plc.d/httpd

   1 #!/bin/bash
   2 #
   3 # priority: 600
   4 #
   5 # Configure Apache web server
   6 #
   7 # Mark Huang <mlhuang@cs.princeton.edu>
   8 # Copyright (C) 2006 The Trustees of Princeton University
   9 #
  10
  11 # Source function library and configuration
  12 . /etc/plc.d/functions
  13 . /etc/planetlab/plc_config
  14
  15 # Be verbose
  16 set -x
  17
  18 # Default locations
  19 DocumentRoot=/var/www/html
  20 php_ini=/etc/php.ini
  21 httpd_conf=/etc/httpd/conf/httpd.conf
  22 ssl_conf=/etc/httpd/conf.d/ssl.conf
  23 plc_conf=/etc/httpd/conf.d/plc.conf
  24
  25 function disable_file () {
  26     file=$1; shift
  27     [ -f $file ] && mv -f $file $file.disabled
  28 }
  29 function enable_file () {
  30     file=$1; shift
  31     [ ! -f $file ] && mv -f $file.disabled $file
  32 }
  33
  34 case "$1" in
  35     start)
  36         if [ "$PLC_API_ENABLED" != "1" -a \
  37              "$PLC_BOOT_ENABLED" != "1" -a \
  38              "$PLC_WWW_ENABLED" != "1" ] ; then
  39             exit 0
  40         fi
  41
  42         MESSAGE=$"Starting web server"
  43         dialog "$MESSAGE"
  44
  45         # set document root - not really useful on fedora but just in case
  46         sed -i -e "s@^DocumentRoot.*@DocumentRoot \"$DocumentRoot\"@" $httpd_conf
  47         # whether WWW is enabled or not :
  48         if [ "$PLC_WWW_ENABLED" != "1" ] ; then
  49             # avoid hitting drupal, that would try to connect to the db and create noise
  50             disable_file $DocumentRoot/index.php
  51         else
  52             enable_file $DocumentRoot/index.php
  53         fi
  54
  55         # Set the default include path
  56         include_path=".:$DocumentRoot/planetlab/includes:$DocumentRoot/plekit/php:$DocumentRoot/generated:/etc/planetlab/php:/usr/share/plc_api/php"
  57         sed -i -e "s@[;]*include_path = \"\.:.*\"@include_path = \"$include_path\"@" $php_ini
  58
  59         # for php-5.3 under fedora12, otherwise issues tons of warning messages
  60         # Set timezone in php.ini if not already there
  61         if grep '^;date.timezone' $php_ini >& /dev/null; then
  62             dialog 'Setting PHP timezone to GMT'
  63             sed -i -e 's,^;date.timezone.*,date.timezone = GMT,' $php_ini
  64         fi
  65
  66         if grep '^short_open_tag = Off' $php_ini >& /dev/null; then
  67             sed -i -e 's,^short_open_tag = Off,short_open_tag = On,' $php_ini
  68         fi
  69
  70         # Disable default Listen directive
  71         sed -i -e '/^Listen/d' $httpd_conf
  72
  73         # Set the port numbers
  74         for server in WWW API BOOT ; do
  75             enabled=PLC_${server}_ENABLED
  76             if [ "${!enabled}" != "1" ] ; then
  77                 continue
  78             fi
  79             hostname=PLC_${server}_HOST
  80             http_port=PLC_${server}_PORT
  81             https_port=PLC_${server}_SSL_PORT
  82
  83             # API should always be accessed via SSL
  84             if [ "$server" = "API" ] ; then
  85                 https_port=${!http_port}
  86                 http_port=
  87             fi
  88
  89             # Check if we are already listening on these ports
  90             skip_http=0
  91             skip_https=0
  92             for previous_server in WWW API BOOT ; do
  93                 if [ "$server" = "$previous_server" ] ; then
  94                     break
  95                 fi
  96                 previous_enabled=PLC_${previous_server}_ENABLED
  97                 if [ "${!previous_enabled}" != "1" ] ; then
  98                     continue
  99                 fi
 100                 previous_http_port=PLC_${previous_server}_PORT
 101                 previous_https_port=PLC_${previous_server}_SSL_PORT
 102
 103                 if [ "${!http_port}" = "${!previous_http_port}" ] ; then
 104                     skip_http=1
 105                 fi
 106                 if [ "${!https_port}" = "${!previous_https_port}" ] ; then
 107                     skip_https=1
 108                 fi
 109             done
 110
 111         # Create a separate path for mod_wsgi until we are ready to replace
 112         # mod_python
 113         PLC_API_WSGI_PATH=/PLCAPIWSGI
 114
 115             # HTTP configuration
 116             if [ $skip_http -eq 0 -a -n "${!http_port}" ] ; then
 117                 cat <<EOF
 118 Listen ${!http_port}
 119 # create wsgi socket where we have the permission
 120 ### WSGISocketPrefix run/wsgi
 121 # Make sure that the admin web pages and API are always accessed via SSL
 122 <VirtualHost *:${!http_port}>
 123     Redirect /db https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/db
 124     Redirect /planetlab https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/planetlab
 125     Redirect /$PLC_API_PATH https://$PLC_API_HOST:$PLC_API_PORT/$PLC_API_PATH
 126 ###     Redirect /$PLC_API_WSGI_PATH/ https://$PLC_API_HOST:$PLC_API_PORT/$PLC_API_WSGI_PATH/
 127 ###     WSGIScriptAlias $PLC_API_WSGI_PATH /usr/share/plc_api/ModWSGI.wsgi
 128     # XX make processes and threads configurable
 129 ###     WSGIDaemonProcess plcapi-wsgi user=apache group=apache processes=1 threads=25
 130 ###     WSGIProcessGroup plcapi-wsgi
 131 </VirtualHost>
 132 EOF
 133             fi
 134
 135             # HTTPS configuration
 136             if [ $skip_https -eq 0 -a -n "${!https_port}" ] ; then
 137                 # XXX Cannot support NameVirtualHost over SSL. If
 138                 # the API, boot, and web servers are all running
 139                 # on the same machine, the web server certificate
 140                 # takes precedence.
 141                 sed -i \
 142                     -e "s/^Listen .*/Listen ${!https_port}/" \
 143                     -e "s/<VirtualHost _default_:.*>/<VirtualHost _default_:${!https_port}>/" \
 144                     $ssl_conf
 145             fi
 146         done >$plc_conf
 147
 148         # Set custom Apache directives
 149         (
 150             if [ "$PLC_API_ENABLED" = "1" ] ; then
 151                 cat <<EOF
 152 # mod_python location
 153 <Location $PLC_API_PATH>
 154     SetHandler mod_python
 155     PythonPath "sys.path + ['/usr/share/plc_api']"
 156     PythonHandler ModPython
 157 </Location>
 158
 159 # mod_wsgi location
 160 ### <Location $PLC_API_WSGI_PATH/>
 161 ###     SetHandler mod_wsgi
 162 ### </Location>
 163 EOF
 164             else
 165                 cat <<EOF
 166 # mod_python location
 167 <Location $PLC_API_PATH>
 168     Deny from all
 169 </Location>
 170
 171 # mod_wsgi location
 172 ### <Location $PLC_API_WSGI_PATH/>
 173 ###     Deny from all
 174 ### </Location>
 175 EOF
 176             fi
 177
 178             if [ "$PLC_WWW_ENABLED" != "1" ] ; then
 179                 cat <<EOF
 180 Redirect /index.html http://$PLC_WWW_HOST:$PLC_WWW_PORT/
 181 EOF
 182             fi
 183             cat <<EOF
 184 AddType application/octet-stream .iso
 185 AddType application/octet-stream .usb
 186 EOF
 187         ) >>$plc_conf
 188
 189         # Make alpina-logs directory writable for bootmanager log upload
 190         chown apache:apache $DocumentRoot/alpina-logs/nodes
 191
 192         # Make the Drupal files upload directory owned by Apache
 193         mkdir -p $DocumentRoot/files
 194         chown apache:apache $DocumentRoot/files
 195
 196         # Symlink any (real) files or directories in
 197         # /data/var/www/html/* to /var/www/html/. We could descend
 198         # into subdirectories, but the code to do so properly would be
 199         # madness.
 200         for file in /data/$DocumentRoot/* ; do
 201             if [ -e "$file" -a ! -h "$file" ] ; then
 202                 base=$(basename "$file")
 203                 if [ ! -e "$DocumentRoot/$base" ] ; then
 204                     ln -nsf "$file" "$DocumentRoot/$base"
 205                 fi
 206             fi
 207         done
 208
 209         # Cleanup broken symlinks
 210         for file in $DocumentRoot/* ; do
 211             if [ -h "$file" -a ! -e "$file" ] ; then
 212                 rm -f "$file"
 213             fi
 214         done
 215
 216         # Old style PHP constants
 217         mkdir -p /etc/planetlab/php
 218         cat >/etc/planetlab/php/site_constants.php <<"EOF"
 219 <?php
 220 include('plc_config.php');
 221
 222 define('PL_API_SERVER', PLC_API_HOST);
 223 define('PL_API_PATH', PLC_API_PATH);
 224 define('PL_API_PORT', PLC_API_PORT);
 225 define('PL_API_CAPABILITY_AUTH_METHOD', 'capability');
 226 define('PL_API_CAPABILITY_PASS', PLC_API_MAINTENANCE_PASSWORD);
 227 define('PL_API_CAPABILITY_USERNAME', PLC_API_MAINTENANCE_USER);
 228 define('WWW_BASE', PLC_WWW_HOST);
 229 define('BOOT_BASE', PLC_BOOT_HOST);
 230 define('DEBUG', PLC_WWW_DEBUG);
 231 define('API_CALL_DEBUG', PLC_API_DEBUG);
 232 define('SENDMAIL', PLC_MAIL_ENABLED);
 233 define('PLANETLAB_SUPPORT_EMAIL', PLC_NAME . ' Support <' . PLC_MAIL_SUPPORT_ADDRESS . '>');
 234 define('PLANETLAB_SUPPORT_EMAIL_ONLY', PLC_MAIL_SUPPORT_ADDRESS);
 235 ?>
 236 EOF
 237
 238         ## patch php.ini
 239         # memory limit
 240         sed -i -e 's,^memory_limit = 32M *;,memory_limit = 80M ; patch myplc -- ,' $php_ini
 241         # log_errors : is On by default
 242         # error_log
 243         if ! grep '^error_log *=' $php_ini > /dev/null ; then
 244           echo 'error_log = /var/log/php.log' >> $php_ini
 245           touch /var/log/php.log
 246           chmod 666 /var/log/php.log
 247         fi
 248
 249         plc_daemon httpd
 250         check
 251
 252         result "$MESSAGE"
 253         ;;
 254
 255     stop)
 256         MESSAGE=$"Stopping web server"
 257         dialog "$MESSAGE"
 258
 259         killproc plc_httpd
 260         check
 261
 262         result "$MESSAGE"
 263         ;;
 264 esac
 265
 266 exit $ERRORS