doc/loncapafiles/webserver.piml - diff

Return to webserver.piml CVS log

Up to [LON-CAPA] / doc / loncapafiles

Diff for /doc/loncapafiles/webserver.piml between versions 1.45 and 1.62

version 1.45, 2018/11/01 18:12:56	version 1.62, 2024/08/05 15:45:16
Line 48 http://www.lon-capa.org/	Line 48 http://www.lon-capa.org/
<target dist='suse9.2 suse9.3 sles9'>/etc/httpd/httpd.conf</target>	<target dist='suse9.2 suse9.3 sles9'>/etc/httpd/httpd.conf</target>
<target dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>/etc/apache2/default-server.conf</target>	<target dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>/etc/apache2/default-server.conf</target>
<target dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>/etc/apache2/sites-available/loncapa</target>	<target dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>/etc/apache2/sites-available/loncapa</target>
<target dist='ubuntu14 ubuntu16 ubuntu18'>/etc/apache2/conf-available/loncapa</target>	<target dist='debian10 debian11 debian12 ubuntu14 ubuntu16 ubuntu18 ubuntu20 ubuntu22 ubuntu24'>/etc/apache2/conf-available/loncapa.conf</target>
<note>This is for Apache 1.X for Red Hat 4ES, Fedora 2, 3 and 4, SusSE 9.2 and 9.3, and SLES 9 distributions. This is for Apache 2.X for Fedora 5, Red Hat 5, CentOS 5, Scientific Linux 5, SuSE 10.1, SLES 10, Debian 5, Ubuntu LTS 8 and later distributions</note>	<note>This is for Apache 1.X for Red Hat 4ES, Fedora 2, 3 and 4, SusSE 9.2 and 9.3, and SLES 9 distributions. This is for Apache 2.X for Fedora 5, Red Hat 5, CentOS 5, Scientific Linux 5, Oracle Linux 5, SuSE 10.1, SLES 10, Debian 5, Ubuntu LTS 8 and later distributions</note>
<dependencies dist='default'>	<dependencies dist='default'>
/etc/httpd/conf/httpd.conf	/etc/httpd/conf/httpd.conf
</dependencies>	</dependencies>
Line 59 http://www.lon-capa.org/	Line 59 http://www.lon-capa.org/
<dependencies dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>	<dependencies dist='debian5 debian6 ubuntu6 ubuntu8 ubuntu10 ubuntu12'>
/etc/apache2/sites-available/loncapa	/etc/apache2/sites-available/loncapa
</dependencies>	</dependencies>
<dependencies dist='ubuntu14 ubuntu16 ubuntu18'>	<dependencies dist='debian10 debian11 debian12 ubuntu14 ubuntu16 ubuntu18 ubuntu20 ubuntu22 ubuntu24'>
/etc/apache2/conf-available/loncapa	/etc/apache2/conf-available/loncapa.conf
</dependencies>	</dependencies>
<dependencies dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>	<dependencies dist='sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2'>
/etc/apache2/default-server.conf	/etc/apache2/default-server.conf
Line 69 http://www.lon-capa.org/	Line 69 http://www.lon-capa.org/
# Generated from doc/loncapafiles/webserver.piml	# Generated from doc/loncapafiles/webserver.piml
use Socket;	use Socket;
use Sys::Hostname::FQDN();	use Sys::Hostname::FQDN();
	use File::Spec;
	use Cwd();

	# For ubuntu 14 and later check for loncapa.conf in sites-available,
	# and conf-available, and for symlinks in sites-enabled, and conf-enabled
	if ('<DIST />' =~ /^ubuntu(\d+)$/) {
	my $version = $1;
	if ($version > 12) {
	if (-l '/etc/apache2/conf-enabled/loncapa.conf') {
	my $linkfname = readlink('/etc/apache2/conf-enabled/loncapa.conf');
	if ($linkfname ne '') {
	$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,'/etc/apache2/conf-enabled'));
	}
	unless ($linkfname eq '/etc/apache2/conf-available/loncapa.conf') {
	unlink('/etc/apache2/conf-enabled/loncapa.conf');
	}
	}
	if (-e '/etc/apache2/conf-available/loncapa') {
	system('mv /etc/apache2/conf-available/loncapa /etc/apache2/conf-available/loncapa.conf');
	}
	unless (-l '/etc/apache2/conf-enabled/loncapa.conf') {
	if (-e '/etc/apache2/conf-available/loncapa.conf') {
	my $currdir = Cwd::getcwd();
	if ($currdir ne '') {
	chdir('/etc/apache2/conf-enabled');
	symlink('../conf-available/loncapa.conf','loncapa.conf');
	chdir($currdir);
	}
	}
	}
	if (-l '/etc/apache2/sites-enabled/000-default.conf') {
	my $linkfname = readlink('/etc/apache2/sites-enabled/000-default.conf');
	if ($linkfname ne '') {
	$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,'/etc/apache2/sites-enabled'));
	}
	if (($linkfname eq '/etc/apache2/sites-available/loncapa') \|\|
	($linkfname eq '/etc/apache2/sites-available/000-default.conf')) {
	unlink('/etc/apache2/sites-enabled/000-default.conf');
	}
	}
	if (-e '/etc/apache2/sites-available/loncapa') {
	system('mv /etc/apache2/sites-available/loncapa /etc/apache2/sites-available/loncapa.conf');
	}
	if (-l '/etc/apache2/sites-enabled/loncapa.conf') {
	my $linkfname = readlink('/etc/apache2/sites-enabled/loncapa.conf');
	if ($linkfname ne '') {
	$linkfname = Cwd::abs_path(File::Spec->rel2abs($linkfname,'/etc/apache2/sites-enabled'));
	}
	unless ($linkfname eq '/etc/apache2/sites-available/loncapa.conf') {
	unlink('/etc/apache2/sites-enabled/loncapa.conf');
	}
	}
	unless (-l '/etc/apache2/sites-enabled/loncapa.conf') {
	if (-e '/etc/apache2/sites-available/loncapa.conf') {
	my $currdir = Cwd::getcwd();
	if ($currdir ne '') {
	chdir('/etc/apache2/sites-enabled');
	symlink('../sites-available/loncapa.conf','loncapa.conf');
	chdir($currdir);
	}
	}
	}
	}
	}

unless (-e "<TARGET />") {	unless (-e "<TARGET />") {
print '**** ERROR! <TARGET /> should exist! Are you missing the Apache '.	print '**** ERROR! <TARGET /> should exist! Are you missing the Apache '.
'software package?';	'software package?';
Line 76 unless (-e "<TARGET />") {	Line 141 unless (-e "<TARGET />") {
}	}
else {	else {
# Append loncapa_apache.conf inclusion to httpd.conf	# Append loncapa_apache.conf inclusion to httpd.conf
# (or sites-available/loncapa or conf-available/loncapa) if not present.	# (or sites-available/loncapa or conf-available/loncapa.conf) if not present.
$flag=0;	my $absolute_link;
open(IN,'<<TARGET />');	if ('<DIST />' =~ /^sles(\d+)$/) {
while (<IN>) {	my $version = $1;
if (/^\s*Include\s+conf\/loncapa_apache.conf/) {	if ($version > 11) {
$flag=1;	$absolute_link = 1;
}	}
}	}
close(IN);	if ($absolute_link) {
unless ($flag==1) {	# For SuSE and SLES /etc/apache2/default-server.conf needs to include:
open(OUT,'>><TARGET />');	# Include /etc/apache2/loncapa_apache.conf
print(OUT 'Include conf/loncapa_apache.conf'."\n");	# instead of:
close(OUT);	# Include conf/loncapa_apache.conf
	my $delflag=0;
	my $addflag=1;
	open(IN,'<<TARGET />');
	while (<IN>) {
	if (/^\s*Include\s+conf\/loncapa_apache.conf/) {
	$delflag=1;
	}
	if (/^\s*Include\s+\/etc\/apache2\/loncapa_apache.conf/) {
	$addflag = 0;
	}
	}
	close(IN);
	if ($addflag) {
	open(OUT,'>><TARGET />');
	print(OUT 'Include /etc/apache2/loncapa_apache.conf'."\n");
	close(OUT);
	}
	if ($delflag==1) {
	my $in='';
	open(IN,'<<TARGET />');
	while(<IN>) {
	$in.=$_ unless /^\s*Include\s+conf\/loncapa_apache.conf/;
	}
	close(IN);
	open(OUT,'><TARGET />');
	print(OUT $in);
	close(OUT);
	}
	} else {
	$flag=0;
	open(IN,'<<TARGET />');
	while (<IN>) {
	if (/^\s*Include\s+conf\/loncapa_apache.conf/) {
	$flag=1;
	}
	}
	close(IN);
	unless ($flag==1) {
	open(OUT,'>><TARGET />');
	print(OUT 'Include conf/loncapa_apache.conf'."\n");
	close(OUT);
	}
}	}
# Remove loncapa.conf inclusion from httpd.conf	# Remove loncapa.conf inclusion from httpd.conf
# (or sites-available/loncapa or conf-available/loncapa) if present.	# (or sites-available/loncapa or conf-available/loncapa.conf) if present.
$flag=0;	$flag=0;
open(IN,'<<TARGET />');	open(IN,'<<TARGET />');
while (<IN>) {	while (<IN>) {
Line 142 else {	Line 249 else {
$conffile = '/etc/apache2/default-server.conf';	$conffile = '/etc/apache2/default-server.conf';
} elsif ('<DIST />' =~ /^(debian\|ubuntu)/) {	} elsif ('<DIST />' =~ /^(debian\|ubuntu)/) {
$conffile = '/etc/apache2/sites-available/loncapa';	$conffile = '/etc/apache2/sites-available/loncapa';
	if ('<DIST />' =~ /^ubuntu(\d+)$/) {
	my $version = $1;
	if ($version > 12) {
	$conffile = '/etc/apache2/conf-available/loncapa.conf';
	}
	}
}	}
print('** ERROR ** '.$conffile.' has an overlapping definition of '.	print('** ERROR ** '.$conffile.' has an overlapping definition of '.
'ScriptAlias (it is incorrectly set to '.$scriptalias.').'."\n".	'ScriptAlias (it is incorrectly set to '.$scriptalias.').'."\n".
Line 197 else {	Line 310 else {
'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off.	'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off.
' - the file used to disable such rewriting'."\n\n".	' - the file used to disable such rewriting'."\n\n".
'This may be because '. $curr_rewrite.' has been '.	'This may be because '. $curr_rewrite.' has been '.
'previously customized,'."\n".' or it may be because of a change '.	'previously customized,'."\n".'or it may be because of a change '.
'to the files in '.$rewrite_dir."\n");	'to the files in '.$rewrite_dir."\n");
if (open(my $fh,'<',$curr_rewrite)) {	if (open(my $fh,'<',$curr_rewrite)) {
while(<$fh>) {	while(<$fh>) {
Line 219 else {	Line 332 else {
\|\| '<DIST />' eq 'sles9') {	\|\| '<DIST />' eq 'sles9') {
$ssldir = '/etc/apache/vhosts.d';	$ssldir = '/etc/apache/vhosts.d';
} elsif ('<DIST />' =~ /^(suse\|sles)/) {	} elsif ('<DIST />' =~ /^(suse\|sles)/) {
$ssldir = '/etc/apache2/vhosts.d';	$ssldir = '/etc/apache2/vhosts.d';
} elsif ('<DIST />' =~ /^(debian\|ubuntu)/) {	} elsif ('<DIST />' =~ /^(debian\|ubuntu)/) {
$ssldir = '/etc/apache2/sites-available';	$ssldir = '/etc/apache2/sites-available';
} else {	} else {
Line 227 else {	Line 340 else {
}	}
my $hostname = Sys::Hostname::FQDN::fqdn();	my $hostname = Sys::Hostname::FQDN::fqdn();
my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) \|\| 'localhost');	my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) \|\| 'localhost');
my @expected = ('RewriteRule ^/adm/wrapper/ext/(?!https:\/\/) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]',	my @expected = ('RewriteEngine on',
	'RewriteCond %{HTTPS} =on',
	'RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:)',
	'RewriteCond %{QUERY_STRING} (^\|&(\|amp;))usehttp=1($\|&)',
	'RewriteRule ^/adm/wrapper/ext/(?!https:) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]',
'RewriteCond %{REMOTE_ADDR} 127.0.0.1',	'RewriteCond %{REMOTE_ADDR} 127.0.0.1',
'RewriteRule (.*) - [L]');	'RewriteRule (.*) - [L]');
if (($hostip ne '') && ($hostip ne '127.0.0.1')) {	if (($hostip ne '') && ($hostip ne '127.0.0.1')) {
Line 235 else {	Line 352 else {
'RewriteRule (.*) - [L]'));	'RewriteRule (.*) - [L]'));
}	}
push(@expected,('RewriteCond %{REQUEST_URI} ^/public/.*/syllabus$',	push(@expected,('RewriteCond %{REQUEST_URI} ^/public/.*/syllabus$',
'RewriteCond %{QUERY_STRING} (^\|&)usehttp=1($\|&)',	'RewriteCond %{QUERY_STRING} (^\|&(\|amp;))usehttp=1($\|&)',
'RewriteRule ^/public/.*/syllabus$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]'));	'RewriteRule ^/public/.*/syllabus$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]'));
if (-d $ssldir) {	if (-d $ssldir) {
my @rewrites;	my @rewrites;
if (opendir(my $dir,$ssldir)) {	if (opendir(my $dir,$ssldir)) {
my @sslconf_files;	my @sslconf_files;
foreach my $file (!grep(/^\.$/,readdir($dir))) {	foreach my $file (grep(!/^\./,readdir($dir))) {
	next if ($file =~ /\.rpmnew$/);
if (open(my $fh,'<',"$ssldir/$file")) {	if (open(my $fh,'<',"$ssldir/$file")) {
while (<$fh>) {	while (<$fh>) {
if (/^\s<VirtualHost\s+[^:]\:443>\s*$/) {	if (/^\s<VirtualHost\s+[^:]\:443>\s*$/) {
Line 253 else {	Line 371 else {
}	}
}	}
if (@sslconf_files) {	if (@sslconf_files) {
my @rewrites;
foreach my $file (@sslconf_files) {	foreach my $file (@sslconf_files) {
if (open(my $fh,'<',"$ssldir/$file")) {	if (open(my $fh,'<',"$ssldir/$file")) {
my ($rewrite,$num) = (0,0);	my ($rewrite,$num) = (0,0);
while (<$fh>) {	while (<$fh>) {
if ($rewrite) {	if ($rewrite) {
if (/\s*<\/IfModule>/) {	if (/^\s*<\/IfModule>/) {
$rewrite = 0;	$rewrite = 0;
$num ++;	$num ++;
} else {	} else {
chomp();	chomp();
s/^(\s+\|\s+)$//g;	s/^\s+\|\s+$//g;
push(@{$rewrites[$num]},$_);	push(@{$rewrites[$num]},$_);
}	}
} elsif (/^\s*<IfModule\s+mod_rewrite.c>/) {	} elsif (/^\s*<IfModule\s+mod_rewrite.c>/) {
$rewrite = 1;	$rewrite = 1;
Line 281 else {	Line 398 else {
foreach my $item (@rewrites) {	foreach my $item (@rewrites) {
if (ref($item) eq 'ARRAY') {	if (ref($item) eq 'ARRAY') {
my $found = 0;	my $found = 0;
foreach my $item (@rewrites) {	foreach my $line (@{$item}) {
foreach my $match (@expected) {	foreach my $match (@expected) {
if ($match eq $item) {	if ($match eq $line) {
$found ++;	$found ++;
last;	last;
}	}
}	}
}	}
if ($found >= @expected) {	if ($found >= scalar(@expected)) {
$gotrules = 1;	$gotrules = 1;
	last;
}	}
}	}
}	}
}	}
}	}
unless ($gotrules) {	unless ($gotrules) {
print('** WARNING ** '.$curr_rewrite.' is currently set so rewrites '.	print('** WARNING ** '."\n".$curr_rewrite.' is currently set so rewrites '.
'of http to https are enabled for most URLs.'."\n".	'of http to https are enabled for most URLs.'."\n".
'It is recommended to also set rewrites from https to http '.	'Unless your Apache configuration includes Strict-Transport-Security '.
'in a file in '.$ssldir.' by including the following:'."\n".	'(with max-age > 0), it is recommended to also set rewrites from https to http '.
	'for specific URLs in a file in '.$ssldir.' by including the following:'."\n".
"<IfModule mod_rewrite.c>\n".' '.	"<IfModule mod_rewrite.c>\n".' '.
join("\n ",@expected)."\n".	join("\n ",@expected)."\n".
"</IfModule>\n");	"</IfModule>\n");

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.45
changed lines
	Added in v.1.62