Versión 1.0.2: preparar módulo HTTPS para el servidor Apache (modifica #443)

git-svn-id: https://opengnsys.es/svn/branches/version1.0@2328 a21b9725-9963-47de-94b9-378ad31fedc9
2011-09-29 11:14:49 +00:00 · 2011-09-29 11:14:49 +00:00 · 3ce53a7f30
parent ea8051aff5
commit 3ce53a7f30
4 changed files with 43 additions and 12 deletions
--- a/installer/opengnsys_installer.sh
+++ b/installer/opengnsys_installer.sh
@ -57,6 +57,7 @@ OPENGNSYS_DB_CREATION_FILE=opengnsys/admin/Database/ogAdmBD.sql
 # - DEPENDENCIES - array de dependencias que deben estar instaladas
 # - UPDATEPKGLIST, INSTALLPKGS, CHECKPKGS - comandos para gestión de paquetes
 # - APACHEINIT, APACHECFGDIR, APACHEUSER, APACHEGROUP - arranque y configuración de Apache
+# - ENABLEMOD, ENABLESITE - habilitar módulo Apache y sitio web
 # - DHCPINIT, DHCPCFGDIR - arranque y configuración de DHCP
 # - SAMBAINIT, SAMBACFGDIR - arranque y configuración de Samba
 # - TFTPCFGDIR - configuración de TFTP
@ -76,6 +77,8 @@ case "$OSDISTRIB" in
 		APACHECFGDIR=/etc/apache2
 		APACHEUSER="www-data"
 		APACHEGROUP="www-data"
+		ENABLEMOD="a2enmod"
+		ENABLESITE="a2ensite"
 		case "$OSCODENAME" in
 			natty)	DHCPINIT=/etc/init.d/isc-dhcp-server
 				DHCPCFGDIR=/etc/dhcp
@ -765,8 +768,12 @@ function openGnsysInstallWebConsoleApacheConf()

 	echoAndLog "${FUNCNAME}(): creating apache2 config file.."

+	# Activar HTTPS.
+	$ENABLESITE default-ssl
+	$ENABLEMOD ssl
+	make-ssl-cert generate-default-snakeoil --force-overwrite

-	# genera configuración
+	# Genera configuración de consola web.
 	cat > $path_opengnsys_base/etc/apache.conf <<EOF
 # OpenGnSys Web Console configuration for Apache

@ -778,8 +785,8 @@ Alias /opengnsys ${path_web_console}
 </Directory>
 EOF

-	ln -fs $path_opengnsys_base/etc/apache.conf $path_apache2_confd/sites-available/opengnsys.conf
-	ln -fs $path_apache2_confd/sites-available/opengnsys.conf $path_apache2_confd/sites-enabled/opengnsys.conf
+	ln -fs $path_opengnsys_base/etc/apache.conf $path_apache2_confd/sites-available/opengnsys
+	$ENABLESITE opengnsys
 	if [ $? -ne 0 ]; then
 		errorAndLog "${FUNCNAME}(): config file can't be linked to apache conf, verify your server installation"
 		return 1
--- a/installer/opengnsys_installer_v1.0.2.sh
+++ b/installer/opengnsys_installer_v1.0.2.sh
@ -81,6 +81,7 @@ OPENGNSYS_CLIENT_USER="opengnsys"
 # - UPDATEPKGLIST, INSTALLPKG, CHECKPKG - comandos para gestión de paquetes
 # - OGACTIVATE, OGINIT - activación e inicio de servicios de OpenGnSys
 # - APACHEINIT, APACHECFGDIR, APACHEUSER, APACHEGROUP - configuración de Apache
+# - ENABLEMOD, ENABLESITE - habilitar módulo Apache y sitio web
 # - DHCPINIT, DHCPCFGDIR - arranque y configuración de DHCP
 # - INETDINIT - arranque de Inetd
 # - MYSQLINIT - arranque de MySQL
@ -106,6 +107,8 @@ case "$OSDISTRIB" in
 		APACHECFGDIR=/etc/apache2
 		APACHEUSER="www-data"
 		APACHEGROUP="www-data"
+		ENABLEMOD="a2enmod"
+		ENABLESITE="a2ensite"
 		case "$OSCODENAME" in
 			natty)	DHCPINIT=/etc/init.d/isc-dhcp-server
 				DHCPCFGDIR=/etc/dhcp
@ -868,8 +871,12 @@ function openGnsysInstallWebConsoleApacheConf()

 	echoAndLog "${FUNCNAME}(): creating apache2 config file.."

+	# Activar SSL
+	$ENABLESITE default-ssl
+	$ENABLEMOD ssl
+	make-ssl-cert generate-default-snakeoil --force-overwrite

-	# genera configuración
+	# Generar configuración de OpenGnSys
 	cat > $path_opengnsys_base/etc/apache.conf <<EOF
 # OpenGnSys Web Console configuration for Apache

@ -881,8 +888,9 @@ Alias /opengnsys ${path_web_console}
 </Directory>
 EOF

-	ln -fs $path_opengnsys_base/etc/apache.conf $path_apache2_confd/sites-available/opengnsys.conf
-	ln -fs $path_apache2_confd/sites-available/opengnsys.conf $path_apache2_confd/sites-enabled/opengnsys.conf
+	ln -fs $path_opengnsys_base/etc/apache.conf $path_apache2_confd/sites-available/opengnsys
+	#ln -fs $path_apache2_confd/sites-available/opengnsys.conf $path_apache2_confd/sites-enabled/opengnsys.conf
+	$ENABLESITE opengnsys
 	if [ $? -ne 0 ]; then
 		errorAndLog "${FUNCNAME}(): config file can't be linked to apache conf, verify your server installation"
 		return 1
--- a/installer/opengnsys_uninstall.sh
+++ b/installer/opengnsys_uninstall.sh
@ -37,6 +37,10 @@ if test $DROP; then
    mysql -u root -p"$MYSQLROOT" <<<"DROP USER '$DBUSER';" 2>/dev/null
    mysql -u root -p"$MYSQLROOT" <<<"DROP USER '$DBUSER'@'localhost';" 2>/dev/null
 fi
+# Quitar configuración específica de Apache.
+a2dismod opengnsys
+rm -f /etc/apache2/{sites-available,sites-enabled}/opengnsys*
+/etc/init.d/apache2 reload
 # Eliminar ficheros.
 echo "Deleting OpenGnSys files."
 for dir in $OPENGNSYS/*; do
--- a/installer/opengnsys_update.sh
+++ b/installer/opengnsys_update.sh
@ -298,14 +298,26 @@ function updateClientFiles()
 	echoAndLog "${FUNCNAME}(): client files update success."
 }

-# Exportar nombre de usuario y grupo del servicio Apache.
-function getApacheUser()
+# Configurar HTTPS y exportar usuario y grupo del servicio Apache.
+function apacheConfiguration ()
 {
-	# Variables de ejecución de Apache
+	local APACHECONF=/etc/apache2
+
+	# Activar HTTPS, si es necesario.
+	if [ -e $APACHECONF/sites-available/opengnsys.conf ]; then
+		echoAndLog "${FUNCNAME}(): Configuring HTTPS access..."
+		mv $APACHECONF/sites-available/opengnsys.conf $APACHECONF/sites-available/opengnsys
+		a2ensite default-ssl
+		a2enmod ssl
+		a2ensite opengnsys
+		/etc/init.d/apache2 restart
+	fi
+
+	# Variables de ejecución de Apache.
 	# - APACHE_RUN_USER
 	# - APACHE_RUN_GROUP
-	if [ -f /etc/apache2/envvars ]; then
-		source /etc/apache2/envvars
+	if [ -f $APACHECONF/envvars ]; then
+		source $APACHECONF/envvars
 	fi
 	APACHE_RUN_USER=${APACHE_RUN_USER:-"www-data"}
 	APACHE_RUN_GROUP=${APACHE_RUN_GROUP:-"www-data"}
@ -658,7 +670,7 @@ updateClientFiles
 updateInterfaceAdm

 # Actualizar páqinas web
-getApacheUser
+apacheConfiguration
 updateWebFiles
 if [ $? -ne 0 ]; then
 	errorAndLog "Error updating OpenGnSys Web Admin files"