plc.d/httpd

   1 #!/bin/bash
   2 #
   3 # priority: 700
   4 #
   5 # Configure Apache web server
   6 #
   7 # Mark Huang <mlhuang@cs.princeton.edu>
   8 # Copyright (C) 2006 The Trustees of Princeton University
   9 #
  10 # $Id: httpd,v 1.9 2007/02/02 15:37:25 mlhuang Exp $
  11 #
  12
  13 # Source function library and configuration
  14 . /etc/plc.d/functions
  15 . /etc/planetlab/plc_config
  16
  17 # Be verbose
  18 set -x
  19
  20 # Default locations
  21 DocumentRoot=/var/www/html
  22 php_ini=/etc/php.ini
  23 httpd_conf=/etc/httpd/conf/httpd.conf
  24 ssl_conf=/etc/httpd/conf.d/ssl.conf
  25 plc_conf=/etc/httpd/conf.d/plc.conf
  26
  27 case "$1" in
  28     start)
  29         if [ "$PLC_API_ENABLED" != "1" -a \
  30              "$PLC_BOOT_ENABLED" != "1" -a \
  31              "$PLC_WWW_ENABLED" != "1" ] ; then
  32             exit 0
  33         fi
  34
  35         MESSAGE=$"Starting web server"
  36         dialog "$MESSAGE"
  37
  38         # Set the default include path
  39         include_path=".:$DocumentRoot/planetlab/includes:$DocumentRoot/generated:/etc/planetlab/php:/usr/share/plc_api/php"
  40         sed -i -e "s@[;]*include_path = \"\.:.*\"@include_path = \"$include_path\"@" $php_ini
  41
  42         # Disable default Listen directive
  43         sed -i -e '/^Listen/d' $httpd_conf
  44
  45         # Set the port numbers
  46         for server in WWW API BOOT ; do
  47             enabled=PLC_${server}_ENABLED
  48             if [ "${!enabled}" != "1" ] ; then
  49                 continue
  50             fi
  51             hostname=PLC_${server}_HOST
  52             http_port=PLC_${server}_PORT
  53             https_port=PLC_${server}_SSL_PORT
  54
  55             # API should always be accessed via SSL
  56             if [ "$server" = "API" ] ; then
  57                 https_port=${!http_port}
  58                 http_port=
  59             fi
  60
  61             # Check if we are already listening on these ports
  62             skip_http=0
  63             skip_https=0
  64             for previous_server in WWW API BOOT ; do
  65                 if [ "$server" = "$previous_server" ] ; then
  66                     break
  67                 fi
  68                 previous_enabled=PLC_${previous_server}_ENABLED
  69                 if [ "${!previous_enabled}" != "1" ] ; then
  70                     continue
  71                 fi
  72                 previous_http_port=PLC_${previous_server}_PORT
  73                 previous_https_port=PLC_${previous_server}_SSL_PORT
  74
  75                 if [ "${!http_port}" = "${!previous_http_port}" ] ; then
  76                     skip_http=1
  77                 fi
  78                 if [ "${!https_port}" = "${!previous_https_port}" ] ; then
  79                     skip_https=1
  80                 fi
  81             done
  82
  83             # HTTP configuration
  84             if [ $skip_http -eq 0 -a -n "${!http_port}" ] ; then
  85                 cat <<EOF
  86 Listen ${!http_port}
  87 # Make sure that the admin web pages and API are always accessed via SSL
  88 <VirtualHost *:${!http_port}>
  89     Redirect /db https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/db
  90     Redirect /planetlab https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/planetlab
  91     Redirect /$PLC_API_PATH https://$PLC_API_HOST:$PLC_API_PORT/$PLC_API_PATH
  92 </VirtualHost>
  93 EOF
  94             fi
  95
  96             # HTTPS configuration
  97             if [ $skip_https -eq 0 -a -n "${!https_port}" ] ; then
  98                 # XXX Cannot support NameVirtualHost over SSL. If
  99                 # the API, boot, and web servers are all running
 100                 # on the same machine, the web server certificate
 101                 # takes precedence.
 102                 sed -i \
 103                     -e "s/^Listen .*/Listen ${!https_port}/" \
 104                     -e "s/<VirtualHost _default_:.*>/<VirtualHost _default_:${!https_port}>/" \
 105                     $ssl_conf
 106             fi
 107         done >$plc_conf
 108
 109         # Set custom Apache directives
 110         (
 111             if [ "$PLC_API_ENABLED" = "1" ] ; then
 112                 cat <<EOF
 113 <Location $PLC_API_PATH>
 114     SetHandler mod_python
 115     PythonPath "sys.path + ['/usr/share/plc_api']"
 116     PythonHandler ModPython
 117 </Location>
 118 EOF
 119             else
 120                 cat <<EOF
 121 <Location $PLC_API_PATH>
 122     Deny from all
 123 </Location>
 124 EOF
 125             fi
 126
 127             if [ "$PLC_WWW_ENABLED" != "1" ] ; then
 128                 cat <<EOF
 129 <Location /db>
 130     Deny from all
 131 </Location>
 132 <Location /planetlab>
 133     Deny from all
 134 </Location>
 135 Redirect /index.php http://$PLC_WWW_HOST:$PLC_WWW_PORT/
 136 EOF
 137             fi
 138         ) >>$plc_conf
 139
 140         # Make alpina-logs directory writable for bootmanager log upload
 141         chown apache:apache $DocumentRoot/alpina-logs/nodes
 142
 143         # Make the Drupal files upload directory owned by Apache
 144         mkdir -p $DocumentRoot/files
 145         chown apache:apache $DocumentRoot/files
 146
 147         # Symlink any (real) files or directories in
 148         # /data/var/www/html/* to /var/www/html/. We could descend
 149         # into subdirectories, but the code to do so properly would be
 150         # madness.
 151         for file in /data/$DocumentRoot/* ; do
 152             if [ -e "$file" -a ! -h "$file" ] ; then
 153                 base=$(basename "$file")
 154                 if [ ! -e "$DocumentRoot/$base" ] ; then
 155                     ln -nsf "$file" "$DocumentRoot/$base"
 156                 fi
 157             fi
 158         done
 159
 160         # Cleanup broken symlinks
 161         for file in $DocumentRoot/* ; do
 162             if [ -h "$file" -a ! -e "$file" ] ; then
 163                 rm -f "$file"
 164             fi
 165         done
 166
 167         # Old style PHP constants
 168         mkdir -p /etc/planetlab/php
 169         cat >/etc/planetlab/php/site_constants.php <<"EOF"
 170 <?php
 171 include('plc_config.php');
 172
 173 define('PL_API_SERVER', PLC_API_HOST);
 174 define('PL_API_PATH', PLC_API_PATH);
 175 define('PL_API_PORT', PLC_API_PORT);
 176 define('PL_API_CAPABILITY_AUTH_METHOD', 'capability');
 177 define('PL_API_CAPABILITY_PASS', PLC_API_MAINTENANCE_PASSWORD);
 178 define('PL_API_CAPABILITY_USERNAME', PLC_API_MAINTENANCE_USER);
 179 define('WWW_BASE', PLC_WWW_HOST);
 180 define('BOOT_BASE', PLC_BOOT_HOST);
 181 define('DEBUG', PLC_WWW_DEBUG);
 182 define('API_CALL_DEBUG', PLC_API_DEBUG);
 183 define('SENDMAIL', PLC_MAIL_ENABLED);
 184 define('PLANETLAB_SUPPORT_EMAIL', PLC_NAME . ' Support <' . PLC_MAIL_SUPPORT_ADDRESS . '>');
 185 define('PLANETLAB_SUPPORT_EMAIL_ONLY', PLC_MAIL_SUPPORT_ADDRESS);
 186 ?>
 187 EOF
 188
 189         plc_daemon httpd
 190         check
 191
 192         result "$MESSAGE"
 193         ;;
 194
 195     stop)
 196         MESSAGE=$"Stopping web server"
 197         dialog "$MESSAGE"
 198
 199         killproc plc_httpd
 200         check
 201
 202         result "$MESSAGE"
 203         ;;
 204 esac
 205
 206 exit $ERRORS