Um Single Kurs Web App als Service bereitstellen zu können, müssen wir Apache2 konfigurieren. Dazu fügen Sie die notwendigen code in die Apache2 Konfiguration ein.
nano /etc/apache2/sites-available/000-default.confDie komplette Konfigurationsdatei sieht dann so aus:
#Listen 80 #
ServerName example.org
ServerAlias www.example.org
Redirect / https://example.org/
</VirtualHost>
#Listen 443
<VirtualHost *:443>
ServerName example.org
ServerAlias www.example.org
SSLProxyEngine on
ServerSignature Off
# Enable HTTP/2, if available
Protocols h2 http/1.1
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
Header set Content-Security-Policy "frame-ancestors 'self' https://example.org"> # Configure SSL
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.org/fullchain.pem> SSLCertificateKeyFile /etc/letsencrypt/live/example.org/privkey.pem> #Include /etc/letsencrypt/options-ssl-apache.conf
SSLOpenSSLConfCmd DHParameters /etc/ssl/certs/dhparams.pem
# Intermediate configuration from SSL-config.mozilla.org (2022-03-03)
# Please note, that this configuration might be outdated - please update it accordingly using https://ssl-config.> SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-> SSLHonorCipherOrder off
SSLSessionTickets off
# Jupyter-collaboration URL contains %, Apache must % understand
AllowEncodedSlashes On
#----------------------Shibboleth-------------------------------
UseCanonicalName On
Include /etc/shibboleth-ds/shibboleth-ds.conf
Redirect seeother /shibboleth https://example.org/Shibboleth.sso/Metadata> RedirectMatch /start-session$ /Shibboleth.sso/Login
<Location /Shibboleth.sso>
AuthType None
Require all granted
</Location>
<Location /shibboleth-sp>
AuthType None
Require all granted
</Location>
Alias /shibboleth-sp/main.css /usr/share/shibboleth/main.css
#----------------------static files-----------------------------
# Alias for Static Files
Alias /static /opt/jupyter-dhbw-swarm/static_volume
<Directory /opt/jupyter-dhbw-swarm/static_volume>
Require all granted
</Directory>
# Alias for Data Files
Alias /data /opt/exchange_data/data_kurs_app
<Directory /opt/exchange_data/data_kurs_app>
Require all granted
</Directory>
# Alias for Submission Files
Alias /exercise_submissions /opt/exchange_data/data_kurs_app/exercise_submissions
<Directory /opt/exchange_data/data_kurs_app/exercise_submissions>
Require all granted
</Directory>
<Location /course>
RewriteEngine On
ProxyPreserveHost on
ShibRequestSetting requireSession 1
require valid-user
ShibUseHeaders On
ProxyPass http://ipv4_managernode:8008/course
ProxyPassReverse http://ipv4_managernode:8008/course
RequestHeader set HTTP_MAIL %{Mail}e env=Mail
RequestHeader set HTTP_GIVENNAME %{Givenname}e env=Givenname
RequestHeader set HTTP_SN %{Sn}e env=sn
RequestHeader set HTTP_UID %{Uid}e env=Uid
</Location>
<Location />
AuthType shibboleth
Require shibboleth
</Location>
<Location /admin>
ShibRequestSetting requireSession off
ShibUseHeaders On
RewriteEngine On
ProxyPreserveHost On
ProxyPass http://ipv4_managernode:8008/admin
ProxyPassReverse http://ipv4_managernode:8008/admin
</Location>
<Location /auth>
RewriteEngine On
ProxyPreserveHost on
ShibRequestSetting requireSession off
ShibUseHeaders On
ProxyPass http://ipv4_managernode:8008/auth
ProxyPassReverse http://ipv4_managernode:8008/auth
</Location>
#----------------------Jupyterhub-------------------------------
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /jupyterhub/(.*) ws://ipv4_managernode:8000/jupyterhub/$1 [P,L]
RewriteRule /jupyterhub/(.*) http://ipv4_managernode:8000/jupyterhub/$1 [P,L]
<Location /jupyterhub>
RewriteEngine On
ProxyPreserveHost on
# separate Shibboleth Authen. and Jupyterhub to avoid CROS error.
ShibRequestSetting requireSession off
ShibUseHeaders On
ProxyPass http://ipv4_managernode:8000/jupyterhub
ProxyPassReverse http://ipv4_managernode:8000/jupyterhub
</Location>
</VirtualHost>