84e48d0323
In summary, changes are: 1) If you have chosen MySQL, Makefile.PL will ask you if you want TLS (default: "no"), and then the locations for CA cert, client cert and client key (reasonable defaults are provided). Settings <tls>, <ca>, <cert> and <key> are added in koha-conf.xml 2) If <tls>yes</tls> in koha-conf.xml, the installer and database connection scripts add the TLS options in both DBI connection strings and mysql command line To test 1/ Apply patch 2/ Check everything still works and db connections are the same as before 3/ Either run Makefile.PL and step through the options or edit your koha-conf.xml to enable TLS 4/ Check db connections are still working Patch provided to me by Dimitris Kamenopoulos and I reformatted it into a git patch, any errors are probably mine Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
157 lines
7.1 KiB
XML
157 lines
7.1 KiB
XML
|
|
<yazgfs>
|
|
<!-- [scheme:]host[:port][/databaseName] -->
|
|
<!-- scheme: tcp, ssl, unix, http, sru -->
|
|
<!-- can run all servers on tcp, but the unix socket is faster -->
|
|
|
|
<listen id="biblioserver" >unix:__ZEBRA_RUN_DIR__/bibliosocket</listen>
|
|
<listen id="authorityserver" >unix:__ZEBRA_RUN_DIR__/authoritysocket</listen>
|
|
|
|
<!-- Uncomment the following entry if you want to run the public Z39.50 server.
|
|
Also uncomment the <server> and <serverinfo> sections for id 'publicserver'
|
|
under PUBLICSERVER'S BIBLIOGRAPHIC RECORDS title-->
|
|
<!--
|
|
<listen id="publicserver" >tcp:@:__ZEBRA_SRU_BIBLIOS_PORT__</listen>
|
|
-->
|
|
|
|
<!-- Settings for special biblio server instance for PazPar2.
|
|
Because PazPar2 only connects to a Z39.50 server using TCP/IP,
|
|
it cannot use the Unix-domain socket that biblioserver uses.
|
|
Therefore, a custom server is defined. -->
|
|
__PAZPAR2_TOGGLE_XML_PRE__
|
|
<listen id="mergeserver">tcp:@:__MERGE_SERVER_PORT__</listen>
|
|
<server id="mergeserver" listenref="mergeserver">
|
|
<directory>__ZEBRA_DATA_DIR__/biblios</directory>
|
|
<config>__ZEBRA_CONF_DIR__/__ZEBRA_BIB_CFG__</config>
|
|
<cql2rpn>__ZEBRA_CONF_DIR__/pqf.properties</cql2rpn>
|
|
</server>
|
|
__PAZPAR2_TOGGLE_XML_POST__
|
|
|
|
<!-- BIBLIOGRAPHIC RECORDS -->
|
|
<server id="biblioserver" listenref="biblioserver">
|
|
<directory>__ZEBRA_DATA_DIR__/biblios</directory>
|
|
<config>__ZEBRA_CONF_DIR__/__ZEBRA_BIB_CFG__</config>
|
|
<cql2rpn>__ZEBRA_CONF_DIR__/pqf.properties</cql2rpn>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/__BIB_RETRIEVAL_CFG__" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/explain-biblios.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
</server>
|
|
<serverinfo id="biblioserver">
|
|
<ccl2rpn>__ZEBRA_CONF_DIR__/ccl.properties</ccl2rpn>
|
|
<user>__ZEBRA_USER__</user>
|
|
<password>__ZEBRA_PASS__</password>
|
|
</serverinfo>
|
|
|
|
<!-- AUTHORITY RECORDS -->
|
|
<server id="authorityserver" listenref="authorityserver" >
|
|
<directory>__ZEBRA_DATA_DIR__/authorities</directory>
|
|
<config>__ZEBRA_CONF_DIR__/__ZEBRA_AUTH_CFG__</config>
|
|
<cql2rpn>__ZEBRA_CONF_DIR__/pqf.properties</cql2rpn>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/__AUTH_RETRIEVAL_CFG__" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/explain-authorities.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
</server>
|
|
<serverinfo id="authorityserver">
|
|
<ccl2rpn>__ZEBRA_CONF_DIR__/ccl.properties</ccl2rpn>
|
|
<user>__ZEBRA_USER__</user>
|
|
<password>__ZEBRA_PASS__</password>
|
|
</serverinfo>
|
|
|
|
<!-- PUBLICSERVER'S BIBLIOGRAPHIC RECORDS -->
|
|
<!--
|
|
<server id="publicserver" listenref="publicserver">
|
|
<directory>__ZEBRA_DATA_DIR__/biblios</directory>
|
|
<config>__ZEBRA_CONF_DIR__/__ZEBRA_BIB_CFG__</config>
|
|
<cql2rpn>__ZEBRA_CONF_DIR__/pqf.properties</cql2rpn>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/__BIB_RETRIEVAL_CFG__" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
<xi:include href="__KOHA_CONF_DIR__/zebradb/explain-biblios.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
|
</server>
|
|
<serverinfo id="publicserver">
|
|
<ccl2rpn>__ZEBRA_CONF_DIR__/ccl.properties</ccl2rpn>
|
|
<user>__ZEBRA_USER__</user>
|
|
<password>__ZEBRA_PASS__</password>
|
|
</serverinfo>
|
|
-->
|
|
|
|
<!-- ADDITIONAL KOHA CONFIGURATION DIRECTIVE -->
|
|
<!-- db_scheme should follow the DBD driver name -->
|
|
<!-- the DBD drivers supported by Koha are mysql and Pg -->
|
|
<!-- port info: mysql:3306 Pg:5432 (5433 on Debian) -->
|
|
<config>
|
|
<db_scheme>__DB_TYPE__</db_scheme>
|
|
<database>__DB_NAME__</database>
|
|
<hostname>__DB_HOST__</hostname>
|
|
<port>__DB_PORT__</port>
|
|
<user>__DB_USER__</user>
|
|
<pass>__DB_PASS__</pass>
|
|
<tls>__DB_USE_TLS__</tls>
|
|
<ca>__DB_TLS_CA_CERTIFICATE__</ca>
|
|
<cert>__DB_TLS_CLIENT_CERTIFICATE__</cert>
|
|
<key>__DB_TLS_CLIENT_KEY__</key>
|
|
<biblioserver>biblios</biblioserver>
|
|
<biblioservershadow>1</biblioservershadow>
|
|
<authorityserver>authorities</authorityserver>
|
|
<authorityservershadow>1</authorityservershadow>
|
|
<pluginsdir>__PLUGINS_DIR__</pluginsdir>
|
|
<enable_plugins>0</enable_plugins>
|
|
<upload_path></upload_path>
|
|
<intranetdir>__INTRANET_CGI_DIR__</intranetdir>
|
|
<opacdir>__OPAC_CGI_DIR__/opac</opacdir>
|
|
<opachtdocs>__OPAC_TMPL_DIR__</opachtdocs>
|
|
<intrahtdocs>__INTRANET_TMPL_DIR__</intrahtdocs>
|
|
<includes>__INTRANET_TMPL_DIR__/prog/en/includes/</includes>
|
|
<logdir>__LOG_DIR__</logdir>
|
|
<docdir>__DOC_DIR__</docdir>
|
|
<backupdir>__BACKUP_DIR__</backupdir>
|
|
<!-- Enable the two following to allow superlibrarians to download
|
|
database and configuration dumps (respectively) from the Export
|
|
tool -->
|
|
<backup_db_via_tools>0</backup_db_via_tools>
|
|
<backup_conf_via_tools>0</backup_conf_via_tools>
|
|
<!-- Uncomment the following line if you are not using packages and need to schedule reports through the web interface. supportdir should contain cronjobs/runreport.pl -->
|
|
<!--
|
|
<supportdir>__SCRIPT_NONDEV_DIR__</supportdir>
|
|
-->
|
|
<pazpar2url>http://__PAZPAR2_HOST__:__PAZPAR2_PORT__/search.pz2</pazpar2url>
|
|
<install_log>__MISC_DIR__/koha-install-log</install_log>
|
|
<useldapserver>0</useldapserver><!-- see C4::Auth_with_ldap for extra configs you must add if you want to turn this on -->
|
|
<useshibboleth>0</useshibboleth><!-- see C4::Auth_with_shibboleth for extra configs you must do to turn this on -->
|
|
<zebra_bib_index_mode>__BIB_INDEX_MODE__</zebra_bib_index_mode>
|
|
<zebra_auth_index_mode>__AUTH_INDEX_MODE__</zebra_auth_index_mode>
|
|
<zebra_lockdir>__ZEBRA_LOCK_DIR__</zebra_lockdir>
|
|
<use_zebra_facets>1</use_zebra_facets>
|
|
<queryparser_config>__KOHA_CONF_DIR__/searchengine/queryparser.yaml</queryparser_config>
|
|
<log4perl_conf>__KOHA_CONF_DIR__/log4perl.conf</log4perl_conf>
|
|
<memcached_servers>__MEMCACHED_SERVERS__</memcached_servers>
|
|
<memcached_namespace>__MEMCACHED_NAMESPACE__</memcached_namespace>
|
|
<!-- Uncomment the following line if you want to use template caching
|
|
That will bring a performance boost
|
|
<template_cache_dir>/tmp</template_cache_dir>
|
|
-->
|
|
|
|
<!-- Secret passphrase used by Mojolicious for signed cookies -->
|
|
<api_secret_passphrase>CHANGEME</api_secret_passphrase>
|
|
|
|
<!-- true type font mapping accoding to type from $font_types in C4/Creators/Lib.pm -->
|
|
<ttf>
|
|
<font type="TR" >__FONT_DIR__/DejaVuSerif.ttf</font>
|
|
<font type="TB" >__FONT_DIR__/DejaVuSerif-Bold.ttf</font>
|
|
<font type="TI" >__FONT_DIR__/DejaVuSerif-Italic.ttf</font>
|
|
<font type="TBI">__FONT_DIR__/DejaVuSerif-BoldItalic.ttf</font>
|
|
<font type="C" >__FONT_DIR__/DejaVuSansMono.ttf</font>
|
|
<font type="CB" >__FONT_DIR__/DejaVuSansMono-Bold.ttf</font>
|
|
<font type="CO" >__FONT_DIR__/DejaVuSansMono-Oblique.ttf</font>
|
|
<font type="CBO">__FONT_DIR__/DejaVuSansMono-BoldOblique.ttf</font>
|
|
<font type="H" >__FONT_DIR__/DejaVuSans.ttf</font>
|
|
<font type="HO" >__FONT_DIR__/DejaVuSans-Oblique.ttf</font>
|
|
<font type="HB" >__FONT_DIR__/DejaVuSans-Bold.ttf</font>
|
|
<font type="HBO">__FONT_DIR__/DejaVuSans-BoldOblique.ttf</font>
|
|
</ttf>
|
|
|
|
<!-- Path to the config file for SMS::Send -->
|
|
<sms_send_config>__KOHA_CONF_DIR__/sms_send/</sms_send_config>
|
|
|
|
<!-- Configuration for Plack -->
|
|
<plack_max_requests>50</plack_max_requests>
|
|
<plack_workers>2</plack_workers>
|
|
|
|
</config>
|
|
</yazgfs>
|