use https and self signed cert

1 files changed, 39 insertions, 1 deletions

diff --git a/setup-acf b/setup-acf
index 7a3d81b..e4f13f7 100644
--- a/setup-acf
+++ b/setup-acf
@@ -28,6 +28,25 @@ while [ $# -gt 0 ]; do
 	shift
 done
 
+# issue warning so user knows what he is doing
+echo "!!!"
+echo "!!! WARNING !!! WARNING !!! WARNING !!!"
+echo "!!!"
+echo "!!! The webinterface is in alpha stage and will give *anyone* on the"
+echo "!!! network access to your box. The web interface is only for testing"
+echo "!!! purposes and should only be used in isolated secure networks."
+echo "!!!"
+echo "!!! Please send suggestions and patches to acf@lists.alpinelinux.org"
+echo "!!!"
+
+
+echon "Are you sure you want continue? (y/n) [n] "
+default_read  imsure n
+if [ "$imsure" != y ]; then
+	echo "Aborting."
+	exit
+fi
+
 # install packages 
 apk_add mini_httpd $pkgs || exit 1
 
@@ -35,13 +54,32 @@ apk_add mini_httpd $pkgs || exit 1
 mkdir -p /var/www/localhost/
 ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
 
+
+SSLDIR=/etc/ssl/mini_httpd
+KEYFILE=$SSLDIR/server.key
+CRTFILE=$SSLDIR/server.crt
+PEMFILE=$SSLDIR/server.pem
+
+if [ -f $PEMFILE ]; then
+	echo "$PEMFILE already exist."
+else
+	echo "Generating certificates for HTTPS..."
+	openssl genrsa 2048 > $KEYFILE
+	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE > $CRTFILE
+	cat $KEYFILE >> $CRTFILE
+	rm $KEYFILE
+	mv $CRTFILE $PEMFILE
+fi
+
 cat <<EOF >/etc/mini_httpd.conf
 nochroot
 dir=/var/www/localhost/htdocs
 user=nobody
 logfile=/var/log/mini_httpd.log
 cgipat=cgi-bin**
-port=80
+certfile=$PEMFILE
+port=443
+ssl
 EOF
 
 cat <<EOF >/etc/conf.d/mini_httpd