summaryrefslogtreecommitdiff
path: root/setup-webconf
blob: fc34fca93d991e25f71e8b64758a2370f87eadef (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
#!/bin/sh

PROGRAM=setup-acf
VERSION=0.1

PREFIX=
. $PREFIX/lib/libalpine.sh

usage() {
	echo "$PROGRAM [-adh] [-l address] [PACKAGE...]"
	exit 0;
}

pkgs="acf-core acf-alpine-baselayout"

while getopts "adhl:" opt ; do
	case $opt in
		a) pkgs=`apk_fetch -l | grep ^acf-`;;
		d) pkgs="$pkgs acf-devtools";;
		h) usage;;
		l) address="$OPTARG";;
		*) usage;;
	esac
done
shift `expr $OPTIND - 1`

while [ $# -gt 0 ]; do
	pkgs="$pkgs acf-$1"
	shift
done

if [ "$FORCE_SETUP_WEBCONF" != yes ]; then
	# issue warning so user knows what he is doing
	echo "!!!"
	echo "!!! WARNING !!! WARNING !!! WARNING !!!"
	echo "!!!"
	echo "!!! The webinterface is in alpha stage and will give *anyone* on the"
	echo "!!! network access to your box. The web interface is only for testing"
	echo "!!! purposes and should only be used in isolated secure networks."
	echo "!!!"
	echo "!!! Please send suggestions and patches to acf@lists.alpinelinux.org"
	echo "!!!"

	echon "Are you sure you want continue? (y/n) [n] "
	default_read  imsure n
	if [ "$imsure" != y ]; then
		echo "Aborting."
		exit
	fi
fi

# install packages 
apk_add mini_httpd $pkgs || exit 1

# setup mini_httpd and start it
mkdir -p /var/www/localhost/
ln -s /usr/share/acf/www/ /var/www/localhost/htdocs
lbu add /var/www/localhost/htdocs


SSLDIR=/etc/ssl/mini_httpd
SSLCNF=$SSLDIR/mini_httpd.cnf
KEYFILE=$SSLDIR/server.key
CRTFILE=$SSLDIR/server.crt
PEMFILE=$SSLDIR/server.pem

if [ -f $PEMFILE ]; then
	echo "$PEMFILE already exist."
else
	mkdir -p $SSLDIR
cat >$SSLCNF <<EOF
[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
OU=HTTPS server
CN=$(hostname)
emailAddress=postmaster@example.com

[ cert_type ]
nsCertType = server
EOF
	echo "Generating certificates for HTTPS..."
	openssl genrsa 2048 > $KEYFILE
	openssl req -new -x509 -nodes -sha1 -days 3650 -key $KEYFILE \
		-config $SSLCNF > $CRTFILE
	cat $KEYFILE >> $CRTFILE
	rm $KEYFILE
	mv $CRTFILE $PEMFILE
fi

cat >/etc/mini_httpd.conf <<EOF
nochroot
dir=/var/www/localhost/htdocs
user=nobody
logfile=/var/log/mini_httpd.log
cgipat=cgi-bin**
certfile=$PEMFILE
port=443
ssl
EOF
if [ -n "$address" ]; then
	echo "host=$address" >> /etc/mini_httpd.conf
fi

cat >/etc/conf.d/mini_httpd <<EOF
MINI_HTTPD_OPTS="-C /etc/mini_httpd.conf"
MINI_HTTPD_DOCROOT=/var/www/localhost/htdocs
EOF

pidof mini_httpd >/dev/null && /etc/init.d/mini_httpd stop
rc_add -k mini_httpd
/etc/init.d/mini_httpd start