2014-10-23 15:47:21 +04:00
|
|
|
##@cooked comments # -*- coding: utf-8 mode: sh -*- vim:sw=4:sts=4:et:ai:si:sta:fenc=utf-8
|
2014-10-23 21:26:42 +04:00
|
|
|
## Outils de haut niveau pour gérer apache et sa configuration
|
2014-10-23 15:47:21 +04:00
|
|
|
##@cooked nocomments
|
|
|
|
##@require base
|
|
|
|
##@require sysinfos
|
2014-10-23 21:26:42 +04:00
|
|
|
##@require apache
|
|
|
|
uprovide apache.tools
|
|
|
|
urequire base sysinfos apache
|
2014-10-23 15:47:21 +04:00
|
|
|
|
|
|
|
function __apache_resolvcert() {
|
|
|
|
[ -n "$__rc_dir" ] || __rc_dir="$(dirname "$__rc_conf")"
|
|
|
|
eval "$(
|
|
|
|
source "$__rc_conf"
|
|
|
|
set_var_cmd __rc_cert "$cert"
|
|
|
|
set_var_cmd __rc_key "$key"
|
|
|
|
set_var_cmd __rc_ca "$ca"
|
|
|
|
)"
|
|
|
|
[ -n "$__rc_cert" ] && __rc_cert="$(abspath "$__rc_cert" "$__rc_dir")"
|
|
|
|
[ -n "$__rc_key" ] && __rc_key="$(abspath "$__rc_key" "$__rc_dir")"
|
|
|
|
[ -n "$__rc_ca" ] && __rc_ca="$(abspath "$__rc_ca" "$__rc_dir")"
|
|
|
|
}
|
|
|
|
|
|
|
|
function __apache_checkvars() {
|
|
|
|
if [ -n "$__rc_cert" -a -z "$__rc_key" ]; then
|
|
|
|
local __rc_name __rc_ext
|
|
|
|
splitname "$__rc_cert" __rc_name __rc_ext
|
|
|
|
if [ "$__rc_ext" == "crt" -o "$__rc_ext" == "pem" ]; then
|
|
|
|
__rc_key="$__rc_name.key"
|
|
|
|
enote "La clé privée n'a pas été spécifiée. La valeur $(ppath "$__rc_key") sera utilisée"
|
|
|
|
else
|
|
|
|
eerror "Impossible de trouver la clé privée correspondant au certificat $(ppath "$__rc_cert")"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
if [ -z "$__rc_cert" -a -z "$__rc_ca" ]; then
|
|
|
|
eerror "Vous devez spécifier le certificat à installer"
|
|
|
|
return 1
|
|
|
|
elif [ -z "$__rc_cert" ]; then
|
|
|
|
eattention "Seul le certificat autorité a été spécifié."
|
|
|
|
elif [ -z "$__rc_ca" ]; then
|
|
|
|
ewarn "Aucun certificat autorité n'a pas été spécifié. Cela ne peut marcher que si le certificat est autosigné"
|
|
|
|
fi
|
|
|
|
|
|
|
|
local i
|
|
|
|
for i in "$__rc_cert" "$__rc_key" "$__rc_ca"; do
|
|
|
|
[ -n "$i" ] || continue
|
|
|
|
[ -f "$i" ] || {
|
|
|
|
eerror "$i: Fichier introuvable"
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
done
|
|
|
|
}
|
|
|
|
|
|
|
|
function apache_resolvecert() {
|
|
|
|
# Calculer l'emplacement des certificats correspondant aux arguments $1 et
|
|
|
|
# $2 (qui correspondent aux options --conf et --dir de apache_addcert()),
|
|
|
|
# puis initialiser les variables $3(=cert), $4(=key) et $5(=ca)
|
|
|
|
local __rc_conf="$1" __rc_dir="$2"
|
|
|
|
local __rc_cert __rc_key __rc_ca
|
|
|
|
|
|
|
|
__apache_resolvcert
|
|
|
|
__apache_checkvars || return 1
|
|
|
|
set_var "${3:-cert}" "$__rc_cert"
|
|
|
|
set_var "${4:-key}" "$__rc_key"
|
|
|
|
set_var "${5:-ca}" "$__rc_ca"
|
|
|
|
}
|
|
|
|
|
|
|
|
function apache_addcert() {
|
|
|
|
function __apache_addcert_display_help() {
|
|
|
|
uecho "apache_addcert: Installer un certificat sur le serveur
|
|
|
|
|
|
|
|
USAGE
|
|
|
|
apache_addcert [options] [cert.pem [cert.key [ca.pem]]]
|
|
|
|
|
|
|
|
OPTIONS
|
|
|
|
--conf certsconf
|
|
|
|
--dir certsdir
|
|
|
|
Spécifier un fichier de configuration et un répertoire depuis lesquels
|
|
|
|
prendre les informations sur les certificats à utiliser.
|
|
|
|
Le fichier de configuration doit définir les variables cert, key et ca
|
|
|
|
avec les noms des fichiers contenant respectivement le certificat, la
|
|
|
|
clé privée, et les certificats autorités, exprimés relativement au
|
|
|
|
répertoire certsdir.
|
|
|
|
Si ces options ne sont pas spécifiées, les fichiers doivent être donnés
|
|
|
|
sur la ligne de commande.
|
|
|
|
|
|
|
|
--out-cert cert
|
|
|
|
--out-key key
|
|
|
|
--out-ca ca
|
|
|
|
Au lieu d'installer les certificats, placer les chemins vers les
|
|
|
|
fichiers correspondant dans les variables spécifiées"
|
|
|
|
}
|
|
|
|
|
|
|
|
eval "$(utools_local)"
|
|
|
|
local action=install
|
|
|
|
local certsconf certsdir cert key ca
|
|
|
|
local __out_cert __out_key __out_ca
|
|
|
|
parse_opts "${PRETTYOPTS[@]}" \
|
|
|
|
--help '$exit_with __apache_addcert_display_help' \
|
|
|
|
-C:,--conf: certsconf= \
|
|
|
|
-d:,--dir: certsdir= \
|
|
|
|
--out-cert: '$set@ __out_cert; action=dump' \
|
|
|
|
--out-key: '$set@ __out_key; action=dump' \
|
|
|
|
--out-ca: '$set@ __out_ca; action=dump' \
|
|
|
|
@ args -- "$@" && set -- "${args[@]}" || die "$args"
|
|
|
|
|
|
|
|
local __rc_conf __rc_dir
|
|
|
|
local __rc_cert __rc_key __rc_ca
|
|
|
|
if [ -n "$certsconf" ]; then
|
|
|
|
__rc_conf="$certsconf"
|
|
|
|
__rc_dir="$certsdir"
|
|
|
|
__apache_resolvconf
|
|
|
|
__apache_checkvars || return 1
|
|
|
|
else
|
|
|
|
__rc_cert="$1"
|
|
|
|
__rc_key="$2"
|
|
|
|
__rc_ca="$3"
|
|
|
|
__apache_checkvars || return 1
|
|
|
|
fi
|
|
|
|
cert="$__rc_cert"
|
|
|
|
key="$__rc_key"
|
|
|
|
ca="$__rc_ca"
|
|
|
|
|
|
|
|
if [ -n "$cert" ]; then
|
|
|
|
estepi "Certificat: $(ppath "$cert")"
|
|
|
|
estepi "Clé privée: $(ppath "$key")"
|
|
|
|
fi
|
|
|
|
[ -n "$ca" ] && estepi "CAutorités: $(ppath "$ca")"
|
|
|
|
ask_yesno "Voulez-vous continuer?" O || return 1
|
|
|
|
urequire install
|
|
|
|
|
|
|
|
etitle "Installation des certificats"
|
|
|
|
certsdir="$(get_APACHESSLCERTSDIR_prefix)"
|
|
|
|
keysdir="$(get_APACHESSLKEYSDIR_prefix)"
|
|
|
|
if [ ! -d "$certsdir" ]; then
|
|
|
|
mkdir -p "$certsdir" || return 1
|
|
|
|
chmod 755 "$certsdir" || return 1
|
|
|
|
fi
|
|
|
|
if [ ! -d "$keysdir" ]; then
|
|
|
|
mkdir -p "$keysdir" || return 1
|
|
|
|
chmod 710 "$keysdir" || return 1
|
|
|
|
fi
|
|
|
|
if [ -n "$cert" ]; then
|
|
|
|
copy_replace "$cert" "$certsdir" || return 1
|
|
|
|
chmod 644 "$certsdir/$(basename "$cert")" || return 1
|
|
|
|
copy_replace "$key" "$keysdir" || return 1
|
|
|
|
chmod 640 "$keysdir/$(basename "$key")" || return 1
|
|
|
|
fi
|
|
|
|
if [ -n "$ca" ]; then
|
|
|
|
copy_replace "$ca" "$certsdir" || return 1
|
|
|
|
chmod 644 "$certsdir/$(basename "$ca")" || return 1
|
|
|
|
fi
|
|
|
|
eend
|
|
|
|
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
|
2016-04-07 23:55:50 +04:00
|
|
|
__APACHE_AUTOCONF_SUFFIXES=(d8 d)
|
|
|
|
__APACHE_AUTOCONF_SUFFIX_d8=(-d debian -v jessie+)
|
|
|
|
__APACHE_AUTOCONF_SUFFIX_d=(-d debian)
|
|
|
|
function __apache_autoconf_check_suffix() {
|
|
|
|
array_contains __APACHE_AUTOCONF_SUFFIXES "$1" || return 1
|
|
|
|
local sysinfos="__APACHE_AUTOCONF_SUFFIX_${1}[@]"
|
|
|
|
check_sysinfos --vars sysname sysdist sysver bits "${!sysinfos}"
|
|
|
|
}
|
|
|
|
function __apache_autoconf_filter_suffix_files() {
|
|
|
|
grep -vF ..
|
|
|
|
}
|
2015-12-07 04:43:46 +04:00
|
|
|
function __apache_autoconf_setup() {
|
2015-12-24 09:58:09 +04:00
|
|
|
if ! check_sysinfos --vars sysname sysdist sysver bits -s linux64 linux32 linux -d debian; then
|
2015-12-07 04:43:46 +04:00
|
|
|
eerror "apache_autoconf n'est supporté que sur Debian linux"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
urequire install
|
|
|
|
compute_apache_prefixes
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
function __apache_autoconf_fillxxx() {
|
|
|
|
local var name value first=1
|
|
|
|
for var in "$@"; do
|
|
|
|
splitvar "$var" name value
|
|
|
|
array_addu FILLVARS "$name"
|
|
|
|
[ -n "$first" ] || FILLSCRIPT="$FILLSCRIPT"$'\n'
|
|
|
|
FILLSCRIPT="${FILLSCRIPT}s/@@${name}@@/$(qseds "${value}")/g"
|
|
|
|
first=
|
|
|
|
done
|
|
|
|
# Il faut un fichier temporaire pour les remplacement de fichiers
|
|
|
|
ac_set_tmpfile FILLTEMP
|
|
|
|
}
|
2014-11-29 23:02:48 +04:00
|
|
|
function __apache_autoconf_fillcopy() {
|
|
|
|
# copier le fichier $1 vers le fichier $2. Si le fichier $1 contient l'une
|
|
|
|
# des variables du tableau $FILLVARS, corriger d'abord le fichier avec le
|
|
|
|
# script sed $FILLSCRIPT. Le fichier temporaire $FILLTEMP est utilisé pour
|
|
|
|
# le remplacement des valeurs. $3 contient le cas échéant des commandes sed
|
|
|
|
# supplémentaires
|
2016-04-07 23:55:50 +04:00
|
|
|
# Si des fichiers suffixes existent, ne faire la copie que si un fichier
|
|
|
|
# approprié correspondant au système courant est trouvé
|
2015-04-20 01:15:27 +04:00
|
|
|
local src="$1" dest="$2" sedscript="$3" perms="${4:-go+rX}"
|
2014-11-29 23:02:48 +04:00
|
|
|
|
2016-04-07 23:55:50 +04:00
|
|
|
# vérifier les fichiers suffixe
|
|
|
|
local suffix have_suffix found_suffix
|
|
|
|
for suffix in "${__APACHE_AUTOCONF_SUFFIXES[@]}"; do
|
|
|
|
if [ -f "$src..$suffix" ]; then
|
|
|
|
have_suffix=1
|
|
|
|
if __apache_autoconf_check_suffix "$suffix"; then
|
|
|
|
found_suffix=1
|
|
|
|
src="$src..$suffix"
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
[ -n "$have_suffix" -a -z "$found_suffix" ] && return 1
|
|
|
|
|
|
|
|
# valeurs à remplacer dans le fichier
|
|
|
|
local var found_var
|
2014-11-29 23:02:48 +04:00
|
|
|
for var in "${FILLVARS[@]}"; do
|
2016-04-07 23:55:50 +04:00
|
|
|
if quietgrep "@@${var}@@" "$src"; then
|
|
|
|
found_var=1
|
2014-11-29 23:02:48 +04:00
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
2016-04-07 23:55:50 +04:00
|
|
|
if [ "$found_var" ]; then
|
2014-11-29 23:02:48 +04:00
|
|
|
sed "$FILLSCRIPT
|
2015-04-20 17:43:19 +04:00
|
|
|
$sedscript" <"$src" >"$FILLTEMP"
|
2014-11-29 23:02:48 +04:00
|
|
|
src="$FILLTEMP"
|
|
|
|
fi
|
|
|
|
|
2014-12-01 08:40:50 +04:00
|
|
|
copy_update "$src" "$dest" "$perms"
|
2014-11-29 23:02:48 +04:00
|
|
|
}
|
|
|
|
|
2015-10-29 12:43:19 +04:00
|
|
|
__APACHE_AUTOCONF_HELP="\
|
|
|
|
--confdir CONFDIR
|
|
|
|
Spécifier l'emplacement des fichiers de configuration apache ainsi que des
|
|
|
|
fichiers 'confs.conf', 'modules.conf' et 'sites.conf'. Par défaut, prendre
|
|
|
|
le répertoire local DESTDIR.
|
|
|
|
--confsdir CONFSDIR
|
2015-12-07 04:43:46 +04:00
|
|
|
Spécifier l'emplacement des fichiers des configuration. Par défaut, utiliser
|
|
|
|
DESTDIR/confs si ce répertoire existe.
|
2015-10-29 12:43:19 +04:00
|
|
|
--modulesdir MODULESDIR
|
2015-12-07 04:43:46 +04:00
|
|
|
Spécifier l'emplacement des fichiers des modules. Par défaut, utiliser
|
|
|
|
DESTDIR/modules si ce répertoire existe.
|
2015-10-29 12:43:19 +04:00
|
|
|
--sitesdir SITESDIR
|
2015-12-07 04:43:46 +04:00
|
|
|
Spécifier l'emplacement des fichiers des sites. Par défaut, utiliser
|
|
|
|
DESTDIR/sites si ce répertoire existe.
|
2015-10-29 12:43:19 +04:00
|
|
|
--cgibindir CGIBINDIR
|
|
|
|
Spécifier l'emplacement des scripts cgi à installer. Par défaut, utiliser
|
|
|
|
DESTDIR/cgi-bin si ce répertoire existe.
|
|
|
|
--wwwdir WWWDIR
|
|
|
|
Spécifier l'emplacement des fichiers du serveur web. Par défaut, utiliser
|
|
|
|
DESTDIR/www si ce répertoire existe.
|
|
|
|
--certsconfdir CERTSCONFDIR
|
|
|
|
Spécifier l'emplacement des fichiers de configuration des certificats. Par
|
|
|
|
défaut, utiliser DESTDIR/certsconf si ce répertoire existe. Il faut alors
|
|
|
|
spécifier aussi CERTSDIR, l'emplacement des certificats à installer.
|
|
|
|
--rrdir RRDIR
|
|
|
|
Spécifier l'emplacement des fichiers de réécriture. Par défaut, utiliser
|
|
|
|
DESTDIR/RewriteRules si ce répertoire existe.
|
|
|
|
--no-restart
|
|
|
|
Ne pas redémarrer apache en cas de modification de la configuration"
|
|
|
|
function __display_apache_autoconf_help() { eecho "$__APACHE_AUTOCONF_HELP"; }
|
2014-10-23 15:47:21 +04:00
|
|
|
function apache_autoconf() {
|
|
|
|
eval "$(utools_local)"
|
2015-10-30 21:46:49 +04:00
|
|
|
local -a ignores
|
2015-12-07 04:43:46 +04:00
|
|
|
local autoconfdir certsdir confdir confsdir oneconf modulesdir onemodule
|
|
|
|
local sitesdir onesite cgibindir wwwdir certsconfdir rrdir onecms
|
2015-12-24 09:58:09 +04:00
|
|
|
local sysname sysdist sysver bits
|
|
|
|
local destconfsdir a2xconf
|
2014-10-23 15:47:21 +04:00
|
|
|
local restart=1
|
|
|
|
parse_opts "${PRETTYOPTS[@]}" \
|
2015-10-29 12:43:19 +04:00
|
|
|
--help '$exit_with __display_apache_autoconf_help' \
|
2015-10-30 21:46:49 +04:00
|
|
|
--ignore: ignores \
|
2014-10-23 15:47:21 +04:00
|
|
|
--confdir: confdir= \
|
2015-10-30 21:46:49 +04:00
|
|
|
--confsdir: confsdir= \
|
2015-12-07 04:43:46 +04:00
|
|
|
--one-conf: oneconf= \
|
2014-10-23 15:47:21 +04:00
|
|
|
--modulesdir: modulesdir= \
|
2015-12-07 04:43:46 +04:00
|
|
|
--one-module: onemodule= \
|
2014-10-23 15:47:21 +04:00
|
|
|
--sitesdir: sitesdir= \
|
2015-12-07 04:43:46 +04:00
|
|
|
--one-site: onesite= \
|
2014-10-23 15:47:21 +04:00
|
|
|
--cgibindir: cgibindir= \
|
|
|
|
--wwwdir: wwwdir= \
|
|
|
|
--certsconfdir: certsconfdir= \
|
|
|
|
--rrdir: rrdir= \
|
|
|
|
--no-restart restart= \
|
2015-12-24 09:58:09 +04:00
|
|
|
--sysname: sysname= \
|
|
|
|
--sysdist: sysdist= \
|
|
|
|
--sysver: sysver= \
|
|
|
|
-6,--squeeze sysver=squeeze \
|
|
|
|
-7,--wheezy sysver=wheezy \
|
|
|
|
-8,--jessie sysver=jessie \
|
|
|
|
--bits: bits= \
|
2014-10-23 15:47:21 +04:00
|
|
|
@ args -- "$@" && set -- "${args[@]}" || die "$args"
|
|
|
|
|
2015-12-24 09:58:09 +04:00
|
|
|
if [ -n "$sysname" -o -n "$sysdist" -o -n "$sysver" ]; then
|
|
|
|
ensure_sysinfos sysname sysdist sysver
|
|
|
|
else
|
|
|
|
sysname=("${MYSYSNAME[@]}")
|
|
|
|
sysdist=("${MYSYSDIST[@]}")
|
|
|
|
sysver=("${MYSYSVER[@]}")
|
|
|
|
bits="$MYBITS"
|
|
|
|
fi
|
2015-12-07 04:43:46 +04:00
|
|
|
__apache_autoconf_setup || return 1
|
2016-04-07 23:55:50 +04:00
|
|
|
if __apache_autoconf_check_suffix d8; then
|
|
|
|
confdefault=000-default.conf
|
|
|
|
confdefaultssl=default-ssl.conf
|
2015-12-24 09:58:09 +04:00
|
|
|
destconfsdir="$APACHECONFDIR/conf-available"
|
|
|
|
a2xconf=1
|
2016-04-07 23:55:50 +04:00
|
|
|
elif __apache_autoconf_check_suffix d; then
|
|
|
|
confdefault=default
|
|
|
|
confdefaultssl=default-ssl
|
2015-12-24 09:58:09 +04:00
|
|
|
destconfsdir="$APACHECONFDIR/conf.d"
|
|
|
|
fi
|
2014-10-23 15:47:21 +04:00
|
|
|
|
2014-11-29 23:02:48 +04:00
|
|
|
# Configuration
|
|
|
|
autoconfdir="$1"; shift
|
2014-10-23 15:47:21 +04:00
|
|
|
[ -n "$autoconfdir" ] || {
|
|
|
|
eerror "Vous devez spécifier le répertoire de base de la configuration apache"
|
|
|
|
return 1
|
|
|
|
}
|
2014-11-29 23:02:48 +04:00
|
|
|
certsdir="$1"; shift
|
2015-10-30 21:46:49 +04:00
|
|
|
if [ -z "$confdir" -o -z "$confsdir" -o -z "$modulesdir" \
|
|
|
|
-o -z "$sitesdir" -o -z "$cgibindir" -o -z "$wwwdir" \
|
|
|
|
-o -z "$certsconfdir" -o -z "$rrdir" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
[ -d "$autoconfdir" ] || {
|
|
|
|
eerror "$autoconfdir: répertoire invalide"
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
fi
|
|
|
|
[ -n "$confdir" ] || confdir="$autoconfdir"
|
2015-10-30 21:46:49 +04:00
|
|
|
[ -n "$confsdir" ] || confsdir="$autoconfdir/confs"
|
2014-10-23 15:47:21 +04:00
|
|
|
[ -n "$modulesdir" ] || modulesdir="$autoconfdir/modules"
|
|
|
|
[ -n "$sitesdir" ] || sitesdir="$autoconfdir/sites"
|
|
|
|
[ -n "$cgibindir" ] || cgibindir="$autoconfdir/cgi-bin"
|
|
|
|
[ -n "$wwwdir" ] || wwwdir="$autoconfdir/www"
|
|
|
|
[ -n "$certsconfdir" ] || certsconfdir="$autoconfdir/certsconf"
|
|
|
|
[ -n "$rrdir" ] || rrdir="$autoconfdir/RewriteRules"
|
2015-12-07 04:43:46 +04:00
|
|
|
[ -n "$oneconf" -o -n "$onemodule" -o -n "$onesite" ] && onecms=1
|
2014-10-23 15:47:21 +04:00
|
|
|
|
2014-11-29 23:02:48 +04:00
|
|
|
# Faire un script sed pour remplacer les variables spécifiées par leur
|
|
|
|
# valeur dans les fichiers
|
|
|
|
local -a FILLVARS; local FILLSCRIPT FILLTEMP
|
2016-03-08 11:51:46 +04:00
|
|
|
__apache_autoconf_fillxxx "$@"
|
2014-11-29 23:02:48 +04:00
|
|
|
|
|
|
|
# Copie des certificats
|
2015-11-12 15:40:08 +04:00
|
|
|
local modified rehash conf
|
2014-10-23 15:47:21 +04:00
|
|
|
if [ -d "$certsconfdir" ]; then
|
2015-11-12 15:40:08 +04:00
|
|
|
local -a certsconfs certspems
|
|
|
|
local certsconf certspem cert key ca
|
2015-04-20 17:55:10 +04:00
|
|
|
array_addu FILLVARS cert
|
|
|
|
array_addu FILLVARS key
|
|
|
|
array_addu FILLVARS ca
|
|
|
|
|
2014-10-23 15:47:21 +04:00
|
|
|
etitle "Installation des certificats"
|
|
|
|
array_lsfiles certsconfs "$certsconfdir" "*.conf"
|
|
|
|
for certsconf in "${certsconfs[@]}"; do
|
2015-11-12 15:40:08 +04:00
|
|
|
if [ -z "$certsdir" ]; then
|
|
|
|
eerror "CERTSDIR est requis si --certsconfdir est spécifié"
|
|
|
|
return 1
|
|
|
|
elif [ ! -d "$certsdir" ]; then
|
|
|
|
eerror "$certsdir: répertoire invalide"
|
|
|
|
return 1
|
|
|
|
fi
|
2014-10-23 15:47:21 +04:00
|
|
|
apache_resolvecert "$certsconf" "$certsdir" cert key ca || return 1
|
|
|
|
apache_addcert -y "$cert" "$key" "$ca"
|
|
|
|
modified=1
|
|
|
|
done
|
2015-11-12 15:40:08 +04:00
|
|
|
array_lsfiles certspems "$certsconfdir" "*.crt" "*.pem"
|
|
|
|
for certspem in "${certspems[@]}"; do
|
|
|
|
if copy_update "$certspem" "$APACHESSLCERTSDIR/$(basename -- "$certspem")"; then
|
|
|
|
modified=1
|
|
|
|
rehash=1
|
|
|
|
fi
|
|
|
|
done
|
2014-10-23 15:47:21 +04:00
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
2015-10-30 21:46:49 +04:00
|
|
|
# Gestion des configurations
|
2015-12-24 09:58:09 +04:00
|
|
|
if [ -d "$confsdir" -a \( -z "$onecms" -o -n "$oneconf" \) ]; then
|
2015-10-30 21:46:49 +04:00
|
|
|
local -a confs
|
|
|
|
local conf
|
|
|
|
etitle "Installation des configurations"
|
2016-04-07 23:55:50 +04:00
|
|
|
array_from_lines confs "$(list_files "$confsdir" "*.conf" | __apache_autoconf_filter_suffix_files)"
|
2015-10-30 21:46:49 +04:00
|
|
|
for conf in "${confs[@]}"; do
|
2015-12-07 04:43:46 +04:00
|
|
|
[ -z "$oneconf" -o "$conf" == "$oneconf" ] || continue
|
|
|
|
|
2015-10-30 21:46:49 +04:00
|
|
|
estep "$conf"
|
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$confsdir/$conf" \
|
2015-12-24 09:58:09 +04:00
|
|
|
"$destconfsdir/$conf" && modified=1
|
2015-10-30 21:46:49 +04:00
|
|
|
done
|
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Gestion des modules
|
2015-12-24 09:58:09 +04:00
|
|
|
if [ -d "$modulesdir" -a \( -z "$onecms" -o -n "$onemodule" \) ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
local -a confs
|
|
|
|
local conf
|
|
|
|
etitle "Installation des configurations des modules"
|
2016-04-07 23:55:50 +04:00
|
|
|
array_from_lines confs "$(list_files "$modulesdir" "*.conf" | __apache_autoconf_filter_suffix_files)"
|
2014-10-23 15:47:21 +04:00
|
|
|
for conf in "${confs[@]}"; do
|
2015-12-07 04:43:46 +04:00
|
|
|
[ -z "$onemodule" -o "$conf" == "$onemodule" ] || continue
|
|
|
|
|
2014-10-23 15:47:21 +04:00
|
|
|
estep "$conf"
|
2014-11-29 23:02:48 +04:00
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$modulesdir/$conf" \
|
|
|
|
"$APACHECONFDIR/mods-available/$conf" && modified=1
|
2014-10-23 15:47:21 +04:00
|
|
|
done
|
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
2014-11-29 23:02:48 +04:00
|
|
|
# Règles de réécriture
|
2015-12-07 04:43:46 +04:00
|
|
|
if [ -d "$rrdir" -a -z "$onecms" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
local -a confs
|
|
|
|
local conf
|
|
|
|
etitle "Installation des règles de réécriture"
|
|
|
|
array_from_lines confs "$(list_files "$rrdir" "RewriteRules*.conf")"
|
|
|
|
for conf in "${confs[@]}"; do
|
|
|
|
estep "$conf"
|
2014-11-29 23:02:48 +04:00
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$rrdir/$conf" \
|
|
|
|
"$APACHECONFDIR/$conf" && modified=1
|
2014-10-23 15:47:21 +04:00
|
|
|
done
|
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
2014-11-29 23:02:48 +04:00
|
|
|
# Sites
|
2014-10-23 15:47:21 +04:00
|
|
|
local -a enablesites disablesites
|
2015-12-24 09:58:09 +04:00
|
|
|
if [ -d "$sitesdir" -a \( -z "$onecms" -o -n "$onesite" \) ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
local -a confs
|
2014-11-29 23:02:48 +04:00
|
|
|
local conf confname destconf certsconf
|
2014-10-23 15:47:21 +04:00
|
|
|
etitle "Installation des sites"
|
2016-04-07 23:55:50 +04:00
|
|
|
array_from_lines confs "$(list_files "$sitesdir" "*.conf" | __apache_autoconf_filter_suffix_files)"
|
|
|
|
for confname in "${confs[@]}"; do
|
|
|
|
conf="$sitesdir/$confname"
|
2015-12-07 04:43:46 +04:00
|
|
|
[ -z "$onesite" -o "$confname" == "$onesite" ] || continue
|
|
|
|
|
2014-10-23 15:47:21 +04:00
|
|
|
certsconf=
|
2015-12-07 04:43:46 +04:00
|
|
|
if [ "${confname%.ssl.conf}" != "$confname" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
if [ -d "$certsconfdir" ]; then
|
2015-12-07 04:43:46 +04:00
|
|
|
certsconf="${confname%.ssl.conf}-certs.conf"
|
2014-10-23 15:47:21 +04:00
|
|
|
else
|
|
|
|
ewarn "$conf: fichier ignoré parce que --certsconfdir n'a pas été spécifié"
|
|
|
|
fi
|
|
|
|
fi
|
2015-12-24 10:09:29 +04:00
|
|
|
case "$confname" in
|
2016-04-07 23:55:50 +04:00
|
|
|
default.conf) destconf="$confdefault";;
|
|
|
|
default.ssl.conf) destconf="$confdefaultssl";;
|
2015-12-07 04:43:46 +04:00
|
|
|
*) destconf="$confname";;
|
2014-10-23 15:47:21 +04:00
|
|
|
esac
|
|
|
|
|
|
|
|
if [ -n "$certsconf" ]; then
|
|
|
|
certsconf="$certsconfdir/$certsconf"
|
|
|
|
if [ -f "$certsconf" ]; then
|
|
|
|
apache_resolvecert "$certsconf" "$certsdir" cert key ca || return 1
|
2014-11-29 23:02:48 +04:00
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$conf" \
|
|
|
|
"$APACHEAVSITESDIR/$destconf" "\
|
2014-10-23 15:47:21 +04:00
|
|
|
s#@@cert@@#$APACHESSLCERTSDIR/$(basename "$cert")#g
|
|
|
|
s#@@key@@#$APACHESSLKEYSDIR/$(basename "$key")#g
|
|
|
|
s#@@ca@@#$APACHESSLCERTSDIR/$(basename "$ca")#g
|
2014-11-29 23:02:48 +04:00
|
|
|
"
|
2014-10-23 15:47:21 +04:00
|
|
|
else
|
|
|
|
eerror "$(ppath "$certsconf"): fichier introuvable. Il a été ignoré"
|
|
|
|
fi
|
|
|
|
else
|
2014-11-29 23:02:48 +04:00
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$conf" \
|
|
|
|
"$APACHEAVSITESDIR/$destconf"
|
2014-10-23 15:47:21 +04:00
|
|
|
fi
|
|
|
|
enablesites=("${enablesites[@]}" "$destconf")
|
|
|
|
modified=1
|
|
|
|
done
|
|
|
|
eend
|
|
|
|
fi
|
2014-11-29 23:02:48 +04:00
|
|
|
|
|
|
|
# Fichiers de configuration
|
2015-12-07 04:43:46 +04:00
|
|
|
if [ -d "$confdir" -a -z "$onecms" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
local -a confs
|
|
|
|
local conf
|
|
|
|
etitle "Configuration de base"
|
2016-04-07 23:55:50 +04:00
|
|
|
array_add ignores confs.conf modules.conf sites.conf
|
|
|
|
array_from_lines confs "$(list_files "$confdir" | __apache_autoconf_filter_suffix_files)"
|
2014-10-23 15:47:21 +04:00
|
|
|
for conf in "${confs[@]}"; do
|
2015-10-30 21:46:49 +04:00
|
|
|
array_contains ignores "$conf" && continue
|
2014-10-23 15:47:21 +04:00
|
|
|
estep "$conf"
|
2014-11-29 23:02:48 +04:00
|
|
|
__apache_autoconf_fillcopy \
|
|
|
|
"$confdir/$conf" \
|
|
|
|
"$APACHECONFDIR/$conf" && modified=1
|
2014-10-23 15:47:21 +04:00
|
|
|
done
|
2015-12-24 09:58:09 +04:00
|
|
|
if [ -f "$confdir/confs.conf" -a -n "$a2xconf" ]; then
|
2015-10-30 21:46:49 +04:00
|
|
|
local -a confs
|
|
|
|
local conf
|
|
|
|
array_from_lines confs "$(<"$confdir/confs.conf" filter_conf)"
|
|
|
|
for conf in "${confs[@]}"; do
|
|
|
|
if [ "${conf#-}" != "$conf" ]; then
|
|
|
|
conf="${conf#-}"
|
|
|
|
estep "Désactivation de la configuration $conf"
|
|
|
|
a2disconf "$conf" && modified=1
|
|
|
|
else
|
|
|
|
conf="${conf#+}"
|
|
|
|
estep "Activation de la configuration $conf"
|
|
|
|
a2enconf "$conf" && modified=1
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
2014-10-23 15:47:21 +04:00
|
|
|
if [ -f "$confdir/modules.conf" ]; then
|
|
|
|
local -a modules
|
|
|
|
local module
|
|
|
|
array_from_lines modules "$(<"$confdir/modules.conf" filter_conf)"
|
|
|
|
for module in "${modules[@]}"; do
|
|
|
|
if [ "${module#-}" != "$module" ]; then
|
|
|
|
module="${module#-}"
|
2014-12-02 17:40:28 +04:00
|
|
|
estep "Désactivation du module $module"
|
|
|
|
a2dismod "$module" && modified=1
|
2014-10-23 15:47:21 +04:00
|
|
|
else
|
|
|
|
module="${module#+}"
|
2014-12-02 17:40:28 +04:00
|
|
|
estep "Activation du module $module"
|
|
|
|
a2enmod "$module" && modified=1
|
2014-10-23 15:47:21 +04:00
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
if [ -f "$confdir/sites.conf" ]; then
|
2016-04-07 23:55:50 +04:00
|
|
|
local -a sitesconfs; local sitesconf enable
|
2014-10-23 15:47:21 +04:00
|
|
|
array_from_lines sitesconfs "$(<"$confdir/sites.conf" filter_conf)"
|
|
|
|
if [ ${#sitesconfs[*]} -gt 0 ]; then
|
|
|
|
# si une configuration existe, ignorer la configuration
|
|
|
|
# automatique
|
|
|
|
enablesites=()
|
|
|
|
disablesites=()
|
|
|
|
for sitesconf in "${sitesconfs[@]}"; do
|
|
|
|
if [ "${sitesconf#+}" != "$sitesconf" ]; then
|
2016-04-07 23:55:50 +04:00
|
|
|
enable=1
|
|
|
|
sitesconf="${sitesconf#+}"
|
2014-10-23 15:47:21 +04:00
|
|
|
elif [ "${sitesconf#-}" != "$sitesconf" ]; then
|
2016-04-07 23:55:50 +04:00
|
|
|
enable=
|
|
|
|
sitesconf="${sitesconf#-}"
|
2014-10-23 15:47:21 +04:00
|
|
|
else
|
2016-04-07 23:55:50 +04:00
|
|
|
enable=1
|
|
|
|
fi
|
|
|
|
|
|
|
|
case "$sitesconf" in
|
|
|
|
default.conf) sitesconf="$confdefault";;
|
|
|
|
default.ssl.conf) sitesconf="$confdefaultssl";;
|
|
|
|
esac
|
|
|
|
if [ -n "$enable" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
array_del disablesites "$sitesconf"
|
|
|
|
array_add enablesites "$sitesconf"
|
2016-04-07 23:55:50 +04:00
|
|
|
else
|
|
|
|
array_del enablesites "$sitesconf"
|
|
|
|
array_add disablesites "$sitesconf"
|
2014-10-23 15:47:21 +04:00
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
eend
|
|
|
|
fi
|
2014-11-29 23:02:48 +04:00
|
|
|
|
|
|
|
# Scripts CGI
|
2015-12-07 04:43:46 +04:00
|
|
|
if [ -d "$cgibindir" -a -z "$onecms" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
etitle "Installation des scripts CGI"
|
|
|
|
cpdirnovcs "$cgibindir" "$CGIBINDIR"
|
|
|
|
eend
|
|
|
|
fi
|
2014-11-29 23:02:48 +04:00
|
|
|
|
|
|
|
# Contenu web
|
2015-12-07 04:43:46 +04:00
|
|
|
if [ -d "$wwwdir" -a -z "$onecms" ]; then
|
2014-10-23 15:47:21 +04:00
|
|
|
etitle "Installation des fichiers du serveur web"
|
|
|
|
cpdirnovcs "$wwwdir" "$HTDOCSDIR"
|
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
2014-11-29 23:02:48 +04:00
|
|
|
# Nettoyer le fichier temporaire
|
|
|
|
ac_clean "$FILLTEMP"
|
|
|
|
|
2014-10-23 15:47:21 +04:00
|
|
|
if [ -n "${enablesites[*]}" -o -n "${disablesites[*]}" ]; then
|
|
|
|
etitle "(dés)Activation des sites"
|
|
|
|
local site
|
|
|
|
for site in "${enablesites[@]}"; do
|
2014-12-02 17:42:14 +04:00
|
|
|
estep "Activation du site $site"
|
2014-10-23 15:47:21 +04:00
|
|
|
a2ensite "$site"
|
|
|
|
done
|
|
|
|
for site in "${disablesites[@]}"; do
|
2014-12-02 17:42:14 +04:00
|
|
|
estep "Désactivation du site $site"
|
2014-10-23 15:47:21 +04:00
|
|
|
a2dissite "$site"
|
|
|
|
done
|
|
|
|
eend
|
|
|
|
fi
|
|
|
|
|
2015-11-12 15:40:08 +04:00
|
|
|
if [ -n "$modified" ]; then
|
|
|
|
[ -n "$rehash" ] && elinedots "Hashage des certificats" c_rehash
|
|
|
|
if [ -n "$restart" ]; then
|
|
|
|
estep "Redémarrage d'apache"
|
|
|
|
"$APACHECTL" restart
|
|
|
|
fi
|
2014-10-23 15:47:21 +04:00
|
|
|
fi
|
|
|
|
}
|
2015-12-07 04:43:46 +04:00
|
|
|
|
|
|
|
function apache_autoconf_localhosts() {
|
|
|
|
eval "$(utools_local)"
|
2015-12-07 11:14:29 +04:00
|
|
|
local autoconfdir sitesdir onesite
|
2015-12-07 04:43:46 +04:00
|
|
|
parse_opts "${PRETTYOPTS[@]}" \
|
|
|
|
--sitesdir: sitesdir= \
|
2015-12-07 11:14:29 +04:00
|
|
|
--one-site: onesite= \
|
2015-12-07 04:43:46 +04:00
|
|
|
@ args -- "$@" && set -- "${args[@]}" || die "$args"
|
|
|
|
|
|
|
|
__apache_autoconf_setup || return 1
|
|
|
|
|
|
|
|
# Configuration
|
|
|
|
autoconfdir="$1"; shift
|
|
|
|
[ -n "$autoconfdir" ] || {
|
|
|
|
eerror "Vous devez spécifier le répertoire de base de la configuration apache"
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
[ -n "$sitesdir" ] || sitesdir="$autoconfdir/sites"
|
|
|
|
|
|
|
|
# Faire un script sed pour remplacer les variables spécifiées par leur
|
|
|
|
# valeur dans les fichiers
|
|
|
|
local -a FILLVARS; local FILLSCRIPT FILLTEMP ULIB_INSTALL_VERBOSE
|
2016-03-08 11:51:46 +04:00
|
|
|
__apache_autoconf_fillxxx "$@"
|
2015-12-07 04:43:46 +04:00
|
|
|
|
|
|
|
local -a newhosts
|
|
|
|
if [ -d "$sitesdir" ]; then
|
|
|
|
local -a localips localhosts confs candidates newhosts
|
|
|
|
local conf tmpconf candidate
|
|
|
|
|
|
|
|
array_from_lines localips "$(</etc/hosts awk '$1 ~ /127\./ { print $1 }' | sort -u)"
|
|
|
|
array_from_lines localhosts "$(</etc/hosts awk '$1 ~ /127\./ { for (i = 2; i <= NF; i++) { if ($i ~ /\.local$/) print $i } }' | sort -u)"
|
|
|
|
|
|
|
|
ac_set_tmpfile tmpconf
|
2015-12-07 11:14:29 +04:00
|
|
|
array_lsfiles confs "$sitesdir" "*.conf"
|
2015-12-07 04:43:46 +04:00
|
|
|
for conf in "${confs[@]}"; do
|
2015-12-07 11:14:29 +04:00
|
|
|
confname="$(basename "$conf")"
|
|
|
|
[ -z "$onesite" -o "$confname" == "$onesite" ] || continue
|
|
|
|
|
2015-12-07 04:43:46 +04:00
|
|
|
__apache_autoconf_fillcopy "$conf" "$tmpconf"
|
|
|
|
array_from_lines candidates "$(<"$tmpconf" awk '
|
|
|
|
$1 == "ServerName" && $2 ~ /\.local$/ { print $2 }
|
|
|
|
$1 == "ServerAlias" { for (i = 2; i <= NF; i++) { if ($i ~ /\.local$/) print $i } }
|
|
|
|
')"
|
|
|
|
for candidate in "${candidates[@]}"; do
|
|
|
|
array_contains localhosts "$candidate" || array_addu newhosts "$candidate"
|
|
|
|
done
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
|
|
|
local ip host i=0
|
|
|
|
for host in "${newhosts[@]}"; do
|
|
|
|
i=$(($i + 1)); ip="127.0.1.$i"
|
|
|
|
while array_contains localips "$ip"; do
|
|
|
|
i=$(($i + 1)); ip="127.0.1.$i"
|
|
|
|
done
|
|
|
|
estep "Ajout de $ip $host"
|
|
|
|
echo "$ip $host" >>/etc/hosts
|
|
|
|
done
|
|
|
|
}
|