[openib-general] New server: Apache / SSL / IP addresses

[Jeff Squyres]

We have the following services on the OFA server that use  
authentication, and therefore use Apache's SSL services:

- subversion
- bugzilla
- tiki

Due to the nature of SSL connections, you can only have one SSL vhost  
per IP address.  Specifically, you cannot have https:// 
foo.example.com and https://bar.example.com be distinct vhosts on the  
same IP address.  This fact, along with the fact that we currently  
only have one IP address active on the new server, prevents the use  
of multiple <foo>.openfabrics.org hostnames for different SSL/ 
authenticated services through Apache.

johncompanies.com lists the hosted servers plan as coming with 5 IP  
addresses.  Is this the plan that we got?  If so, can we request our  
3 of our 4 additional IP addresses?  (who is the OFA contact with  
johncompanies.com?)

I propose the following:

IP address 1 (146.246.248.81):
- http://www.openfabrics.org/ -- main web site
- https://www.openfabrics.org/ -- redirects back to http
- http://builds.openfabrics.org/ -- nightly builds
- http://git.openfabrics.org/ -- gitweb access
   ==> Also use git://git.openfabrics.org/ for normal git access (not  
through Apache, of course)
- http://<foo>.openfabrics.org/ -- ...any other non-authenticated vhost

IP address 2:
- http://bugs.openfabrics.org/ -- redirects to https
- https://bugs.openfabrics.org/ -- all bugzilla access

IP address 3:
- http://wiki.openfabrics.org/ -- read only wiki access
- https://wiki.openfabrics.org/ -- authentication wiki access (I  
don't know if it's possible to separate these two with tiki; if not,  
just have http redirect to https)

IP address 4:
- http://svn.openfabrics.org/ -- read only SVN access
- https://svn.openfabrics.org/ -- authenticated SVN access
==> this vhost to possibly go away end of Q1'07

Comments?

-- 
Jeff Squyres
Server Virtualization Business Unit
Cisco Systems