Whack Apache configuration into shape on FreeBSD.

svn path=/trunk/; revision=5316
author: Rob Austein <sra@hactrn.net> 2013-05-02 14:49:44 +0000
committer: Rob Austein <sra@hactrn.net> 2013-05-02 14:49:44 +0000
commit: 42ef937519bf4e64e1d1bc812c70fdaa6e88bcf1 (patch)
tree: f959c18211b2848f5229e528923affb818435ec2
parent: 7e968aea942beeb2741c70de235c68979c1f907b (diff)
2 files changed, 48 insertions, 23 deletions
diff --git a/rpkid/Makefile.in b/rpkid/Makefile.in
index 591eff64..fa4a5d12 100644
--- a/rpkid/Makefile.in
+++ b/rpkid/Makefile.in
@@ -85,6 +85,7 @@ install-always:: all
 	${INSTALL} -d ${DESTDIR}${datarootdir}/rpki/publication
 
 uninstall deinstall::
+	-${libexecdir}/rpkigui-apache-conf-gen --remove --verbose
 	xargs rm -fv <installed
 
 distclean::
@@ -210,7 +211,7 @@ clean::
 	rm -f setup_autoconf.py setup_autoconf.pyc
 
 install-postconf: \
-	install-user install-conf install-apache install-mysql install-bpki install-django install-cron
+	install-user install-conf install-apache install-mysql install-django install-bpki install-cron
 
 # This should create user "rpkid" and group "rpkid", but as we have
 # not yet tested our ability to run in such a configuration, this
@@ -224,26 +225,23 @@ install-conf: ${DESTDIR}${sysconfdir}/rpki.conf
 ${DESTDIR}${sysconfdir}/rpki.conf: ${DESTDIR}${sysconfdir}/rpki.conf.sample
 	cp -p ${DESTDIR}${sysconfdir}/rpki.conf.sample $@
 
-deinstall::
+uninstall deinstall::
 	if cmp -s ${DESTDIR}${sysconfdir}/rpki.conf ${DESTDIR}${sysconfdir}/rpki.conf.sample; then rm -f ${DESTDIR}${sysconfdir}/rpki.conf; else true; fi
 	rm -f ${DESTDIR}${sysconfdir}/rpki.conf.sample
 
-# This needs to do whatever is needed to get the web UI configured
-# under Apache on this platform.  Likely to be an awful mess, see
-# Ubuntu rpki-ca.postinst for details.
 install-apache:
-	@true
+	${libexecdir}/rpkigui-apache-conf-gen --install --verbose
 
 install-mysql:
 	${sbindir}/rpki-sql-setup
 
-install-bpki:
-	${sbindir}/rpkic initialize_server_bpki
-
 install-django:
 	${sbindir}/rpki-manage syncdb --noinput
 	${sbindir}/rpki-manage migrate app
 
+install-bpki:
+	${sbindir}/rpkic initialize_server_bpki
+
 # This needs to set up crontab entries for rpkigui-check-expired,
 # rpkigui-import-routes, and rpkic update_bpki.  They probably don't
 # want run under the same user IDs either, so what with having to use
diff --git a/rpkid/portal-gui/scripts/rpkigui-apache-conf-gen b/rpkid/portal-gui/scripts/rpkigui-apache-conf-gen
index cbf0655a..3499f1d0 100755
--- a/rpkid/portal-gui/scripts/rpkigui-apache-conf-gen
+++ b/rpkid/portal-gui/scripts/rpkigui-apache-conf-gen
@@ -17,6 +17,7 @@
 # PERFORMANCE OF THIS SOFTWARE.
 
 import os
+import re
 import sys
 import socket
 import argparse
@@ -96,7 +97,8 @@ class Abstract(object):
 
   def __init__(self, args):
     self.args = args
-    self.log("Platform: %s, action: %s" % (self.__class__.__name__, args.action))
+    self.log("RPKI Apache configuration: platform \"%s\", action \"%s\"" % (
+      self.__class__.__name__, args.action))
     getattr(self, args.action)()
 
   def log(self, msg):
@@ -131,10 +133,12 @@ class Abstract(object):
         ''' % fqdn
 
   def unlink(self, fn, silent = False):
-    if os.path.exists(fn):
+    if os.path.lexists(fn):
       if  not silent:
         self.log("Removing %s" % fn)
       os.unlink(fn)
+    elif  not silent:
+      self.log("Would have removed %s if it existed" % fn)
 
   def del_certs(self, silent = False):
     self.unlink(self.apache_cer, silent)
@@ -157,7 +161,8 @@ class Abstract(object):
       raise subprocess.CalledProcessError(req.returncode,  self.req_cmd)
     if x509.wait():
       raise subprocess.CalledProcessError(x509.returncode, self.x509_cmd)
-    self.log("Created %s and %s, chmoding %s" % (self.apache_cer, self.apache_key, self.apache_key))
+    self.log("Created %s and %s, chmoding %s" % (
+      self.apache_cer, self.apache_key, self.apache_key))
     os.chmod(self.apache_key, 0600)
 
   def install(self):
@@ -167,10 +172,14 @@ class Abstract(object):
         f.write(self.apache_conf_preface)
       f.write(vhost)
     if not os.path.exists(self.apache_conf):
-      self.log("Linking %s to %s" % (self.apache_conf, self.apache_conf_sample))
+      self.unlink(self.apache_conf)
+      self.log("Linking %s to %s" % (
+        self.apache_conf, self.apache_conf_sample))
       os.link(self.apache_conf_sample, self.apache_conf)
     if not os.path.exists(self.apache_conf_target):
-      self.log("Symlinking %s to %s" % (self.apache_conf_target, self.apache_conf))
+      self.unlink(self.apache_conf_target)
+      self.log("Symlinking %s to %s" % (
+        self.apache_conf_target, self.apache_conf))
       os.symlink(self.apache_conf, self.apache_conf_target)
     self.add_certs()
     self.enable()
@@ -215,14 +224,31 @@ class Guess(Abstract):
       return Debian(args)
     if issue in ("Fedora", "CentOS"):
       return Redhat(args)
-    raise NotImplementedError("Can't guess what to do on this platform, sorry")
+    raise NotImplementedError("Can't guess what to do with Apache on this platform, sorry")
 
 class FreeBSD(Abstract):
 
-  # Apache version numbers here should come from autoconf.
-  # Hard wire to 2.2 for the moment.
+  # On FreeBSD we have to ask httpd what version it is before we know
+  # where to put files or what to call the service.  In FreeBSD's makefiles,
+  # this value is called APACHE_VERSION, and is calculated thusly:
+  # 
+  # httpd -V | sed  -ne 's/^Server version: Apache\/\([0-9]\)\.\([0-9]*\).*/\1\2/p'
+
+  _apache_name = None
 
-  apache_conf_target = "/usr/local/etc/apache22/Includes/rpki.conf"
+  @property
+  def apache_name(self):
+    if self._apache_name is None:
+      try:
+        self._apache_name = "apache%s%s" % re.search("^Server version: Apache/(\\d+)\\.(\\d+)",
+                                                     subprocess.check_output(("httpd", "-V"))).groups()
+      except:
+        raise RuntimeError("Couldn't deduce Apache version number")
+    return self._apache_name
+
+  @property
+  def apache_conf_target(self):
+    return "/usr/local/etc/%s/Includes/rpki.conf" % self.apache_name
 
   apache_conf_preface = '''\
         Listen [::]:443
@@ -231,7 +257,7 @@ class FreeBSD(Abstract):
         ''' + "\n"
 
   def restart(self):
-    self.run("service", "apache22", "restart")    
+    self.run("service", self.apache_name, "restart")
 
 class Debian(Abstract):
 
@@ -244,8 +270,10 @@ class Debian(Abstract):
     if not os.path.exists(self.snake_oil_cer) or not os.path.exists(self.snake_oil_key):
       return Abstract.add_certs(self)
     if not os.path.exists(self.apache_cer):
+      self.unlink(self.apache_cer)
       os.symlink(self.snake_oil_cer, self.apache_cer)
     if not os.path.exists(self.apache_key):
+      self.unlink(self.apache_key)
       os.symlink(self.snake_oil_key, self.apache_key)
 
   def enable(self):
@@ -259,12 +287,11 @@ class Debian(Abstract):
     self.run("service", "apache2", "restart")
 
 class NIY(Abstract):
-
   def __init__(self, args):
-    raise NotImplementedError("Platform not implemented yet, sorry")
+    raise NotImplementedError("Platform %s not implemented yet, sorry" % self.__class__.__name__)
 
-Redhat = NIY
-Darwin = NIY
+class Redhat(NIY): pass
+class Darwin(NIY): pass
 
 def main():
   """
author	Rob Austein <sra@hactrn.net>	2013-05-02 14:49:44 +0000
committer	Rob Austein <sra@hactrn.net>	2013-05-02 14:49:44 +0000
commit	42ef937519bf4e64e1d1bc812c70fdaa6e88bcf1 (patch)
tree	f959c18211b2848f5229e528923affb818435ec2
parent	7e968aea942beeb2741c70de235c68979c1f907b (diff)