aboutsummaryrefslogtreecommitdiff
path: root/buildtools
diff options
context:
space:
mode:
Diffstat (limited to 'buildtools')
-rw-r--r--buildtools/debian-skeleton/rpki-ca.install1
-rw-r--r--buildtools/debian-skeleton/rpki-ca.postinst50
-rw-r--r--buildtools/debian-skeleton/rpki-ca.postrm1
-rw-r--r--buildtools/debian-skeleton/rpki-ca.prerm11
4 files changed, 12 insertions, 51 deletions
diff --git a/buildtools/debian-skeleton/rpki-ca.install b/buildtools/debian-skeleton/rpki-ca.install
index bf926af0..fe3e4fed 100644
--- a/buildtools/debian-skeleton/rpki-ca.install
+++ b/buildtools/debian-skeleton/rpki-ca.install
@@ -1,5 +1,4 @@
etc/rpki/rpki-confgen.xml
-etc/rpki/apache.conf
usr/lib
usr/sbin
usr/share
diff --git a/buildtools/debian-skeleton/rpki-ca.postinst b/buildtools/debian-skeleton/rpki-ca.postinst
index 2d9e6dff..08af52e0 100644
--- a/buildtools/debian-skeleton/rpki-ca.postinst
+++ b/buildtools/debian-skeleton/rpki-ca.postinst
@@ -20,55 +20,7 @@ setup_rpkid_group() {
}
setup_apache() {
-
- # Whack our config into existing config file for default SSL
- # vhost; if you want this to run in a different vhost, you'll have
- # to do that yourself.
- f=/etc/apache2/sites-available/default-ssl
- cmd=no
- awk < $f > ${f}.tmp '
- BEGIN {
- conf_file = "/etc/rpki/apache.conf";
- conf_regexp = "^[ \t]*Include[ \t]+" conf_file "[ \t]*$";
- conf_line = "\tInclude " conf_file;
- }
- /^[ \t]*<\/VirtualHost>/ {
- print conf_line;
- }
- $0 !~ conf_regexp {
- print;
- }'
- if cmp -s $f ${f}.tmp
- then
- rm -f ${f}.tmp
- else
- if test ! -f ${f}.orig
- then
- ln $f ${f}.orig
- fi
- mv -f ${f}.tmp $f
- cmd=reload
- fi
-
- # Enable default SSL vhost if necessary.
- if test ! -f /etc/apache2/sites-enabled/default-ssl
- then
- a2ensite default-ssl
- cmd=reload
- fi
-
- # Enable mod_ssl if necessary.
- if test ! -f /etc/apache2/mods-enabled/ssl.conf
- then
- a2enmod ssl
- cmd=restart
- fi
-
- # Whack Apache if we've changed anything here.
- if test $cmd != no
- then
- service apache2 $cmd
- fi
+ /usr/lib/rpki/rpkigui-apache-conf-gen --debian --install --verbose
}
setup_rpki_conf() {
diff --git a/buildtools/debian-skeleton/rpki-ca.postrm b/buildtools/debian-skeleton/rpki-ca.postrm
index c5e9179a..c93f84df 100644
--- a/buildtools/debian-skeleton/rpki-ca.postrm
+++ b/buildtools/debian-skeleton/rpki-ca.postrm
@@ -28,6 +28,7 @@ case "$1" in
mysql --defaults-file=/etc/mysql/debian.cnf --execute "source $sql"
fi
rm -f /etc/rpki.conf /etc/rpki.conf.sample $sql
+ rm -f /etc/rpki/apache.conf /etc/rpki/apache.cer /etc/rpki/apache.key
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --git a/buildtools/debian-skeleton/rpki-ca.prerm b/buildtools/debian-skeleton/rpki-ca.prerm
index bb28512f..b6033cf2 100644
--- a/buildtools/debian-skeleton/rpki-ca.prerm
+++ b/buildtools/debian-skeleton/rpki-ca.prerm
@@ -44,7 +44,12 @@ case "$1" in
rm -f /etc/cron.daily/rpkigui-check-expired
rm -f /etc/cron.d/rpki-update-bpki
- # Clean up what we did to Apache.
+ # Clean up what we did to Apache. Modern version of this is
+ # just invocation of a Python script, but for now we also
+ # retain code needed to clean up nasty mess we created in the
+ # past, to avoid breaking old installations on upgrade.
+
+ # Remove the old stuff first.
f=/etc/apache2/sites-available/default-ssl
awk < $f > ${f}.tmp '
@@ -68,6 +73,10 @@ case "$1" in
# Not sure whether we should do "service apache2 reload"
# here, one could make a case either way. Skip for now.
+ # Now remove the new stuff.
+
+ /usr/lib/rpki/rpkigui-apache-conf-gen --debian --remove --verbose
+
;;
upgrade|deconfigure)