summaryrefslogtreecommitdiff
path: root/setup-acf.in
blob: 1c74636d7a05e49c6a736c21af1ef50ef645d5f7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#!/bin/sh

PROGRAM=setup-acf
VERSION=@VERSION@

PREFIX=@PREFIX@
. $PREFIX/lib/libalpine.sh

usage() {
	echo "$PROGRAM [-ahn] [-e email] [-l address] [PACKAGE...]"
	exit 0;
}

pkgs="acf-core acf-alpine-baselayout acf-apk-tools openssl"

while getopts "ae:hl:n" opt ; do
	case $opt in
		a) pkgs=$(apk search --quiet --exact 'acf-*');;
		e) EMAIL="$OPTARG";;
		h) usage;;
		l) address="$OPTARG";;
		n) create_passwd=no;;
		*) usage;;
	esac
done
shift $(expr $OPTIND - 1)

while [ $# -gt 0 ]; do
	pkgs="$pkgs acf-$1"
	shift
done

# install packages
apk add mini_httpd $pkgs || exit 1

if [ "$create_passwd" != "no" ]; then
	mkdir -p /etc/acf
	if [ -f /etc/acf/passwd ]; then
		mv /etc/acf/passwd /etc/acf/passwd.backup
	fi
	echo "root:x:Admin account:ADMIN" >/etc/acf/passwd
	chmod 600 /etc/acf/passwd
	acfpasswd -s root
fi

# setup mini_httpd and start it
if [ -d /var/www/localhost/htdocs ]; then
	mv /var/www/localhost/htdocs /var/www/localhost/htdocs.old
fi
mkdir -p /var/www/localhost/
ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
lbu add /var/www/localhost/htdocs


SSLDIR=/etc/ssl/mini_httpd
SSLCNF=$SSLDIR/mini_httpd.cnf
KEYFILE=$SSLDIR/server.key
CRTFILE=$SSLDIR/server.crt
PEMFILE=$SSLDIR/server.pem

if [ -f $PEMFILE ]; then
	echo "$PEMFILE already exist."
else
	mkdir -p $SSLDIR
	cat >$SSLCNF <<-__EOF__
		[ req ]
		default_bits = 1024
		encrypt_key = yes
		distinguished_name = req_dn
		x509_extensions = cert_type
		prompt = no

		[ req_dn ]
		OU=HTTPS server
		CN=$(hostname -f || hostname)
		emailAddress=${EMAIL:-postmaster@example.com}

		[ cert_type ]
		nsCertType = server
	__EOF__
	echo "Generating certificates for HTTPS..."
	openssl genrsa 2048 > $KEYFILE
	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
		-config $SSLCNF > $CRTFILE
	cat $KEYFILE >> $CRTFILE
	rm $KEYFILE
	mv $CRTFILE $PEMFILE
fi

cat >/etc/mini_httpd/mini_httpd.conf <<-__EOF__
	nochroot
	dir=/var/www/localhost/htdocs
	user=nobody
	cgipat=cgi-bin**
	certfile=$PEMFILE
	port=443
	ssl
__EOF__
if [ -n "$address" ]; then
	echo "host=$address" >> /etc/mini_httpd/mini_httpd.conf
fi

rc-update -q add mini_httpd default
/etc/init.d/mini_httpd restart
# force update of dependency cache
rc-update -q --update