diff options
Diffstat (limited to 'buildtools')
-rw-r--r-- | buildtools/debian-skeleton/rpki-ca.install | 1 | ||||
-rw-r--r-- | buildtools/debian-skeleton/rpki-ca.postinst | 50 | ||||
-rw-r--r-- | buildtools/debian-skeleton/rpki-ca.postrm | 1 | ||||
-rw-r--r-- | buildtools/debian-skeleton/rpki-ca.prerm | 11 |
4 files changed, 12 insertions, 51 deletions
diff --git a/buildtools/debian-skeleton/rpki-ca.install b/buildtools/debian-skeleton/rpki-ca.install index bf926af0..fe3e4fed 100644 --- a/buildtools/debian-skeleton/rpki-ca.install +++ b/buildtools/debian-skeleton/rpki-ca.install @@ -1,5 +1,4 @@ etc/rpki/rpki-confgen.xml -etc/rpki/apache.conf usr/lib usr/sbin usr/share diff --git a/buildtools/debian-skeleton/rpki-ca.postinst b/buildtools/debian-skeleton/rpki-ca.postinst index 2d9e6dff..08af52e0 100644 --- a/buildtools/debian-skeleton/rpki-ca.postinst +++ b/buildtools/debian-skeleton/rpki-ca.postinst @@ -20,55 +20,7 @@ setup_rpkid_group() { } setup_apache() { - - # Whack our config into existing config file for default SSL - # vhost; if you want this to run in a different vhost, you'll have - # to do that yourself. - f=/etc/apache2/sites-available/default-ssl - cmd=no - awk < $f > ${f}.tmp ' - BEGIN { - conf_file = "/etc/rpki/apache.conf"; - conf_regexp = "^[ \t]*Include[ \t]+" conf_file "[ \t]*$"; - conf_line = "\tInclude " conf_file; - } - /^[ \t]*<\/VirtualHost>/ { - print conf_line; - } - $0 !~ conf_regexp { - print; - }' - if cmp -s $f ${f}.tmp - then - rm -f ${f}.tmp - else - if test ! -f ${f}.orig - then - ln $f ${f}.orig - fi - mv -f ${f}.tmp $f - cmd=reload - fi - - # Enable default SSL vhost if necessary. - if test ! -f /etc/apache2/sites-enabled/default-ssl - then - a2ensite default-ssl - cmd=reload - fi - - # Enable mod_ssl if necessary. - if test ! -f /etc/apache2/mods-enabled/ssl.conf - then - a2enmod ssl - cmd=restart - fi - - # Whack Apache if we've changed anything here. - if test $cmd != no - then - service apache2 $cmd - fi + /usr/lib/rpki/rpkigui-apache-conf-gen --debian --install --verbose } setup_rpki_conf() { diff --git a/buildtools/debian-skeleton/rpki-ca.postrm b/buildtools/debian-skeleton/rpki-ca.postrm index c5e9179a..c93f84df 100644 --- a/buildtools/debian-skeleton/rpki-ca.postrm +++ b/buildtools/debian-skeleton/rpki-ca.postrm @@ -28,6 +28,7 @@ case "$1" in mysql --defaults-file=/etc/mysql/debian.cnf --execute "source $sql" fi rm -f /etc/rpki.conf /etc/rpki.conf.sample $sql + rm -f /etc/rpki/apache.conf /etc/rpki/apache.cer /etc/rpki/apache.key ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) diff --git a/buildtools/debian-skeleton/rpki-ca.prerm b/buildtools/debian-skeleton/rpki-ca.prerm index bb28512f..b6033cf2 100644 --- a/buildtools/debian-skeleton/rpki-ca.prerm +++ b/buildtools/debian-skeleton/rpki-ca.prerm @@ -44,7 +44,12 @@ case "$1" in rm -f /etc/cron.daily/rpkigui-check-expired rm -f /etc/cron.d/rpki-update-bpki - # Clean up what we did to Apache. + # Clean up what we did to Apache. Modern version of this is + # just invocation of a Python script, but for now we also + # retain code needed to clean up nasty mess we created in the + # past, to avoid breaking old installations on upgrade. + + # Remove the old stuff first. f=/etc/apache2/sites-available/default-ssl awk < $f > ${f}.tmp ' @@ -68,6 +73,10 @@ case "$1" in # Not sure whether we should do "service apache2 reload" # here, one could make a case either way. Skip for now. + # Now remove the new stuff. + + /usr/lib/rpki/rpkigui-apache-conf-gen --debian --remove --verbose + ;; upgrade|deconfigure) |