Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/visual-panels/apache/src/cmd/httpd/http-vpanels
changeset 827 0944d8c0158b 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/visual-panels/apache/src/cmd/httpd/http-vpanels	Thu May 24 04:16:47 2012 -0400
@@ -0,0 +1,334 @@
+#!/sbin/sh
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+#
+
+. /lib/svc/share/smf_include.sh
+. /lib/svc/share/ipf_include.sh
+
+APACHE_HOME=/usr/apache2/2.2
+CONF_FILE=/etc/vpanels/httpd.conf
+PIDFILE=/var/run/apache2/httpd.pid
+
+TEMPLATE="/etc/vpanels/httpd_conf.templ"
+APACHE_CONF="/var/run/httpd.conf"
+SERVER_PG="httpd"
+LISTEN_PORTS=""
+
+CAT="/usr/bin/cat"
+CMP="/usr/bin/cmp"
+CP="/usr/bin/cp"
+ECHO="usr/bin/echo"
+GREP="/usr/bin/grep"
+MKDIR="/usr/bin/mkdir"
+MV="/usr/bin/mv"
+RM="/usr/bin/rm"
+SED="/usr/bin/sed"
+SORT="/usr/bin/sort"
+SVCPROP="/usr/bin/svcprop"
+TR="/usr/bin/tr"
+UNIQ="/usr/bin/uniq"
+
+vhost_is_enabled()
+{
+	enabled=`$SVCPROP -p ${1}/enabled  ${SMF_FMRI}`
+	if [ "$enabled" = "false" ]; then
+		return 1;
+	else
+		return 0;
+	fi
+}
+
+#
+# Add the given port to LISTEN_PORTS
+#
+add_listen_port()
+{
+	LISTEN_PORTS="${LISTEN_PORTS} ${1}"
+}
+
+# Create additional module directives from vhost configurations. Modules
+# additions are in server config context so this methods has to run
+# before any call to generate_vhost()
+#
+process_modules()
+{
+	mods=`mktemp /tmp/apache_mod.XXXXXX`
+	if [ -z "$mods" ]; then
+		exit 1
+	fi
+
+	# Get a list of enabled virtual host.
+	list="$SERVER_PG"
+	for vhost in $1
+	do
+		vhost_is_enabled $vhost && list="$list $vhost"
+	done
+
+	for pg in $list
+	do
+		modules=`$SVCPROP $SMF_FMRI | /usr/xpg4/bin/grep "^$pg\/module" | \
+		     awk ' { printf("%s ", $1) }'`
+
+		for module in $modules
+		do
+			set -- `$SVCPROP -p $module ${SMF_FMRI}`
+			if echo "$1" | grep "MODULE:"  >/dev/null 2>&1; then
+				modname=`echo $1 | cut -f2 -d ':'`
+				file=$2
+			else
+				modname=`echo $2 | cut -f2 -d ':'`
+				file=$1
+			fi
+			echo "LoadModule $modname $file" >>$mods
+
+		done
+	done
+
+	if [ -f $mods ]; then
+		$CAT $mods | $SORT -u >$mods
+		$CAT $mods >>$APACHE_CONF
+		echo "">>$APACHE_CONF
+	fi
+}
+
+# Put additional mime definitions into vhost configurations
+#
+process_mimes()
+{
+	pg=$1
+	mimes=`$SVCPROP $SMF_FMRI | /usr/xpg4/bin/grep "^$pg\/mime" | \
+	    awk ' { printf("%s ", $1) }'`
+
+	for mime in $mimes
+	do
+		Mimetype=""
+		ext=""
+		set -- `$SVCPROP -p $mime $SMF_FMRI` 
+		for arg in "$@"
+		do
+			if echo "$arg" | grep "MIME:"  >/dev/null 2>&1; then
+				Mimetype=`echo $arg | cut -f2 -d ':'`
+			else
+				ext="$ext $arg"
+			fi
+		done
+		ext=`echo "$ext" | sed 's/[,|\\]/ /g'`
+		echo "AddType $Mimetype $ext" >>$APACHE_CONF
+	done
+}
+
+# Create vhost configuration in APACHE_CONF for 
+# named vhost.
+#
+generate_vhost()
+{
+	vhost_name="$1"
+
+	# Don't bother if this vhost is disabled
+	vhost_is_enabled $vhost || return 0
+
+	sslengine=`$SVCPROP -p ${vhost_name}/sslengine ${SMF_FMRI}`
+	echo "" >>$APACHE_CONF
+	if [ "$sslengine" = "true" ]; then
+		sslcert=`$SVCPROP -p ${vhost_name}/sslcert ${SMF_FMRI}`
+		sslkey=`$SVCPROP -p ${vhost_name}/sslkey ${SMF_FMRI}`
+		sslip=`$SVCPROP -p ${vhost_name}/sslip ${SMF_FMRI}`
+		sslport=`$SVCPROP -p ${vhost_name}/sslport ${SMF_FMRI}`
+
+		echo "Listen   ${sslip}:${sslport}" >>$APACHE_CONF
+		echo "<VirtualHost   ${sslip}:${sslport}>" >>$APACHE_CONF
+		echo "SSLEngine on" >>$APACHE_CONF
+                echo "SSLCertificateFile   ${sslcert}" >>$APACHE_CONF
+                echo "SSLCertificateKeyFile   ${sslkey}" >>$APACHE_CONF
+	else
+		port=`$SVCPROP -p ${vhost_name}/port ${SMF_FMRI}`
+		add_listen_port $port
+		echo "<VirtualHost   *:${port}>" >>$APACHE_CONF
+	fi
+
+	process_mimes $vhost_name
+	docroot=`$SVCPROP -p ${vhost_name}/docroot ${SMF_FMRI}`
+	use_custom=`$SVCPROP -p ${vhost_name}/custom_conf ${SMF_FMRI}`
+	custom_file=`$SVCPROP -p ${vhost_name}/custom_file ${SMF_FMRI}`
+	domain=`$SVCPROP -p ${vhost_name}/domain ${SMF_FMRI}`
+	serve_home_dir=`$SVCPROP -p ${vhost_name}/serve_home_dir ${SMF_FMRI}`
+
+	# Create DocumentRoot directive if it's not empty. Also
+	# create a Directory section with default permission for
+	# the specified DocumentRoot directory
+	#
+	if [ "$docroot" != "\"\"" ]; then
+		echo "DocumentRoot  ${docroot}" >>$APACHE_CONF
+
+		echo "<Directory  \"${docroot}\" >" >>$APACHE_CONF
+		echo "Options Indexes Includes FollowSymLinks " \
+		     "SymLinksifOwnerMatch ExecCGI MultiViews" >>$APACHE_CONF
+		echo "AllowOverride None" >>$APACHE_CONF
+		echo "Order allow,deny" >>$APACHE_CONF
+		echo "Allow from all" >>$APACHE_CONF
+    		echo "</Directory> " >>$APACHE_CONF
+	fi
+
+	if [ "$use_custom" = "true" ]; then
+		if [ "$custom_file" != "\"\"" ]; then
+			echo "Include  ${custom_file}" >>$APACHE_CONF
+		fi
+	fi
+
+	if [ "$serve_home_dir" = "true" ]; then
+		echo "UserDir   public_html" >>$APACHE_CONF
+
+		echo "<Directory /home/*/public_html>" >>$APACHE_CONF
+		echo "  AllowOverride Options FileInfo AuthConfig Limit" >>$APACHE_CONF
+		echo "  Options Indexes Includes FollowSymLinks " \
+		     "SymLinksifOwnerMatch ExecCGI MultiViews" >>$APACHE_CONF
+		echo "  <Limit GET POST OPTIONS>" >>$APACHE_CONF
+		echo "    Order allow,deny" >>$APACHE_CONF
+		echo "    Allow from all" >>$APACHE_CONF
+		echo "  </Limit>" >>$APACHE_CONF
+		echo "  <LimitExcept GET POST OPTIONS>" >>$APACHE_CONF
+		echo "    Order deny,allow" >>$APACHE_CONF
+		echo "    Allow from all" >>$APACHE_CONF
+		echo "  </LimitExcept>" >>$APACHE_CONF
+		echo "</Directory>" >>$APACHE_CONF
+	fi
+
+	echo "ServerName   ${domain}" >>$APACHE_CONF
+	echo "</VirtualHost>" >>$APACHE_CONF
+}
+
+get_vhost_list()
+{
+	svccfg -s $1 listpg | awk ' {
+	    if (($1 ~ /^vhost/) && ($2 == "application"))
+	        printf("%s ", $1)
+	    }'
+}
+
+gen_conf_file()
+{
+	httpd_custom_file=`$SVCPROP -p ${SERVER_PG}/custom_file ${SMF_FMRI}`
+	httpd_sslengine=`$SVCPROP -p ${SERVER_PG}/sslengine ${SMF_FMRI}` 
+	httpd_custom_conf=`$SVCPROP -p ${SERVER_PG}/custom_conf ${SMF_FMRI}`
+
+	# Generate general parameters 
+	if [ "$httpd_custom_conf" = "true" ]; then
+		$RM ${CONF_FILE} >/dev/null 2>&1
+		ln -s ${httpd_custom_file} ${CONF_FILE}
+		exit 0
+	else
+		$CP $TEMPLATE $APACHE_CONF
+	fi
+
+	if [ "$httpd_sslengine" = "true" ]; then
+		echo "\n SSLEngine	on" >>$APACHE_CONF
+	fi
+
+	# Get the list of vhost names
+	vhost_list=`get_vhost_list ${SMF_FMRI}`
+
+	# Add mimes for server and modules for both server and virtual hosts
+	process_modules "${vhost_list}"
+	process_mimes "${SERVER_PG}"
+
+	# Make sure root user's home directory is disabled
+	echo "UserDir	disabled	root" >>$APACHE_CONF
+
+	# Generate vhost clauses in configuration file
+	for vhost in $vhost_list
+	do
+		generate_vhost $vhost
+	done
+
+	echo >> $APACHE_CONF
+
+        # Add a "Listen <port>" line for each uniqe port
+	echo "$LISTEN_PORTS" | "$TR" ' ' '\n' | "$GREP" '^[0-9][0-9]*$' |
+	    "$SORT" | "$UNIQ" | "$SED" 's/^/Listen /' >> $APACHE_CONF
+
+        # Add a "NameVirtualHost: *:<port>" line for each duplicate port
+	echo "$LISTEN_PORTS" | "$TR" ' ' '\n' | "$GREP" '^[0-9][0-9]*$' |
+	    "$SORT" | "$UNIQ" -d |
+	    "$SED" 's/^/NameVirtualHost *:/' >> $APACHE_CONF
+
+	replace_file $CONF_FILE $APACHE_CONF
+}
+
+gen_ipf_conf()
+{
+	FMRI=$1
+	ipf_file=`fmri_to_file ${FMRI} $IPF_SUFFIX`
+        policy=`get_policy ${FMRI}`
+
+	echo "# $FMRI" >$ipf_file
+	# rules for global port
+	port=`$SVCPROP -p ${SERVER_PG}/port  ${FMRI} 2>/dev/null`
+	generate_rules $FMRI $policy "tcp" "any" $port $ipf_file
+
+	# rules for virtual hosts
+	vhost_list=`get_vhost_list ${FMRI}`
+	for vhost in $vhost_list
+	do
+		ip="any"
+		sslengine=`$SVCPROP -p ${vhost}/sslengine ${FMRI} 2>/dev/null`
+		if [ "$sslengine" = "true" ]; then
+			ip=`$SVCPROP -p ${vhost}/sslip ${FMRI} 2>/dev/null`
+			port=`$SVCPROP -p ${vhost}/sslport ${FMRI} 2>/dev/null`
+		else
+			port=`$SVCPROP -p ${vhost}/port ${FMRI} 2>/dev/null`
+		fi
+		generate_rules $FMRI $policy "tcp" $ip $port $ipf_file
+	done
+}
+
+
+
+case "$1" in
+start)
+	gen_conf_file
+	$RM -f ${PIDFILE}
+	$MKDIR -p /var/run/apache2
+	cmd="-DSSL -k start"
+	;;
+refresh)
+	gen_conf_file
+	cmd="-k graceful"
+	;;
+stop)
+	cmd="-k stop"
+	;;
+ipfilter)
+	gen_ipf_conf $2
+	exit $SMF_EXIT_OK
+	;;
+*)
+	echo "Usage: $0 {start|stop|refresh}"
+	exit 1
+	;;
+esac
+
+[ ! -f ${CONF_FILE} ] &&  exit $SMF_EXIT_ERR_CONFIG
+
+exec ${APACHE_HOME}/bin/apachectl -f $CONF_FILE $cmd 2>&1
upstream/oracle/userland-gate