification of TIFF)
-# [GRR: this *must* go before TIFF]
-0 string IIN1 image/x-niff
-
-# TIFF and friends
-# TIFF file, big-endian
-0 string MM image/tiff
-# TIFF file, little-endian
-0 string II image/tiff
-
-# possible GIF replacements; none yet released!
-# (Greg Roelofs, newt@uchicago.edu)
-#
-# GRR 950115: this was mine ("Zip GIF"):
-# ZIF image (GIF+deflate alpha)
-0 string GIF94z image/unknown
-#
-# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
-# FGF image (GIF+deflate beta)
-0 string FGF95a image/unknown
-#
-# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
-# (best; not yet implemented):
-# PBF image (deflate compression)
-0 string PBF image/unknown
-
-# GIF
-0 string GIF image/gif
-
-# JPEG images
-0 beshort 0xffd8 image/jpeg
-
-# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
-0 string BM image/bmp
-#>14 byte 12 (OS/2 1.x format)
-#>14 byte 64 (OS/2 2.x format)
-#>14 byte 40 (Windows 3.x format)
-#0 string IC icon
-#0 string PI pointer
-#0 string CI color icon
-#0 string CP color pointer
-#0 string BA bitmap array
-
-0 string \x89PNG image/png
-0 string FWS application/x-shockwave-flash
-0 string CWS application/x-shockwave-flash
-
-#------------------------------------------------------------------------------
-# lisp: file(1) magic for lisp programs
-#
-# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
-0 string ;; text/plain 8bit
-# Emacs 18 - this is always correct, but not very magical.
-0 string \012( application/x-elc
-# Emacs 19
-0 string ;ELC\023\000\000\000 application/x-elc
-
-#------------------------------------------------------------------------------
-# mail.news: file(1) magic for mail and news
-#
-# There are tests to ascmagic.c to cope with mail and news.
-0 string Relay-Version: message/rfc822 7bit
-0 string #!\ rnews message/rfc822 7bit
-0 string N#!\ rnews message/rfc822 7bit
-0 string Forward\ to message/rfc822 7bit
-0 string Pipe\ to message/rfc822 7bit
-0 string Return-Path: message/rfc822 7bit
-0 string Path: message/news 8bit
-0 string Xref: message/news 8bit
-0 string From: message/rfc822 7bit
-0 string Article message/news 8bit
-#------------------------------------------------------------------------------
-# msword: file(1) magic for MS Word files
-#
-# Contributor claims:
-# Reversed-engineered MS Word magic numbers
-#
-
-0 string \376\067\0\043 application/msword
-0 string \333\245-\0\0\0 application/msword
-
-# disable this one because it applies also to other
-# Office/OLE documents for which msword is not correct. See PR#2608.
-#0 string \320\317\021\340\241\261 application/msword
-
-
-
-#------------------------------------------------------------------------------
-# printer: file(1) magic for printer-formatted files
-#
-
-# PostScript
-0 string %! application/postscript
-0 string \004%! application/postscript
-
-# Acrobat
-# (due to clamen@cs.cmu.edu)
-0 string %PDF- application/pdf
-
-#------------------------------------------------------------------------------
-# sc: file(1) magic for "sc" spreadsheet
-#
-38 string Spreadsheet application/x-sc
-
-#------------------------------------------------------------------------------
-# tex: file(1) magic for TeX files
-#
-# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
-#
-# From <conklin@talisman.kaleida.com>
-
-# Although we may know the offset of certain text fields in TeX DVI
-# and font files, we can't use them reliably because they are not
-# zero terminated. [but we do anyway, christos]
-0 string \367\002 application/x-dvi
-#0 string \367\203 TeX generic font data
-#0 string \367\131 TeX packed font data
-#0 string \367\312 TeX virtual font data
-#0 string This\ is\ TeX, TeX transcript text
-#0 string This\ is\ METAFONT, METAFONT transcript text
-
-# There is no way to detect TeX Font Metric (*.tfm) files without
-# breaking them apart and reading the data. The following patterns
-# match most *.tfm files generated by METAFONT or afm2tfm.
-#2 string \000\021 TeX font metric data
-#2 string \000\022 TeX font metric data
-#>34 string >\0 (%s)
-
-# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
-#0 string \\input\ texinfo Texinfo source text
-#0 string This\ is\ Info\ file GNU Info text
-
-# correct TeX magic for Linux (and maybe more)
-# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
-#
-0 leshort 0x02f7 application/x-dvi
-
-# RTF - Rich Text Format
-0 string {\\rtf application/rtf
-
-#------------------------------------------------------------------------------
-# animation: file(1) magic for animation/movie formats
-#
-# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
-# MPEG file
-0 string \000\000\001\263 video/mpeg
-#
-# The contributor claims:
-# I couldn't find a real magic number for these, however, this
-# -appears- to work. Note that it might catch other files, too,
-# so BE CAREFUL!
-#
-# Note that title and author appear in the two 20-byte chunks
-# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
-# 255 (hex FF)! DL format SUCKS BIG ROCKS.
-#
-# DL file version 1 , medium format (160x100, 4 images/screen)
-0 byte 1 video/unknown
-0 byte 2 video/unknown
-# Quicktime video, from Linus Walleij <triad@df.lth.se>
-# from Apple quicktime file format documentation.
-4 string moov video/quicktime
-4 string mdat video/quicktime
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-autoindex.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-autoindex.conf
deleted file mode 100644
index c581e97..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-autoindex.conf
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# Directives controlling the display of server-generated directory listings.
-#
-# Required modules: mod_autoindex, mod_alias
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-#
-
-#
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-#
-IndexOptions FancyIndexing HTMLTable VersionSort
-
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-#
-Alias /icons/ "/usr/local/apache2/icons/"
-
-<Directory "/usr/local/apache2/icons">
- Options Indexes MultiViews
- AllowOverride None
- Order allow,deny
- Allow from all
-</Directory>
-
-#
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-#
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-#
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-#
-DefaultIcon /icons/unknown.gif
-
-#
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-#
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-#
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-#
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-#
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-#
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-dav.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-dav.conf
deleted file mode 100644
index 29dfb72..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-dav.conf
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# Distributed authoring and versioning (WebDAV)
-#
-# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
-# mod_auth_digest, mod_authn_file
-#
-
-# The following example gives DAV write access to a directory called
-# "uploads" under the ServerRoot directory.
-#
-# The User/Group specified in httpd.conf needs to have write permissions
-# on the directory where the DavLockDB is placed and on any directory where
-# "Dav On" is specified.
-
-DavLockDB "/usr/local/apache2/var/DavLock"
-
-Alias /uploads "/usr/local/apache2/uploads"
-
-<Directory "/usr/local/apache2/uploads">
- Dav On
-
- Order Allow,Deny
- Allow from all
-
- AuthType Digest
- AuthName DAV-upload
-
- # You can use the htdigest program to create the password database:
- # htdigest -c "/usr/local/apache2/user.passwd" DAV-upload admin
- AuthUserFile "/usr/local/apache2/user.passwd"
- AuthDigestProvider file
-
- # Allow universal read-access, but writes are restricted
- # to the admin user.
- <LimitExcept GET OPTIONS>
- require user admin
- </LimitExcept>
-</Directory>
-
-#
-# The following directives disable redirects on non-GET requests for
-# a directory that does not include the trailing slash. This fixes a
-# problem with several clients that do not appropriately handle
-# redirects for folders with DAV methods.
-#
-BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-BrowserMatch "MS FrontPage" redirect-carefully
-BrowserMatch "^WebDrive" redirect-carefully
-BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
-BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-BrowserMatch "^XML Spy" redirect-carefully
-BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-default.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-default.conf
deleted file mode 100644
index efeca05..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-default.conf
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# This configuration file reflects default settings for Apache HTTP Server.
-#
-# You may change these, but chances are that you may not need to.
-#
-
-#
-# Timeout: The number of seconds before receives and sends time out.
-#
-Timeout 300
-
-#
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-#
-KeepAlive On
-
-#
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-#
-MaxKeepAliveRequests 100
-
-#
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-#
-KeepAliveTimeout 5
-
-#
-# UseCanonicalName: Determines how Apache constructs self-referencing
-# URLs and the SERVER_NAME and SERVER_PORT variables.
-# When set "Off", Apache will use the Hostname and Port supplied
-# by the client. When set "On", Apache will use the value of the
-# ServerName directive.
-#
-UseCanonicalName Off
-
-#
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives. See also the AllowOverride
-# directive.
-#
-AccessFileName .htaccess
-
-#
-# ServerTokens
-# This directive configures what you return as the Server HTTP response
-# Header. The default is 'Full' which sends information about the OS-Type
-# and compiled in modules.
-# Set to one of: Full | OS | Minor | Minimal | Major | Prod
-# where Full conveys the most information, and Prod the least.
-#
-ServerTokens Full
-
-#
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of: On | Off | EMail
-#
-ServerSignature On
-
-#
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-#
-HostnameLookups Off
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-info.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-info.conf
deleted file mode 100644
index db316c0..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-info.conf
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# Get information about the requests being processed by the server
-# and the configuration of the server.
-#
-# Required modules: mod_status (for the server-status handler),
-# mod_info (for the server-info handler)
-
-#
-# Allow server status reports generated by mod_status,
-# with the URL of http://servername/server-status
-# Change the ".example.com" to match your domain to enable.
-
-<Location /server-status>
- SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from .example.com
-</Location>
-
-#
-# ExtendedStatus controls whether Apache will generate "full" status
-# information (ExtendedStatus On) or just basic information (ExtendedStatus
-# Off) when the "server-status" handler is called. The default is Off.
-#
-#ExtendedStatus On
-
-#
-# Allow remote server configuration reports, with the URL of
-# http://servername/server-info (requires that mod_info.c be loaded).
-# Change the ".example.com" to match your domain to enable.
-#
-<Location /server-info>
- SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from .example.com
-</Location>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-languages.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-languages.conf
deleted file mode 100644
index 7f66461..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-languages.conf
+++ /dev/null
@@ -1,141 +0,0 @@
-#
-# Settings for hosting different languages.
-#
-# Required modules: mod_mime, mod_negotiation
-
-# DefaultLanguage and AddLanguage allows you to specify the language of
-# a document. You can then use content negotiation to give a browser a
-# file in a language the user can understand.
-#
-# Specify a default language. This means that all data
-# going out without a specific language tag (see below) will
-# be marked with this one. You probably do NOT want to set
-# this unless you are sure it is correct for all cases.
-#
-# * It is generally better to not mark a page as
-# * being a certain language than marking it with the wrong
-# * language!
-#
-# DefaultLanguage nl
-#
-# Note 1: The suffix does not have to be the same as the language
-# keyword --- those with documents in Polish (whose net-standard
-# language code is pl) may wish to use "AddLanguage pl .po" to
-# avoid the ambiguity with the common suffix for perl scripts.
-#
-# Note 2: The example entries below illustrate that in some cases
-# the two character 'Language' abbreviation is not identical to
-# the two character 'Country' code for its country,
-# E.g. 'Danmark/dk' versus 'Danish/da'.
-#
-# Note 3: In the case of 'ltz' we violate the RFC by using a three char
-# specifier. There is 'work in progress' to fix this and get
-# the reference data for rfc1766 cleaned up.
-#
-# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-# Norwegian (no) - Polish (pl) - Portugese (pt)
-# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
-# Traditional Chinese (zh-TW)
-#
-AddLanguage ca .ca
-AddLanguage cs .cz .cs
-AddLanguage da .dk
-AddLanguage de .de
-AddLanguage el .el
-AddLanguage en .en
-AddLanguage eo .eo
-AddLanguage es .es
-AddLanguage et .et
-AddLanguage fr .fr
-AddLanguage he .he
-AddLanguage hr .hr
-AddLanguage it .it
-AddLanguage ja .ja
-AddLanguage ko .ko
-AddLanguage ltz .ltz
-AddLanguage nl .nl
-AddLanguage nn .nn
-AddLanguage no .no
-AddLanguage pl .po
-AddLanguage pt .pt
-AddLanguage pt-BR .pt-br
-AddLanguage ru .ru
-AddLanguage sv .sv
-AddLanguage tr .tr
-AddLanguage zh-CN .zh-cn
-AddLanguage zh-TW .zh-tw
-
-# LanguagePriority allows you to give precedence to some languages
-# in case of a tie during content negotiation.
-#
-# Just list the languages in decreasing order of preference. We have
-# more or less alphabetized them here. You probably want to change this.
-#
-LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
-
-#
-# ForceLanguagePriority allows you to serve a result page rather than
-# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
-# [in case no accepted languages matched the available variants]
-#
-ForceLanguagePriority Prefer Fallback
-
-#
-# Commonly used filename extensions to character sets. You probably
-# want to avoid clashes with the language extensions, unless you
-# are good at carefully testing your setup after each change.
-# See http://www.iana.org/assignments/character-sets for the
-# official list of charset names and their respective RFCs.
-#
-AddCharset us-ascii.ascii .us-ascii
-AddCharset ISO-8859-1 .iso8859-1 .latin1
-AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
-AddCharset ISO-8859-3 .iso8859-3 .latin3
-AddCharset ISO-8859-4 .iso8859-4 .latin4
-AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
-AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
-AddCharset ISO-8859-7 .iso8859-7 .grk .greek
-AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
-AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
-AddCharset ISO-8859-10 .iso8859-10 .latin6
-AddCharset ISO-8859-13 .iso8859-13
-AddCharset ISO-8859-14 .iso8859-14 .latin8
-AddCharset ISO-8859-15 .iso8859-15 .latin9
-AddCharset ISO-8859-16 .iso8859-16 .latin10
-AddCharset ISO-2022-JP .iso2022-jp .jis
-AddCharset ISO-2022-KR .iso2022-kr .kis
-AddCharset ISO-2022-CN .iso2022-cn .cis
-AddCharset Big5.Big5 .big5 .b5
-AddCharset cn-Big5 .cn-big5
-# For russian, more than one charset is used (depends on client, mostly):
-AddCharset WINDOWS-1251 .cp-1251 .win-1251
-AddCharset CP866 .cp866
-AddCharset KOI8 .koi8
-AddCharset KOI8-E .koi8-e
-AddCharset KOI8-r .koi8-r .koi8-ru
-AddCharset KOI8-U .koi8-u
-AddCharset KOI8-ru .koi8-uk .ua
-AddCharset ISO-10646-UCS-2 .ucs2
-AddCharset ISO-10646-UCS-4 .ucs4
-AddCharset UTF-7 .utf7
-AddCharset UTF-8 .utf8
-AddCharset UTF-16 .utf16
-AddCharset UTF-16BE .utf16be
-AddCharset UTF-16LE .utf16le
-AddCharset UTF-32 .utf32
-AddCharset UTF-32BE .utf32be
-AddCharset UTF-32LE .utf32le
-AddCharset euc-cn .euc-cn
-AddCharset euc-gb .euc-gb
-AddCharset euc-jp .euc-jp
-AddCharset euc-kr .euc-kr
-#Not sure how euc-tw got in - IANA doesn't list it???
-AddCharset EUC-TW .euc-tw
-AddCharset gb2312 .gb2312 .gb
-AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
-AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
-AddCharset shift_jis .shift_jis .sjis
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-manual.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-manual.conf
deleted file mode 100644
index fc12fb9..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-manual.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Provide access to the documentation on your server as
-# http://yourserver.example.com/manual/
-# The documentation is always available at
-# http://httpd.apache.org/docs/2.2/
-#
-# Required modules: mod_alias, mod_setenvif, mod_negotiation
-#
-
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "/usr/local/apache2/manual$1"
-
-<Directory "/usr/local/apache2/manual">
- Options Indexes
- AllowOverride None
- Order allow,deny
- Allow from all
-
- <Files *.html>
- SetHandler type-map
- </Files>
- # .tr is text/troff in mime.types!
- <Files *.html.tr.utf8>
- ForceType "text/html; charset=utf-8"
- </Files>
-
- SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1
- RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2
-
- LanguagePriority en de es fr ja ko pt-br ru tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-mpm.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-mpm.conf
deleted file mode 100644
index 8c44c60..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-mpm.conf
+++ /dev/null
@@ -1,110 +0,0 @@
-#
-# Server-Pool Management (MPM specific)
-#
-
-#
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-#
-# Note that this is the default PidFile for most MPMs.
-#
-<IfModule !mpm_netware_module>
- PidFile "logs/httpd.pid"
-</IfModule>
-
-#
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#
-<IfModule !mpm_winnt_module>
-<IfModule !mpm_netware_module>
-LockFile "logs/accept.lock"
-</IfModule>
-</IfModule>
-
-#
-# Only one of the below sections will be relevant on your
-# installed httpd. Use "apachectl -l" to find out the
-# active mpm.
-#
-
-# prefork MPM
-# StartServers: number of server processes to start
-# MinSpareServers: minimum number of server processes which are kept spare
-# MaxSpareServers: maximum number of server processes which are kept spare
-# MaxClients: maximum number of server processes allowed to start
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_prefork_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 0
-</IfModule>
-
-# worker MPM
-# StartServers: initial number of server processes to start
-# MaxClients: maximum number of simultaneous client connections
-# MinSpareThreads: minimum number of worker threads which are kept spare
-# MaxSpareThreads: maximum number of worker threads which are kept spare
-# ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_worker_module>
- StartServers 2
- MaxClients 150
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxRequestsPerChild 0
-</IfModule>
-
-# BeOS MPM
-# StartThreads: how many threads do we initially spawn?
-# MaxClients: max number of threads we can have (1 thread == 1 client)
-# MaxRequestsPerThread: maximum number of requests each thread will process
-<IfModule mpm_beos_module>
- StartThreads 10
- MaxClients 50
- MaxRequestsPerThread 10000
-</IfModule>
-
-# NetWare MPM
-# ThreadStackSize: Stack size allocated for each worker thread
-# StartThreads: Number of worker threads launched at server startup
-# MinSpareThreads: Minimum number of idle threads, to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# MaxThreads: Maximum number of worker threads alive at the same time
-# MaxRequestsPerChild: Maximum number of requests a thread serves. It is
-# recommended that the default value of 0 be set for this
-# directive on NetWare. This will allow the thread to
-# continue to service requests indefinitely.
-<IfModule mpm_netware_module>
- ThreadStackSize 65536
- StartThreads 250
- MinSpareThreads 25
- MaxSpareThreads 250
- MaxThreads 1000
- MaxRequestsPerChild 0
- MaxMemFree 100
-</IfModule>
-
-# OS/2 MPM
-# StartServers: Number of server processes to maintain
-# MinSpareThreads: Minimum number of idle threads per process,
-# to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads per process
-# MaxRequestsPerChild: Maximum number of connections per server process
-<IfModule mpm_mpmt_os2_module>
- StartServers 2
- MinSpareThreads 5
- MaxSpareThreads 10
- MaxRequestsPerChild 0
-</IfModule>
-
-# WinNT MPM
-# ThreadsPerChild: constant number of worker threads in the server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_winnt_module>
- ThreadsPerChild 150
- MaxRequestsPerChild 0
-</IfModule>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-multilang-errordoc.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-multilang-errordoc.conf
deleted file mode 100644
index 8ff9a45..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-multilang-errordoc.conf
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The configuration below implements multi-language error documents through
-# content-negotiation.
-#
-# Required modules: mod_alias, mod_include, mod_negotiation
-#
-# We use Alias to redirect any /error/HTTP_<error>.html.var response to
-# our collection of by-error message multi-language collections. We use
-# includes to substitute the appropriate text.
-#
-# You can modify the messages' appearance without changing any of the
-# default HTTP_<error>.html.var files by adding the line:
-#
-# Alias /error/include/ "/your/include/path/"
-#
-# which allows you to create your own set of files by starting with the
-# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,
-# even on a per-VirtualHost basis. The default include files will display
-# your Apache version number and your ServerAdmin email address regardless
-# of the setting of ServerSignature.
-
-Alias /error/ "/usr/local/apache2/error/"
-
-<Directory "/usr/local/apache2/error">
- AllowOverride None
- Options IncludesNoExec
- AddOutputFilter Includes html
- AddHandler type-map var
- Order allow,deny
- Allow from all
- LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
-
-ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-ErrorDocument 410 /error/HTTP_GONE.html.var
-ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-ssl.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-ssl.conf
deleted file mode 100644
index f8c023e..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-ssl.conf
+++ /dev/null
@@ -1,269 +0,0 @@
-#
-# This is the Apache server configuration file providing SSL support.
-# It contains the configuration directives to instruct the server how to
-# serve pages over an https connection. For detailed information about these
-# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-
-#
-# Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the SSL library.
-# The seed data should be of good random quality.
-# WARNING! On some platforms /dev/random blocks if not enough entropy
-# is available. This means you then cannot use the /dev/random device
-# because it would lead to very long connection times (as long as
-# it requires to make more entropy available). But usually those
-# platforms additionally provide a /dev/urandom device which doesn't
-# block. So, if available, use this one instead. Read the mod_ssl User
-# Manual for more details.
-#
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed startup file:/dev/urandom 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-
-#
-# When we also provide SSL we have to listen to the
-# standard HTTP port (see above) and to the HTTPS port
-#
-# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
-# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
-#
-Listen 8443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-# SSL Cipher Suite:
-# List the ciphers that the client is permitted to negotiate,
-# and that httpd will negotiate as the client of a proxied server.
-# See the OpenSSL documentation for a complete list of ciphers, and
-# ensure these follow appropriate best practices for this deployment.
-# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
-# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
-SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
-SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
-
-# By the end of 2016, only TLSv1.2 ciphers should remain in use.
-# Older ciphers should be disallowed as soon as possible, while the
-# kRSA ciphers do not offer forward secrecy. These changes inhibit
-# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy
-# non-browser tooling) from successfully connecting.
-#
-# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable
-# those protocols which do not support forward secrecy, replace
-# the SSLCipherSuite and SSLProxyCipherSuite directives above with
-# the following two directives, as soon as practical.
-# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
-# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
-
-# User agents such as web browsers are not configured for the user's
-# own preference of either security or performance, therefore this
-# must be the prerogative of the web server administrator who manages
-# cpu load versus confidentiality, so enforce the server's cipher order.
-SSLHonorCipherOrder on
-
-# SSL Protocol support:
-# List the protocol versions which clients are allowed to connect with.
-# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0)
-# should be disabled as quickly as practical. By the end of 2016, only
-# the TLSv1.2 protocol or later should remain in use.
-SSLProtocol all -SSLv2 -SSLv3
-SSLProxyProtocol all -SSLv2 -SSLv3
-
-# Pass Phrase Dialog:
-# Configure the pass phrase gathering process.
-# The filtering dialog program (`builtin' is a internal
-# terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog builtin
-
-# Inter-Process Session Cache:
-# Configure the SSL Session Cache: First the mechanism
-# to use and second the expiring timeout (in seconds).
-#SSLSessionCache "dbm:/usr/local/apache2/logs/ssl_scache"
-SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
-SSLSessionCacheTimeout 300
-
-# Semaphore:
-# Configure the path to the mutual exclusion semaphore the
-# SSL engine uses internally for inter-process synchronization.
-SSLMutex "file:/usr/local/apache2/logs/ssl_mutex"
-
-##
-## SSL Virtual Host Context
-##
-
-<VirtualHost _default_:443>
-
-# General setup for the virtual host
-DocumentRoot "/usr/local/apache2/htdocs"
-ServerName www.example.com:443
-ServerAdmin you@example.com
-ErrorLog "/usr/local/apache2/logs/error_log"
-TransferLog "/usr/local/apache2/logs/access_log"
-
-# SSL Engine Switch:
-# Enable/Disable SSL for this virtual host.
-SSLEngine on
-
-# Server Certificate:
-# Point SSLCertificateFile at a PEM encoded certificate. If
-# the certificate is encrypted, then you will be prompted for a
-# pass phrase. Note that a kill -HUP will prompt again. Keep
-# in mind that if you have both an RSA and a DSA certificate you
-# can configure both in parallel (to also allow the use of DSA
-# ciphers, etc.)
-# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
-# require an ECC certificate which can also be configured in
-# parallel.
-SSLCertificateFile "/usr/local/apache2/conf/server.crt"
-#SSLCertificateFile "/usr/local/apache2/conf/server-dsa.crt"
-#SSLCertificateFile "/usr/local/apache2/conf/server-ecc.crt"
-
-# Server Private Key:
-# If the key is not combined with the certificate, use this
-# directive to point at the key file. Keep in mind that if
-# you've both a RSA and a DSA private key you can configure
-# both in parallel (to also allow the use of DSA ciphers, etc.)
-# ECC keys, when in use, can also be configured in parallel
-SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
-#SSLCertificateKeyFile "/usr/local/apache2/conf/server-dsa.key"
-#SSLCertificateKeyFile "/usr/local/apache2/conf/server-ecc.key"
-
-# Server Certificate Chain:
-# Point SSLCertificateChainFile at a file containing the
-# concatenation of PEM encoded CA certificates which form the
-# certificate chain for the server certificate. Alternatively
-# the referenced file can be the same as SSLCertificateFile
-# when the CA certificates are directly appended to the server
-# certificate for convenience.
-#SSLCertificateChainFile "/usr/local/apache2/conf/server-ca.crt"
-
-# Certificate Authority (CA):
-# Set the CA certificate verification path where to find CA
-# certificates for client authentication or alternatively one
-# huge file containing all of them (file must be PEM encoded)
-# Note: Inside SSLCACertificatePath you need hash symlinks
-# to point to the certificate files. Use the provided
-# Makefile to update the hash symlinks after changes.
-#SSLCACertificatePath "/usr/local/apache2/conf/ssl.crt"
-#SSLCACertificateFile "/usr/local/apache2/conf/ssl.crt/ca-bundle.crt"
-
-# Certificate Revocation Lists (CRL):
-# Set the CA revocation path where to find CA CRLs for client
-# authentication or alternatively one huge file containing all
-# of them (file must be PEM encoded)
-# Note: Inside SSLCARevocationPath you need hash symlinks
-# to point to the certificate files. Use the provided
-# Makefile to update the hash symlinks after changes.
-#SSLCARevocationPath "/usr/local/apache2/conf/ssl.crl"
-#SSLCARevocationFile "/usr/local/apache2/conf/ssl.crl/ca-bundle.crl"
-
-# Client Authentication (Type):
-# Client certificate verification type and depth. Types are
-# none, optional, require and optional_no_ca. Depth is a
-# number which specifies how deeply to verify the certificate
-# issuer chain before deciding the certificate is not valid.
-#SSLVerifyClient require
-#SSLVerifyDepth 10
-
-# Access Control:
-# With SSLRequire you can do per-directory access control based
-# on arbitrary complex boolean expressions containing server
-# variable checks and other lookup directives. The syntax is a
-# mixture between C and Perl. See the mod_ssl documentation
-# for more details.
-#<Location />
-#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
-# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
-# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
-# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
-# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
-# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
-#</Location>
-
-# SSL Engine Options:
-# Set various options for the SSL engine.
-# o FakeBasicAuth:
-# Translate the client X.509 into a Basic Authorisation. This means that
-# the standard Auth/DBMAuth methods can be used for access control. The
-# user name is the `one line' version of the client's X.509 certificate.
-# Note that no password is obtained from the user. Every entry in the user
-# file needs this password: `xxj31ZMTZzkVA'.
-# o ExportCertData:
-# This exports two additional environment variables: SSL_CLIENT_CERT and
-# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
-# server (always existing) and the client (only existing when client
-# authentication is used). This can be used to import the certificates
-# into CGI scripts.
-# o StdEnvVars:
-# This exports the standard SSL/TLS related `SSL_*' environment variables.
-# Per default this exportation is switched off for performance reasons,
-# because the extraction step is an expensive operation and is usually
-# useless for serving static content. So one usually enables the
-# exportation for CGI and SSI requests only.
-# o StrictRequire:
-# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
-# under a "Satisfy any" situation, i.e. when it applies access is denied
-# and no other module can change it.
-# o OptRenegotiate:
-# This enables optimized SSL connection renegotiation handling when SSL
-# directives are used in per-directory context.
-#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
-<FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
-</FilesMatch>
-<Directory "/usr/local/apache2/cgi-bin">
- SSLOptions +StdEnvVars
-</Directory>
-
-# SSL Protocol Adjustments:
-# The safe and default but still SSL/TLS standard compliant shutdown
-# approach is that mod_ssl sends the close notify alert but doesn't wait for
-# the close notify alert from client. When you need a different shutdown
-# approach you can use one of the following variables:
-# o ssl-unclean-shutdown:
-# This forces an unclean shutdown when the connection is closed, i.e. no
-# SSL close notify alert is sent or allowed to be received. This violates
-# the SSL/TLS standard but is needed for some brain-dead browsers. Use
-# this when you receive I/O errors because of the standard approach where
-# mod_ssl sends the close notify alert.
-# o ssl-accurate-shutdown:
-# This forces an accurate shutdown when the connection is closed, i.e. a
-# SSL close notify alert is send and mod_ssl waits for the close notify
-# alert of the client. This is 100% SSL/TLS standard compliant, but in
-# practice often causes hanging connections with brain-dead browsers. Use
-# this only for browsers where you know that their SSL implementation
-# works correctly.
-# Notice: Most problems of broken clients are also related to the HTTP
-# keep-alive facility, so you usually additionally want to disable
-# keep-alive for those clients, too. Use variable "nokeepalive" for this.
-# Similarly, one has to force some clients to use HTTP/1.0 to workaround
-# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
-# "force-response-1.0" for this.
-BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
-
-# Per-Server Logging:
-# The home of a custom SSL log file. Use this when you want a
-# compact non-error SSL logfile on a virtual host basis.
-CustomLog "/usr/local/apache2/logs/ssl_request_log" \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
-</VirtualHost>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-userdir.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-userdir.conf
deleted file mode 100644
index 567bd6d..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-userdir.conf
+++ /dev/null
@@ -1,28 +0,0 @@
-# Settings for user home directories
-#
-# Required module: mod_userdir
-
-#
-# UserDir: The name of the directory that is appended onto a user's home
-# directory if a ~user request is received. Note that you must also set
-# the default access control for these directories, as in the example below.
-#
-UserDir public_html
-
-#
-# Control access to UserDir directories. The following is an example
-# for a site where these directories are restricted to read-only.
-#
-<Directory "/home/*/public_html">
- AllowOverride FileInfo AuthConfig Limit Indexes
- Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
- <Limit GET POST OPTIONS>
- Order allow,deny
- Allow from all
- </Limit>
- <LimitExcept GET POST OPTIONS>
- Order deny,allow
- Deny from all
- </LimitExcept>
-</Directory>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-vhosts.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-vhosts.conf
deleted file mode 100644
index 01a73f3..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/extra/httpd-vhosts.conf
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# Virtual Hosts
-#
-# If you want to maintain multiple domains/hostnames on your
-# machine you can setup VirtualHost containers for them. Most configurations
-# use only name-based virtual hosts so the server doesn't need to worry about
-# IP addresses. This is indicated by the asterisks in the directives below.
-#
-# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
-# for further details before you try to setup virtual hosts.
-#
-# You may use the command line option '-S' to verify your virtual host
-# configuration.
-
-#
-# Use name-based virtual hosting.
-#
-NameVirtualHost *:8080
-
-#
-# VirtualHost example:
-# Almost any Apache directive may go into a VirtualHost container.
-# The first VirtualHost section is used for all requests that do not
-# match a ServerName or ServerAlias in any <VirtualHost> block.
-#
-<VirtualHost *:8080>
- ServerAdmin webmaster@dummy-host.example.com
- DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com"
- ServerName dummy-host.example.com
- ServerAlias www.dummy-host.example.com
- ErrorLog "logs/dummy-host.example.com-error_log"
- CustomLog "logs/dummy-host.example.com-access_log" common
-</VirtualHost>
-
-<VirtualHost *:8080>
- ServerAdmin webmaster@dummy-host2.example.com
- DocumentRoot "/usr/local/apache2/docs/dummy-host2.example.com"
- ServerName dummy-host2.example.com
- ErrorLog "logs/dummy-host2.example.com-error_log"
- CustomLog "logs/dummy-host2.example.com-access_log" common
-</VirtualHost>
-
-
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/httpd.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/httpd.conf
deleted file mode 100644
index 4b05e71..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/httpd.conf
+++ /dev/null
@@ -1,496 +0,0 @@
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so 'log/access_log'
-# with ServerRoot set to '/www' will be interpreted by the
-# server as '/www/log/access_log', where as '/log/access_log' will be
-# interpreted as '/log/access_log'.
-
-#
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to point the LockFile directive
-# at a local disk. If you wish to share the same ServerRoot for multiple
-# httpd daemons, you will need to change at least LockFile and PidFile.
-#
-ServerRoot "/usr/local/apache2"
-
-#
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 8080
-
-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-LoadModule authn_file_module modules/mod_authn_file.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_dbd_module modules/mod_authn_dbd.so
-LoadModule authn_default_module modules/mod_authn_default.so
-LoadModule authn_alias_module modules/mod_authn_alias.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
-LoadModule authz_default_module modules/mod_authz_default.so
-LoadModule auth_basic_module modules/mod_auth_basic.so
-LoadModule auth_digest_module modules/mod_auth_digest.so
-LoadModule file_cache_module modules/mod_file_cache.so
-LoadModule cache_module modules/mod_cache.so
-LoadModule disk_cache_module modules/mod_disk_cache.so
-LoadModule mem_cache_module modules/mod_mem_cache.so
-LoadModule dbd_module modules/mod_dbd.so
-LoadModule dumpio_module modules/mod_dumpio.so
-LoadModule reqtimeout_module modules/mod_reqtimeout.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-LoadModule include_module modules/mod_include.so
-LoadModule filter_module modules/mod_filter.so
-LoadModule substitute_module modules/mod_substitute.so
-LoadModule charset_lite_module modules/mod_charset_lite.so
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule ldap_module modules/mod_ldap.so
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule log_forensic_module modules/mod_log_forensic.so
-LoadModule logio_module modules/mod_logio.so
-LoadModule env_module modules/mod_env.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule cern_meta_module modules/mod_cern_meta.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule headers_module modules/mod_headers.so
-LoadModule ident_module modules/mod_ident.so
-LoadModule usertrack_module modules/mod_usertrack.so
-LoadModule unique_id_module modules/mod_unique_id.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule version_module modules/mod_version.so
-LoadModule proxy_module modules/mod_proxy.so
-LoadModule proxy_connect_module modules/mod_proxy_connect.so
-LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
-LoadModule proxy_http_module modules/mod_proxy_http.so
-LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
-LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
-LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-LoadModule ssl_module modules/mod_ssl.so
-LoadModule mime_module modules/mod_mime.so
-LoadModule dav_module modules/mod_dav.so
-LoadModule status_module modules/mod_status.so
-LoadModule autoindex_module modules/mod_autoindex.so
-LoadModule asis_module modules/mod_asis.so
-LoadModule info_module modules/mod_info.so
-LoadModule cgi_module modules/mod_cgi.so
-LoadModule dav_fs_module modules/mod_dav_fs.so
-LoadModule dav_lock_module modules/mod_dav_lock.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-LoadModule negotiation_module modules/mod_negotiation.so
-LoadModule dir_module modules/mod_dir.so
-LoadModule imagemap_module modules/mod_imagemap.so
-LoadModule actions_module modules/mod_actions.so
-LoadModule speling_module modules/mod_speling.so
-LoadModule userdir_module modules/mod_userdir.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule rewrite_module modules/mod_rewrite.so
-
-<IfModule !mpm_netware_module>
-<IfModule !mpm_winnt_module>
-#
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-#
-User daemon
-Group daemon
-
-</IfModule>
-</IfModule>
-
-# 'Main' server configuration
-#
-# The directives in this section set up the values used by the 'main'
-# server, which responds to any requests that aren't handled by a
-# <VirtualHost> definition. These values also provide defaults for
-# any <VirtualHost> containers you may define later in the file.
-#
-# All of these directives may appear inside <VirtualHost> containers,
-# in which case these default settings will be overridden for the
-# virtual host being defined.
-#
-
-#
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-#
-ServerAdmin you@example.com
-
-#
-# ServerName gives the name and port that the server uses to identify itself.
-# This can often be determined automatically, but we recommend you specify
-# it explicitly to prevent problems during startup.
-#
-# If your host doesn't have a registered DNS name, enter its IP address here.
-#
-#ServerName www.example.com:80
-
-#
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-DocumentRoot "/usr/local/apache2/htdocs"
-
-#
-# Each directory to which Apache has access can be configured with respect
-# to which services and features are allowed and/or disabled in that
-# directory (and its subdirectories).
-#
-# First, we configure the "default" to be a very restrictive set of
-# features.
-#
-<Directory />
- Options FollowSymLinks
- AllowOverride None
- Order deny,allow
- Deny from all
-</Directory>
-
-#
-# Note that from this point forward you must specifically allow
-# particular features to be enabled - so if something's not working as
-# you might expect, make sure that you have specifically enabled it
-# below.
-#
-
-#
-# This should be changed to whatever you set DocumentRoot to.
-#
-<Directory "/usr/local/apache2/htdocs">
- #
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
- # for more information.
- #
- Options Indexes FollowSymLinks
-
- #
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- #
- AllowOverride None
-
- #
- # Controls who can get stuff from this server.
- #
- Order allow,deny
- Allow from all
-
-</Directory>
-
-#
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-<IfModule dir_module>
- DirectoryIndex index.html
-</IfModule>
-
-#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-#
-<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
- Satisfy All
-</FilesMatch>
-
-#
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-#
-ErrorLog /proc/self/fd/2
-
-#
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-#
-LogLevel warn
-
-<IfModule log_config_module>
- #
- # The following directives define some format nicknames for use with
- # a CustomLog directive (see below).
- #
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
-
- <IfModule logio_module>
- # You need to enable mod_logio.c to use %I and %O
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
- </IfModule>
-
- #
- # The location and format of the access logfile (Common Logfile Format).
- # If you do not define any access logfiles within a <VirtualHost>
- # container, they will be logged here. Contrariwise, if you *do*
- # define per-<VirtualHost> access logfiles, transactions will be
- # logged therein and *not* in this file.
- #
- CustomLog /proc/self/fd/1 common
-
- #
- # If you prefer a logfile with access, agent, and referer information
- # (Combined Logfile Format) you can use the following directive.
- #
- #CustomLog "logs/access_log" combined
-</IfModule>
-
-<IfModule alias_module>
- #
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- #
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- #
- # ScriptAlias: This controls which directories contain server scripts.
- # ScriptAliases are essentially the same as Aliases, except that
- # documents in the target directory are treated as applications and
- # run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
- # directives as to Alias.
- #
- ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"
-
-</IfModule>
-
-<IfModule cgid_module>
- #
- # ScriptSock: On threaded servers, designate the path to the UNIX
- # socket used to communicate with the CGI daemon of mod_cgid.
- #
- #Scriptsock logs/cgisock
-</IfModule>
-
-#
-# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-#
-<Directory "/usr/local/apache2/cgi-bin">
- AllowOverride None
- Options None
- Order allow,deny
- Allow from all
-</Directory>
-
-#
-# DefaultType: the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value. If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-#
-DefaultType text/plain
-
-<IfModule headers_module>
- #
- # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
- # backend servers which have lingering "httpoxy" defects.
- # 'Proxy' request header is undefined by the IETF, not listed by IANA
- #
- RequestHeader unset Proxy early
-</IfModule>
-
-<IfModule mime_module>
- #
- # TypesConfig points to the file containing the list of mappings from
- # filename extension to MIME-type.
- #
- TypesConfig conf/mime.types
-
- #
- # AddType allows you to add to or override the MIME configuration
- # file specified in TypesConfig for specific file types.
- #
- #AddType application/x-gzip .tgz
- #
- # AddEncoding allows you to have certain browsers uncompress
- # information on the fly. Note: Not all browsers support this.
- #
- #AddEncoding x-compress .Z
- #AddEncoding x-gzip .gz .tgz
- #
- # If the AddEncoding directives above are commented-out, then you
- # probably should define those extensions to indicate media types:
- #
- AddType application/x-compress .Z
- AddType application/x-gzip .gz .tgz
-
- #
- # AddHandler allows you to map certain file extensions to "handlers":
- # actions unrelated to filetype. These can be either built into the server
- # or added with the Action directive (see below)
- #
- # To use CGI scripts outside of ScriptAliased directories:
- # (You will also need to add "ExecCGI" to the "Options" directive.)
- #
- #AddHandler cgi-script .cgi
-
- # For type maps (negotiated resources):
- #AddHandler type-map var
-
- #
- # Filters allow you to process content before it is sent to the client.
- #
- # To parse .shtml files for server-side includes (SSI):
- # (You will also need to add "Includes" to the "Options" directive.)
- #
- #AddType text/html .shtml
- #AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-#
-# The mod_mime_magic module allows the server to use various hints from the
-# contents of the file itself to determine its type. The MIMEMagicFile
-# directive tells the module where the hint definitions are located.
-#
-#MIMEMagicFile conf/magic
-
-#
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#
-
-#
-# MaxRanges: Maximum number of Ranges in a request before
-# returning the entire resource, or one of the special
-# values 'default', 'none' or 'unlimited'.
-# Default setting is to accept 200 Ranges.
-#MaxRanges unlimited
-
-#
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall is used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-#
-#EnableMMAP off
-#EnableSendfile off
-
-# Supplemental configuration
-#
-# The configuration files in the conf/extra/ directory can be
-# included to add extra features or to modify the default configuration of
-# the server, or you may simply copy their contents here and change as
-# necessary.
-
-# Server-pool management (MPM specific)
-#Include conf/extra/httpd-mpm.conf
-
-# Multi-language error messages
-#Include conf/extra/httpd-multilang-errordoc.conf
-
-# Fancy directory listings
-#Include conf/extra/httpd-autoindex.conf
-
-# Language settings
-#Include conf/extra/httpd-languages.conf
-
-# User home directories
-#Include conf/extra/httpd-userdir.conf
-
-# Real-time info on requests and configuration
-#Include conf/extra/httpd-info.conf
-
-# Virtual hosts
-#Include conf/extra/httpd-vhosts.conf
-
-# Local access to the Apache HTTP Server Manual
-#Include conf/extra/httpd-manual.conf
-
-# Distributed authoring and versioning (WebDAV)
-#Include conf/extra/httpd-dav.conf
-
-# Various default settings
-#Include conf/extra/httpd-default.conf
-
-# Secure (SSL/TLS) connections
-#Include conf/extra/httpd-ssl.conf
-#
-# Note: The following must must be present to support
-# starting without SSL on platforms with no /dev/random equivalent
-# but a statically compiled-in mod_ssl.
-#
-<IfModule ssl_module>
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-</IfModule>
-
-Include conf/kaas/router.conf
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/kaas/router.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/kaas/router.conf
deleted file mode 100644
index 4afa6dd..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/kaas/router.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-ProxyPass /adei http://katrin.kit.edu/adei-katrin
-ProxyPass /katrin-ng http://katrin.kit.edu/katrin-ng
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/magic b/setup/projects/katrin/files/etc/apache2-kaas-docker/magic
deleted file mode 100644
index 0de7336..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/magic
+++ /dev/null
@@ -1,382 +0,0 @@
-# Magic data for mod_mime_magic Apache module (originally for file(1) command)
-# The module is described in /manual/mod/mod_mime_magic.html
-#
-# The format is 4-5 columns:
-# Column #1: byte number to begin checking from, ">" indicates continuation
-# Column #2: type of data to match
-# Column #3: contents of data to match
-# Column #4: MIME type of result
-# Column #5: MIME encoding of result (optional)
-
-#------------------------------------------------------------------------------
-# Localstuff: file(1) magic for locally observed files
-# Add any locally observed files here.
-
-#------------------------------------------------------------------------------
-# end local stuff
-#------------------------------------------------------------------------------
-
-#------------------------------------------------------------------------------
-# Java
-
-0 short 0xcafe
->2 short 0xbabe application/java
-
-#------------------------------------------------------------------------------
-# audio: file(1) magic for sound formats
-#
-# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
-#
-
-# Sun/NeXT audio data
-0 string .snd
->12 belong 1 audio/basic
->12 belong 2 audio/basic
->12 belong 3 audio/basic
->12 belong 4 audio/basic
->12 belong 5 audio/basic
->12 belong 6 audio/basic
->12 belong 7 audio/basic
-
->12 belong 23 audio/x-adpcm
-
-# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
-# that uses little-endian encoding and has a different magic number
-# (0x0064732E in little-endian encoding).
-0 lelong 0x0064732E
->12 lelong 1 audio/x-dec-basic
->12 lelong 2 audio/x-dec-basic
->12 lelong 3 audio/x-dec-basic
->12 lelong 4 audio/x-dec-basic
->12 lelong 5 audio/x-dec-basic
->12 lelong 6 audio/x-dec-basic
->12 lelong 7 audio/x-dec-basic
-# compressed (G.721 ADPCM)
->12 lelong 23 audio/x-dec-adpcm
-
-# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
-# AIFF audio data
-8 string AIFF audio/x-aiff
-# AIFF-C audio data
-8 string AIFC audio/x-aiff
-# IFF/8SVX audio data
-8 string 8SVX audio/x-aiff
-
-# Creative Labs AUDIO stuff
-# Standard MIDI data
-0 string MThd audio/unknown
-#>9 byte >0 (format %d)
-#>11 byte >1 using %d channels
-# Creative Music (CMF) data
-0 string CTMF audio/unknown
-# SoundBlaster instrument data
-0 string SBI audio/unknown
-# Creative Labs voice data
-0 string Creative\ Voice\ File audio/unknown
-## is this next line right? it came this way...
-#>19 byte 0x1A
-#>23 byte >0 - version %d
-#>22 byte >0 \b.%d
-
-# [GRR 950115: is this also Creative Labs? Guessing that first line
-# should be string instead of unknown-endian long...]
-#0 long 0x4e54524b MultiTrack sound data
-#0 string NTRK MultiTrack sound data
-#>4 long x - version %ld
-
-# Microsoft WAVE format (*.wav)
-# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
-# Microsoft RIFF
-0 string RIFF audio/unknown
-# - WAVE format
->8 string WAVE audio/x-wav
-# MPEG audio.
-0 beshort&0xfff0 0xfff0 audio/mpeg
-# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
-0 string PSID audio/prs.sid
-
-#------------------------------------------------------------------------------
-# c-lang: file(1) magic for C programs or various scripts
-#
-
-# XPM icons (Greg Roelofs, newt@uchicago.edu)
-# ideally should go into "images", but entries below would tag XPM as C source
-0 string /*\ XPM image/x-xbm 7bit
-
-# this first will upset you if you're a PL/1 shop... (are there any left?)
-# in which case rm it; ascmagic will catch real C programs
-# C or REXX program text
-0 string /* text/plain
-# C++ program text
-0 string // text/plain
-
-#------------------------------------------------------------------------------
-# compress: file(1) magic for pure-compression formats (no archives)
-#
-# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
-#
-# Formats for various forms of compressed data
-# Formats for "compress" proper have been moved into "compress.c",
-# because it tries to uncompress it to figure out what's inside.
-
-# standard unix compress
-0 string \037\235 application/octet-stream x-compress
-
-# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
-0 string \037\213 application/octet-stream x-gzip
-
-# According to gzip.h, this is the correct byte order for packed data.
-0 string \037\036 application/octet-stream
-#
-# This magic number is byte-order-independent.
-#
-0 short 017437 application/octet-stream
-
-# XXX - why *two* entries for "compacted data", one of which is
-# byte-order independent, and one of which is byte-order dependent?
-#
-# compacted data
-0 short 0x1fff application/octet-stream
-0 string \377\037 application/octet-stream
-# huf output
-0 short 0145405 application/octet-stream
-
-# Squeeze and Crunch...
-# These numbers were gleaned from the Unix versions of the programs to
-# handle these formats. Note that I can only uncrunch, not crunch, and
-# I didn't have a crunched file handy, so the crunch number is untested.
-# Keith Waclena <keith@cerberus.uchicago.edu>
-#0 leshort 0x76FF squeezed data (CP/M, DOS)
-#0 leshort 0x76FE crunched data (CP/M, DOS)
-
-# Freeze
-#0 string \037\237 Frozen file 2.1
-#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
-
-# lzh?
-#0 string \037\240 LZH compressed data
-
-#------------------------------------------------------------------------------
-# frame: file(1) magic for FrameMaker files
-#
-# This stuff came on a FrameMaker demo tape, most of which is
-# copyright, but this file is "published" as witness the following:
-#
-0 string \<MakerFile application/x-frame
-0 string \<MIFFile application/x-frame
-0 string \<MakerDictionary application/x-frame
-0 string \<MakerScreenFon application/x-frame
-0 string \<MML application/x-frame
-0 string \<Book application/x-frame
-0 string \<Maker application/x-frame
-
-#------------------------------------------------------------------------------
-# html: file(1) magic for HTML (HyperText Markup Language) docs
-#
-# from Daniel Quinlan <quinlan@yggdrasil.com>
-# and Anna Shergold <anna@inext.co.uk>
-#
-0 string \<!DOCTYPE\ HTML text/html
-0 string \<!doctype\ html text/html
-0 string \<HEAD text/html
-0 string \<head text/html
-0 string \<TITLE text/html
-0 string \<title text/html
-0 string \<html text/html
-0 string \<HTML text/html
-0 string \<!-- text/html
-0 string \<h1 text/html
-0 string \<H1 text/html
-
-# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
-0 string \<?xml text/xml
-
-#------------------------------------------------------------------------------
-# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
-#
-# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
-# additions by janl@ifi.uio.no as well as others. Jan also suggested
-# merging several one- and two-line files into here.
-#
-# XXX - byte order for GIF and TIFF fields?
-# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
-#
-
-# [GRR: what the hell is this doing in here?]
-#0 string xbtoa btoa'd file
-
-# PBMPLUS
-# PBM file
-0 string P1 image/x-portable-bitmap 7bit
-# PGM file
-0 string P2 image/x-portable-greymap 7bit
-# PPM file
-0 string P3 image/x-portable-pixmap 7bit
-# PBM "rawbits" file
-0 string P4 image/x-portable-bitmap
-# PGM "rawbits" file
-0 string P5 image/x-portable-greymap
-# PPM "rawbits" file
-0 string P6 image/x-portable-pixmap
-
-# NIFF (Navy Interchange File Format, a modification of TIFF)
-# [GRR: this *must* go before TIFF]
-0 string IIN1 image/x-niff
-
-# TIFF and friends
-# TIFF file, big-endian
-0 string MM image/tiff
-# TIFF file, little-endian
-0 string II image/tiff
-
-# possible GIF replacements; none yet released!
-# (Greg Roelofs, newt@uchicago.edu)
-#
-# GRR 950115: this was mine ("Zip GIF"):
-# ZIF image (GIF+deflate alpha)
-0 string GIF94z image/unknown
-#
-# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
-# FGF image (GIF+deflate beta)
-0 string FGF95a image/unknown
-#
-# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
-# (best; not yet implemented):
-# PBF image (deflate compression)
-0 string PBF image/unknown
-
-# GIF
-0 string GIF image/gif
-
-# JPEG images
-0 beshort 0xffd8 image/jpeg
-
-# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
-0 string BM image/bmp
-#>14 byte 12 (OS/2 1.x format)
-#>14 byte 64 (OS/2 2.x format)
-#>14 byte 40 (Windows 3.x format)
-#0 string IC icon
-#0 string PI pointer
-#0 string CI color icon
-#0 string CP color pointer
-#0 string BA bitmap array
-
-
-#------------------------------------------------------------------------------
-# lisp: file(1) magic for lisp programs
-#
-# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
-0 string ;; text/plain 8bit
-# Emacs 18 - this is always correct, but not very magical.
-0 string \012( application/x-elc
-# Emacs 19
-0 string ;ELC\023\000\000\000 application/x-elc
-
-#------------------------------------------------------------------------------
-# mail.news: file(1) magic for mail and news
-#
-# There are tests to ascmagic.c to cope with mail and news.
-0 string Relay-Version: message/rfc822 7bit
-0 string #!\ rnews message/rfc822 7bit
-0 string N#!\ rnews message/rfc822 7bit
-0 string Forward\ to message/rfc822 7bit
-0 string Pipe\ to message/rfc822 7bit
-0 string Return-Path: message/rfc822 7bit
-0 string Path: message/news 8bit
-0 string Xref: message/news 8bit
-0 string From: message/rfc822 7bit
-0 string Article message/news 8bit
-#------------------------------------------------------------------------------
-# msword: file(1) magic for MS Word files
-#
-# Contributor claims:
-# Reversed-engineered MS Word magic numbers
-#
-
-0 string \376\067\0\043 application/msword
-0 string \333\245-\0\0\0 application/msword
-
-# disable this one because it applies also to other
-# Office/OLE documents for which msword is not correct. See PR#2608.
-#0 string \320\317\021\340\241\261 application/msword
-
-
-
-#------------------------------------------------------------------------------
-# printer: file(1) magic for printer-formatted files
-#
-
-# PostScript
-0 string %! application/postscript
-0 string \004%! application/postscript
-
-# Acrobat
-# (due to clamen@cs.cmu.edu)
-0 string %PDF- application/pdf
-
-#------------------------------------------------------------------------------
-# sc: file(1) magic for "sc" spreadsheet
-#
-38 string Spreadsheet application/x-sc
-
-#------------------------------------------------------------------------------
-# tex: file(1) magic for TeX files
-#
-# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
-#
-# From <conklin@talisman.kaleida.com>
-
-# Although we may know the offset of certain text fields in TeX DVI
-# and font files, we can't use them reliably because they are not
-# zero terminated. [but we do anyway, christos]
-0 string \367\002 application/x-dvi
-#0 string \367\203 TeX generic font data
-#0 string \367\131 TeX packed font data
-#0 string \367\312 TeX virtual font data
-#0 string This\ is\ TeX, TeX transcript text
-#0 string This\ is\ METAFONT, METAFONT transcript text
-
-# There is no way to detect TeX Font Metric (*.tfm) files without
-# breaking them apart and reading the data. The following patterns
-# match most *.tfm files generated by METAFONT or afm2tfm.
-#2 string \000\021 TeX font metric data
-#2 string \000\022 TeX font metric data
-#>34 string >\0 (%s)
-
-# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
-#0 string \\input\ texinfo Texinfo source text
-#0 string This\ is\ Info\ file GNU Info text
-
-# correct TeX magic for Linux (and maybe more)
-# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
-#
-0 leshort 0x02f7 application/x-dvi
-
-# RTF - Rich Text Format
-0 string {\\rtf application/rtf
-
-#------------------------------------------------------------------------------
-# animation: file(1) magic for animation/movie formats
-#
-# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
-# MPEG file
-0 string \000\000\001\263 video/mpeg
-#
-# The contributor claims:
-# I couldn't find a real magic number for these, however, this
-# -appears- to work. Note that it might catch other files, too,
-# so BE CAREFUL!
-#
-# Note that title and author appear in the two 20-byte chunks
-# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
-# 255 (hex FF)! DL format SUCKS BIG ROCKS.
-#
-# DL file version 1 , medium format (160x100, 4 images/screen)
-0 byte 1 video/unknown
-0 byte 2 video/unknown
-# Quicktime video, from Linus Walleij <triad@df.lth.se>
-# from Apple quicktime file format documentation.
-4 string moov video/quicktime
-4 string mdat video/quicktime
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/mime.types b/setup/projects/katrin/files/etc/apache2-kaas-docker/mime.types
deleted file mode 100644
index 5175242..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/mime.types
+++ /dev/null
@@ -1,1588 +0,0 @@
-# This file maps Internet media types to unique file extension(s).
-# Although created for httpd, this file is used by many software systems
-# and has been placed in the public domain for unlimited redisribution.
-#
-# The table below contains both registered and (common) unregistered types.
-# A type that has no unique extension can be ignored -- they are listed
-# here to guide configurations toward known types and to make it easier to
-# identify "new" types. File extensions are also commonly used to indicate
-# content languages and encodings, so choose them carefully.
-#
-# Internet media types should be registered as described in RFC 4288.
-# The registry is at <http://www.iana.org/assignments/media-types/>.
-#
-# MIME type (lowercased) Extensions
-# ============================================ ==========
-# application/1d-interleaved-parityfec
-# application/3gpp-ims+xml
-# application/activemessage
-application/andrew-inset ez
-# application/applefile
-application/applixware aw
-application/atom+xml atom
-application/atomcat+xml atomcat
-# application/atomicmail
-application/atomsvc+xml atomsvc
-# application/auth-policy+xml
-# application/batch-smtp
-# application/beep+xml
-# application/calendar+xml
-# application/cals-1840
-# application/ccmp+xml
-application/ccxml+xml ccxml
-application/cdmi-capability cdmia
-application/cdmi-container cdmic
-application/cdmi-domain cdmid
-application/cdmi-object cdmio
-application/cdmi-queue cdmiq
-# application/cea-2018+xml
-# application/cellml+xml
-# application/cfw
-# application/cnrp+xml
-# application/commonground
-# application/conference-info+xml
-# application/cpl+xml
-# application/csta+xml
-# application/cstadata+xml
-application/cu-seeme cu
-# application/cybercash
-application/davmount+xml davmount
-# application/dca-rft
-# application/dec-dx
-# application/dialog-info+xml
-# application/dicom
-# application/dns
-application/docbook+xml dbk
-# application/dskpp+xml
-application/dssc+der dssc
-application/dssc+xml xdssc
-# application/dvcs
-application/ecmascript ecma
-# application/edi-consent
-# application/edi-x12
-# application/edifact
-application/emma+xml emma
-# application/epp+xml
-application/epub+zip epub
-# application/eshop
-# application/example
-application/exi exi
-# application/fastinfoset
-# application/fastsoap
-# application/fits
-application/font-tdpfr pfr
-# application/framework-attributes+xml
-application/gml+xml gml
-application/gpx+xml gpx
-application/gxf gxf
-# application/h224
-# application/held+xml
-# application/http
-application/hyperstudio stk
-# application/ibe-key-request+xml
-# application/ibe-pkg-reply+xml
-# application/ibe-pp-data
-# application/iges
-# application/im-iscomposing+xml
-# application/index
-# application/index.cmd
-# application/index.obj
-# application/index.response
-# application/index.vnd
-application/inkml+xml ink inkml
-# application/iotp
-application/ipfix ipfix
-# application/ipp
-# application/isup
-application/java-archive jar
-application/java-serialized-object ser
-application/java-vm class
-application/javascript js
-application/json json
-application/jsonml+json jsonml
-# application/kpml-request+xml
-# application/kpml-response+xml
-application/lost+xml lostxml
-application/mac-binhex40 hqx
-application/mac-compactpro cpt
-# application/macwriteii
-application/mads+xml mads
-application/marc mrc
-application/marcxml+xml mrcx
-application/mathematica ma nb mb
-# application/mathml-content+xml
-# application/mathml-presentation+xml
-application/mathml+xml mathml
-# application/mbms-associated-procedure-description+xml
-# application/mbms-deregister+xml
-# application/mbms-envelope+xml
-# application/mbms-msk+xml
-# application/mbms-msk-response+xml
-# application/mbms-protection-description+xml
-# application/mbms-reception-report+xml
-# application/mbms-register+xml
-# application/mbms-register-response+xml
-# application/mbms-user-service-description+xml
-application/mbox mbox
-# application/media_control+xml
-application/mediaservercontrol+xml mscml
-application/metalink+xml metalink
-application/metalink4+xml meta4
-application/mets+xml mets
-# application/mikey
-application/mods+xml mods
-# application/moss-keys
-# application/moss-signature
-# application/mosskey-data
-# application/mosskey-request
-application/mp21 m21 mp21
-application/mp4 mp4s
-# application/mpeg4-generic
-# application/mpeg4-iod
-# application/mpeg4-iod-xmt
-# application/msc-ivr+xml
-# application/msc-mixer+xml
-application/msword doc dot
-application/mxf mxf
-# application/nasdata
-# application/news-checkgroups
-# application/news-groupinfo
-# application/news-transmission
-# application/nss
-# application/ocsp-request
-# application/ocsp-response
-application/octet-stream bin dms lrf mar so dist distz pkg bpk dump elc deploy
-application/oda oda
-application/oebps-package+xml opf
-application/ogg ogx
-application/omdoc+xml omdoc
-application/onenote onetoc onetoc2 onetmp onepkg
-application/oxps oxps
-# application/parityfec
-application/patch-ops-error+xml xer
-application/pdf pdf
-application/pgp-encrypted pgp
-# application/pgp-keys
-application/pgp-signature asc sig
-application/pics-rules prf
-# application/pidf+xml
-# application/pidf-diff+xml
-application/pkcs10 p10
-application/pkcs7-mime p7m p7c
-application/pkcs7-signature p7s
-application/pkcs8 p8
-application/pkix-attr-cert ac
-application/pkix-cert cer
-application/pkix-crl crl
-application/pkix-pkipath pkipath
-application/pkixcmp pki
-application/pls+xml pls
-# application/poc-settings+xml
-application/postscript ai eps ps
-# application/prs.alvestrand.titrax-sheet
-application/prs.cww cww
-# application/prs.nprend
-# application/prs.plucker
-# application/prs.rdf-xml-crypt
-# application/prs.xsf+xml
-application/pskc+xml pskcxml
-# application/qsig
-application/rdf+xml rdf
-application/reginfo+xml rif
-application/relax-ng-compact-syntax rnc
-# application/remote-printing
-application/resource-lists+xml rl
-application/resource-lists-diff+xml rld
-# application/riscos
-# application/rlmi+xml
-application/rls-services+xml rs
-application/rpki-ghostbusters gbr
-application/rpki-manifest mft
-application/rpki-roa roa
-# application/rpki-updown
-application/rsd+xml rsd
-application/rss+xml rss
-application/rtf rtf
-# application/rtx
-# application/samlassertion+xml
-# application/samlmetadata+xml
-application/sbml+xml sbml
-application/scvp-cv-request scq
-application/scvp-cv-response scs
-application/scvp-vp-request spq
-application/scvp-vp-response spp
-application/sdp sdp
-# application/set-payment
-application/set-payment-initiation setpay
-# application/set-registration
-application/set-registration-initiation setreg
-# application/sgml
-# application/sgml-open-catalog
-application/shf+xml shf
-# application/sieve
-# application/simple-filter+xml
-# application/simple-message-summary
-# application/simplesymbolcontainer
-# application/slate
-# application/smil
-application/smil+xml smi smil
-# application/soap+fastinfoset
-# application/soap+xml
-application/sparql-query rq
-application/sparql-results+xml srx
-# application/spirits-event+xml
-application/srgs gram
-application/srgs+xml grxml
-application/sru+xml sru
-application/ssdl+xml ssdl
-application/ssml+xml ssml
-# application/tamp-apex-update
-# application/tamp-apex-update-confirm
-# application/tamp-community-update
-# application/tamp-community-update-confirm
-# application/tamp-error
-# application/tamp-sequence-adjust
-# application/tamp-sequence-adjust-confirm
-# application/tamp-status-query
-# application/tamp-status-response
-# application/tamp-update
-# application/tamp-update-confirm
-application/tei+xml tei teicorpus
-application/thraud+xml tfi
-# application/timestamp-query
-# application/timestamp-reply
-application/timestamped-data tsd
-# application/tve-trigger
-# application/ulpfec
-# application/vcard+xml
-# application/vemmi
-# application/vividence.scriptfile
-# application/vnd.3gpp.bsf+xml
-application/vnd.3gpp.pic-bw-large plb
-application/vnd.3gpp.pic-bw-small psb
-application/vnd.3gpp.pic-bw-var pvb
-# application/vnd.3gpp.sms
-# application/vnd.3gpp2.bcmcsinfo+xml
-# application/vnd.3gpp2.sms
-application/vnd.3gpp2.tcap tcap
-application/vnd.3m.post-it-notes pwn
-application/vnd.accpac.simply.aso aso
-application/vnd.accpac.simply.imp imp
-application/vnd.acucobol acu
-application/vnd.acucorp atc acutc
-application/vnd.adobe.air-application-installer-package+zip air
-application/vnd.adobe.formscentral.fcdt fcdt
-application/vnd.adobe.fxp fxp fxpl
-# application/vnd.adobe.partial-upload
-application/vnd.adobe.xdp+xml xdp
-application/vnd.adobe.xfdf xfdf
-# application/vnd.aether.imp
-# application/vnd.ah-barcode
-application/vnd.ahead.space ahead
-application/vnd.airzip.filesecure.azf azf
-application/vnd.airzip.filesecure.azs azs
-application/vnd.amazon.ebook azw
-application/vnd.americandynamics.acc acc
-application/vnd.amiga.ami ami
-# application/vnd.amundsen.maze+xml
-application/vnd.android.package-archive apk
-application/vnd.anser-web-certificate-issue-initiation cii
-application/vnd.anser-web-funds-transfer-initiation fti
-application/vnd.antix.game-component atx
-application/vnd.apple.installer+xml mpkg
-application/vnd.apple.mpegurl m3u8
-# application/vnd.arastra.swi
-application/vnd.aristanetworks.swi swi
-application/vnd.astraea-software.iota iota
-application/vnd.audiograph aep
-# application/vnd.autopackage
-# application/vnd.avistar+xml
-application/vnd.blueice.multipass mpm
-# application/vnd.bluetooth.ep.oob
-application/vnd.bmi bmi
-application/vnd.businessobjects rep
-# application/vnd.cab-jscript
-# application/vnd.canon-cpdl
-# application/vnd.canon-lips
-# application/vnd.cendio.thinlinc.clientconf
-application/vnd.chemdraw+xml cdxml
-application/vnd.chipnuts.karaoke-mmd mmd
-application/vnd.cinderella cdy
-# application/vnd.cirpack.isdn-ext
-application/vnd.claymore cla
-application/vnd.cloanto.rp9 rp9
-application/vnd.clonk.c4group c4g c4d c4f c4p c4u
-application/vnd.cluetrust.cartomobile-config c11amc
-application/vnd.cluetrust.cartomobile-config-pkg c11amz
-# application/vnd.collection+json
-# application/vnd.commerce-battelle
-application/vnd.commonspace csp
-application/vnd.contact.cmsg cdbcmsg
-application/vnd.cosmocaller cmc
-application/vnd.crick.clicker clkx
-application/vnd.crick.clicker.keyboard clkk
-application/vnd.crick.clicker.palette clkp
-application/vnd.crick.clicker.template clkt
-application/vnd.crick.clicker.wordbank clkw
-application/vnd.criticaltools.wbs+xml wbs
-application/vnd.ctc-posml pml
-# application/vnd.ctct.ws+xml
-# application/vnd.cups-pdf
-# application/vnd.cups-postscript
-application/vnd.cups-ppd ppd
-# application/vnd.cups-raster
-# application/vnd.cups-raw
-# application/vnd.curl
-application/vnd.curl.car car
-application/vnd.curl.pcurl pcurl
-# application/vnd.cybank
-application/vnd.dart dart
-application/vnd.data-vision.rdz rdz
-application/vnd.dece.data uvf uvvf uvd uvvd
-application/vnd.dece.ttml+xml uvt uvvt
-application/vnd.dece.unspecified uvx uvvx
-application/vnd.dece.zip uvz uvvz
-application/vnd.denovo.fcselayout-link fe_launch
-# application/vnd.dir-bi.plate-dl-nosuffix
-application/vnd.dna dna
-application/vnd.dolby.mlp mlp
-# application/vnd.dolby.mobile.1
-# application/vnd.dolby.mobile.2
-application/vnd.dpgraph dpg
-application/vnd.dreamfactory dfac
-application/vnd.ds-keypoint kpxx
-application/vnd.dvb.ait ait
-# application/vnd.dvb.dvbj
-# application/vnd.dvb.esgcontainer
-# application/vnd.dvb.ipdcdftnotifaccess
-# application/vnd.dvb.ipdcesgaccess
-# application/vnd.dvb.ipdcesgaccess2
-# application/vnd.dvb.ipdcesgpdd
-# application/vnd.dvb.ipdcroaming
-# application/vnd.dvb.iptv.alfec-base
-# application/vnd.dvb.iptv.alfec-enhancement
-# application/vnd.dvb.notif-aggregate-root+xml
-# application/vnd.dvb.notif-container+xml
-# application/vnd.dvb.notif-generic+xml
-# application/vnd.dvb.notif-ia-msglist+xml
-# application/vnd.dvb.notif-ia-registration-request+xml
-# application/vnd.dvb.notif-ia-registration-response+xml
-# application/vnd.dvb.notif-init+xml
-# application/vnd.dvb.pfr
-application/vnd.dvb.service svc
-# application/vnd.dxr
-application/vnd.dynageo geo
-# application/vnd.easykaraoke.cdgdownload
-# application/vnd.ecdis-update
-application/vnd.ecowin.chart mag
-# application/vnd.ecowin.filerequest
-# application/vnd.ecowin.fileupdate
-# application/vnd.ecowin.series
-# application/vnd.ecowin.seriesrequest
-# application/vnd.ecowin.seriesupdate
-# application/vnd.emclient.accessrequest+xml
-application/vnd.enliven nml
-# application/vnd.eprints.data+xml
-application/vnd.epson.esf esf
-application/vnd.epson.msf msf
-application/vnd.epson.quickanime qam
-application/vnd.epson.salt slt
-application/vnd.epson.ssf ssf
-# application/vnd.ericsson.quickcall
-application/vnd.eszigno3+xml es3 et3
-# application/vnd.etsi.aoc+xml
-# application/vnd.etsi.cug+xml
-# application/vnd.etsi.iptvcommand+xml
-# application/vnd.etsi.iptvdiscovery+xml
-# application/vnd.etsi.iptvprofile+xml
-# application/vnd.etsi.iptvsad-bc+xml
-# application/vnd.etsi.iptvsad-cod+xml
-# application/vnd.etsi.iptvsad-npvr+xml
-# application/vnd.etsi.iptvservice+xml
-# application/vnd.etsi.iptvsync+xml
-# application/vnd.etsi.iptvueprofile+xml
-# application/vnd.etsi.mcid+xml
-# application/vnd.etsi.overload-control-policy-dataset+xml
-# application/vnd.etsi.sci+xml
-# application/vnd.etsi.simservs+xml
-# application/vnd.etsi.tsl+xml
-# application/vnd.etsi.tsl.der
-# application/vnd.eudora.data
-application/vnd.ezpix-album ez2
-application/vnd.ezpix-package ez3
-# application/vnd.f-secure.mobile
-application/vnd.fdf fdf
-application/vnd.fdsn.mseed mseed
-application/vnd.fdsn.seed seed dataless
-# application/vnd.ffsns
-# application/vnd.fints
-application/vnd.flographit gph
-application/vnd.fluxtime.clip ftc
-# application/vnd.font-fontforge-sfd
-application/vnd.framemaker fm frame maker book
-application/vnd.frogans.fnc fnc
-application/vnd.frogans.ltf ltf
-application/vnd.fsc.weblaunch fsc
-application/vnd.fujitsu.oasys oas
-application/vnd.fujitsu.oasys2 oa2
-application/vnd.fujitsu.oasys3 oa3
-application/vnd.fujitsu.oasysgp fg5
-application/vnd.fujitsu.oasysprs bh2
-# application/vnd.fujixerox.art-ex
-# application/vnd.fujixerox.art4
-# application/vnd.fujixerox.hbpl
-application/vnd.fujixerox.ddd ddd
-application/vnd.fujixerox.docuworks xdw
-application/vnd.fujixerox.docuworks.binder xbd
-# application/vnd.fut-misnet
-application/vnd.fuzzysheet fzs
-application/vnd.genomatix.tuxedo txd
-# application/vnd.geocube+xml
-application/vnd.geogebra.file ggb
-application/vnd.geogebra.tool ggt
-application/vnd.geometry-explorer gex gre
-application/vnd.geonext gxt
-application/vnd.geoplan g2w
-application/vnd.geospace g3w
-# application/vnd.globalplatform.card-content-mgt
-# application/vnd.globalplatform.card-content-mgt-response
-application/vnd.gmx gmx
-application/vnd.google-earth.kml+xml kml
-application/vnd.google-earth.kmz kmz
-application/vnd.grafeq gqf gqs
-# application/vnd.gridmp
-application/vnd.groove-account gac
-application/vnd.groove-help ghf
-application/vnd.groove-identity-message gim
-application/vnd.groove-injector grv
-application/vnd.groove-tool-message gtm
-application/vnd.groove-tool-template tpl
-application/vnd.groove-vcard vcg
-# application/vnd.hal+json
-application/vnd.hal+xml hal
-application/vnd.handheld-entertainment+xml zmm
-application/vnd.hbci hbci
-# application/vnd.hcl-bireports
-application/vnd.hhe.lesson-player les
-application/vnd.hp-hpgl hpgl
-application/vnd.hp-hpid hpid
-application/vnd.hp-hps hps
-application/vnd.hp-jlyt jlt
-application/vnd.hp-pcl pcl
-application/vnd.hp-pclxl pclxl
-# application/vnd.httphone
-application/vnd.hydrostatix.sof-data sfd-hdstx
-# application/vnd.hzn-3d-crossword
-# application/vnd.ibm.afplinedata
-# application/vnd.ibm.electronic-media
-application/vnd.ibm.minipay mpy
-application/vnd.ibm.modcap afp listafp list3820
-application/vnd.ibm.rights-management irm
-application/vnd.ibm.secure-container sc
-application/vnd.iccprofile icc icm
-application/vnd.igloader igl
-application/vnd.immervision-ivp ivp
-application/vnd.immervision-ivu ivu
-# application/vnd.informedcontrol.rms+xml
-# application/vnd.informix-visionary
-# application/vnd.infotech.project
-# application/vnd.infotech.project+xml
-# application/vnd.innopath.wamp.notification
-application/vnd.insors.igm igm
-application/vnd.intercon.formnet xpw xpx
-application/vnd.intergeo i2g
-# application/vnd.intertrust.digibox
-# application/vnd.intertrust.nncp
-application/vnd.intu.qbo qbo
-application/vnd.intu.qfx qfx
-# application/vnd.iptc.g2.conceptitem+xml
-# application/vnd.iptc.g2.knowledgeitem+xml
-# application/vnd.iptc.g2.newsitem+xml
-# application/vnd.iptc.g2.newsmessage+xml
-# application/vnd.iptc.g2.packageitem+xml
-# application/vnd.iptc.g2.planningitem+xml
-application/vnd.ipunplugged.rcprofile rcprofile
-application/vnd.irepository.package+xml irp
-application/vnd.is-xpr xpr
-application/vnd.isac.fcs fcs
-application/vnd.jam jam
-# application/vnd.japannet-directory-service
-# application/vnd.japannet-jpnstore-wakeup
-# application/vnd.japannet-payment-wakeup
-# application/vnd.japannet-registration
-# application/vnd.japannet-registration-wakeup
-# application/vnd.japannet-setstore-wakeup
-# application/vnd.japannet-verification
-# application/vnd.japannet-verification-wakeup
-application/vnd.jcp.javame.midlet-rms rms
-application/vnd.jisp jisp
-application/vnd.joost.joda-archive joda
-application/vnd.kahootz ktz ktr
-application/vnd.kde.karbon karbon
-application/vnd.kde.kchart chrt
-application/vnd.kde.kformula kfo
-application/vnd.kde.kivio flw
-application/vnd.kde.kontour kon
-application/vnd.kde.kpresenter kpr kpt
-application/vnd.kde.kspread ksp
-application/vnd.kde.kword kwd kwt
-application/vnd.kenameaapp htke
-application/vnd.kidspiration kia
-application/vnd.kinar kne knp
-application/vnd.koan skp skd skt skm
-application/vnd.kodak-descriptor sse
-application/vnd.las.las+xml lasxml
-# application/vnd.liberty-request+xml
-application/vnd.llamagraphics.life-balance.desktop lbd
-application/vnd.llamagraphics.life-balance.exchange+xml lbe
-application/vnd.lotus-1-2-3 123
-application/vnd.lotus-approach apr
-application/vnd.lotus-freelance pre
-application/vnd.lotus-notes nsf
-application/vnd.lotus-organizer org
-application/vnd.lotus-screencam scm
-application/vnd.lotus-wordpro lwp
-application/vnd.macports.portpkg portpkg
-# application/vnd.marlin.drm.actiontoken+xml
-# application/vnd.marlin.drm.conftoken+xml
-# application/vnd.marlin.drm.license+xml
-# application/vnd.marlin.drm.mdcf
-application/vnd.mcd mcd
-application/vnd.medcalcdata mc1
-application/vnd.mediastation.cdkey cdkey
-# application/vnd.meridian-slingshot
-application/vnd.mfer mwf
-application/vnd.mfmp mfm
-application/vnd.micrografx.flo flo
-application/vnd.micrografx.igx igx
-application/vnd.mif mif
-# application/vnd.minisoft-hp3000-save
-# application/vnd.mitsubishi.misty-guard.trustweb
-application/vnd.mobius.daf daf
-application/vnd.mobius.dis dis
-application/vnd.mobius.mbk mbk
-application/vnd.mobius.mqy mqy
-application/vnd.mobius.msl msl
-application/vnd.mobius.plc plc
-application/vnd.mobius.txf txf
-application/vnd.mophun.application mpn
-application/vnd.mophun.certificate mpc
-# application/vnd.motorola.flexsuite
-# application/vnd.motorola.flexsuite.adsi
-# application/vnd.motorola.flexsuite.fis
-# application/vnd.motorola.flexsuite.gotap
-# application/vnd.motorola.flexsuite.kmr
-# application/vnd.motorola.flexsuite.ttc
-# application/vnd.motorola.flexsuite.wem
-# application/vnd.motorola.iprm
-application/vnd.mozilla.xul+xml xul
-application/vnd.ms-artgalry cil
-# application/vnd.ms-asf
-application/vnd.ms-cab-compressed cab
-# application/vnd.ms-color.iccprofile
-application/vnd.ms-excel xls xlm xla xlc xlt xlw
-application/vnd.ms-excel.addin.macroenabled.12 xlam
-application/vnd.ms-excel.sheet.binary.macroenabled.12 xlsb
-application/vnd.ms-excel.sheet.macroenabled.12 xlsm
-application/vnd.ms-excel.template.macroenabled.12 xltm
-application/vnd.ms-fontobject eot
-application/vnd.ms-htmlhelp chm
-application/vnd.ms-ims ims
-application/vnd.ms-lrm lrm
-# application/vnd.ms-office.activex+xml
-application/vnd.ms-officetheme thmx
-# application/vnd.ms-opentype
-# application/vnd.ms-package.obfuscated-opentype
-application/vnd.ms-pki.seccat cat
-application/vnd.ms-pki.stl stl
-# application/vnd.ms-playready.initiator+xml
-application/vnd.ms-powerpoint ppt pps pot
-application/vnd.ms-powerpoint.addin.macroenabled.12 ppam
-application/vnd.ms-powerpoint.presentation.macroenabled.12 pptm
-application/vnd.ms-powerpoint.slide.macroenabled.12 sldm
-application/vnd.ms-powerpoint.slideshow.macroenabled.12 ppsm
-application/vnd.ms-powerpoint.template.macroenabled.12 potm
-# application/vnd.ms-printing.printticket+xml
-application/vnd.ms-project mpp mpt
-# application/vnd.ms-tnef
-# application/vnd.ms-wmdrm.lic-chlg-req
-# application/vnd.ms-wmdrm.lic-resp
-# application/vnd.ms-wmdrm.meter-chlg-req
-# application/vnd.ms-wmdrm.meter-resp
-application/vnd.ms-word.document.macroenabled.12 docm
-application/vnd.ms-word.template.macroenabled.12 dotm
-application/vnd.ms-works wps wks wcm wdb
-application/vnd.ms-wpl wpl
-application/vnd.ms-xpsdocument xps
-application/vnd.mseq mseq
-# application/vnd.msign
-# application/vnd.multiad.creator
-# application/vnd.multiad.creator.cif
-# application/vnd.music-niff
-application/vnd.musician mus
-application/vnd.muvee.style msty
-application/vnd.mynfc taglet
-# application/vnd.ncd.control
-# application/vnd.ncd.reference
-# application/vnd.nervana
-# application/vnd.netfpx
-application/vnd.neurolanguage.nlu nlu
-application/vnd.nitf ntf nitf
-application/vnd.noblenet-directory nnd
-application/vnd.noblenet-sealer nns
-application/vnd.noblenet-web nnw
-# application/vnd.nokia.catalogs
-# application/vnd.nokia.conml+wbxml
-# application/vnd.nokia.conml+xml
-# application/vnd.nokia.isds-radio-presets
-# application/vnd.nokia.iptv.config+xml
-# application/vnd.nokia.landmark+wbxml
-# application/vnd.nokia.landmark+xml
-# application/vnd.nokia.landmarkcollection+xml
-# application/vnd.nokia.n-gage.ac+xml
-application/vnd.nokia.n-gage.data ngdat
-application/vnd.nokia.n-gage.symbian.install n-gage
-# application/vnd.nokia.ncd
-# application/vnd.nokia.pcd+wbxml
-# application/vnd.nokia.pcd+xml
-application/vnd.nokia.radio-preset rpst
-application/vnd.nokia.radio-presets rpss
-application/vnd.novadigm.edm edm
-application/vnd.novadigm.edx edx
-application/vnd.novadigm.ext ext
-# application/vnd.ntt-local.file-transfer
-# application/vnd.ntt-local.sip-ta_remote
-# application/vnd.ntt-local.sip-ta_tcp_stream
-application/vnd.oasis.opendocument.chart odc
-application/vnd.oasis.opendocument.chart-template otc
-application/vnd.oasis.opendocument.database odb
-application/vnd.oasis.opendocument.formula odf
-application/vnd.oasis.opendocument.formula-template odft
-application/vnd.oasis.opendocument.graphics odg
-application/vnd.oasis.opendocument.graphics-template otg
-application/vnd.oasis.opendocument.image odi
-application/vnd.oasis.opendocument.image-template oti
-application/vnd.oasis.opendocument.presentation odp
-application/vnd.oasis.opendocument.presentation-template otp
-application/vnd.oasis.opendocument.spreadsheet ods
-application/vnd.oasis.opendocument.spreadsheet-template ots
-application/vnd.oasis.opendocument.text odt
-application/vnd.oasis.opendocument.text-master odm
-application/vnd.oasis.opendocument.text-template ott
-application/vnd.oasis.opendocument.text-web oth
-# application/vnd.obn
-# application/vnd.oftn.l10n+json
-# application/vnd.oipf.contentaccessdownload+xml
-# application/vnd.oipf.contentaccessstreaming+xml
-# application/vnd.oipf.cspg-hexbinary
-# application/vnd.oipf.dae.svg+xml
-# application/vnd.oipf.dae.xhtml+xml
-# application/vnd.oipf.mippvcontrolmessage+xml
-# application/vnd.oipf.pae.gem
-# application/vnd.oipf.spdiscovery+xml
-# application/vnd.oipf.spdlist+xml
-# application/vnd.oipf.ueprofile+xml
-# application/vnd.oipf.userprofile+xml
-application/vnd.olpc-sugar xo
-# application/vnd.oma-scws-config
-# application/vnd.oma-scws-http-request
-# application/vnd.oma-scws-http-response
-# application/vnd.oma.bcast.associated-procedure-parameter+xml
-# application/vnd.oma.bcast.drm-trigger+xml
-# application/vnd.oma.bcast.imd+xml
-# application/vnd.oma.bcast.ltkm
-# application/vnd.oma.bcast.notification+xml
-# application/vnd.oma.bcast.provisioningtrigger
-# application/vnd.oma.bcast.sgboot
-# application/vnd.oma.bcast.sgdd+xml
-# application/vnd.oma.bcast.sgdu
-# application/vnd.oma.bcast.simple-symbol-container
-# application/vnd.oma.bcast.smartcard-trigger+xml
-# application/vnd.oma.bcast.sprov+xml
-# application/vnd.oma.bcast.stkm
-# application/vnd.oma.cab-address-book+xml
-# application/vnd.oma.cab-feature-handler+xml
-# application/vnd.oma.cab-pcc+xml
-# application/vnd.oma.cab-user-prefs+xml
-# application/vnd.oma.dcd
-# application/vnd.oma.dcdc
-application/vnd.oma.dd2+xml dd2
-# application/vnd.oma.drm.risd+xml
-# application/vnd.oma.group-usage-list+xml
-# application/vnd.oma.pal+xml
-# application/vnd.oma.poc.detailed-progress-report+xml
-# application/vnd.oma.poc.final-report+xml
-# application/vnd.oma.poc.groups+xml
-# application/vnd.oma.poc.invocation-descriptor+xml
-# application/vnd.oma.poc.optimized-progress-report+xml
-# application/vnd.oma.push
-# application/vnd.oma.scidm.messages+xml
-# application/vnd.oma.xcap-directory+xml
-# application/vnd.omads-email+xml
-# application/vnd.omads-file+xml
-# application/vnd.omads-folder+xml
-# application/vnd.omaloc-supl-init
-application/vnd.openofficeorg.extension oxt
-# application/vnd.openxmlformats-officedocument.custom-properties+xml
-# application/vnd.openxmlformats-officedocument.customxmlproperties+xml
-# application/vnd.openxmlformats-officedocument.drawing+xml
-# application/vnd.openxmlformats-officedocument.drawingml.chart+xml
-# application/vnd.openxmlformats-officedocument.drawingml.chartshapes+xml
-# application/vnd.openxmlformats-officedocument.drawingml.diagramcolors+xml
-# application/vnd.openxmlformats-officedocument.drawingml.diagramdata+xml
-# application/vnd.openxmlformats-officedocument.drawingml.diagramlayout+xml
-# application/vnd.openxmlformats-officedocument.drawingml.diagramstyle+xml
-# application/vnd.openxmlformats-officedocument.extended-properties+xml
-# application/vnd.openxmlformats-officedocument.presentationml.commentauthors+xml
-# application/vnd.openxmlformats-officedocument.presentationml.comments+xml
-# application/vnd.openxmlformats-officedocument.presentationml.handoutmaster+xml
-# application/vnd.openxmlformats-officedocument.presentationml.notesmaster+xml
-# application/vnd.openxmlformats-officedocument.presentationml.notesslide+xml
-application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
-# application/vnd.openxmlformats-officedocument.presentationml.presentation.main+xml
-# application/vnd.openxmlformats-officedocument.presentationml.presprops+xml
-application/vnd.openxmlformats-officedocument.presentationml.slide sldx
-# application/vnd.openxmlformats-officedocument.presentationml.slide+xml
-# application/vnd.openxmlformats-officedocument.presentationml.slidelayout+xml
-# application/vnd.openxmlformats-officedocument.presentationml.slidemaster+xml
-application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
-# application/vnd.openxmlformats-officedocument.presentationml.slideshow.main+xml
-# application/vnd.openxmlformats-officedocument.presentationml.slideupdateinfo+xml
-# application/vnd.openxmlformats-officedocument.presentationml.tablestyles+xml
-# application/vnd.openxmlformats-officedocument.presentationml.tags+xml
-application/vnd.openxmlformats-officedocument.presentationml.template potx
-# application/vnd.openxmlformats-officedocument.presentationml.template.main+xml
-# application/vnd.openxmlformats-officedocument.presentationml.viewprops+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.calcchain+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.chartsheet+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.comments+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.connections+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.dialogsheet+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.externallink+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcachedefinition+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.pivotcacherecords+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.pivottable+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.querytable+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionheaders+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.revisionlog+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.sharedstrings+xml
-application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
-# application/vnd.openxmlformats-officedocument.spreadsheetml.sheet.main+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.sheetmetadata+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.styles+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.table+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.tablesinglecells+xml
-application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
-# application/vnd.openxmlformats-officedocument.spreadsheetml.template.main+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.usernames+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.volatiledependencies+xml
-# application/vnd.openxmlformats-officedocument.spreadsheetml.worksheet+xml
-# application/vnd.openxmlformats-officedocument.theme+xml
-# application/vnd.openxmlformats-officedocument.themeoverride+xml
-# application/vnd.openxmlformats-officedocument.vmldrawing
-# application/vnd.openxmlformats-officedocument.wordprocessingml.comments+xml
-application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
-# application/vnd.openxmlformats-officedocument.wordprocessingml.document.glossary+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.document.main+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.endnotes+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.fonttable+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.footer+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.footnotes+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.numbering+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.settings+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.styles+xml
-application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
-# application/vnd.openxmlformats-officedocument.wordprocessingml.template.main+xml
-# application/vnd.openxmlformats-officedocument.wordprocessingml.websettings+xml
-# application/vnd.openxmlformats-package.core-properties+xml
-# application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml
-# application/vnd.openxmlformats-package.relationships+xml
-# application/vnd.quobject-quoxdocument
-# application/vnd.osa.netdeploy
-application/vnd.osgeo.mapguide.package mgp
-# application/vnd.osgi.bundle
-application/vnd.osgi.dp dp
-application/vnd.osgi.subsystem esa
-# application/vnd.otps.ct-kip+xml
-application/vnd.palm pdb pqa oprc
-# application/vnd.paos.xml
-application/vnd.pawaafile paw
-application/vnd.pg.format str
-application/vnd.pg.osasli ei6
-# application/vnd.piaccess.application-licence
-application/vnd.picsel efif
-application/vnd.pmi.widget wg
-# application/vnd.poc.group-advertisement+xml
-application/vnd.pocketlearn plf
-application/vnd.powerbuilder6 pbd
-# application/vnd.powerbuilder6-s
-# application/vnd.powerbuilder7
-# application/vnd.powerbuilder7-s
-# application/vnd.powerbuilder75
-# application/vnd.powerbuilder75-s
-# application/vnd.preminet
-application/vnd.previewsystems.box box
-application/vnd.proteus.magazine mgz
-application/vnd.publishare-delta-tree qps
-application/vnd.pvi.ptid1 ptid
-# application/vnd.pwg-multiplexed
-# application/vnd.pwg-xhtml-print+xml
-# application/vnd.qualcomm.brew-app-res
-application/vnd.quark.quarkxpress qxd qxt qwd qwt qxl qxb
-# application/vnd.radisys.moml+xml
-# application/vnd.radisys.msml+xml
-# application/vnd.radisys.msml-audit+xml
-# application/vnd.radisys.msml-audit-conf+xml
-# application/vnd.radisys.msml-audit-conn+xml
-# application/vnd.radisys.msml-audit-dialog+xml
-# application/vnd.radisys.msml-audit-stream+xml
-# application/vnd.radisys.msml-conf+xml
-# application/vnd.radisys.msml-dialog+xml
-# application/vnd.radisys.msml-dialog-base+xml
-# application/vnd.radisys.msml-dialog-fax-detect+xml
-# application/vnd.radisys.msml-dialog-fax-sendrecv+xml
-# application/vnd.radisys.msml-dialog-group+xml
-# application/vnd.radisys.msml-dialog-speech+xml
-# application/vnd.radisys.msml-dialog-transform+xml
-# application/vnd.rainstor.data
-# application/vnd.rapid
-application/vnd.realvnc.bed bed
-application/vnd.recordare.musicxml mxl
-application/vnd.recordare.musicxml+xml musicxml
-# application/vnd.renlearn.rlprint
-application/vnd.rig.cryptonote cryptonote
-application/vnd.rim.cod cod
-application/vnd.rn-realmedia rm
-application/vnd.rn-realmedia-vbr rmvb
-application/vnd.route66.link66+xml link66
-# application/vnd.rs-274x
-# application/vnd.ruckus.download
-# application/vnd.s3sms
-application/vnd.sailingtracker.track st
-# application/vnd.sbm.cid
-# application/vnd.sbm.mid2
-# application/vnd.scribus
-# application/vnd.sealed.3df
-# application/vnd.sealed.csf
-# application/vnd.sealed.doc
-# application/vnd.sealed.eml
-# application/vnd.sealed.mht
-# application/vnd.sealed.net
-# application/vnd.sealed.ppt
-# application/vnd.sealed.tiff
-# application/vnd.sealed.xls
-# application/vnd.sealedmedia.softseal.html
-# application/vnd.sealedmedia.softseal.pdf
-application/vnd.seemail see
-application/vnd.sema sema
-application/vnd.semd semd
-application/vnd.semf semf
-application/vnd.shana.informed.formdata ifm
-application/vnd.shana.informed.formtemplate itp
-application/vnd.shana.informed.interchange iif
-application/vnd.shana.informed.package ipk
-application/vnd.simtech-mindmapper twd twds
-application/vnd.smaf mmf
-# application/vnd.smart.notebook
-application/vnd.smart.teacher teacher
-# application/vnd.software602.filler.form+xml
-# application/vnd.software602.filler.form-xml-zip
-application/vnd.solent.sdkm+xml sdkm sdkd
-application/vnd.spotfire.dxp dxp
-application/vnd.spotfire.sfs sfs
-# application/vnd.sss-cod
-# application/vnd.sss-dtf
-# application/vnd.sss-ntf
-application/vnd.stardivision.calc sdc
-application/vnd.stardivision.draw sda
-application/vnd.stardivision.impress sdd
-application/vnd.stardivision.math smf
-application/vnd.stardivision.writer sdw vor
-application/vnd.stardivision.writer-global sgl
-application/vnd.stepmania.package smzip
-application/vnd.stepmania.stepchart sm
-# application/vnd.street-stream
-application/vnd.sun.xml.calc sxc
-application/vnd.sun.xml.calc.template stc
-application/vnd.sun.xml.draw sxd
-application/vnd.sun.xml.draw.template std
-application/vnd.sun.xml.impress sxi
-application/vnd.sun.xml.impress.template sti
-application/vnd.sun.xml.math sxm
-application/vnd.sun.xml.writer sxw
-application/vnd.sun.xml.writer.global sxg
-application/vnd.sun.xml.writer.template stw
-# application/vnd.sun.wadl+xml
-application/vnd.sus-calendar sus susp
-application/vnd.svd svd
-# application/vnd.swiftview-ics
-application/vnd.symbian.install sis sisx
-application/vnd.syncml+xml xsm
-application/vnd.syncml.dm+wbxml bdm
-application/vnd.syncml.dm+xml xdm
-# application/vnd.syncml.dm.notification
-# application/vnd.syncml.ds.notification
-application/vnd.tao.intent-module-archive tao
-application/vnd.tcpdump.pcap pcap cap dmp
-application/vnd.tmobile-livetv tmo
-application/vnd.trid.tpt tpt
-application/vnd.triscape.mxs mxs
-application/vnd.trueapp tra
-# application/vnd.truedoc
-# application/vnd.ubisoft.webplayer
-application/vnd.ufdl ufd ufdl
-application/vnd.uiq.theme utz
-application/vnd.umajin umj
-application/vnd.unity unityweb
-application/vnd.uoml+xml uoml
-# application/vnd.uplanet.alert
-# application/vnd.uplanet.alert-wbxml
-# application/vnd.uplanet.bearer-choice
-# application/vnd.uplanet.bearer-choice-wbxml
-# application/vnd.uplanet.cacheop
-# application/vnd.uplanet.cacheop-wbxml
-# application/vnd.uplanet.channel
-# application/vnd.uplanet.channel-wbxml
-# application/vnd.uplanet.list
-# application/vnd.uplanet.list-wbxml
-# application/vnd.uplanet.listcmd
-# application/vnd.uplanet.listcmd-wbxml
-# application/vnd.uplanet.signal
-application/vnd.vcx vcx
-# application/vnd.vd-study
-# application/vnd.vectorworks
-# application/vnd.verimatrix.vcas
-# application/vnd.vidsoft.vidconference
-application/vnd.visio vsd vst vss vsw
-application/vnd.visionary vis
-# application/vnd.vividence.scriptfile
-application/vnd.vsf vsf
-# application/vnd.wap.sic
-# application/vnd.wap.slc
-application/vnd.wap.wbxml wbxml
-application/vnd.wap.wmlc wmlc
-application/vnd.wap.wmlscriptc wmlsc
-application/vnd.webturbo wtb
-# application/vnd.wfa.wsc
-# application/vnd.wmc
-# application/vnd.wmf.bootstrap
-# application/vnd.wolfram.mathematica
-# application/vnd.wolfram.mathematica.package
-application/vnd.wolfram.player nbp
-application/vnd.wordperfect wpd
-application/vnd.wqd wqd
-# application/vnd.wrq-hp3000-labelled
-application/vnd.wt.stf stf
-# application/vnd.wv.csp+wbxml
-# application/vnd.wv.csp+xml
-# application/vnd.wv.ssp+xml
-application/vnd.xara xar
-application/vnd.xfdl xfdl
-# application/vnd.xfdl.webform
-# application/vnd.xmi+xml
-# application/vnd.xmpie.cpkg
-# application/vnd.xmpie.dpkg
-# application/vnd.xmpie.plan
-# application/vnd.xmpie.ppkg
-# application/vnd.xmpie.xlim
-application/vnd.yamaha.hv-dic hvd
-application/vnd.yamaha.hv-script hvs
-application/vnd.yamaha.hv-voice hvp
-application/vnd.yamaha.openscoreformat osf
-application/vnd.yamaha.openscoreformat.osfpvg+xml osfpvg
-# application/vnd.yamaha.remote-setup
-application/vnd.yamaha.smaf-audio saf
-application/vnd.yamaha.smaf-phrase spf
-# application/vnd.yamaha.through-ngn
-# application/vnd.yamaha.tunnel-udpencap
-application/vnd.yellowriver-custom-menu cmp
-application/vnd.zul zir zirz
-application/vnd.zzazz.deck+xml zaz
-application/voicexml+xml vxml
-# application/vq-rtcpxr
-# application/watcherinfo+xml
-# application/whoispp-query
-# application/whoispp-response
-application/widget wgt
-application/winhlp hlp
-# application/wita
-# application/wordperfect5.1
-application/wsdl+xml wsdl
-application/wspolicy+xml wspolicy
-application/x-7z-compressed 7z
-application/x-abiword abw
-application/x-ace-compressed ace
-# application/x-amf
-application/x-apple-diskimage dmg
-application/x-authorware-bin aab x32 u32 vox
-application/x-authorware-map aam
-application/x-authorware-seg aas
-application/x-bcpio bcpio
-application/x-bittorrent torrent
-application/x-blorb blb blorb
-application/x-bzip bz
-application/x-bzip2 bz2 boz
-application/x-cbr cbr cba cbt cbz cb7
-application/x-cdlink vcd
-application/x-cfs-compressed cfs
-application/x-chat chat
-application/x-chess-pgn pgn
-application/x-conference nsc
-# application/x-compress
-application/x-cpio cpio
-application/x-csh csh
-application/x-debian-package deb udeb
-application/x-dgc-compressed dgc
-application/x-director dir dcr dxr cst cct cxt w3d fgd swa
-application/x-doom wad
-application/x-dtbncx+xml ncx
-application/x-dtbook+xml dtb
-application/x-dtbresource+xml res
-application/x-dvi dvi
-application/x-envoy evy
-application/x-eva eva
-application/x-font-bdf bdf
-# application/x-font-dos
-# application/x-font-framemaker
-application/x-font-ghostscript gsf
-# application/x-font-libgrx
-application/x-font-linux-psf psf
-application/x-font-otf otf
-application/x-font-pcf pcf
-application/x-font-snf snf
-# application/x-font-speedo
-# application/x-font-sunos-news
-application/x-font-ttf ttf ttc
-application/x-font-type1 pfa pfb pfm afm
-application/x-font-woff woff
-# application/x-font-vfont
-application/x-freearc arc
-application/x-futuresplash spl
-application/x-gca-compressed gca
-application/x-glulx ulx
-application/x-gnumeric gnumeric
-application/x-gramps-xml gramps
-application/x-gtar gtar
-# application/x-gzip
-application/x-hdf hdf
-application/x-install-instructions install
-application/x-iso9660-image iso
-application/x-java-jnlp-file jnlp
-application/x-latex latex
-application/x-lzh-compressed lzh lha
-application/x-mie mie
-application/x-mobipocket-ebook prc mobi
-application/x-ms-application application
-application/x-ms-shortcut lnk
-application/x-ms-wmd wmd
-application/x-ms-wmz wmz
-application/x-ms-xbap xbap
-application/x-msaccess mdb
-application/x-msbinder obd
-application/x-mscardfile crd
-application/x-msclip clp
-application/x-msdownload exe dll com bat msi
-application/x-msmediaview mvb m13 m14
-application/x-msmetafile wmf wmz emf emz
-application/x-msmoney mny
-application/x-mspublisher pub
-application/x-msschedule scd
-application/x-msterminal trm
-application/x-mswrite wri
-application/x-netcdf nc cdf
-application/x-nzb nzb
-application/x-pkcs12 p12 pfx
-application/x-pkcs7-certificates p7b spc
-application/x-pkcs7-certreqresp p7r
-application/x-rar-compressed rar
-application/x-research-info-systems ris
-application/x-sh sh
-application/x-shar shar
-application/x-shockwave-flash swf
-application/x-silverlight-app xap
-application/x-sql sql
-application/x-stuffit sit
-application/x-stuffitx sitx
-application/x-subrip srt
-application/x-sv4cpio sv4cpio
-application/x-sv4crc sv4crc
-application/x-t3vm-image t3
-application/x-tads gam
-application/x-tar tar
-application/x-tcl tcl
-application/x-tex tex
-application/x-tex-tfm tfm
-application/x-texinfo texinfo texi
-application/x-tgif obj
-application/x-ustar ustar
-application/x-wais-source src
-application/x-x509-ca-cert der crt
-application/x-xfig fig
-application/x-xliff+xml xlf
-application/x-xpinstall xpi
-application/x-xz xz
-application/x-zmachine z1 z2 z3 z4 z5 z6 z7 z8
-# application/x400-bp
-application/xaml+xml xaml
-# application/xcap-att+xml
-# application/xcap-caps+xml
-application/xcap-diff+xml xdf
-# application/xcap-el+xml
-# application/xcap-error+xml
-# application/xcap-ns+xml
-# application/xcon-conference-info-diff+xml
-# application/xcon-conference-info+xml
-application/xenc+xml xenc
-application/xhtml+xml xhtml xht
-# application/xhtml-voice+xml
-application/xml xml xsl
-application/xml-dtd dtd
-# application/xml-external-parsed-entity
-# application/xmpp+xml
-application/xop+xml xop
-application/xproc+xml xpl
-application/xslt+xml xslt
-application/xspf+xml xspf
-application/xv+xml mxml xhvml xvml xvm
-application/yang yang
-application/yin+xml yin
-application/zip zip
-# audio/1d-interleaved-parityfec
-# audio/32kadpcm
-# audio/3gpp
-# audio/3gpp2
-# audio/ac3
-audio/adpcm adp
-# audio/amr
-# audio/amr-wb
-# audio/amr-wb+
-# audio/asc
-# audio/atrac-advanced-lossless
-# audio/atrac-x
-# audio/atrac3
-audio/basic au snd
-# audio/bv16
-# audio/bv32
-# audio/clearmode
-# audio/cn
-# audio/dat12
-# audio/dls
-# audio/dsr-es201108
-# audio/dsr-es202050
-# audio/dsr-es202211
-# audio/dsr-es202212
-# audio/dv
-# audio/dvi4
-# audio/eac3
-# audio/evrc
-# audio/evrc-qcp
-# audio/evrc0
-# audio/evrc1
-# audio/evrcb
-# audio/evrcb0
-# audio/evrcb1
-# audio/evrcwb
-# audio/evrcwb0
-# audio/evrcwb1
-# audio/example
-# audio/fwdred
-# audio/g719
-# audio/g722
-# audio/g7221
-# audio/g723
-# audio/g726-16
-# audio/g726-24
-# audio/g726-32
-# audio/g726-40
-# audio/g728
-# audio/g729
-# audio/g7291
-# audio/g729d
-# audio/g729e
-# audio/gsm
-# audio/gsm-efr
-# audio/gsm-hr-08
-# audio/ilbc
-# audio/ip-mr_v2.5
-# audio/isac
-# audio/l16
-# audio/l20
-# audio/l24
-# audio/l8
-# audio/lpc
-audio/midi mid midi kar rmi
-# audio/mobile-xmf
-audio/mp4 m4a mp4a
-# audio/mp4a-latm
-# audio/mpa
-# audio/mpa-robust
-audio/mpeg mpga mp2 mp2a mp3 m2a m3a
-# audio/mpeg4-generic
-# audio/musepack
-audio/ogg oga ogg spx
-# audio/opus
-# audio/parityfec
-# audio/pcma
-# audio/pcma-wb
-# audio/pcmu-wb
-# audio/pcmu
-# audio/prs.sid
-# audio/qcelp
-# audio/red
-# audio/rtp-enc-aescm128
-# audio/rtp-midi
-# audio/rtx
-audio/s3m s3m
-audio/silk sil
-# audio/smv
-# audio/smv0
-# audio/smv-qcp
-# audio/sp-midi
-# audio/speex
-# audio/t140c
-# audio/t38
-# audio/telephone-event
-# audio/tone
-# audio/uemclip
-# audio/ulpfec
-# audio/vdvi
-# audio/vmr-wb
-# audio/vnd.3gpp.iufp
-# audio/vnd.4sb
-# audio/vnd.audiokoz
-# audio/vnd.celp
-# audio/vnd.cisco.nse
-# audio/vnd.cmles.radio-events
-# audio/vnd.cns.anp1
-# audio/vnd.cns.inf1
-audio/vnd.dece.audio uva uvva
-audio/vnd.digital-winds eol
-# audio/vnd.dlna.adts
-# audio/vnd.dolby.heaac.1
-# audio/vnd.dolby.heaac.2
-# audio/vnd.dolby.mlp
-# audio/vnd.dolby.mps
-# audio/vnd.dolby.pl2
-# audio/vnd.dolby.pl2x
-# audio/vnd.dolby.pl2z
-# audio/vnd.dolby.pulse.1
-audio/vnd.dra dra
-audio/vnd.dts dts
-audio/vnd.dts.hd dtshd
-# audio/vnd.dvb.file
-# audio/vnd.everad.plj
-# audio/vnd.hns.audio
-audio/vnd.lucent.voice lvp
-audio/vnd.ms-playready.media.pya pya
-# audio/vnd.nokia.mobile-xmf
-# audio/vnd.nortel.vbk
-audio/vnd.nuera.ecelp4800 ecelp4800
-audio/vnd.nuera.ecelp7470 ecelp7470
-audio/vnd.nuera.ecelp9600 ecelp9600
-# audio/vnd.octel.sbc
-# audio/vnd.qcelp
-# audio/vnd.rhetorex.32kadpcm
-audio/vnd.rip rip
-# audio/vnd.sealedmedia.softseal.mpeg
-# audio/vnd.vmx.cvsd
-# audio/vorbis
-# audio/vorbis-config
-audio/webm weba
-audio/x-aac aac
-audio/x-aiff aif aiff aifc
-audio/x-caf caf
-audio/x-flac flac
-audio/x-matroska mka
-audio/x-mpegurl m3u
-audio/x-ms-wax wax
-audio/x-ms-wma wma
-audio/x-pn-realaudio ram ra
-audio/x-pn-realaudio-plugin rmp
-# audio/x-tta
-audio/x-wav wav
-audio/xm xm
-chemical/x-cdx cdx
-chemical/x-cif cif
-chemical/x-cmdf cmdf
-chemical/x-cml cml
-chemical/x-csml csml
-# chemical/x-pdb
-chemical/x-xyz xyz
-image/bmp bmp
-image/cgm cgm
-# image/example
-# image/fits
-image/g3fax g3
-image/gif gif
-image/ief ief
-# image/jp2
-image/jpeg jpeg jpg jpe
-# image/jpm
-# image/jpx
-image/ktx ktx
-# image/naplps
-image/png png
-image/prs.btif btif
-# image/prs.pti
-image/sgi sgi
-image/svg+xml svg svgz
-# image/t38
-image/tiff tiff tif
-# image/tiff-fx
-image/vnd.adobe.photoshop psd
-# image/vnd.cns.inf2
-image/vnd.dece.graphic uvi uvvi uvg uvvg
-image/vnd.dvb.subtitle sub
-image/vnd.djvu djvu djv
-image/vnd.dwg dwg
-image/vnd.dxf dxf
-image/vnd.fastbidsheet fbs
-image/vnd.fpx fpx
-image/vnd.fst fst
-image/vnd.fujixerox.edmics-mmr mmr
-image/vnd.fujixerox.edmics-rlc rlc
-# image/vnd.globalgraphics.pgb
-# image/vnd.microsoft.icon
-# image/vnd.mix
-image/vnd.ms-modi mdi
-image/vnd.ms-photo wdp
-image/vnd.net-fpx npx
-# image/vnd.radiance
-# image/vnd.sealed.png
-# image/vnd.sealedmedia.softseal.gif
-# image/vnd.sealedmedia.softseal.jpg
-# image/vnd.svf
-image/vnd.wap.wbmp wbmp
-image/vnd.xiff xif
-image/webp webp
-image/x-3ds 3ds
-image/x-cmu-raster ras
-image/x-cmx cmx
-image/x-freehand fh fhc fh4 fh5 fh7
-image/x-icon ico
-image/x-mrsid-image sid
-image/x-pcx pcx
-image/x-pict pic pct
-image/x-portable-anymap pnm
-image/x-portable-bitmap pbm
-image/x-portable-graymap pgm
-image/x-portable-pixmap ppm
-image/x-rgb rgb
-image/x-tga tga
-image/x-xbitmap xbm
-image/x-xpixmap xpm
-image/x-xwindowdump xwd
-# message/cpim
-# message/delivery-status
-# message/disposition-notification
-# message/example
-# message/external-body
-# message/feedback-report
-# message/global
-# message/global-delivery-status
-# message/global-disposition-notification
-# message/global-headers
-# message/http
-# message/imdn+xml
-# message/news
-# message/partial
-message/rfc822 eml mime
-# message/s-http
-# message/sip
-# message/sipfrag
-# message/tracking-status
-# message/vnd.si.simp
-# model/example
-model/iges igs iges
-model/mesh msh mesh silo
-model/vnd.collada+xml dae
-model/vnd.dwf dwf
-# model/vnd.flatland.3dml
-model/vnd.gdl gdl
-# model/vnd.gs-gdl
-# model/vnd.gs.gdl
-model/vnd.gtw gtw
-# model/vnd.moml+xml
-model/vnd.mts mts
-# model/vnd.parasolid.transmit.binary
-# model/vnd.parasolid.transmit.text
-model/vnd.vtu vtu
-model/vrml wrl vrml
-model/x3d+binary x3db x3dbz
-model/x3d+vrml x3dv x3dvz
-model/x3d+xml x3d x3dz
-# multipart/alternative
-# multipart/appledouble
-# multipart/byteranges
-# multipart/digest
-# multipart/encrypted
-# multipart/example
-# multipart/form-data
-# multipart/header-set
-# multipart/mixed
-# multipart/parallel
-# multipart/related
-# multipart/report
-# multipart/signed
-# multipart/voice-message
-# text/1d-interleaved-parityfec
-text/cache-manifest appcache
-text/calendar ics ifb
-text/css css
-text/csv csv
-# text/directory
-# text/dns
-# text/ecmascript
-# text/enriched
-# text/example
-# text/fwdred
-text/html html htm
-# text/javascript
-text/n3 n3
-# text/parityfec
-text/plain txt text conf def list log in
-# text/prs.fallenstein.rst
-text/prs.lines.tag dsc
-# text/vnd.radisys.msml-basic-layout
-# text/red
-# text/rfc822-headers
-text/richtext rtx
-# text/rtf
-# text/rtp-enc-aescm128
-# text/rtx
-text/sgml sgml sgm
-# text/t140
-text/tab-separated-values tsv
-text/troff t tr roff man me ms
-text/turtle ttl
-# text/ulpfec
-text/uri-list uri uris urls
-text/vcard vcard
-# text/vnd.abc
-text/vnd.curl curl
-text/vnd.curl.dcurl dcurl
-text/vnd.curl.scurl scurl
-text/vnd.curl.mcurl mcurl
-# text/vnd.dmclientscript
-text/vnd.dvb.subtitle sub
-# text/vnd.esmertec.theme-descriptor
-text/vnd.fly fly
-text/vnd.fmi.flexstor flx
-text/vnd.graphviz gv
-text/vnd.in3d.3dml 3dml
-text/vnd.in3d.spot spot
-# text/vnd.iptc.newsml
-# text/vnd.iptc.nitf
-# text/vnd.latex-z
-# text/vnd.motorola.reflex
-# text/vnd.ms-mediapackage
-# text/vnd.net2phone.commcenter.command
-# text/vnd.si.uricatalogue
-text/vnd.sun.j2me.app-descriptor jad
-# text/vnd.trolltech.linguist
-# text/vnd.wap.si
-# text/vnd.wap.sl
-text/vnd.wap.wml wml
-text/vnd.wap.wmlscript wmls
-text/x-asm s asm
-text/x-c c cc cxx cpp h hh dic
-text/x-fortran f for f77 f90
-text/x-java-source java
-text/x-opml opml
-text/x-pascal p pas
-text/x-nfo nfo
-text/x-setext etx
-text/x-sfv sfv
-text/x-uuencode uu
-text/x-vcalendar vcs
-text/x-vcard vcf
-# text/xml
-# text/xml-external-parsed-entity
-# video/1d-interleaved-parityfec
-video/3gpp 3gp
-# video/3gpp-tt
-video/3gpp2 3g2
-# video/bmpeg
-# video/bt656
-# video/celb
-# video/dv
-# video/example
-video/h261 h261
-video/h263 h263
-# video/h263-1998
-# video/h263-2000
-video/h264 h264
-# video/h264-rcdo
-# video/h264-svc
-video/jpeg jpgv
-# video/jpeg2000
-video/jpm jpm jpgm
-video/mj2 mj2 mjp2
-# video/mp1s
-# video/mp2p
-# video/mp2t
-video/mp4 mp4 mp4v mpg4
-# video/mp4v-es
-video/mpeg mpeg mpg mpe m1v m2v
-# video/mpeg4-generic
-# video/mpv
-# video/nv
-video/ogg ogv
-# video/parityfec
-# video/pointer
-video/quicktime qt mov
-# video/raw
-# video/rtp-enc-aescm128
-# video/rtx
-# video/smpte292m
-# video/ulpfec
-# video/vc1
-# video/vnd.cctv
-video/vnd.dece.hd uvh uvvh
-video/vnd.dece.mobile uvm uvvm
-# video/vnd.dece.mp4
-video/vnd.dece.pd uvp uvvp
-video/vnd.dece.sd uvs uvvs
-video/vnd.dece.video uvv uvvv
-# video/vnd.directv.mpeg
-# video/vnd.directv.mpeg-tts
-# video/vnd.dlna.mpeg-tts
-video/vnd.dvb.file dvb
-video/vnd.fvt fvt
-# video/vnd.hns.video
-# video/vnd.iptvforum.1dparityfec-1010
-# video/vnd.iptvforum.1dparityfec-2005
-# video/vnd.iptvforum.2dparityfec-1010
-# video/vnd.iptvforum.2dparityfec-2005
-# video/vnd.iptvforum.ttsavc
-# video/vnd.iptvforum.ttsmpeg2
-# video/vnd.motorola.video
-# video/vnd.motorola.videop
-video/vnd.mpegurl mxu m4u
-video/vnd.ms-playready.media.pyv pyv
-# video/vnd.nokia.interleaved-multimedia
-# video/vnd.nokia.videovoip
-# video/vnd.objectvideo
-# video/vnd.sealed.mpeg1
-# video/vnd.sealed.mpeg4
-# video/vnd.sealed.swf
-# video/vnd.sealedmedia.softseal.mov
-video/vnd.uvvu.mp4 uvu uvvu
-video/vnd.vivo viv
-video/webm webm
-video/x-f4v f4v
-video/x-fli fli
-video/x-flv flv
-video/x-m4v m4v
-video/x-matroska mkv mk3d mks
-video/x-mng mng
-video/x-ms-asf asf asx
-video/x-ms-vob vob
-video/x-ms-wm wm
-video/x-ms-wmv wmv
-video/x-ms-wmx wmx
-video/x-ms-wvx wvx
-video/x-msvideo avi
-video/x-sgi-movie movie
-video/x-smv smv
-x-conference/x-cooltalk ice
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-autoindex.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-autoindex.conf
deleted file mode 100644
index c581e97..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-autoindex.conf
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# Directives controlling the display of server-generated directory listings.
-#
-# Required modules: mod_autoindex, mod_alias
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-#
-
-#
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-#
-IndexOptions FancyIndexing HTMLTable VersionSort
-
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-#
-Alias /icons/ "/usr/local/apache2/icons/"
-
-<Directory "/usr/local/apache2/icons">
- Options Indexes MultiViews
- AllowOverride None
- Order allow,deny
- Allow from all
-</Directory>
-
-#
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-#
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-#
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-#
-DefaultIcon /icons/unknown.gif
-
-#
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-#
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-#
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-#
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-#
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-#
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-dav.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-dav.conf
deleted file mode 100644
index 29dfb72..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-dav.conf
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# Distributed authoring and versioning (WebDAV)
-#
-# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
-# mod_auth_digest, mod_authn_file
-#
-
-# The following example gives DAV write access to a directory called
-# "uploads" under the ServerRoot directory.
-#
-# The User/Group specified in httpd.conf needs to have write permissions
-# on the directory where the DavLockDB is placed and on any directory where
-# "Dav On" is specified.
-
-DavLockDB "/usr/local/apache2/var/DavLock"
-
-Alias /uploads "/usr/local/apache2/uploads"
-
-<Directory "/usr/local/apache2/uploads">
- Dav On
-
- Order Allow,Deny
- Allow from all
-
- AuthType Digest
- AuthName DAV-upload
-
- # You can use the htdigest program to create the password database:
- # htdigest -c "/usr/local/apache2/user.passwd" DAV-upload admin
- AuthUserFile "/usr/local/apache2/user.passwd"
- AuthDigestProvider file
-
- # Allow universal read-access, but writes are restricted
- # to the admin user.
- <LimitExcept GET OPTIONS>
- require user admin
- </LimitExcept>
-</Directory>
-
-#
-# The following directives disable redirects on non-GET requests for
-# a directory that does not include the trailing slash. This fixes a
-# problem with several clients that do not appropriately handle
-# redirects for folders with DAV methods.
-#
-BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-BrowserMatch "MS FrontPage" redirect-carefully
-BrowserMatch "^WebDrive" redirect-carefully
-BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
-BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-BrowserMatch "^XML Spy" redirect-carefully
-BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-default.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-default.conf
deleted file mode 100644
index efeca05..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-default.conf
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# This configuration file reflects default settings for Apache HTTP Server.
-#
-# You may change these, but chances are that you may not need to.
-#
-
-#
-# Timeout: The number of seconds before receives and sends time out.
-#
-Timeout 300
-
-#
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-#
-KeepAlive On
-
-#
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-#
-MaxKeepAliveRequests 100
-
-#
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-#
-KeepAliveTimeout 5
-
-#
-# UseCanonicalName: Determines how Apache constructs self-referencing
-# URLs and the SERVER_NAME and SERVER_PORT variables.
-# When set "Off", Apache will use the Hostname and Port supplied
-# by the client. When set "On", Apache will use the value of the
-# ServerName directive.
-#
-UseCanonicalName Off
-
-#
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives. See also the AllowOverride
-# directive.
-#
-AccessFileName .htaccess
-
-#
-# ServerTokens
-# This directive configures what you return as the Server HTTP response
-# Header. The default is 'Full' which sends information about the OS-Type
-# and compiled in modules.
-# Set to one of: Full | OS | Minor | Minimal | Major | Prod
-# where Full conveys the most information, and Prod the least.
-#
-ServerTokens Full
-
-#
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of: On | Off | EMail
-#
-ServerSignature On
-
-#
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-#
-HostnameLookups Off
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-info.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-info.conf
deleted file mode 100644
index db316c0..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-info.conf
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# Get information about the requests being processed by the server
-# and the configuration of the server.
-#
-# Required modules: mod_status (for the server-status handler),
-# mod_info (for the server-info handler)
-
-#
-# Allow server status reports generated by mod_status,
-# with the URL of http://servername/server-status
-# Change the ".example.com" to match your domain to enable.
-
-<Location /server-status>
- SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from .example.com
-</Location>
-
-#
-# ExtendedStatus controls whether Apache will generate "full" status
-# information (ExtendedStatus On) or just basic information (ExtendedStatus
-# Off) when the "server-status" handler is called. The default is Off.
-#
-#ExtendedStatus On
-
-#
-# Allow remote server configuration reports, with the URL of
-# http://servername/server-info (requires that mod_info.c be loaded).
-# Change the ".example.com" to match your domain to enable.
-#
-<Location /server-info>
- SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from .example.com
-</Location>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-languages.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-languages.conf
deleted file mode 100644
index 7f66461..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-languages.conf
+++ /dev/null
@@ -1,141 +0,0 @@
-#
-# Settings for hosting different languages.
-#
-# Required modules: mod_mime, mod_negotiation
-
-# DefaultLanguage and AddLanguage allows you to specify the language of
-# a document. You can then use content negotiation to give a browser a
-# file in a language the user can understand.
-#
-# Specify a default language. This means that all data
-# going out without a specific language tag (see below) will
-# be marked with this one. You probably do NOT want to set
-# this unless you are sure it is correct for all cases.
-#
-# * It is generally better to not mark a page as
-# * being a certain language than marking it with the wrong
-# * language!
-#
-# DefaultLanguage nl
-#
-# Note 1: The suffix does not have to be the same as the language
-# keyword --- those with documents in Polish (whose net-standard
-# language code is pl) may wish to use "AddLanguage pl .po" to
-# avoid the ambiguity with the common suffix for perl scripts.
-#
-# Note 2: The example entries below illustrate that in some cases
-# the two character 'Language' abbreviation is not identical to
-# the two character 'Country' code for its country,
-# E.g. 'Danmark/dk' versus 'Danish/da'.
-#
-# Note 3: In the case of 'ltz' we violate the RFC by using a three char
-# specifier. There is 'work in progress' to fix this and get
-# the reference data for rfc1766 cleaned up.
-#
-# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-# Norwegian (no) - Polish (pl) - Portugese (pt)
-# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
-# Traditional Chinese (zh-TW)
-#
-AddLanguage ca .ca
-AddLanguage cs .cz .cs
-AddLanguage da .dk
-AddLanguage de .de
-AddLanguage el .el
-AddLanguage en .en
-AddLanguage eo .eo
-AddLanguage es .es
-AddLanguage et .et
-AddLanguage fr .fr
-AddLanguage he .he
-AddLanguage hr .hr
-AddLanguage it .it
-AddLanguage ja .ja
-AddLanguage ko .ko
-AddLanguage ltz .ltz
-AddLanguage nl .nl
-AddLanguage nn .nn
-AddLanguage no .no
-AddLanguage pl .po
-AddLanguage pt .pt
-AddLanguage pt-BR .pt-br
-AddLanguage ru .ru
-AddLanguage sv .sv
-AddLanguage tr .tr
-AddLanguage zh-CN .zh-cn
-AddLanguage zh-TW .zh-tw
-
-# LanguagePriority allows you to give precedence to some languages
-# in case of a tie during content negotiation.
-#
-# Just list the languages in decreasing order of preference. We have
-# more or less alphabetized them here. You probably want to change this.
-#
-LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
-
-#
-# ForceLanguagePriority allows you to serve a result page rather than
-# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
-# [in case no accepted languages matched the available variants]
-#
-ForceLanguagePriority Prefer Fallback
-
-#
-# Commonly used filename extensions to character sets. You probably
-# want to avoid clashes with the language extensions, unless you
-# are good at carefully testing your setup after each change.
-# See http://www.iana.org/assignments/character-sets for the
-# official list of charset names and their respective RFCs.
-#
-AddCharset us-ascii.ascii .us-ascii
-AddCharset ISO-8859-1 .iso8859-1 .latin1
-AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
-AddCharset ISO-8859-3 .iso8859-3 .latin3
-AddCharset ISO-8859-4 .iso8859-4 .latin4
-AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
-AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
-AddCharset ISO-8859-7 .iso8859-7 .grk .greek
-AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
-AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
-AddCharset ISO-8859-10 .iso8859-10 .latin6
-AddCharset ISO-8859-13 .iso8859-13
-AddCharset ISO-8859-14 .iso8859-14 .latin8
-AddCharset ISO-8859-15 .iso8859-15 .latin9
-AddCharset ISO-8859-16 .iso8859-16 .latin10
-AddCharset ISO-2022-JP .iso2022-jp .jis
-AddCharset ISO-2022-KR .iso2022-kr .kis
-AddCharset ISO-2022-CN .iso2022-cn .cis
-AddCharset Big5.Big5 .big5 .b5
-AddCharset cn-Big5 .cn-big5
-# For russian, more than one charset is used (depends on client, mostly):
-AddCharset WINDOWS-1251 .cp-1251 .win-1251
-AddCharset CP866 .cp866
-AddCharset KOI8 .koi8
-AddCharset KOI8-E .koi8-e
-AddCharset KOI8-r .koi8-r .koi8-ru
-AddCharset KOI8-U .koi8-u
-AddCharset KOI8-ru .koi8-uk .ua
-AddCharset ISO-10646-UCS-2 .ucs2
-AddCharset ISO-10646-UCS-4 .ucs4
-AddCharset UTF-7 .utf7
-AddCharset UTF-8 .utf8
-AddCharset UTF-16 .utf16
-AddCharset UTF-16BE .utf16be
-AddCharset UTF-16LE .utf16le
-AddCharset UTF-32 .utf32
-AddCharset UTF-32BE .utf32be
-AddCharset UTF-32LE .utf32le
-AddCharset euc-cn .euc-cn
-AddCharset euc-gb .euc-gb
-AddCharset euc-jp .euc-jp
-AddCharset euc-kr .euc-kr
-#Not sure how euc-tw got in - IANA doesn't list it???
-AddCharset EUC-TW .euc-tw
-AddCharset gb2312 .gb2312 .gb
-AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
-AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
-AddCharset shift_jis .shift_jis .sjis
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-manual.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-manual.conf
deleted file mode 100644
index fc12fb9..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-manual.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Provide access to the documentation on your server as
-# http://yourserver.example.com/manual/
-# The documentation is always available at
-# http://httpd.apache.org/docs/2.2/
-#
-# Required modules: mod_alias, mod_setenvif, mod_negotiation
-#
-
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "/usr/local/apache2/manual$1"
-
-<Directory "/usr/local/apache2/manual">
- Options Indexes
- AllowOverride None
- Order allow,deny
- Allow from all
-
- <Files *.html>
- SetHandler type-map
- </Files>
- # .tr is text/troff in mime.types!
- <Files *.html.tr.utf8>
- ForceType "text/html; charset=utf-8"
- </Files>
-
- SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1
- RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2
-
- LanguagePriority en de es fr ja ko pt-br ru tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-mpm.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-mpm.conf
deleted file mode 100644
index 8c44c60..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-mpm.conf
+++ /dev/null
@@ -1,110 +0,0 @@
-#
-# Server-Pool Management (MPM specific)
-#
-
-#
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-#
-# Note that this is the default PidFile for most MPMs.
-#
-<IfModule !mpm_netware_module>
- PidFile "logs/httpd.pid"
-</IfModule>
-
-#
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#
-<IfModule !mpm_winnt_module>
-<IfModule !mpm_netware_module>
-LockFile "logs/accept.lock"
-</IfModule>
-</IfModule>
-
-#
-# Only one of the below sections will be relevant on your
-# installed httpd. Use "apachectl -l" to find out the
-# active mpm.
-#
-
-# prefork MPM
-# StartServers: number of server processes to start
-# MinSpareServers: minimum number of server processes which are kept spare
-# MaxSpareServers: maximum number of server processes which are kept spare
-# MaxClients: maximum number of server processes allowed to start
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_prefork_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 0
-</IfModule>
-
-# worker MPM
-# StartServers: initial number of server processes to start
-# MaxClients: maximum number of simultaneous client connections
-# MinSpareThreads: minimum number of worker threads which are kept spare
-# MaxSpareThreads: maximum number of worker threads which are kept spare
-# ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_worker_module>
- StartServers 2
- MaxClients 150
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxRequestsPerChild 0
-</IfModule>
-
-# BeOS MPM
-# StartThreads: how many threads do we initially spawn?
-# MaxClients: max number of threads we can have (1 thread == 1 client)
-# MaxRequestsPerThread: maximum number of requests each thread will process
-<IfModule mpm_beos_module>
- StartThreads 10
- MaxClients 50
- MaxRequestsPerThread 10000
-</IfModule>
-
-# NetWare MPM
-# ThreadStackSize: Stack size allocated for each worker thread
-# StartThreads: Number of worker threads launched at server startup
-# MinSpareThreads: Minimum number of idle threads, to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# MaxThreads: Maximum number of worker threads alive at the same time
-# MaxRequestsPerChild: Maximum number of requests a thread serves. It is
-# recommended that the default value of 0 be set for this
-# directive on NetWare. This will allow the thread to
-# continue to service requests indefinitely.
-<IfModule mpm_netware_module>
- ThreadStackSize 65536
- StartThreads 250
- MinSpareThreads 25
- MaxSpareThreads 250
- MaxThreads 1000
- MaxRequestsPerChild 0
- MaxMemFree 100
-</IfModule>
-
-# OS/2 MPM
-# StartServers: Number of server processes to maintain
-# MinSpareThreads: Minimum number of idle threads per process,
-# to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads per process
-# MaxRequestsPerChild: Maximum number of connections per server process
-<IfModule mpm_mpmt_os2_module>
- StartServers 2
- MinSpareThreads 5
- MaxSpareThreads 10
- MaxRequestsPerChild 0
-</IfModule>
-
-# WinNT MPM
-# ThreadsPerChild: constant number of worker threads in the server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
-<IfModule mpm_winnt_module>
- ThreadsPerChild 150
- MaxRequestsPerChild 0
-</IfModule>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-multilang-errordoc.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-multilang-errordoc.conf
deleted file mode 100644
index 8ff9a45..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-multilang-errordoc.conf
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The configuration below implements multi-language error documents through
-# content-negotiation.
-#
-# Required modules: mod_alias, mod_include, mod_negotiation
-#
-# We use Alias to redirect any /error/HTTP_<error>.html.var response to
-# our collection of by-error message multi-language collections. We use
-# includes to substitute the appropriate text.
-#
-# You can modify the messages' appearance without changing any of the
-# default HTTP_<error>.html.var files by adding the line:
-#
-# Alias /error/include/ "/your/include/path/"
-#
-# which allows you to create your own set of files by starting with the
-# /usr/local/apache2/error/include/ files and copying them to /your/include/path/,
-# even on a per-VirtualHost basis. The default include files will display
-# your Apache version number and your ServerAdmin email address regardless
-# of the setting of ServerSignature.
-
-Alias /error/ "/usr/local/apache2/error/"
-
-<Directory "/usr/local/apache2/error">
- AllowOverride None
- Options IncludesNoExec
- AddOutputFilter Includes html
- AddHandler type-map var
- Order allow,deny
- Allow from all
- LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
-
-ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-ErrorDocument 410 /error/HTTP_GONE.html.var
-ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-ssl.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-ssl.conf
deleted file mode 100644
index 51f3784..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-ssl.conf
+++ /dev/null
@@ -1,269 +0,0 @@
-#
-# This is the Apache server configuration file providing SSL support.
-# It contains the configuration directives to instruct the server how to
-# serve pages over an https connection. For detailed information about these
-# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-
-#
-# Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the SSL library.
-# The seed data should be of good random quality.
-# WARNING! On some platforms /dev/random blocks if not enough entropy
-# is available. This means you then cannot use the /dev/random device
-# because it would lead to very long connection times (as long as
-# it requires to make more entropy available). But usually those
-# platforms additionally provide a /dev/urandom device which doesn't
-# block. So, if available, use this one instead. Read the mod_ssl User
-# Manual for more details.
-#
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed startup file:/dev/urandom 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-
-#
-# When we also provide SSL we have to listen to the
-# standard HTTP port (see above) and to the HTTPS port
-#
-# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
-# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
-#
-Listen 443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-# SSL Cipher Suite:
-# List the ciphers that the client is permitted to negotiate,
-# and that httpd will negotiate as the client of a proxied server.
-# See the OpenSSL documentation for a complete list of ciphers, and
-# ensure these follow appropriate best practices for this deployment.
-# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
-# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
-SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
-SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
-
-# By the end of 2016, only TLSv1.2 ciphers should remain in use.
-# Older ciphers should be disallowed as soon as possible, while the
-# kRSA ciphers do not offer forward secrecy. These changes inhibit
-# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy
-# non-browser tooling) from successfully connecting.
-#
-# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable
-# those protocols which do not support forward secrecy, replace
-# the SSLCipherSuite and SSLProxyCipherSuite directives above with
-# the following two directives, as soon as practical.
-# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
-# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
-
-# User agents such as web browsers are not configured for the user's
-# own preference of either security or performance, therefore this
-# must be the prerogative of the web server administrator who manages
-# cpu load versus confidentiality, so enforce the server's cipher order.
-SSLHonorCipherOrder on
-
-# SSL Protocol support:
-# List the protocol versions which clients are allowed to connect with.
-# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0)
-# should be disabled as quickly as practical. By the end of 2016, only
-# the TLSv1.2 protocol or later should remain in use.
-SSLProtocol all -SSLv2 -SSLv3
-SSLProxyProtocol all -SSLv2 -SSLv3
-
-# Pass Phrase Dialog:
-# Configure the pass phrase gathering process.
-# The filtering dialog program (`builtin' is a internal
-# terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog builtin
-
-# Inter-Process Session Cache:
-# Configure the SSL Session Cache: First the mechanism
-# to use and second the expiring timeout (in seconds).
-#SSLSessionCache "dbm:/usr/local/apache2/logs/ssl_scache"
-SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
-SSLSessionCacheTimeout 300
-
-# Semaphore:
-# Configure the path to the mutual exclusion semaphore the
-# SSL engine uses internally for inter-process synchronization.
-SSLMutex "file:/usr/local/apache2/logs/ssl_mutex"
-
-##
-## SSL Virtual Host Context
-##
-
-<VirtualHost _default_:443>
-
-# General setup for the virtual host
-DocumentRoot "/usr/local/apache2/htdocs"
-ServerName www.example.com:443
-ServerAdmin you@example.com
-ErrorLog "/usr/local/apache2/logs/error_log"
-TransferLog "/usr/local/apache2/logs/access_log"
-
-# SSL Engine Switch:
-# Enable/Disable SSL for this virtual host.
-SSLEngine on
-
-# Server Certificate:
-# Point SSLCertificateFile at a PEM encoded certificate. If
-# the certificate is encrypted, then you will be prompted for a
-# pass phrase. Note that a kill -HUP will prompt again. Keep
-# in mind that if you have both an RSA and a DSA certificate you
-# can configure both in parallel (to also allow the use of DSA
-# ciphers, etc.)
-# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
-# require an ECC certificate which can also be configured in
-# parallel.
-SSLCertificateFile "/usr/local/apache2/conf/server.crt"
-#SSLCertificateFile "/usr/local/apache2/conf/server-dsa.crt"
-#SSLCertificateFile "/usr/local/apache2/conf/server-ecc.crt"
-
-# Server Private Key:
-# If the key is not combined with the certificate, use this
-# directive to point at the key file. Keep in mind that if
-# you've both a RSA and a DSA private key you can configure
-# both in parallel (to also allow the use of DSA ciphers, etc.)
-# ECC keys, when in use, can also be configured in parallel
-SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
-#SSLCertificateKeyFile "/usr/local/apache2/conf/server-dsa.key"
-#SSLCertificateKeyFile "/usr/local/apache2/conf/server-ecc.key"
-
-# Server Certificate Chain:
-# Point SSLCertificateChainFile at a file containing the
-# concatenation of PEM encoded CA certificates which form the
-# certificate chain for the server certificate. Alternatively
-# the referenced file can be the same as SSLCertificateFile
-# when the CA certificates are directly appended to the server
-# certificate for convenience.
-#SSLCertificateChainFile "/usr/local/apache2/conf/server-ca.crt"
-
-# Certificate Authority (CA):
-# Set the CA certificate verification path where to find CA
-# certificates for client authentication or alternatively one
-# huge file containing all of them (file must be PEM encoded)
-# Note: Inside SSLCACertificatePath you need hash symlinks
-# to point to the certificate files. Use the provided
-# Makefile to update the hash symlinks after changes.
-#SSLCACertificatePath "/usr/local/apache2/conf/ssl.crt"
-#SSLCACertificateFile "/usr/local/apache2/conf/ssl.crt/ca-bundle.crt"
-
-# Certificate Revocation Lists (CRL):
-# Set the CA revocation path where to find CA CRLs for client
-# authentication or alternatively one huge file containing all
-# of them (file must be PEM encoded)
-# Note: Inside SSLCARevocationPath you need hash symlinks
-# to point to the certificate files. Use the provided
-# Makefile to update the hash symlinks after changes.
-#SSLCARevocationPath "/usr/local/apache2/conf/ssl.crl"
-#SSLCARevocationFile "/usr/local/apache2/conf/ssl.crl/ca-bundle.crl"
-
-# Client Authentication (Type):
-# Client certificate verification type and depth. Types are
-# none, optional, require and optional_no_ca. Depth is a
-# number which specifies how deeply to verify the certificate
-# issuer chain before deciding the certificate is not valid.
-#SSLVerifyClient require
-#SSLVerifyDepth 10
-
-# Access Control:
-# With SSLRequire you can do per-directory access control based
-# on arbitrary complex boolean expressions containing server
-# variable checks and other lookup directives. The syntax is a
-# mixture between C and Perl. See the mod_ssl documentation
-# for more details.
-#<Location />
-#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
-# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
-# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
-# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
-# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
-# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
-#</Location>
-
-# SSL Engine Options:
-# Set various options for the SSL engine.
-# o FakeBasicAuth:
-# Translate the client X.509 into a Basic Authorisation. This means that
-# the standard Auth/DBMAuth methods can be used for access control. The
-# user name is the `one line' version of the client's X.509 certificate.
-# Note that no password is obtained from the user. Every entry in the user
-# file needs this password: `xxj31ZMTZzkVA'.
-# o ExportCertData:
-# This exports two additional environment variables: SSL_CLIENT_CERT and
-# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
-# server (always existing) and the client (only existing when client
-# authentication is used). This can be used to import the certificates
-# into CGI scripts.
-# o StdEnvVars:
-# This exports the standard SSL/TLS related `SSL_*' environment variables.
-# Per default this exportation is switched off for performance reasons,
-# because the extraction step is an expensive operation and is usually
-# useless for serving static content. So one usually enables the
-# exportation for CGI and SSI requests only.
-# o StrictRequire:
-# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
-# under a "Satisfy any" situation, i.e. when it applies access is denied
-# and no other module can change it.
-# o OptRenegotiate:
-# This enables optimized SSL connection renegotiation handling when SSL
-# directives are used in per-directory context.
-#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
-<FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
-</FilesMatch>
-<Directory "/usr/local/apache2/cgi-bin">
- SSLOptions +StdEnvVars
-</Directory>
-
-# SSL Protocol Adjustments:
-# The safe and default but still SSL/TLS standard compliant shutdown
-# approach is that mod_ssl sends the close notify alert but doesn't wait for
-# the close notify alert from client. When you need a different shutdown
-# approach you can use one of the following variables:
-# o ssl-unclean-shutdown:
-# This forces an unclean shutdown when the connection is closed, i.e. no
-# SSL close notify alert is sent or allowed to be received. This violates
-# the SSL/TLS standard but is needed for some brain-dead browsers. Use
-# this when you receive I/O errors because of the standard approach where
-# mod_ssl sends the close notify alert.
-# o ssl-accurate-shutdown:
-# This forces an accurate shutdown when the connection is closed, i.e. a
-# SSL close notify alert is send and mod_ssl waits for the close notify
-# alert of the client. This is 100% SSL/TLS standard compliant, but in
-# practice often causes hanging connections with brain-dead browsers. Use
-# this only for browsers where you know that their SSL implementation
-# works correctly.
-# Notice: Most problems of broken clients are also related to the HTTP
-# keep-alive facility, so you usually additionally want to disable
-# keep-alive for those clients, too. Use variable "nokeepalive" for this.
-# Similarly, one has to force some clients to use HTTP/1.0 to workaround
-# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
-# "force-response-1.0" for this.
-BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
-
-# Per-Server Logging:
-# The home of a custom SSL log file. Use this when you want a
-# compact non-error SSL logfile on a virtual host basis.
-CustomLog "/usr/local/apache2/logs/ssl_request_log" \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
-</VirtualHost>
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-userdir.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-userdir.conf
deleted file mode 100644
index 567bd6d..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-userdir.conf
+++ /dev/null
@@ -1,28 +0,0 @@
-# Settings for user home directories
-#
-# Required module: mod_userdir
-
-#
-# UserDir: The name of the directory that is appended onto a user's home
-# directory if a ~user request is received. Note that you must also set
-# the default access control for these directories, as in the example below.
-#
-UserDir public_html
-
-#
-# Control access to UserDir directories. The following is an example
-# for a site where these directories are restricted to read-only.
-#
-<Directory "/home/*/public_html">
- AllowOverride FileInfo AuthConfig Limit Indexes
- Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
- <Limit GET POST OPTIONS>
- Order allow,deny
- Allow from all
- </Limit>
- <LimitExcept GET POST OPTIONS>
- Order deny,allow
- Deny from all
- </LimitExcept>
-</Directory>
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-vhosts.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-vhosts.conf
deleted file mode 100644
index 12995e2..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/extra/httpd-vhosts.conf
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# Virtual Hosts
-#
-# If you want to maintain multiple domains/hostnames on your
-# machine you can setup VirtualHost containers for them. Most configurations
-# use only name-based virtual hosts so the server doesn't need to worry about
-# IP addresses. This is indicated by the asterisks in the directives below.
-#
-# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
-# for further details before you try to setup virtual hosts.
-#
-# You may use the command line option '-S' to verify your virtual host
-# configuration.
-
-#
-# Use name-based virtual hosting.
-#
-NameVirtualHost *:80
-
-#
-# VirtualHost example:
-# Almost any Apache directive may go into a VirtualHost container.
-# The first VirtualHost section is used for all requests that do not
-# match a ServerName or ServerAlias in any <VirtualHost> block.
-#
-<VirtualHost *:8080>
- ServerAdmin webmaster@dummy-host.example.com
- DocumentRoot "/usr/local/apache2/docs/dummy-host.example.com"
- ServerName dummy-host.example.com
- ServerAlias www.dummy-host.example.com
- ErrorLog "logs/dummy-host.example.com-error_log"
- CustomLog "logs/dummy-host.example.com-access_log" common
-</VirtualHost>
-
-<VirtualHost *:8080>
- ServerAdmin webmaster@dummy-host2.example.com
- DocumentRoot "/usr/local/apache2/docs/dummy-host2.example.com"
- ServerName dummy-host2.example.com
- ErrorLog "logs/dummy-host2.example.com-error_log"
- CustomLog "logs/dummy-host2.example.com-access_log" common
-</VirtualHost>
-
-
-
diff --git a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/httpd.conf b/setup/projects/katrin/files/etc/apache2-kaas-docker/original/httpd.conf
deleted file mode 100644
index 8724924..0000000
--- a/setup/projects/katrin/files/etc/apache2-kaas-docker/original/httpd.conf
+++ /dev/null
@@ -1,494 +0,0 @@
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so 'log/access_log'
-# with ServerRoot set to '/www' will be interpreted by the
-# server as '/www/log/access_log', where as '/log/access_log' will be
-# interpreted as '/log/access_log'.
-
-#
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to point the LockFile directive
-# at a local disk. If you wish to share the same ServerRoot for multiple
-# httpd daemons, you will need to change at least LockFile and PidFile.
-#
-ServerRoot "/usr/local/apache2"
-
-#
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 8080
-
-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-LoadModule authn_file_module modules/mod_authn_file.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_dbd_module modules/mod_authn_dbd.so
-LoadModule authn_default_module modules/mod_authn_default.so
-LoadModule authn_alias_module modules/mod_authn_alias.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
-LoadModule authz_default_module modules/mod_authz_default.so
-LoadModule auth_basic_module modules/mod_auth_basic.so
-LoadModule auth_digest_module modules/mod_auth_digest.so
-LoadModule file_cache_module modules/mod_file_cache.so
-LoadModule cache_module modules/mod_cache.so
-LoadModule disk_cache_module modules/mod_disk_cache.so
-LoadModule mem_cache_module modules/mod_mem_cache.so
-LoadModule dbd_module modules/mod_dbd.so
-LoadModule dumpio_module modules/mod_dumpio.so
-LoadModule reqtimeout_module modules/mod_reqtimeout.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-LoadModule include_module modules/mod_include.so
-LoadModule filter_module modules/mod_filter.so
-LoadModule substitute_module modules/mod_substitute.so
-LoadModule charset_lite_module modules/mod_charset_lite.so
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule ldap_module modules/mod_ldap.so
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule log_forensic_module modules/mod_log_forensic.so
-LoadModule logio_module modules/mod_logio.so
-LoadModule env_module modules/mod_env.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule cern_meta_module modules/mod_cern_meta.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule headers_module modules/mod_headers.so
-LoadModule ident_module modules/mod_ident.so
-LoadModule usertrack_module modules/mod_usertrack.so
-LoadModule unique_id_module modules/mod_unique_id.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule version_module modules/mod_version.so
-LoadModule proxy_module modules/mod_proxy.so
-LoadModule proxy_connect_module modules/mod_proxy_connect.so
-LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
-LoadModule proxy_http_module modules/mod_proxy_http.so
-LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
-LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
-LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-LoadModule ssl_module modules/mod_ssl.so
-LoadModule mime_module modules/mod_mime.so
-LoadModule dav_module modules/mod_dav.so
-LoadModule status_module modules/mod_status.so
-LoadModule autoindex_module modules/mod_autoindex.so
-LoadModule asis_module modules/mod_asis.so
-LoadModule info_module modules/mod_info.so
-LoadModule cgi_module modules/mod_cgi.so
-LoadModule dav_fs_module modules/mod_dav_fs.so
-LoadModule dav_lock_module modules/mod_dav_lock.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-LoadModule negotiation_module modules/mod_negotiation.so
-LoadModule dir_module modules/mod_dir.so
-LoadModule imagemap_module modules/mod_imagemap.so
-LoadModule actions_module modules/mod_actions.so
-LoadModule speling_module modules/mod_speling.so
-LoadModule userdir_module modules/mod_userdir.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule rewrite_module modules/mod_rewrite.so
-
-<IfModule !mpm_netware_module>
-<IfModule !mpm_winnt_module>
-#
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-#
-User daemon
-Group daemon
-
-</IfModule>
-</IfModule>
-
-# 'Main' server configuration
-#
-# The directives in this section set up the values used by the 'main'
-# server, which responds to any requests that aren't handled by a
-# <VirtualHost> definition. These values also provide defaults for
-# any <VirtualHost> containers you may define later in the file.
-#
-# All of these directives may appear inside <VirtualHost> containers,
-# in which case these default settings will be overridden for the
-# virtual host being defined.
-#
-
-#
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-#
-ServerAdmin you@example.com
-
-#
-# ServerName gives the name and port that the server uses to identify itself.
-# This can often be determined automatically, but we recommend you specify
-# it explicitly to prevent problems during startup.
-#
-# If your host doesn't have a registered DNS name, enter its IP address here.
-#
-#ServerName www.example.com:80
-
-#
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-DocumentRoot "/usr/local/apache2/htdocs"
-
-#
-# Each directory to which Apache has access can be configured with respect
-# to which services and features are allowed and/or disabled in that
-# directory (and its subdirectories).
-#
-# First, we configure the "default" to be a very restrictive set of
-# features.
-#
-<Directory />
- Options FollowSymLinks
- AllowOverride None
- Order deny,allow
- Deny from all
-</Directory>
-
-#
-# Note that from this point forward you must specifically allow
-# particular features to be enabled - so if something's not working as
-# you might expect, make sure that you have specifically enabled it
-# below.
-#
-
-#
-# This should be changed to whatever you set DocumentRoot to.
-#
-<Directory "/usr/local/apache2/htdocs">
- #
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
- # for more information.
- #
- Options Indexes FollowSymLinks
-
- #
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- #
- AllowOverride None
-
- #
- # Controls who can get stuff from this server.
- #
- Order allow,deny
- Allow from all
-
-</Directory>
-
-#
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-<IfModule dir_module>
- DirectoryIndex index.html
-</IfModule>
-
-#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-#
-<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
- Satisfy All
-</FilesMatch>
-
-#
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-#
-ErrorLog "logs/error_log"
-
-#
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-#
-LogLevel warn
-
-<IfModule log_config_module>
- #
- # The following directives define some format nicknames for use with
- # a CustomLog directive (see below).
- #
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
- LogFormat "%h %l %u %t \"%r\" %>s %b" common
-
- <IfModule logio_module>
- # You need to enable mod_logio.c to use %I and %O
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
- </IfModule>
-
- #
- # The location and format of the access logfile (Common Logfile Format).
- # If you do not define any access logfiles within a <VirtualHost>
- # container, they will be logged here. Contrariwise, if you *do*
- # define per-<VirtualHost> access logfiles, transactions will be
- # logged therein and *not* in this file.
- #
- CustomLog "logs/access_log" common
-
- #
- # If you prefer a logfile with access, agent, and referer information
- # (Combined Logfile Format) you can use the following directive.
- #
- #CustomLog "logs/access_log" combined
-</IfModule>
-
-<IfModule alias_module>
- #
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- #
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- #
- # ScriptAlias: This controls which directories contain server scripts.
- # ScriptAliases are essentially the same as Aliases, except that
- # documents in the target directory are treated as applications and
- # run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
- # directives as to Alias.
- #
- ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"
-
-</IfModule>
-
-<IfModule cgid_module>
- #
- # ScriptSock: On threaded servers, designate the path to the UNIX
- # socket used to communicate with the CGI daemon of mod_cgid.
- #
- #Scriptsock logs/cgisock
-</IfModule>
-
-#
-# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-#
-<Directory "/usr/local/apache2/cgi-bin">
- AllowOverride None
- Options None
- Order allow,deny
- Allow from all
-</Directory>
-
-#
-# DefaultType: the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value. If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-#
-DefaultType text/plain
-
-<IfModule headers_module>
- #
- # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
- # backend servers which have lingering "httpoxy" defects.
- # 'Proxy' request header is undefined by the IETF, not listed by IANA
- #
- RequestHeader unset Proxy early
-</IfModule>
-
-<IfModule mime_module>
- #
- # TypesConfig points to the file containing the list of mappings from
- # filename extension to MIME-type.
- #
- TypesConfig conf/mime.types
-
- #
- # AddType allows you to add to or override the MIME configuration
- # file specified in TypesConfig for specific file types.
- #
- #AddType application/x-gzip .tgz
- #
- # AddEncoding allows you to have certain browsers uncompress
- # information on the fly. Note: Not all browsers support this.
- #
- #AddEncoding x-compress .Z
- #AddEncoding x-gzip .gz .tgz
- #
- # If the AddEncoding directives above are commented-out, then you
- # probably should define those extensions to indicate media types:
- #
- AddType application/x-compress .Z
- AddType application/x-gzip .gz .tgz
-
- #
- # AddHandler allows you to map certain file extensions to "handlers":
- # actions unrelated to filetype. These can be either built into the server
- # or added with the Action directive (see below)
- #
- # To use CGI scripts outside of ScriptAliased directories:
- # (You will also need to add "ExecCGI" to the "Options" directive.)
- #
- #AddHandler cgi-script .cgi
-
- # For type maps (negotiated resources):
- #AddHandler type-map var
-
- #
- # Filters allow you to process content before it is sent to the client.
- #
- # To parse .shtml files for server-side includes (SSI):
- # (You will also need to add "Includes" to the "Options" directive.)
- #
- #AddType text/html .shtml
- #AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-#
-# The mod_mime_magic module allows the server to use various hints from the
-# contents of the file itself to determine its type. The MIMEMagicFile
-# directive tells the module where the hint definitions are located.
-#
-#MIMEMagicFile conf/magic
-
-#
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#
-
-#
-# MaxRanges: Maximum number of Ranges in a request before
-# returning the entire resource, or one of the special
-# values 'default', 'none' or 'unlimited'.
-# Default setting is to accept 200 Ranges.
-#MaxRanges unlimited
-
-#
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall is used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-#
-#EnableMMAP off
-#EnableSendfile off
-
-# Supplemental configuration
-#
-# The configuration files in the conf/extra/ directory can be
-# included to add extra features or to modify the default configuration of
-# the server, or you may simply copy their contents here and change as
-# necessary.
-
-# Server-pool management (MPM specific)
-#Include conf/extra/httpd-mpm.conf
-
-# Multi-language error messages
-#Include conf/extra/httpd-multilang-errordoc.conf
-
-# Fancy directory listings
-#Include conf/extra/httpd-autoindex.conf
-
-# Language settings
-#Include conf/extra/httpd-languages.conf
-
-# User home directories
-#Include conf/extra/httpd-userdir.conf
-
-# Real-time info on requests and configuration
-#Include conf/extra/httpd-info.conf
-
-# Virtual hosts
-#Include conf/extra/httpd-vhosts.conf
-
-# Local access to the Apache HTTP Server Manual
-#Include conf/extra/httpd-manual.conf
-
-# Distributed authoring and versioning (WebDAV)
-#Include conf/extra/httpd-dav.conf
-
-# Various default settings
-#Include conf/extra/httpd-default.conf
-
-# Secure (SSL/TLS) connections
-#Include conf/extra/httpd-ssl.conf
-#
-# Note: The following must must be present to support
-# starting without SSL on platforms with no /dev/random equivalent
-# but a statically compiled-in mod_ssl.
-#
-<IfModule ssl_module>
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-</IfModule>
diff --git a/setup/projects/katrin/files/www/kaas/index.html b/setup/projects/katrin/files/www/kaas/index.html
deleted file mode 100644
index 906ee19..0000000
--- a/setup/projects/katrin/files/www/kaas/index.html
+++ /dev/null
@@ -1 +0,0 @@
-<html><body>KAAS</body></html>
diff --git a/setup/projects/katrin/keys/kaas.crt b/setup/projects/katrin/keys/kaas.crt
deleted file mode 100644
index 82ef723..0000000
--- a/setup/projects/katrin/keys/kaas.crt
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDmTCCAoGgAwIBAgIJAOnpyunJRkjVMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV
-BAYTAkRFMQswCQYDVQQIDAJCVzESMBAGA1UEBwwJS2FybHNydWhlMQwwCgYDVQQK
-DANLSVQxDDAKBgNVBAsMA0lQRTEXMBUGA1UEAwwOa2F0cmluLmtpdC5lZHUwHhcN
-MTQxMjE5MDEwMTEyWhcNMjQxMjE2MDEwMTEyWjBjMQswCQYDVQQGEwJERTELMAkG
-A1UECAwCQlcxEjAQBgNVBAcMCUthcmxzcnVoZTEMMAoGA1UECgwDS0lUMQwwCgYD
-VQQLDANJUEUxFzAVBgNVBAMMDmthdHJpbi5raXQuZWR1MIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAyJ9+nKbhK4AaVyVH/jmAxPFC/o2shejmFL9jIE4I
-ryrdnirepxcgvd2xcpTYeOb5TMKKFtJmqeW3jPOB3jAEyLzvuy1aYwd/DNx4A9VU
-GO2shdqjPMaBOk4KjsjZnt+8toWJeABYsJ4nATpbM0ijkX6RqQoRboiaKWlvo10n
-qMfGmQjMR+lC5uhF5hWhHwD+qPigEFGYis73dgFDhydfl4pzPXBySv4hM4zHvHHH
-DO0QipGIxwmMrw4U/y4snN1hDCPFDJN3WehK4lt7tD8Ea1VwikCLh2eZ+v94BQC3
-060hHIC4lEhtTaDsNXrGIwzqVP9TPuOVEOgEAjxyN12D0wIDAQABo1AwTjAdBgNV
-HQ4EFgQUGTmlNR3S73QucufU1P+8TehunFQwHwYDVR0jBBgwFoAUGTmlNR3S73Qu
-cufU1P+8TehunFQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAfwuL
-ayz7Mg1YzX3RUISmN0rJYFS9u57qaWkGK5LX5s/6T9Ppzjd3sPcFwryycumcNJ3x
-G9iIuTX1n1/uPdwdulgGRtsq3vl1zLgI/at0UIZJxnQPxr73n8o5o9W5FFVRsJTs
-WN2t7DurOQi0nLiIG+qmHHrRmFpSsgeegM720VCS9Wf434r0XZVMNl1ngIk4ppo6
-/ecuRTxpv+iOM4j/QqFwXNZQwjGv3o1UZELJ9RMDVY7zGyL/77cu6Iz6aLVy3QrE
-qMexD5/zZTnrKc4dWmuQSDqgMJeLdyebxZnYT8LLLr/QtUMmm1iLCw1MuY4tmPIp
-j5rXZ3Oda5tHYrnPsA==
------END CERTIFICATE-----
diff --git a/setup/projects/katrin/keys/kaas.key b/setup/projects/katrin/keys/kaas.key
deleted file mode 100644
index 3d766c8..0000000
--- a/setup/projects/katrin/keys/kaas.key
+++ /dev/null
@@ -1,90 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-38323634333239303134316164343132636432356331393634343164663065353733323732656339
-6363343738363234626565343665326365343366363166370a623263626134646332393231656566
-37366136353864366562633832316338353233653930333430383235643337623433393464613765
-3734626432316164300a656139383462653761306435346433346637616565393132396137376661
-64643835393132633831386638613764613164663036356233663861653138613465663434643161
-36333666323862636665396261333532313833393038326339343136363239356235313463333661
-61316664366437333064336531333538333734356238323561626163313031383833613233386438
-64616337323230626463643535393831666363373864393432633539323732393266356232636663
-63303263393337643831376537386666373737656364663162663164353961323264373462366636
-38346163396139636131323134613337613164623533353163616539643333623264336434333662
-33386538646239336639303230653335626434633131336135393831656666326130383034656664
-65313766623466663138333062343061393532353630363532656139373939643362613265626461
-31666166393433646135353936373836636435613432646435643264653338306532656361316537
-62316164393638356635633931316537326262343561663165643837396365653461356432666433
-32326262336164376663343363353134373563653933616531653936333265383762613534363832
-36393765383032383762383961623462306334323463353739663362363336343130633935383064
-35396531343032656335623239373565376633313665313132656162626535656133633063396131
-31333936623738653435633562623061393961343736323539373464303735376266353232393639
-61353661663934313333363935346164316664616632396434353436646437313861303763326430
-34363335653564373963376162393836353234306534306334666263633261366434663265333134
-63633431303530616637633731366539613538313839653864336436633230303730653935366661
-62303765383834663230303334373865346630643739363336366537343465346361313530643436
-35653533313565663638363432656239366261316261613437353933643365623766353838386430
-39386539636332373732356334656365646362336539623934353337623264663866323866323966
-62633932316136623866393461333866396333373934333461323533323866303533333737366261
-33383131303932663231646238343661363565613466333463303262343831653839323162613134
-64633465343932643465653934646533366266656437616337643537383932623238633230346462
-39396263393431663631383931303063666539336432663730623338366439343739316539663364
-38626233333561313836616634306437653662323265633832343632336633396634326364323531
-38633836343063653037623666396534303032366136333737663562633763323831663265343466
-65643361643436613533386139336238633032616235363035396532646637383338383639393861
-65346661616534313764313738363131336235333662353735333466656635393233336332616435
-39326338323436646337313935373535396165386338626563363863633139353038373434613466
-35613565313734346361643664366533666663396664326164396534303638333831666631323063
-33343032636331643464633237363561653236656663346232663465663936633335643765666435
-62306536313464363333656437313264323065663436373464356338623264313464623937313934
-32623234393163653732376663333263633031626335353033613937393661336338383463626534
-30373261663732373535643831626565666136336666396130636434373034316132353238656234
-37646133383164356566306665393432376561383435653463363239343136303133373433346231
-38623833643863633433306466376639633066623733333435316233326539303239666232616264
-62306436613931303032653734633737613066653235623930386261626565643436653632336639
-36313066663933366562366236633965323534336361646131383432393634646564306532656162
-39303430643534333338663962346266663532623064303133366662313661626139373236636664
-63326435623838613039386134303663323439373639616634633266353334653737666434383037
-34306638306264393434653630373661373564613935303766363039666333303161373533316134
-36343632626265306239656361383939353736343139373437373162303437623236666137633666
-62626364353164373237306330313464623363643466343439653465353938663831323634363634
-37386635396261306366376630326534613337356235613863313632326435356461353730343339
-34393636316333373435326236363238656332616333393663653465326434396262313466336365
-38336635363762313530616666666335653865376363623965333064366462373030333735333630
-62653965666630613061646265376130626263313032323038626430383233666563646639373339
-30313032393237623634666464383635396431393866303530383235633265313161383563363532
-66336261336638616335356262303436633765363336616535633734313037383136313635313366
-33303963383135343064613637353432666461353661643834376666386633663964663565386465
-39616634343835323362613362376662326463633139653163313437636238386430623234663936
-63623566393434303937343461366361363661653364626265366630333036623735323435306332
-35666265383130313438353965353239343135663937613362323530323734626234633037326135
-32336266373734623534353239373238333333626537666433636261653333626137653335656331
-30326563666664316537316633643661626239366536333134376662643735386634396430633132
-39636266656131363063343731643366376664623062656262396235663636386564346364373533
-63633961656539386630643639383162303661656134363334373166303233346263646335393535
-37373131633834316239326265326266386230383430653564663138636334323736313363303561
-32353932366637316433333538353032396339366538636261613963613865396231646437313339
-63376635656466346165626361336161333638366166356431336361343761613431303161626462
-36613266393633643333386238656161393337326637353464646264356139326466353763393465
-33383564323333313861336565323762386539303737306362613930646330653636396466303238
-38636365343234663436363334303439666366366462633537393362623133376430616136376235
-33616561353764643236636633633561633230303338613136343537353236316666376537393836
-35383336626662353562383034653532303663613033316534623832333633633737613266343665
-34393235623231336533613331643566303237623238663762393331373636623065643666393137
-61383264356564663165326266626263303363376634303238323861633533396137666163343162
-64636633333033373138313133346539333634373265396231653665323062396432383435393864
-32633763646230343639646637626434353336346265643439653863366335363935343934623334
-32636534366435383863353065393731613361343336633364303061303432366230393431393939
-33666632656135343263373934326262643936383337343137353434633434636535623835346439
-30653437376538373961306439343966343039303262396339343866313937383231616465336332
-64663434643466336665376462356561353266313730336435623832643230376434636536356163
-34613964343132356233623966316462643737613234373466643164353133303837653237306536
-62616661373466383232353861653734363562343337343333353763656562616535373536306461
-66303131616163623835363366653737643933383938383735353635646234613064316533346330
-63633732326434653939323534366637333932313637326536316430326338666263343163363735
-35333435353238396236316132393838663430313137346362313865386135646234346530346261
-63373062303637336662373763393239646133633933613066643263326130396134343332633464
-32613061383665666266353264653732663765353832656364396235313339626565656133653735
-63663230316533666462396436396465363333363862356330656565633466363439363338383339
-37386462623035393931313938653064376239393863643831633431333633373938363132333030
-61623539636430316431616162383963663061353164313735306365353965336233663239656336
-30346531383561356439323062333263646536646232643263353533653563653634633962343933
-36356164306132386530373437396263393461373036333938343763386664653462
diff --git a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl b/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
deleted file mode 100644
index d155267..0000000
--- a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
+++ /dev/null
@@ -1,43 +0,0 @@
----
-allowHostDirVolumePlugin: false
-allowHostIPC: false
-allowHostNetwork: false
-allowHostPID: false
-allowHostPorts: false
-allowPrivilegedContainer: false
-allowedCapabilities: null
-apiVersion: v1
-defaultAddCapabilities: null
-fsGroup:
- type: MustRunAs
-groups:
-- system:authenticated
-kind: SecurityContextConstraints
-metadata:
- annotations:
- kubernetes.io/description: restricted denies access to all host features and requires
- pods to be run with a UID, and SELinux context that are allocated to the namespace. This
- is the most restrictive SCC.
- creationTimestamp: null
- name: katrin-restricted
-priority: null
-readOnlyRootFilesystem: false
-requiredDropCapabilities:
-- KILL
-- MKNOD
-- SYS_CHROOT
-- SETUID
-- SETGID
-runAsUser:
- type: MustRunAsRange
-seLinuxContext:
- type: MustRunAs
-supplementalGroups:
- type: RunAsAny
-volumes:
-- glusterfs
-- configMap
-- downwardAPI
-- emptyDir
-- persistentVolumeClaim
-- secret
diff --git a/setup/projects/katrin/templates/40-kaas-manager.yml.j2 b/setup/projects/katrin/templates/40-kaas-manager.yml.j2
new file mode 120000
index 0000000..b7233ad
--- /dev/null
+++ b/setup/projects/katrin/templates/40-kaas-manager.yml.j2
@@ -0,0 +1 @@
+../../kaas/templates/40-kaas-manager.yml.j2
\ No newline at end of file
diff --git a/setup/projects/katrin/templates/katrin.yml.j2.bk b/setup/projects/katrin/templates/katrin.yml.j2.bk
deleted file mode 100644
index 5d032b3..0000000
--- a/setup/projects/katrin/templates/katrin.yml.j2.bk
+++ /dev/null
@@ -1,135 +0,0 @@
----
-apiVersion: v1
-kind: Template
-metadata:
- name: kaas
- annotations:
- descriptions: "KATRIN Routing Service"
-objects:
- - apiVersion: v1
- kind: Service
- metadata:
- name: kaas
- spec:
- selector:
- name: kaas
- ports:
- - name: http
- port: 80
- targetPort: 8080
- - name: https
- port: 443
- targetPort: 8443
- - apiVersion: v1
- kind: Route
- metadata:
- name: kaas
- spec:
- host: {{ kaas_project_config.katrin_node }}
- to:
- kind: Service
- name: kaas
- port:
- targetPort: http
- tls:
- termination: edge
- insecureEdgeTerminationPolicy: Allow
- certificate: |-
- -----BEGIN CERTIFICATE-----
- MIIDmTCCAoGgAwIBAgIJAOnpyunJRkjVMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV
- BAYTAkRFMQswCQYDVQQIDAJCVzESMBAGA1UEBwwJS2FybHNydWhlMQwwCgYDVQQK
- DANLSVQxDDAKBgNVBAsMA0lQRTEXMBUGA1UEAwwOa2F0cmluLmtpdC5lZHUwHhcN
- MTQxMjE5MDEwMTEyWhcNMjQxMjE2MDEwMTEyWjBjMQswCQYDVQQGEwJERTELMAkG
- A1UECAwCQlcxEjAQBgNVBAcMCUthcmxzcnVoZTEMMAoGA1UECgwDS0lUMQwwCgYD
- VQQLDANJUEUxFzAVBgNVBAMMDmthdHJpbi5raXQuZWR1MIIBIjANBgkqhkiG9w0B
- AQEFAAOCAQ8AMIIBCgKCAQEAyJ9+nKbhK4AaVyVH/jmAxPFC/o2shejmFL9jIE4I
- ryrdnirepxcgvd2xcpTYeOb5TMKKFtJmqeW3jPOB3jAEyLzvuy1aYwd/DNx4A9VU
- GO2shdqjPMaBOk4KjsjZnt+8toWJeABYsJ4nATpbM0ijkX6RqQoRboiaKWlvo10n
- qMfGmQjMR+lC5uhF5hWhHwD+qPigEFGYis73dgFDhydfl4pzPXBySv4hM4zHvHHH
- DO0QipGIxwmMrw4U/y4snN1hDCPFDJN3WehK4lt7tD8Ea1VwikCLh2eZ+v94BQC3
- 060hHIC4lEhtTaDsNXrGIwzqVP9TPuOVEOgEAjxyN12D0wIDAQABo1AwTjAdBgNV
- HQ4EFgQUGTmlNR3S73QucufU1P+8TehunFQwHwYDVR0jBBgwFoAUGTmlNR3S73Qu
- cufU1P+8TehunFQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAfwuL
- ayz7Mg1YzX3RUISmN0rJYFS9u57qaWkGK5LX5s/6T9Ppzjd3sPcFwryycumcNJ3x
- G9iIuTX1n1/uPdwdulgGRtsq3vl1zLgI/at0UIZJxnQPxr73n8o5o9W5FFVRsJTs
- WN2t7DurOQi0nLiIG+qmHHrRmFpSsgeegM720VCS9Wf434r0XZVMNl1ngIk4ppo6
- /ecuRTxpv+iOM4j/QqFwXNZQwjGv3o1UZELJ9RMDVY7zGyL/77cu6Iz6aLVy3QrE
- qMexD5/zZTnrKc4dWmuQSDqgMJeLdyebxZnYT8LLLr/QtUMmm1iLCw1MuY4tmPIp
- j5rXZ3Oda5tHYrnPsA==
- -----END CERTIFICATE-----
- key: |-
- -----BEGIN PRIVATE KEY-----
- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDIn36cpuErgBpX
- JUf+OYDE8UL+jayF6OYUv2MgTgivKt2eKt6nFyC93bFylNh45vlMwooW0map5beM
- 84HeMATIvO+7LVpjB38M3HgD1VQY7ayF2qM8xoE6TgqOyNme37y2hYl4AFiwnicB
- OlszSKORfpGpChFuiJopaW+jXSeox8aZCMxH6ULm6EXmFaEfAP6o+KAQUZiKzvd2
- AUOHJ1+XinM9cHJK/iEzjMe8cccM7RCKkYjHCYyvDhT/Liyc3WEMI8UMk3dZ6Eri
- W3u0PwRrVXCKQIuHZ5n6/3gFALfTrSEcgLiUSG1NoOw1esYjDOpU/1M+45UQ6AQC
- PHI3XYPTAgMBAAECggEAFFXubIyR2Gn0wY6a3I8RmWTnKIxNx4kTAVlg/95JDRBo
- RGcOCJvUispU+UtTIfYvoPM7MhMDqwcI8vWf3Vi6s2pLVorDVbRl0XTriV/vVVOK
- IEtILpnkcXeFpHGBdZQyOcIRbCOE2eo+A+bZZbpgMhhFRYAqwiyAi+APG90ObxIb
- AqTEeTyztqyrKfnTdr50owL2KT7adS6XuSUNX681IJc+szbQ7piXN57Kdxd2PydM
- JnSZAOBpQHkbiOEDUseeDjYRT23loeMIS7nWTwo1Y1LwsEKL5S7C0fKBfZV9xARw
- TntGuM87HzbAk4535We8qW3t/5EqpzurgK7u9/PEEQKBgQDjy8CjDdobGK9+VUDg
- iHbANbzEB4LrpVJiE+esr0iLXOoMdfTPwpd4XpbPPOjx/A9+6VfpdGt1EdZwLMpy
- qryPW0iumsri3iPSVBS79mN6WmwYhNOcOTWlmbs4pEhubht9aNBi7rZ7QZgV3PLN
- 7YBZHzxfyxTcIBCAzzoF7zaUeQKBgQDhdneOijWAYx0AMKTBzJw52KO/gloTDl9M
- mOhvUIuYxkUE/mDE5EqI6k9VkbAqUvlD3z2S7yNY+h2hldO+u3w8GPo+bTCMyNDB
- 0tQGCZnbKl8mfmItUlTyJ/MmNbanmYI2VmhDTMh6S8d8qKW9txXfDEXrzY2p7z/X
- gRF3Ow9PqwKBgGw7CMHv+Ora5bbehr6n19QnNBLnhrqzh9r1niOb/JnKgaF+Ad0c
- lZ8pQfog9ITUwAAKmixflha/bOVLQr0Mhh6Ovo/HGBKGfPqX3GoZ/NXLVISpx2j4
- fZa63gthctCVHBaP0ELRLH6PgdURb4OMDmlJwAO7l6Om0HCDBQyAxavxAoGAZPUJ
- QBh/MIgxGj6t5+HZKsXpPP3/m3zaC5CEtCOa/sP5b+0AI+odvgU9lRFxkuIon828
- 4qiWaWdGEW7nrAaD8N02YPG/xaq+X6wqKLHv5QWqKbB6AdVWGEDvTfLLYW0Js48p
- jMk7FBgOsbFK1hK/hmsWfCpE/w0Ux0kSKxOVHZUCgYEA41rhW18+KdxJyQTZaQRV
- 0KQr8/30L116XYYTYrkILa6504nXMr7xSHuMxaPNl20b/sBz8a8VuKJt2CLZQ0Q3
- oW3GAG2Fk+mvrauLriiJ2KgZkS5IJweJKHbIk1GQrucNArNojk9unrqN8wpa3Ywo
- 9GafqnfUGu+FVd1CKolicSA=
- -----END PRIVATE KEY-----
- - apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: kaas
- spec:
- replicas: 1
- selector:
- name: kaas
- template:
- metadata:
- name: kaas
- labels:
- name: kaas
- strategy:
- type: Rolling
- triggers:
- - type: ConfigChange
- spec:
- nodeSelector:
- master: "1"
- containers:
- - name: kaas
- image: centos/httpd-24-centos7
- imagePullPolicy: Always
- ports:
- - containerPort: 8080
- - containerPort: 8443
- volumeMounts:
- - name: config
- subPath: etc/apache2-kaas
- mountPath: /etc/httpd
- - name: config
- subPath: log/apache2-kaas
- mountPath: /var/log/httpd24
- - name: config
- subPath: htdocs/kaas
- mountPath: /opt/rh/httpd24/root/var/www/html
- livenessProbe:
- timeoutSeconds: 1
- initialDelaySeconds: 3
- httpGet:
- path: /index.html
- port: 8080
- volumes:
- - name: config
- persistentVolumeClaim:
- claimName: openshift
diff --git a/setup/projects/katrin/vars/globals.yml b/setup/projects/katrin/vars/globals.yml
deleted file mode 100644
index 50776ff..0000000
--- a/setup/projects/katrin/vars/globals.yml
+++ /dev/null
@@ -1,2 +0,0 @@
-#katrin_node: katrin.kit.edu
-katrin_node: "katrin.{{ openshift_master_default_subdomain }}"
diff --git a/setup/projects/katrin/vars/katrin.yml b/setup/projects/katrin/vars/katrin.yml
deleted file mode 100644
index c825654..0000000
--- a/setup/projects/katrin/vars/katrin.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-#katrin_openshift_volumes:
-#adei_openshift_volumes:
-
-#volumes: "{{ ands_openshift_volumes | combine (katrin_openshift_volumes, adei_openshift_volumes) }}"
-#files: "{{ ands_openshift_files | union([]) }}"
-#file_owner: katrin
-#file_group: katrin
\ No newline at end of file
diff --git a/setup/projects/katrin/vars/pods.yml b/setup/projects/katrin/vars/pods.yml
deleted file mode 100644
index 1334242..0000000
--- a/setup/projects/katrin/vars/pods.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-# First port is exposed
-
-pods:
- kaas:
- variant: "{{ ands_prefer_docker | default(false) | ternary('docker', 'centos') }}"
- centos:
- service: { host: "{{ katrin_node }}", ports: [ 80/8080, 443/8043 ] }
- sched: { replicas: 1, selector: { master: 1 } }
- selector: { master: 1 }
- images:
- - image: "centos/httpd-24-centos7"
- mappings:
- - { name: "etc", path: "apache2-kaas-centos", mount: "/etc/httpd" }
- - { name: "www", path: "kaas", mount: "/opt/rh/httpd24/root/var/www/html" }
- - { name: "log", path: "apache2-kaas", mount: "/var/log/httpd24" }
- probes:
- - { port: 8080, path: '/index.html' }
- docker:
- service: { host: "{{ katrin_node }}", ports: [ 80/8080, 443/8043 ] }
- sched: { replicas: 1, selector: { master: 1 } }
- selector: { master: 1 }
- images:
- - image: "httpd:2.2"
- mappings:
- - { name: "etc", path: "apache2-kaas-docker", mount: "/usr/local/apache2/conf" }
- - { name: "www", path: "kaas", mount: "/usr/local/apache2/htdocs" }
- - { name: "log", path: "apache2-kaas", mount: "/usr/local/apache2/logs" }
- probes:
- - { port: 8080, path: '/index.html' }
-
-#pods:
-# kaas: "{{ kaas_project_config.pod_variants[ ands_prefer_docker | default(false) | ternary(1, 0) ] }}"
-
-
-
-#oc:
-# - template: "[0-3]*"
-# - template: "[4-6]*"
-# - resource: "route/apache"
-# oc: "expose svc/kaas --name apache --hostname=apache.{{ openshift_master_default_subdomain }}"
-# - template: "*"
-
\ No newline at end of file
diff --git a/setup/projects/katrin/vars/volumes.yml b/setup/projects/katrin/vars/volumes.yml
new file mode 100644
index 0000000..ca22a28
--- /dev/null
+++ b/setup/projects/katrin/vars/volumes.yml
@@ -0,0 +1,11 @@
+gids:
+ katrin: { id: 5000 }
+
+extra_volumes:
+ katrin: { volume: "katrin_data", path: "/", capacity: "40Ti", write: true }
+
+files:
+ - { osv: "katrin", path: "/", state: "directory", group: "katrin", mode: "0775" }
+
+#resync: true
+#sync_set_gid: katrin
--
cgit v1.2.3