plc.d/httpd

   1 #!/bin/bash
   2 # $Id$
   3 # $URL$
   4 #
   5 # priority: 600
   6 #
   7 # Configure Apache web server
   8 #
   9 # Mark Huang <mlhuang@cs.princeton.edu>
  10 # Copyright (C) 2006 The Trustees of Princeton University
  11 #
  12
  13 # Source function library and configuration
  14 . /etc/plc.d/functions
  15 . /etc/planetlab/plc_config
  16
  17 # Be verbose
  18 set -x
  19
  20 # Default locations
  21 DocumentRoot=/var/www/html
  22 php_ini=/etc/php.ini
  23 httpd_conf=/etc/httpd/conf/httpd.conf
  24 ssl_conf=/etc/httpd/conf.d/ssl.conf
  25 plc_conf=/etc/httpd/conf.d/plc.conf
  26
  27 function disable_file () {
  28     file=$1; shift
  29     [ -f $file ] && mv -f $file $file.disabled
  30 }
  31 function enable_file () {
  32     file=$1; shift
  33     [ ! -f $file ] && mv -f $file.disabled $file
  34 }
  35
  36 case "$1" in
  37     start)
  38         if [ "$PLC_API_ENABLED" != "1" -a \
  39              "$PLC_BOOT_ENABLED" != "1" -a \
  40              "$PLC_WWW_ENABLED" != "1" ] ; then
  41             exit 0
  42         fi
  43
  44         MESSAGE=$"Starting web server"
  45         dialog "$MESSAGE"
  46
  47         # set document root - not really useful on fedora but just in case
  48         sed -i -e "s@^DocumentRoot.*@DocumentRoot \"$DocumentRoot\"@" $httpd_conf
  49         # whether WWW is enabled or not :
  50         if [ "$PLC_WWW_ENABLED" != "1" ] ; then
  51             # avoid hitting drupal, that would try to connect to the db and create noise
  52             disable_file $DocumentRoot/index.php
  53         else
  54             enable_file $DocumentRoot/index.php
  55         fi
  56
  57         # Set the default include path
  58         include_path=".:$DocumentRoot/planetlab/includes:$DocumentRoot/plekit/php:$DocumentRoot/generated:/etc/planetlab/php:/usr/share/plc_api/php"
  59         sed -i -e "s@[;]*include_path = \"\.:.*\"@include_path = \"$include_path\"@" $php_ini
  60
  61         # for php-5.3 under fedora12, otherwise issues tons of warning messages
  62         # Set timezone in php.ini if not already there
  63         if grep '^;date.timezone' $php_ini >& /dev/null; then
  64             dialog 'Setting PHP timezone to GMT'
  65             sed -i -e 's,^;date.timezone.*,date.timezone = GMT,' $php_ini
  66         fi
  67
  68         if grep '^short_open_tag = Off' $php_ini >& /dev/null; then
  69             sed -i -e 's,^short_open_tag = Off,short_open_tag = On,' $php_ini
  70         fi
  71
  72         # Disable default Listen directive
  73         sed -i -e '/^Listen/d' $httpd_conf
  74
  75         # Set the port numbers
  76         for server in WWW API BOOT ; do
  77             enabled=PLC_${server}_ENABLED
  78             if [ "${!enabled}" != "1" ] ; then
  79                 continue
  80             fi
  81             hostname=PLC_${server}_HOST
  82             http_port=PLC_${server}_PORT
  83             https_port=PLC_${server}_SSL_PORT
  84
  85             # API should always be accessed via SSL
  86             if [ "$server" = "API" ] ; then
  87                 https_port=${!http_port}
  88                 http_port=
  89             fi
  90
  91             # Check if we are already listening on these ports
  92             skip_http=0
  93             skip_https=0
  94             for previous_server in WWW API BOOT ; do
  95                 if [ "$server" = "$previous_server" ] ; then
  96                     break
  97                 fi
  98                 previous_enabled=PLC_${previous_server}_ENABLED
  99                 if [ "${!previous_enabled}" != "1" ] ; then
 100                     continue
 101                 fi
 102                 previous_http_port=PLC_${previous_server}_PORT
 103                 previous_https_port=PLC_${previous_server}_SSL_PORT
 104
 105                 if [ "${!http_port}" = "${!previous_http_port}" ] ; then
 106                     skip_http=1
 107                 fi
 108                 if [ "${!https_port}" = "${!previous_https_port}" ] ; then
 109                     skip_https=1
 110                 fi
 111             done
 112
 113         # Create a separate path for mod_wsgi until we are ready to replace
 114         # mod_python
 115         PLC_API_WSGI_PATH=/PLCAPIWSGI
 116
 117             # HTTP configuration
 118             if [ $skip_http -eq 0 -a -n "${!http_port}" ] ; then
 119                 cat <<EOF
 120 Listen 127.0.0.1:${!http_port}
 121 Listen ${!http_port}
 122 # create wsgi socket where we have the permission
 123 ### WSGISocketPrefix run/wsgi
 124 # Make sure that the admin web pages and API are always accessed via SSL
 125 <VirtualHost *:${!http_port}>
 126     Redirect /db https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/db
 127     Redirect /planetlab https://$PLC_WWW_HOST:$PLC_WWW_SSL_PORT/planetlab
 128     Redirect /$PLC_API_PATH https://$PLC_API_HOST:$PLC_API_PORT/$PLC_API_PATH
 129 ###     Redirect /$PLC_API_WSGI_PATH/ https://$PLC_API_HOST:$PLC_API_PORT/$PLC_API_WSGI_PATH/
 130 ###     WSGIScriptAlias $PLC_API_WSGI_PATH /usr/share/plc_api/ModWSGI.wsgi
 131     # XX make processes and threads configurable
 132 ###     WSGIDaemonProcess plcapi-wsgi user=apache group=apache processes=1 threads=25
 133 ###     WSGIProcessGroup plcapi-wsgi
 134 </VirtualHost>
 135 EOF
 136             fi
 137
 138             # HTTPS configuration
 139             if [ $skip_https -eq 0 -a -n "${!https_port}" ] ; then
 140                 # XXX Cannot support NameVirtualHost over SSL. If
 141                 # the API, boot, and web servers are all running
 142                 # on the same machine, the web server certificate
 143                 # takes precedence.
 144                 sed -i \
 145                     -e "s/^Listen .*/Listen ${!https_port}/" \
 146                     -e "s/<VirtualHost _default_:.*>/<VirtualHost _default_:${!https_port}>/" \
 147                     $ssl_conf
 148             fi
 149         done >$plc_conf
 150
 151         # Set custom Apache directives
 152         (
 153             if [ "$PLC_API_ENABLED" = "1" ] ; then
 154                 cat <<EOF
 155 # mod_python location
 156 <Location $PLC_API_PATH>
 157     SetHandler mod_python
 158     PythonPath "sys.path + ['/usr/share/plc_api']"
 159     PythonHandler ModPython
 160 </Location>
 161
 162 # mod_wsgi location
 163 ### <Location $PLC_API_WSGI_PATH/>
 164 ###     SetHandler mod_wsgi
 165 ### </Location>
 166 EOF
 167             else
 168                 cat <<EOF
 169 # mod_python location
 170 <Location $PLC_API_PATH>
 171     Deny from all
 172 </Location>
 173
 174 # mod_wsgi location
 175 ### <Location $PLC_API_WSGI_PATH/>
 176 ###     Deny from all
 177 ### </Location>
 178 EOF
 179             fi
 180
 181             if [ "$PLC_WWW_ENABLED" != "1" ] ; then
 182                 cat <<EOF
 183 Redirect /index.html http://$PLC_WWW_HOST:$PLC_WWW_PORT/
 184 EOF
 185             fi
 186             cat <<EOF
 187 AddType application/octet-stream .iso
 188 AddType application/octet-stream .usb
 189 EOF
 190         ) >>$plc_conf
 191
 192         # Make alpina-logs directory writable for bootmanager log upload
 193         chown apache:apache $DocumentRoot/alpina-logs/nodes
 194
 195         # Make the Drupal files upload directory owned by Apache
 196         mkdir -p $DocumentRoot/files
 197         chown apache:apache $DocumentRoot/files
 198
 199         # Symlink any (real) files or directories in
 200         # /data/var/www/html/* to /var/www/html/. We could descend
 201         # into subdirectories, but the code to do so properly would be
 202         # madness.
 203         for file in /data/$DocumentRoot/* ; do
 204             if [ -e "$file" -a ! -h "$file" ] ; then
 205                 base=$(basename "$file")
 206                 if [ ! -e "$DocumentRoot/$base" ] ; then
 207                     ln -nsf "$file" "$DocumentRoot/$base"
 208                 fi
 209             fi
 210         done
 211
 212         # Cleanup broken symlinks
 213         for file in $DocumentRoot/* ; do
 214             if [ -h "$file" -a ! -e "$file" ] ; then
 215                 rm -f "$file"
 216             fi
 217         done
 218
 219         # Old style PHP constants
 220         mkdir -p /etc/planetlab/php
 221         cat >/etc/planetlab/php/site_constants.php <<"EOF"
 222 <?php
 223 include('plc_config.php');
 224
 225 define('PL_API_SERVER', PLC_API_HOST);
 226 define('PL_API_PATH', PLC_API_PATH);
 227 define('PL_API_PORT', PLC_API_PORT);
 228 define('PL_API_CAPABILITY_AUTH_METHOD', 'capability');
 229 define('PL_API_CAPABILITY_PASS', PLC_API_MAINTENANCE_PASSWORD);
 230 define('PL_API_CAPABILITY_USERNAME', PLC_API_MAINTENANCE_USER);
 231 define('WWW_BASE', PLC_WWW_HOST);
 232 define('BOOT_BASE', PLC_BOOT_HOST);
 233 define('DEBUG', PLC_WWW_DEBUG);
 234 define('API_CALL_DEBUG', PLC_API_DEBUG);
 235 define('SENDMAIL', PLC_MAIL_ENABLED);
 236 define('PLANETLAB_SUPPORT_EMAIL', PLC_NAME . ' Support <' . PLC_MAIL_SUPPORT_ADDRESS . '>');
 237 define('PLANETLAB_SUPPORT_EMAIL_ONLY', PLC_MAIL_SUPPORT_ADDRESS);
 238 ?>
 239 EOF
 240
 241         ## patch php.ini
 242         # memory limit
 243         sed -i -e 's,^memory_limit = 32M *;,memory_limit = 80M ; patch myplc -- ,' $php_ini
 244         # log_errors : is On by default
 245         # error_log
 246         if ! grep '^error_log *=' $php_ini > /dev/null ; then
 247           echo 'error_log = /var/log/php.log' >> $php_ini
 248           touch /var/log/php.log
 249           chmod 666 /var/log/php.log
 250         fi
 251
 252         plc_daemon httpd
 253         check
 254
 255         result "$MESSAGE"
 256         ;;
 257
 258     stop)
 259         MESSAGE=$"Stopping web server"
 260         dialog "$MESSAGE"
 261
 262         killproc plc_httpd
 263         check
 264
 265         result "$MESSAGE"
 266         ;;
 267 esac
 268
 269 exit $ERRORS