#!/bin/bash
CONFDIR=/etc/httpd
hvconfig_pre()
{
cd ${LFS_TMP}/${PACKAGE}
cat >> config.layout << "EOF" &&
# BLFS FHS layout
prefix: /usr
exec_prefix: ${prefix}
bindir: ${exec_prefix}/bin
sbindir: ${exec_prefix}/sbin
libdir: ${exec_prefix}/lib
libexecdir: ${exec_prefix}/libexec/apache
mandir: ${prefix}/share/man
sysconfdir: /etc/httpd
datadir: /srv/www
installbuilddir: ${libexecdir}/build
errordir: ${datadir}/error
iconsdir: ${datadir}/icons
htdocsdir: ${datadir}/htdocs
manualdir: ${datadir}/manual
cgidir: ${datadir}/cgi-bin
includedir: ${prefix}/include/apache
localstatedir: ${datadir}
runtimedir: /var/run
logfiledir: /var/log/apache
proxycachedir: /var/cache/apache/proxy
EOF
groupadd -f ${HTTPD_USER}
hv_useradd -c WebServer -d /dev/null -g ${HTTPD_USER} -s /bin/false \
${HTTPD_USER}
CONFIGURE_OPTS=" \
--enable-layout=FHS \
--enable-mods-shared=all \
--enable-ssl \
--with-z"
}
hvbuild_post()
{
chown -v root:root /usr/bin/{apxs,dbmmanage} \
/usr/sbin/{apachectl,envvars{,-std}} \
/usr/libexec/apache/httpd.exp \
/usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \
/usr/share/man/man8/{apachectl,htcacheclean,httpd,rotatelogs,suexec}.8 &&
sed -i -e "s!^\(DocumentRoot\) .*!\1 /srv/www/htdocs!" /etc/httpd/httpd.conf
# Modifying the listening port if an alternate one is specified.
if [ -n "${HTTPD_PORT}" ]; then
if ! grep -q "Listen ${HTTPD_PORT}" ${CONFDIR}/httpd.conf; then
# Adding alternate port to default port of 80
sed -i -e "s%\(Listen 80\)%\1\nListen ${HTTPD_PORT}%" \
${CONFDIR}/httpd.conf
fi
fi
# Modifying the configuration file to run the server as a dedicated user:
sed -i \
-e "s!^\(User\).*!\1 ${HTTPD_USER}!g" \
-e "s!^\(Group\).*!\1 ${HTTPD_USER}!g" \
${CONFDIR}/httpd.conf
# SSL Certificates generation script
cat > ${CONFDIR}/generate-ssl-certs << "EOF"
#!/bin/bash
# Creation of SSL directories for Apache
cd ${CONFDIR}
mkdir -p ssl
cd ssl
echo "-------------------------------------------------"
echo "Generation of the RSA private key"
echo "-------------------------------------------------"
openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key 1024
echo "-------------------------------------------------"
echo "Removing pass-phrase from the private key"
echo "-------------------------------------------------"
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key
# The unencrypted key must be readable only by root!
chown root:root server.*
chmod 0400 server.*
echo "-------------------------------------------------"
echo "Generation of a Certificate Signing Request (CSR)"
echo ""
echo "Example fields:"
echo "Country name: CA"
echo "State or Province Name: Quebec"
echo "Locality Name: Montreal"
echo "Organization Name: Hugo Villeneuve"
echo "Organizational Unit Name: ."
echo "Common Name: www.hugovil.com"
echo "Email Address: webmaster@hugovil.com"
echo ""
echo "Please enter the following 'extra' attributes"
echo "to be sent with your certificate request"
echo "A challenge password []: (press enter) "
echo "An optional company name []: (press enter) "
echo ""
echo "-------------------------------------------------"
openssl req -new -key server.key -out server.csr
echo "-------------------------------------------------"
echo "Generation of a self-signed certificate"
echo "-------------------------------------------------"
openssl x509 -req -days 10000 -in server.csr -signkey server.key -out server.crt
exit $?
EOF
chmod 740 ${CONFDIR}/generate-ssl-certs
mkdir -p ${CONFDIR}/ssl
cp ${CONFDIR}/extra/httpd-ssl.conf ${CONFDIR}/ssl/ssl.conf
sed -i -e "s!^!\n Include ${CONFDIR}/ssl/ssl.conf!" ${CONFDIR}/httpd.conf
mkdir -p /srv/www/htdocs/ssl
sed -i -e "s!^DocumentRoot .*!DocumentRoot /srv/www/htdocs/ssl!" ${CONFDIR}/ssl/ssl.conf
sed -i -e "s!^ServerName .*:443!ServerName www.${DOMAIN}:443!" ${CONFDIR}/ssl/ssl.conf
sed -i -e "s!^ServerAdmin .*!ServerAdmin webmaster@${DOMAIN}!" ${CONFDIR}/ssl/ssl.conf
sed -i -e "s!${CONFDIR}!${CONFDIR}/ssl!" ${CONFDIR}/ssl/ssl.conf
chown -v -R ${HTTPD_USER}:${HTTPD_USER} /srv/www
# Bootscript
install -v -m740 ${SCRDIR}/bootscripts/apache /etc/rc.d/init.d
# script-name start stop
if [ "x${DEFAULT_WEB_SERVER}" == "xhttpd" ]; then
bootscript_add_rc3 apache 70 20
fi
}