[854] | 1 | #!/usr/bin/python |
---|
| 2 | # |
---|
| 3 | # Converts an apacheConfig record from LDAP, as used by mod_vhost_ldap, |
---|
| 4 | # into a <VirtualHost> record as used in an Apache conf.d directory. |
---|
| 5 | # Useful for adding things like SSL server certs that mod_vhost_ldap |
---|
| 6 | # doesn't support. |
---|
| 7 | # |
---|
| 8 | # Usage: |
---|
| 9 | # scripts# cd /etc/httpd/vhosts.d |
---|
| 10 | # scripts# ./reify-vhost.py geofft > geofft.conf |
---|
| 11 | # scripts# service httpd graceful |
---|
| 12 | # |
---|
| 13 | # Geoffrey Thomas <geofft@mit.edu>, 2008, public domain. |
---|
| 14 | |
---|
| 15 | import ldap |
---|
| 16 | import ldap.filter |
---|
| 17 | import pwd |
---|
| 18 | import sys |
---|
| 19 | |
---|
[978] | 20 | ll = ldap.initialize("ldapi://%2fvar%2frun%2fdirsrv%2fslapd-scripts.socket/") |
---|
[854] | 21 | ll.simple_bind_s("", "") |
---|
| 22 | |
---|
| 23 | host = sys.argv[1] |
---|
| 24 | |
---|
| 25 | r = ll.search_s( |
---|
| 26 | "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu", |
---|
| 27 | ldap.SCOPE_SUBTREE, |
---|
| 28 | ldap.filter.filter_format( |
---|
| 29 | "(&(objectClass=apacheConfig)" + |
---|
| 30 | "(|(apacheServerName=%s)" + |
---|
| 31 | "(apacheServerAlias=%s)))", |
---|
| 32 | [host, host])) |
---|
| 33 | if len(r) != 0: |
---|
| 34 | user = pwd.getpwuid(int(r[0][1]['apacheSuexecUid'][0])) |
---|
[1445] | 35 | serveralias = "" |
---|
| 36 | if 'apacheServerAlias' in r[0][1]: |
---|
| 37 | serveralias = "ServerAlias "+r[0][1]['apacheServerAlias'][0] |
---|
[854] | 38 | print """# do not trailing-slash DocumentRoot |
---|
| 39 | |
---|
| 40 | <VirtualHost *:80> |
---|
| 41 | ServerName %(servername)s |
---|
[1446] | 42 | %(serveralias)s |
---|
[854] | 43 | DocumentRoot %(docroot)s |
---|
| 44 | Alias /~%(uname)s %(homedir)s/web_scripts |
---|
| 45 | SuExecUserGroup %(uname)s %(uname)s |
---|
| 46 | Include conf.d/vhosts-common.conf |
---|
| 47 | </VirtualHost> |
---|
| 48 | |
---|
| 49 | <IfModule ssl_module> |
---|
[869] | 50 | <VirtualHost *:443> |
---|
[854] | 51 | ServerName %(servername)s |
---|
[1445] | 52 | %(serveralias)s |
---|
[854] | 53 | DocumentRoot %(docroot)s |
---|
| 54 | Alias /~%(uname)s %(homedir)s/web_scripts |
---|
| 55 | SuExecUserGroup %(uname)s %(uname)s |
---|
| 56 | Include conf.d/vhosts-common-ssl.conf |
---|
[870] | 57 | SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem |
---|
[854] | 58 | </VirtualHost> |
---|
[869] | 59 | <VirtualHost *:444> |
---|
| 60 | ServerName %(servername)s |
---|
[1445] | 61 | %(serveralias)s |
---|
[869] | 62 | DocumentRoot %(docroot)s |
---|
| 63 | Alias /~%(uname)s %(homedir)s/web_scripts |
---|
| 64 | SuExecUserGroup %(uname)s %(uname)s |
---|
| 65 | Include conf.d/vhosts-common-ssl.conf |
---|
| 66 | Include conf.d/vhosts-common-ssl-cert.conf |
---|
[870] | 67 | SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem |
---|
[869] | 68 | </VirtualHost> |
---|
[854] | 69 | </IfModule>""" % { |
---|
| 70 | 'servername': r[0][1]['apacheServerName'][0], |
---|
[1445] | 71 | 'serveralias': serveralias, |
---|
[854] | 72 | 'docroot': r[0][1]['apacheDocumentRoot'][0], |
---|
| 73 | 'uname': user[0], |
---|
| 74 | 'homedir': user[5], |
---|
| 75 | 'hname': host |
---|
| 76 | } |
---|
| 77 | |
---|
| 78 | # vim: set ts=4 sw=4 et: |
---|