Skip to content
Permalink
4.17.6
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

grouper/container_files/usr-local-bin/librarySetupFilesApache.sh

Go to file
@mchyzer
mchyzer 4.10.2
Loading status checks…
Latest commit a043968 Jan 1, 2024 History
1 contributor

Users who have contributed to this file

230 lines (195 sloc) 12.4 KB
Raw Blame
#!/bin/bash
setupFilesApache_indexes() {
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_APACHE_DIRECTORY_INDEXES" = "false" ]
then
if [ "$GROUPER_ORIGFILE_HTTPD_CONF" = "true" ]; then
# take out the directory indexes from the docroot
cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.pre_noindexes
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.pre_noindexes, result: $returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
patch /etc/httpd/conf/httpd.conf /etc/httpd/conf.d/httpd.conf.noindexes.patch
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) Patch httpd.conf to turn off indexes 'patch /etc/httpd/conf/httpd.conf /etc/httpd/conf.d/httpd.conf.noindexes.patch' result=$returnCode"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_indexes) /etc/httpd/conf/httpd.conf is not the original file so will not be changed"
fi
fi
}
setupFilesApache_ssl() {
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_USE_SSL" != "true" ]
then
if [ -f /etc/httpd/conf.d/ssl.conf ]
then
mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.dontuse
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ssl) mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.dontuse , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
if [ -f /etc/httpd/conf.d/ssl-enabled.conf ]
then
mv -v /etc/httpd/conf.d/ssl-enabled.conf /etc/httpd/conf.d/ssl-enabled.conf.dontuse
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ssl) mv -v /etc/httpd/conf.d/ssl-enabled.conf /etc/httpd/conf.d/ssl-enabled.conf.dontuse , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
fi
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_USE_SSL" = "true" ] && [ -f /etc/httpd/conf.d/ssl-enabled.conf ] && [ "$GROUPER_ORIGFILE_SSL_ENABLED_CONF" = "true" ] ; then
if [ "$GROUPER_SSL_USE_STAPLING" = "true" ]; then
sed -i "s|__GROUPER_SSL_USE_STAPLING__|on|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_SSL_USE_STAPLING__|on|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
sed -i "s|__GROUPER_SSL_USE_STAPLING__|off|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_SSL_USE_STAPLING__|on|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
sed -i "s|__GROUPER_SSL_CERT_FILE__|$GROUPER_SSL_CERT_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Set cert file: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CERT_FILE__|$GROUPER_SSL_CERT_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
sed -i "s|__GROUPER_SSL_KEY_FILE__|$GROUPER_SSL_KEY_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Set cert file: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_KEY_FILE__|$GROUPER_SSL_KEY_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
if [ "$GROUPER_SSL_USE_CHAIN_FILE" = "true" ]; then
sed -i "s|__GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Setting chain: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__|$GROUPER_SSL_CHAIN_FILE|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
else
sed -i "s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__||g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) No chain setting: sed -i \"s|SSLCertificateChainFile __GROUPER_SSL_CHAIN_FILE__||g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
fi
}
setupFilesApache_serverName() {
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_SERVER_NAME" ] && [ "$GROUPER_APACHE_SERVER_NAME" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_serverName) Appending ServerName to grouper-www.conf"
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "ServerName $GROUPER_APACHE_SERVER_NAME" >> /etc/httpd/conf.d/grouper-www.conf
echo "UseCanonicalName On" >> /etc/httpd/conf.d/grouper-www.conf
echo >> /etc/httpd/conf.d/grouper-www.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_serverName) Setup ServerName $GROUPER_APACHE_SERVER_NAME in /etc/httpd/conf.d/grouper-www.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
}
setupFilesApache_remoteip() {
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_HEADER" ] && [ "$GROUPER_APACHE_REMOTE_IP_HEADER" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPHeader to grouper-www.conf"
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "RemoteIPHeader $GROUPER_APACHE_REMOTE_IP_HEADER" >> /etc/httpd/conf.d/grouper-www.conf
returnCode=$?
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPHeader $GROUPER_APACHE_REMOTE_IP_HEADER\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" ] && [ "$GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPTrustedProxy to grouper-www.conf"
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "RemoteIPTrustedProxy $GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY" >> /etc/httpd/conf.d/grouper-www.conf
returnCode=$?
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPTrustedProxy $GROUPER_APACHE_REMOTE_IP_TRUSTED_PROXY\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" ] && [ "$GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" != "" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Appending RemoteIPInternalProxy to grouper-www.conf"
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "RemoteIPInternalProxy $GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY" >> /etc/httpd/conf.d/grouper-www.conf
returnCode=$?
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) echo \"RemoteIPInternalProxy $GROUPER_APACHE_REMOTE_IP_INTERNAL_PROXY\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_REMOTE_IP_HEADER" ] && [ "$GROUPER_APACHE_REMOTE_IP_HEADER" != "" ] && [ -f /etc/httpd/conf.d/09_i2inc_logging.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) Changing logging config for client address"
sed -i "s|%h|%a|g" /etc/httpd/conf.d/09_i2inc_logging.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_remoteip) sed -i \"s|%h|%a|g\" /etc/httpd/conf.d/09_i2inc_logging.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
}
setupFilesApache_status() {
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ ! -z "$GROUPER_APACHE_STATUS_PATH" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "" ] && [ "$GROUPER_APACHE_STATUS_PATH" != "none" ] && [ -f /etc/httpd/conf.d/grouper-www.conf ]
then
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) Appending status to grouper-www.conf"
echo >> /etc/httpd/conf.d/grouper-www.conf
# ProxyPass /status_grouper/status ajp://localhost:8009/grouper/status timeout=2401
echo "ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401" >> /etc/httpd/conf.d/grouper-www.conf
returnCode=$?
echo >> /etc/httpd/conf.d/grouper-www.conf
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_status) echo \"ProxyPass $GROUPER_APACHE_STATUS_PATH ajp://localhost:$GROUPER_TOMCAT_AJP_PORT/$GROUPER_TOMCAT_CONTEXT/status timeout=2401\" >> /etc/httpd/conf.d/grouper-www.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
}
setupFilesApache_supervisor() {
if [ "$GROUPER_RUN_APACHE" = "true" ]
then
cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_supervisor) cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
}
setupFilesApache_ports() {
# filter the ssl config for ssl port
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ -f /etc/httpd/conf.d/ssl-enabled.conf ] && [ "$GROUPER_ORIGFILE_SSL_ENABLED_CONF" = "true" ]
then
sed -i "s|__GROUPER_APACHE_SSL_PORT__|$GROUPER_APACHE_SSL_PORT|g" /etc/httpd/conf.d/ssl-enabled.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) sed -i \"s|__GROUPER_APACHE_SSL_PORT__|$GROUPER_APACHE_SSL_PORT|g\" /etc/httpd/conf.d/ssl-enabled.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
if [ "$GROUPER_RUN_APACHE" = "true" ] && [ "$GROUPER_APACHE_NONSSL_PORT" != "80" ]
then
sed -i "s|Listen 80|Listen $GROUPER_APACHE_NONSSL_PORT|g" /etc/httpd/conf/httpd.conf
returnCode=$?
echo "grouperContainer; INFO: (librarySetupFilesApache.sh-setupFilesApache_ports) Replace apache non-ssl port in httpd.conf, sed -i \"s|Listen 80|Listen $GROUPER_APACHE_NONSSL_PORT|g\" /etc/httpd/conf/httpd.conf , result: $?"
if [ $returnCode != 0 ]; then exit $returnCode; fi
fi
}
setupFilesApache() {
setupFilesApache_supervisor
setupFilesApache_ports
setupFilesApache_remoteip
setupFilesApache_ssl
setupFilesApache_status
setupFilesApache_serverName
setupFilesApache_indexes
}
setupFilesApache_unsetAll() {
unset -f setupFilesApache
unset -f setupFilesApache_indexes
unset -f setupFilesApache_ports
unset -f setupFilesApache_remoteip
unset -f setupFilesApache_ssl
unset -f setupFilesApache_status
unset -f setupFilesApache_supervisor
unset -f setupFilesApache_unsetAll
unset -f setupFilesApache_serverName
}
setupFilesApache_exportAll() {
export -f setupFilesApache
export -f setupFilesApache_indexes
export -f setupFilesApache_ports
export -f setupFilesApache_remoteip
export -f setupFilesApache_ssl
export -f setupFilesApache_status
export -f setupFilesApache_supervisor
export -f setupFilesApache_unsetAll
export -f setupFilesApache_serverName
}
# export everything
setupFilesApache_exportAll