source: trunk/server/fedora/config/etc/httpd/vhosts.d/reify-vhost.py @ 2749

Last change on this file since 2749 was 2731, checked in by andersk, 9 years ago
Configure reified vhosts through LDAP Reduces duplication, allows the owners to configure these vhosts through Pony again, and potentially simplifies future automation.
  • Property svn:executable set to *
File size: 1.8 KB
Line 
1#!/usr/bin/python
2#
3# Converts an apacheConfig record from LDAP, as used by mod_vhost_ldap,
4# into a <VirtualHost> record as used in an Apache conf.d directory.
5# Useful for adding things like SSL server certs that mod_vhost_ldap
6# doesn't support.
7#
8# Usage:
9# scripts# cd /etc/httpd/vhosts.d
10# scripts# ./reify-vhost.py geofft > geofft.conf
11# scripts# service httpd graceful
12#
13# Geoffrey Thomas <geofft@mit.edu>, 2008, public domain.
14
15import ldap
16import ldap.filter
17import pwd
18import sys
19
20ll = ldap.initialize("ldapi://%2fvar%2frun%2fslapd-scripts.socket/")
21ll.simple_bind_s("", "")
22
23host = sys.argv[1]
24
25r = ll.search_s(
26    "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu",
27    ldap.SCOPE_SUBTREE,
28    ldap.filter.filter_format(
29            "(&(objectClass=apacheConfig)" +
30            "(|(apacheServerName=%s)" +
31            "(apacheServerAlias=%s)))",
32           [host, host]))
33if len(r) != 0:
34    serveralias = ""
35    if 'apacheServerAlias' in r[0][1]:
36        serveralias = "ServerAlias "+" ".join(r[0][1]['apacheServerAlias'])
37    print """\
38<IfModule ssl_module>
39        <VirtualHost *:443>
40                ServerName %(servername)s
41                %(serveralias)s
42                Include conf.d/vhost_ldap.conf
43                Include conf.d/vhosts-common-ssl.conf
44                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
45                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
46        </VirtualHost>
47        <VirtualHost *:444>
48                ServerName %(servername)s
49                %(serveralias)s
50                Include conf.d/vhost_ldap.conf
51                Include conf.d/vhosts-common-ssl.conf
52                Include conf.d/vhosts-common-ssl-cert.conf
53                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
54                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
55        </VirtualHost>
56</IfModule>""" % {
57    'servername': r[0][1]['apacheServerName'][0],
58    'serveralias': serveralias,
59    'hname': host
60}
61
62# vim: set ts=4 sw=4 et:
Note: See TracBrowser for help on using the repository browser.