X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=rt%2Fdevel%2Ftools%2Frt-apache;h=a0473a3fe1eaf7cd7c6584c65e2d9815950df53a;hp=f9942edc14b11bb082d153fc34260cedcf527342;hb=187086c479a09629b7d180eec513fb7657f4e291;hpb=73a6a80a9ca5edbd43d139b7cb25bfee4abfd35e diff --git a/rt/devel/tools/rt-apache b/rt/devel/tools/rt-apache index f9942edc1..a0473a3fe 100644 --- a/rt/devel/tools/rt-apache +++ b/rt/devel/tools/rt-apache @@ -4,7 +4,7 @@ # # COPYRIGHT: # -# This software is Copyright (c) 1996-2015 Best Practical Solutions, LLC +# This software is Copyright (c) 1996-2018 Best Practical Solutions, LLC # # # (Except where explicitly superseded by other copyright notices) @@ -77,6 +77,7 @@ GetOptions( \%opt, "port|p=i", "ssl:i", "single|X", + "auth|A:s", "modules=s", @@ -125,6 +126,21 @@ unless ($opt{port}) { # Set ssl port if they want it but didn't provide a number $opt{ssl} = 4430 if defined $opt{ssl} and not $opt{ssl}; +# Default auth to on if they set $WebRemoteUserAuth +$opt{auth} = '' if not exists $opt{auth} and parseconf( "WebRemoteUserAuth" ); + +# Set an auth path if they want it but didn't pass a path +if (defined $opt{auth} and not $opt{auth}) { + $opt{auth} = "$opt{root}/var/htpasswd"; + unless (-f $opt{auth}) { + open(my $fh, ">", $opt{auth}) or die "Can't create default htpasswd: $!"; + print $fh 'root:$apr1$TZA4Y0DL$DS5ZhDH8QrhB.uAtvNJmh.' . "\n"; + close $fh or die "Can't create default htpasswd: $!"; + } +} elsif ($opt{auth} and not -f $opt{auth}) { + die "Can't read htpasswd file $opt{auth}!"; +} + # Parse out the WebPath my $path = parseconf( "WebPath" ) || ""; @@ -133,6 +149,7 @@ $template =~ s/\$PORT/$opt{port}/g; $template =~ s!\$PATH/!$path/!g; $template =~ s!\$PATH!$path || "/"!ge; $template =~ s/\$SSL/$opt{ssl} || 0/ge; +$template =~ s/\$AUTH/$opt{auth}/ge; $template =~ s/\$RTHOME/$opt{root}/g; $template =~ s/\$MODULES/$opt{modules}/g; $template =~ s/\$TOOLS/$FindBin::Bin/g; @@ -227,7 +244,7 @@ environment variable, or C. Determines the Apache module which is used. By default, the first one of that list which exists will be used. See also L. -=item --port B +=item --port B, -p Choses the port to listen on. By default, this is parsed from the F, and falling back to 8888. @@ -238,6 +255,13 @@ Also listens on the provided port with HTTPS, using a self-signed certificate for C. If the port number is not specified, defaults to port 4430. +=item --auth [F], -A + +Turns on HTTP Basic Authentication; this is done automatically if +C<$WebRemoteUserAuth> is set in the F. The provided +path should be to a F file; if not given, defaults to a file +containing only user C with password C. + =item --single, -X Run only one process or thread, for ease of debugging. @@ -258,6 +282,29 @@ Defaults to F. =cut __DATA__ +Listen $PORT + + Listen $SSL + + +ServerName localhost +ServerRoot $RTHOME/var +PidFile $RTHOME/var/apache2.pid + + LockFile $RTHOME/var/apache2.lock + +ServerAdmin root@localhost + += 2.4> + LoadModule mpm_prefork_module $MODULES/mod_mpm_prefork.so + LoadModule authz_core_module $MODULES/mod_authz_core.so + +LoadModule authz_host_module $MODULES/mod_authz_host.so +LoadModule env_module $MODULES/mod_env.so +LoadModule alias_module $MODULES/mod_alias.so +LoadModule mime_module $MODULES/mod_mime.so +TypesConfig $TOOLS/mime.types + StartServers 1 @@ -278,23 +325,6 @@ __DATA__ -Listen $PORT - - Listen $SSL - - -ServerName localhost -ServerRoot $RTHOME/var -PidFile $RTHOME/var/apache2.pid -LockFile $RTHOME/var/apache2.lock -ServerAdmin root@localhost - -LoadModule authz_host_module $MODULES/mod_authz_host.so -LoadModule env_module $MODULES/mod_env.so -LoadModule alias_module $MODULES/mod_alias.so -LoadModule mime_module $MODULES/mod_mime.so -TypesConfig $TOOLS/mime.types - LoadModule perl_module $MODULES/mod_perl.so @@ -306,6 +336,9 @@ TypesConfig $TOOLS/mime.types LoadModule ssl_module $MODULES/mod_ssl.so + = 2.4> + LoadModule socache_shmcb_module $MODULES/mod_socache_shmcb.so + @@ -341,8 +374,6 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ PerlSetEnv RT_SITE_CONFIG $RTHOME/etc/RT_SiteConfig.pm - Order allow,deny - Allow from all SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 PerlSetVar psgi_app $RTHOME/sbin/rt-server @@ -359,8 +390,6 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ FastCgiServer $RTHOME/sbin/rt-server.fcgi -processes $PROCESSES -idle-timeout 300 ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/ - Order allow,deny - Allow from all Options +ExecCGI AddHandler fastcgi-script fcgi @@ -373,8 +402,6 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ FcgidMaxRequestLen 1073741824 ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/ - Order allow,deny - Allow from all Options +ExecCGI AddHandler fcgid-script fcgi @@ -402,10 +429,8 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ FastCgiServer $RTHOME/bin/mason_handler.fcgi -processes $PROCESSES -idle-timeout 300 ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/ - Order allow,deny - Allow from all - Options +ExecCGI - AddHandler fastcgi-script fcgi + Options +ExecCGI + AddHandler fastcgi-script fcgi @@ -416,10 +441,8 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ FcgidMaxRequestLen 1073741824 ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/ - Order allow,deny - Allow from all - Options +ExecCGI - AddHandler fcgid-script fcgi + Options +ExecCGI + AddHandler fcgid-script fcgi @@ -430,10 +453,12 @@ Alias $PATH/NoAuth/images/ $RTHOME/share/html/NoAuth/images/ SSLRandomSeed connect builtin SSLRandomSeed connect file:/dev/urandom 512 SSLSessionCache shmcb:$RTHOME/var/ssl_scache(512000) - SSLMutex file:$RTHOME/var/ssl_mutex + + SSLMutex file:$RTHOME/var/ssl_mutex + SSLEngine on - SSLCertificateFile $TOOLS/localhost.crt - SSLCertificateKeyFile $TOOLS/localhost.key + SSLCertificateFile $TOOLS/localhost.crt + SSLCertificateKeyFile $TOOLS/localhost.key