debian/sipb-xen-www.init

   1 #!/bin/bash
   2 ### BEGIN INIT INFO
   3 # Provides:          sipb-xen-remctl-auto
   4 # Required-Start:    $local_fs $remote_fs
   5 # Required-Stop:     $local_fs $remote_fs
   6 # Default-Start:     2 3 4 5
   7 # Default-Stop:      0 1 6
   8 # Short-Description: conserver config from invirt config for invirt host
   9 # Description:
  10 ### END INIT INFO
  11
  12 PACKAGE=sipb-xen-remctl-auto
  13
  14 . /lib/lsb/init-functions
  15
  16 gen_config()
  17 {
  18     local errormail="$( invirt-getconf web.errormail )" \
  19           hostname="$( invirt-getconf web.hostname )" \
  20           tracuri="$( invirt-getconf trac.uri )" \
  21           svnpath="$( invirt-getconf svn.repopath )"
  22
  23     cat > /etc/apache2/sites-available/ssl << EOF
  24 <VirtualHost *:443>
  25         ServerAdmin $hostname
  26         ServerName $trachost:443
  27
  28         DocumentRoot /var/www/sipb-xen-www
  29         <Directory /var/www/sipb-xen-www>
  30                 Options Indexes FollowSymLinks MultiViews ExecCGI
  31                 AllowOverride None
  32                 Order allow,deny
  33                 allow from all
  34         </Directory>
  35         <Location />
  36                 Require valid-user
  37                 AuthType SSLCert
  38                 AuthSSLCertVar SSL_CLIENT_S_DN_Email
  39                 AuthSSLCertStripSuffix "@MIT.EDU"
  40         </Location>
  41
  42         RewriteEngine On
  43         RewriteRule ^/favicon.ico - [L]
  44         RewriteRule ^/static(.*) - [L]
  45         RewriteRule ^/overlord/static(.*) /static/\$1 [L]
  46         RewriteRule ^/admin/static(.*) /static/\$1 [L]
  47         RewriteRule ^/trac.fcgi(.*) - [L]
  48         RewriteRule ^/trac/chrome/common(.*) /usr/share/trac/htdocs\$1 [L]
  49         RewriteRule ^/trac(.*) /var/www/trac/trac.fcgi\$1 [L]
  50         RewriteRule ^/var(.*) - [L]
  51         RewriteRule ^/wiki(.*) - [L]
  52         RewriteRule ^/kill.cgi - [L]
  53         RewriteRule ^/~ - [L]
  54         RewriteRule ^/(.*) /var/www/sipb-xen-www/main.fcgi/\$1 [L]
  55
  56         RewriteLog /var/log/apache2/rewrite.log
  57         RewriteLogLevel 0
  58
  59         ErrorLog /var/log/apache2/error.log
  60
  61         # Possible values include: debug, info, notice, warn, error, crit,
  62         # alert, emerg.
  63         LogLevel warn
  64
  65         CustomLog /var/log/apache2/ssl_access.log combined
  66         ServerSignature On
  67
  68         SSLEngine on
  69
  70         SSLCertificateFile ssl/server.crt
  71         SSLCertificateKeyFile ssl/server.key
  72
  73         SSLCACertificateFile ssl/mitCAclient.pem
  74         SSLVerifyClient require
  75         SSLVerifyDepth 10
  76
  77         SSLOptions +StdEnvVars
  78
  79         SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
  80
  81
  82         Redirect /wiki $tracuri
  83 </VirtualHost>
  84
  85 <VirtualHost *:446>
  86         ServerAdmin $errormail
  87         ServerName $hostname:446
  88
  89         DocumentRoot /var/www/sipb-xen-www
  90         <Directory />
  91                 Options Indexes FollowSymLinks MultiViews ExecCGI
  92                 AllowOverride None
  93                 Order allow,deny
  94                 allow from all
  95         </Directory>
  96
  97         ErrorLog /var/log/apache2/error.log
  98
  99         # Possible values include: debug, info, notice, warn, error, crit,
 100         # alert, emerg.
 101         LogLevel warn
 102
 103         CustomLog /var/log/apache2/ssl_nocert_access.log combined
 104         ServerSignature On
 105
 106         SSLEngine on
 107
 108         SSLCertificateFile ssl/server.crt
 109         SSLCertificateKeyFile ssl/server.key
 110
 111         SSLVerifyClient none
 112
 113         SSLOptions +StdEnvVars
 114
 115         SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
 116 </VirtualHost>
 117 EOF
 118
 119     cat > /etc/apache2/sites-available/svn << EOF
 120 <VirtualHost *:1111>
 121         ServerAdmin $errormail
 122         ServerName $hostname:1111
 123
 124         <Directory />
 125                 Options FollowSymLinks
 126                 AllowOverride None
 127         </Directory>
 128         <Location />
 129                 DAV svn
 130                 SVNPath $svnpath
 131                 AuthType Basic
 132                 AuthName "xvm.mit.edu subversion repository"
 133                 AuthUserFile /etc/apache2/dav_svn.passwd
 134                 <LimitExcept GET PROPFIND OPTIONS REPORT>
 135                         Require valid-user
 136                 </LimitExcept>
 137         </Location>
 138
 139         ErrorLog /var/log/apache2/error.log
 140
 141         # Possible values include: debug, info, notice, warn, error, crit,
 142         # alert, emerg.
 143         LogLevel warn
 144
 145         CustomLog /var/log/apache2/svn_access.log combined
 146         ServerSignature On
 147
 148         SSLEngine on
 149
 150         SSLCertificateFile ssl/server.crt
 151         SSLCertificateKeyFile ssl/server.key
 152 </VirtualHost>
 153 EOF
 154 }
 155
 156 case "$1" in
 157   start|reload|force-reload|restart)
 158     log_begin_msg "Reloading config for $PACKAGE"
 159     gen_config
 160     log_end_msg $?
 161     ;;
 162   stop)
 163     ;;
 164   *)
 165     log_success_msg "Usage: /etc/init.d/$PACKAGE {start|reload|force-reload|restart|stop}"
 166     ;;
 167 esac