#!/bin/bash
hvconfig_pre()
{
cd ${LFS_TMP}/${PACKAGE}
cat >> config.layout << "EOF" &&
# BLFS FHS layout
prefix: /usr
exec_prefix: ${prefix}
bindir: ${exec_prefix}/bin
sbindir: ${exec_prefix}/sbin
libdir: ${exec_prefix}/lib
libexecdir: ${exec_prefix}/libexec/apache
mandir: ${prefix}/share/man
sysconfdir: /etc/apache
datadir: /srv/www
installbuilddir: ${libexecdir}/build
errordir: ${datadir}/error
iconsdir: ${datadir}/icons
htdocsdir: ${datadir}/htdocs
manualdir: ${datadir}/manual
cgidir: ${datadir}/cgi-bin
includedir: ${prefix}/include/apache
localstatedir: ${datadir}
runtimedir: /var/run
logfiledir: /var/log/apache
proxycachedir: /var/cache/apache/proxy
EOF
groupadd -f ${APACHE_USER}
hv_useradd -c WebServer -d /dev/null -g ${APACHE_USER} -s /bin/false \
${APACHE_USER}
CONFIGURE_OPTS=" \
--enable-layout=FHS \
--enable-mods-shared=all \
--enable-ssl \
--with-z"
}
hvbuild_post()
{
chown -v root:root /usr/bin/{apxs,dbmmanage} \
/usr/sbin/{apachectl,envvars{,-std}} \
/usr/libexec/apache/httpd.exp \
/usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \
/usr/share/man/man8/{apachectl,htcacheclean,httpd,rotatelogs,suexec}.8 &&
sed -i -e "s!^\(DocumentRoot\) .*!\1 /srv/www/htdocs!" /etc/apache/httpd.conf
# Modifying the listening port if an alternate one is specified.
if [ -n "${HTTPD_PORT}" ]; then
if ! grep -q "Listen ${HTTPD_PORT}" /etc/apache/httpd.conf; then
# Adding alternate port to default port of 80
sed -i -e "s%\(Listen 80\)%\1\nListen ${HTTPD_PORT}%" \
/etc/apache/httpd.conf
fi
fi
# Modifying the configuration file to run the server as a dedicated user:
sed -i \
-e "s!^\(User\).*!\1 ${APACHE_USER}!g" \
-e "s!^\(Group\).*!\1 ${APACHE_USER}!g" \
/etc/apache/httpd.conf
# SSL Certificates generation script
cat > /etc/apache/generate-ssl-certs << "EOF"
#!/bin/bash
# Creation of SSL directories for Apache
cd /etc/apache
mkdir -p ssl
cd ssl
echo "-------------------------------------------------"
echo "Generation of the RSA private key"
echo "-------------------------------------------------"
openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key 1024
echo "-------------------------------------------------"
echo "Removing pass-phrase from the private key"
echo "-------------------------------------------------"
cp server.key server.key.orig
openssl rsa -in server.key.orig -out server.key
# The unencrypted key must be readable only by root!
chown root:root server.*
chmod 0400 server.*
echo "-------------------------------------------------"
echo "Generation of a Certificate Signing Request (CSR)"
echo ""
echo "Example fields:"
echo "Country name: CA"
echo "State or Province Name: Quebec"
echo "Locality Name: Montreal"
echo "Organization Name: Hugo Villeneuve"
echo "Organizational Unit Name: ."
echo "Common Name: www.hugovil.com"
echo "Email Address: webmaster@hugovil.com"
echo ""
echo "Please enter the following 'extra' attributes"
echo "to be sent with your certificate request"
echo "A challenge password []: (press enter) "
echo "An optional company name []: (press enter) "
echo ""
echo "-------------------------------------------------"
openssl req -new -key server.key -out server.csr
echo "-------------------------------------------------"
echo "Generation of a self-signed certificate"
echo "-------------------------------------------------"
openssl x509 -req -days 10000 -in server.csr -signkey server.key -out server.crt
exit $?
EOF
chmod 740 /etc/apache/generate-ssl-certs
mkdir -p /etc/apache/ssl
cp /etc/apache/extra/httpd-ssl.conf /etc/apache/ssl/ssl.conf
sed -i -e "s!^!\n Include /etc/apache/ssl/ssl.conf!" /etc/apache/httpd.conf
mkdir -p /srv/www/htdocs/ssl
sed -i -e "s!^DocumentRoot .*!DocumentRoot /srv/www/htdocs/ssl!" /etc/apache/ssl/ssl.conf
sed -i -e "s!^ServerName .*:443!ServerName www.${DOMAIN}:443!" /etc/apache/ssl/ssl.conf
sed -i -e "s!^ServerAdmin .*!ServerAdmin webmaster@${DOMAIN}!" /etc/apache/ssl/ssl.conf
sed -i -e "s!/etc/apache!/etc/apache/ssl!" /etc/apache/ssl/ssl.conf
chown -v -R ${APACHE_USER}:${APACHE_USER} /srv/www
# Bootscript
install -v -m740 ${SCRDIR}/bootscripts/apache /etc/rc.d/init.d
# script-name start stop
bootscript_add_rc3 apache 70 20
}