source: trunk/server/fedora/config/etc/httpd/vhosts.d/reify-vhost.py @ 2731

Last change on this file since 2731 was 2731, checked in by andersk, 8 years ago
Configure reified vhosts through LDAP Reduces duplication, allows the owners to configure these vhosts through Pony again, and potentially simplifies future automation.
  • Property svn:executable set to *
File size: 1.8 KB
RevLine 
[854]1#!/usr/bin/python
2#
3# Converts an apacheConfig record from LDAP, as used by mod_vhost_ldap,
4# into a <VirtualHost> record as used in an Apache conf.d directory.
5# Useful for adding things like SSL server certs that mod_vhost_ldap
6# doesn't support.
7#
8# Usage:
9# scripts# cd /etc/httpd/vhosts.d
10# scripts# ./reify-vhost.py geofft > geofft.conf
11# scripts# service httpd graceful
12#
13# Geoffrey Thomas <geofft@mit.edu>, 2008, public domain.
14
15import ldap
16import ldap.filter
17import pwd
18import sys
19
[1818]20ll = ldap.initialize("ldapi://%2fvar%2frun%2fslapd-scripts.socket/")
[854]21ll.simple_bind_s("", "")
22
23host = sys.argv[1]
24
25r = ll.search_s(
26    "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu",
27    ldap.SCOPE_SUBTREE,
28    ldap.filter.filter_format(
29            "(&(objectClass=apacheConfig)" +
30            "(|(apacheServerName=%s)" +
31            "(apacheServerAlias=%s)))",
32           [host, host]))
33if len(r) != 0:
[1445]34    serveralias = ""
35    if 'apacheServerAlias' in r[0][1]:
[1449]36        serveralias = "ServerAlias "+" ".join(r[0][1]['apacheServerAlias'])
[2731]37    print """\
[854]38<IfModule ssl_module>
[869]39        <VirtualHost *:443>
[854]40                ServerName %(servername)s
[1445]41                %(serveralias)s
[2731]42                Include conf.d/vhost_ldap.conf
[854]43                Include conf.d/vhosts-common-ssl.conf
[870]44                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
[2624]45                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
[854]46        </VirtualHost>
[869]47        <VirtualHost *:444>
48                ServerName %(servername)s
[1445]49                %(serveralias)s
[2731]50                Include conf.d/vhost_ldap.conf
[869]51                Include conf.d/vhosts-common-ssl.conf
52                Include conf.d/vhosts-common-ssl-cert.conf
[870]53                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
[2624]54                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
[869]55        </VirtualHost>
[854]56</IfModule>""" % {
57    'servername': r[0][1]['apacheServerName'][0],
[1445]58    'serveralias': serveralias,
[854]59    'hname': host
60}
61
62# vim: set ts=4 sw=4 et:
Note: See TracBrowser for help on using the repository browser.