summaryrefslogtreecommitdiff
path: root/setup-acf.in
blob: c6f621ee3bb75fff329aeaa14642e2e653f353dc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/bin/sh

PROGRAM=setup-acf
VERSION=@VERSION@

PREFIX=
. $PREFIX/lib/libalpine.sh

usage() {
	echo "$PROGRAM [-ahn] [-e email] [-l address] [PACKAGE...]"
	exit 0;
}

pkgs="acf-core acf-alpine-baselayout acf-apk-tools openssl"

while getopts "ae:hl:n" opt ; do
	case $opt in
		a) pkgs=`apk_fetch -l | grep ^acf-`;;
		e) EMAIL="$OPTARG";;
		h) usage;;
		l) address="$OPTARG";;
		n) create_passwd=no;;
		*) usage;;
	esac
done
shift `expr $OPTIND - 1`

while [ $# -gt 0 ]; do
	pkgs="$pkgs acf-$1"
	shift
done

if [ "$create_passwd" != "no" ]; then
	askpassword "root ACF"
	mkdir -p /etc/acf
	if [ -f /etc/acf/passwd ]; then
		mv /etc/acf/passwd /etc/acf/passwd.backup
	fi
	# this will show password on process list but we assume user is alone 
	# on the box at this stage
	_md5passwd=$(echo -n "$_password" | md5sum | cut -d' ' -f1)
	echo "root:$_md5passwd:Admin account:ADMIN" >/etc/acf/passwd
	chmod 600 /etc/acf/passwd
fi

# install packages 
apk_add mini_httpd $pkgs || exit 1

# setup mini_httpd and start it
if [ -d /var/www/localhost/htdocs ]; then
	mv /var/www/localhost/htdocs /var/www/localhost/htdocs.old
fi
mkdir -p /var/www/localhost/
ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
lbu add /var/www/localhost/htdocs


SSLDIR=/etc/ssl/mini_httpd
SSLCNF=$SSLDIR/mini_httpd.cnf
KEYFILE=$SSLDIR/server.key
CRTFILE=$SSLDIR/server.crt
PEMFILE=$SSLDIR/server.pem

if [ -f $PEMFILE ]; then
	echo "$PEMFILE already exist."
else
	mkdir -p $SSLDIR
cat >$SSLCNF <<EOF
[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
OU=HTTPS server
CN=$(hostname -f || hostname)
emailAddress=${EMAIL:-postmaster@example.com}

[ cert_type ]
nsCertType = server
EOF
	echo "Generating certificates for HTTPS..."
	openssl genrsa 2048 > $KEYFILE
	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
		-config $SSLCNF > $CRTFILE
	cat $KEYFILE >> $CRTFILE
	rm $KEYFILE
	mv $CRTFILE $PEMFILE
fi

cat >/etc/mini_httpd.conf <<EOF
nochroot
dir=/var/www/localhost/htdocs
user=nobody
cgipat=cgi-bin**
certfile=$PEMFILE
port=443
ssl
EOF
if [ -n "$address" ]; then
	echo "host=$address" >> /etc/mini_httpd.conf
fi

rc-update -q add mini_httpd default
/etc/init.d/mini_httpd restart