#!/bin/sh #---------------------------------------------------------------------------- # /var/install/include/apache2lib - Apache Virtual Hosts shell functions # # Copyright (c) 2004-2023 the eisfair team, team(at)eisfair(dot)org # # Creation: 14.08.2004 fw # Last Update: $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #---------------------------------------------------------------------------- #============================================================================ # only include this file once #============================================================================ if [ "$_APACHE2LIB" != "true" ] then _APACHE2LIB='true' . /var/install/include/eislib #--------------------------------------------------------------------------- # set parameter to no #--------------------------------------------------------------------------- set_parameter_no () { # ${1} rewrite Parameter from 'yes' to 'no' CONFIG_FILE="/etc/config.d/${packages_name}" # set parameter from 'yes' to 'no' sed "s/^${1}=.*/${1}='no'/" ${CONFIG_FILE} >/tmp/CONFIG_FILE_TMP mv /tmp/CONFIG_FILE_TMP ${CONFIG_FILE} chmod 0600 ${CONFIG_FILE} return } #---------------------------------------------------------------------------------------- # create or update crontab file for apache2 #---------------------------------------------------------------------------------------- create_crontab_file () { rm -f ${crontab_file} cat > ${crontab_file} < /dev/null 2>&1 } get_next_free_vhost_number () { if [ "$APACHE2_VHOST_1_IP" != "" ] then idx=1 while [ "`eval tmp='$APACHE2_VHOST_'$idx'_IP';echo $tmp`" != "" ] do eval docroottmp='$APACHE2_VHOST_'$idx'_DOCUMENT_ROOT' eval iptmp='$APACHE2_VHOST_'$idx'_IP' if [ "$docroottmp" = "" -a "$iptmp" = "" ] then break fi idx=`expr $idx + 1` done else idx=1 fi } parse_vhost_vars () { eval active='$APACHE2_VHOST_'$idx'_ACTIVE' eval ip='$APACHE2_VHOST_'$idx'_IP' eval port='$APACHE2_VHOST_'$idx'_PORT' eval servername='$APACHE2_VHOST_'$idx'_SERVER_NAME' eval serveralias='$APACHE2_VHOST_'$idx'_SERVER_ALIAS' eval mail='$APACHE2_VHOST_'$idx'_SERVER_ADMIN' eval docroot='$APACHE2_VHOST_'$idx'_DOCUMENT_ROOT' eval scriptalias='$APACHE2_VHOST_'$idx'_SCRIPT_ALIAS' eval scriptdir='$APACHE2_VHOST_'$idx'_SCRIPT_DIR' eval errorlog='$APACHE2_VHOST_'$idx'_ERROR_LOG' eval accesslog='$APACHE2_VHOST_'$idx'_ACCESS_LOG' eval access_type_all='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_TYPE_ALL' eval access_type_ip='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_TYPE_IP' eval access_ip='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_IP' eval access_type_host='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_TYPE_HOST' eval access_host='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_HOST' eval access_type_local='$APACHE2_VHOST_'$idx'_ACCESS_CONTROL_TYPE_LOCAL' eval ssl='$APACHE2_VHOST_'$idx'_SSL' eval sslport='$APACHE2_VHOST_'$idx'_SSL_PORT' eval forcessl='$APACHE2_VHOST_'$idx'_SSL_FORCE' eval sslcertname='$APACHE2_VHOST_'$idx'_SSL_CERT_NAME' } print_vhost_vars () { if [ "$active" = "" ] then active="yes" fi if [ "$port" = "" ] then port=80 fi if [ "$ssl" = "" ] then ssl="no" fi if [ "$sslport" = "" ] then sslport=443 fi if [ "$forcessl" = "" ] then forcessl="no" fi if [ "$sslcertname" = "" ] then sslcertname="apache" fi eval "APACHE2_VHOST_"$idx"_ACTIVE='$active'" eval "APACHE2_VHOST_"$idx"_IP='$ip'" eval "APACHE2_VHOST_"$idx"_PORT='$port'" eval "APACHE2_VHOST_"$idx"_SERVER_NAME='$servername'" eval "APACHE2_VHOST_"$idx"_SERVER_ALIAS='$serveralias'" eval "APACHE2_VHOST_"$idx"_SERVER_ADMIN='$mail'" eval "APACHE2_VHOST_"$idx"_DOCUMENT_ROOT='$docroot'" eval "APACHE2_VHOST_"$idx"_SCRIPT_ALIAS='$scriptalias'" eval "APACHE2_VHOST_"$idx"_SCRIPT_DIR='$scriptdir'" eval "APACHE2_VHOST_"$idx"_ERROR_LOG='$errorlog'" eval "APACHE2_VHOST_"$idx"_ACCESS_LOG='$accesslog'" eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_ALL"='$access_type_all' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_IP"='$access_type_ip' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_IP"='$access_ip' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_HOST"='$access_type_host' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_HOST"='$access_host' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_LOCAL"='$access_type_local' eval "APACHE2_VHOST_"$idx"_SSL='$ssl'" eval "APACHE2_VHOST_"$idx"_SSL_PORT='$sslport'" eval "APACHE2_VHOST_"$idx"_SSL_FORCE='$forcessl'" eval "APACHE2_VHOST_"$idx"_SSL_CERT_NAME='$sslcertname'" } unset_vhost_vars () { local idx idx=1 while [ $idx -le $APACHE2_VHOST_N ] do eval 'APACHE2_VHOST_'$idx'_ACTIVE'="" eval 'APACHE2_VHOST_'$idx'_IP'="" eval 'APACHE2_VHOST_'$idx'_PORT'="" eval 'APACHE2_VHOST_'$idx'_SERVER_NAME'="" eval 'APACHE2_VHOST_'$idx'_SERVER_ALIAS'="" eval 'APACHE2_VHOST_'$idx'_SERVER_ADMIN'="" eval 'APACHE2_VHOST_'$idx'_DOCUMENT_ROOT'="" eval 'APACHE2_VHOST_'$idx'_SCRIPT_ALIAS'="" eval 'APACHE2_VHOST_'$idx'_SCRIPT_DIR'="" eval 'APACHE2_VHOST_'$idx'_ERROR_LOG'="" eval 'APACHE2_VHOST_'$idx'_ACCESS_LOG'="" eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_ALL"='' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_IP"='' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_IP"='' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_HOST"='' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_HOST"='' eval "APACHE2_VHOST_"$idx"_ACCESS_CONTROL_TYPE_LOCAL"='' eval 'APACHE2_VHOST_'$idx'_SSL'="" eval 'APACHE2_VHOST_'$idx'_SSL_PORT'="" eval 'APACHE2_VHOST_'$idx'_SSL_FORCE'="" eval 'APACHE2_VHOST_'$idx'_SSL_CERT_NAME'="" idx=`expr $idx + 1` done parse_vhost_vars } createVHostDirDirective () { vhostIdx=1 eval noDirs='$APACHE2_VHOST_'$idx'_DIR_N' while [ "$vhostIdx" -le "$noDirs" ] do eval vhostActive='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACTIVE' eval vhostUseAlias='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ALIAS' eval vhostAlias='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ALIAS_NAME' eval vhostPath='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_PATH' eval vhostAuth_name='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_AUTH_NAME' eval vhostAuth_type='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_AUTH_TYPE' eval vhostAuth_n='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_AUTH_N' eval vhostCgi='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_CGI' eval vhostSsi='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_SSI' eval vhostAccess_type_all='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_TYPE_ALL' eval vhostAccess_type_ip='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_TYPE_IP' eval vhostAccess_ip='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_IP' eval vhostAccess_type_host='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_TYPE_HOST' eval vhostAccess_host='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_HOST' eval vhostAccess_type_local='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_ACCESS_CONTROL_TYPE_LOCAL' eval vhostContent='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_VIEW_DIR_CONTENT' eval vhostWebdav='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_WEBDAV' if [ "$vhostActive" = "yes" ] then if [ "$vhostUseAlias" = "yes" ] then echo " Alias $vhostAlias $vhostPath" fi #echo "Adding directory $vhostPath ..." >`tty` echo " " echo -n ' Options FollowSymLinks MultiViews' if [ "$vhostSsi" = "yes" ] then echo -n ' Includes' fi if [ "$vhostCgi" != "none" ] then echo -n ' ExecCGI' fi if [ "$vhostContent" = "yes" ] then echo ' Indexes' else echo fi if [ "$vhostCgi" != "none" ] then echo ' AddHandler cgi-script '$vhostCgi fi if [ "$vhostSsi" = "yes" ] then echo ' AddType text/html .shtml' echo ' AddHandler server-parsed .shtml' fi if [ "$vhostAuth_n" != "0" ] then if [ ! -d /usr/share/apache2/passwd ] then mkdir /usr/share/apache2/passwd fi if [ "${vhostAuth_type}" = "Basic" ] then echo ' AuthType Basic' echo ' AuthBasicProvider file' else echo ' ' echo ' LoadModule auth_digest_module /usr/share/apache2/modules/mod_auth_digest.so' echo ' ' echo ' AuthType Digest' echo ' AuthDigestDomain "'${vhostAuth_name}'"' echo ' AuthDigestProvider file' fi echo ' AuthName "'${vhostAuth_name}'"' echo ' AuthUserFile /usr/share/apache2/passwd/passwords.'${idx}.$vhostIdx echo ' require valid-user' rm -f /usr/share/apache2/passwd/passwords.${idx}.$vhostIdx touch /usr/share/apache2/passwd/passwords.${idx}.$vhostIdx vhostIdx2=1 while [ "$vhostIdx2" -le "$vhostAuth_n" ] do eval user='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_AUTH_'$vhostIdx2'_USER' eval pass='$APACHE2_VHOST_'$idx'_DIR_'$vhostIdx'_AUTH_'$vhostIdx2'_PASS' if [ "${vhostAuth_type}" = "Basic" ] then /usr/bin/htpasswd -b /usr/share/apache2/passwd/passwords.${idx}.$vhostIdx $user $pass 2>/dev/null else # hash the username, realm, and password htdigest_hash=`printf "$user:$vhostAuth_name:$pass" | md5sum -` # build an htdigest appropriate line, and tack it onto the file echo "${user}:${vhostAuth_name}:${htdigest_hash:0:32}" >> /usr/share/apache2/passwd/passwords.$idx.$vhostIdx fi vhostIdx2=`expr $vhostIdx2 + 1` done chown -R ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} /usr/share/apache2/passwd chmod 700 /usr/share/apache2/passwd chmod 600 /usr/share/apache2/passwd/* else if [ "$access_type_all" = "yes" ] then echo " Require all granted" elif [ "$access_type_ip" = "yes" ] then echo " Require ip $access_ip" elif [ "$access_type_host" = "yes" ] then echo " Require ip $access_host" elif [ "$access_type_local" = "yes" ] then echo " Require local" fi fi if [ "$vhostWebdav" = "yes" ] then mkdir -p /usr/share/apache2/var chown ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} /usr/share/apache2/var echo "Dav on" fi echo ' AllowOverride All' echo ' ' if [ ! -d $vhostPath ] then mkdir -p $vhostPath touch $vhostPath/index.html echo "

GEHEIM!

">$vhostPath/index.html chown -R ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} $vhostPath fi fi vhostIdx=`expr $vhostIdx + 1` done } # --------------------------------------------------------------------------- # Prepare Apache Directories # --------------------------------------------------------------------------- prepare_apache_directories() { if "${_new_install:-false}" then mkdir -p /etc/apache2/mods-enabled mkdir -p -m 0750 /etc/apache2/mods-plugins mkdir -p -m 0750 /etc/apache2/vhost mkdir -p /var/lib/apache/diskcache mkdir -p /run/lock/apache2 chown ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} /var/lib/apache chown ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} /var/lib/apache/diskcache chown ${APACHE2_USERNAME}:${APACHE2_GROUPNAME} /run/lock/apache2 fi # set docroot as home directory for www user #/usr/sbin/usermod -d $APACHE2_DOCUMENT_ROOT $APACHE2_USERNAME >/dev/null 2>&1 } #============================================================================ # end only include once #============================================================================ fi #============================================================================ # end #============================================================================