1 | #!/usr/bin/python |
---|
2 | # |
---|
3 | # Converts an apacheConfig record from LDAP, as used by mod_vhost_ldap, |
---|
4 | # into a <VirtualHost> record as used in an Apache conf.d directory. |
---|
5 | # Useful for adding things like SSL server certs that mod_vhost_ldap |
---|
6 | # doesn't support. |
---|
7 | # |
---|
8 | # Usage: |
---|
9 | # scripts# cd /etc/httpd/vhosts.d |
---|
10 | # scripts# ./reify-vhost.py geofft > geofft.conf |
---|
11 | # scripts# service httpd graceful |
---|
12 | # |
---|
13 | # Geoffrey Thomas <geofft@mit.edu>, 2008, public domain. |
---|
14 | |
---|
15 | import ldap |
---|
16 | import ldap.filter |
---|
17 | import pwd |
---|
18 | import sys |
---|
19 | |
---|
20 | ll = ldap.initialize("ldapi://%2fvar%2frun%2fslapd-scripts.socket/") |
---|
21 | ll.simple_bind_s("", "") |
---|
22 | |
---|
23 | host = sys.argv[1] |
---|
24 | |
---|
25 | r = ll.search_s( |
---|
26 | "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu", |
---|
27 | ldap.SCOPE_SUBTREE, |
---|
28 | ldap.filter.filter_format( |
---|
29 | "(&(objectClass=apacheConfig)" + |
---|
30 | "(|(apacheServerName=%s)" + |
---|
31 | "(apacheServerAlias=%s)))", |
---|
32 | [host, host])) |
---|
33 | if len(r) != 0: |
---|
34 | serveralias = "" |
---|
35 | if 'apacheServerAlias' in r[0][1]: |
---|
36 | serveralias = "ServerAlias "+" ".join(r[0][1]['apacheServerAlias']) |
---|
37 | print """\ |
---|
38 | <IfModule ssl_module> |
---|
39 | <VirtualHost *:443> |
---|
40 | ServerName %(servername)s |
---|
41 | %(serveralias)s |
---|
42 | Include conf.d/vhost_ldap.conf |
---|
43 | Include conf.d/vhosts-common-ssl.conf |
---|
44 | SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem |
---|
45 | SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key |
---|
46 | </VirtualHost> |
---|
47 | <VirtualHost *:444> |
---|
48 | ServerName %(servername)s |
---|
49 | %(serveralias)s |
---|
50 | Include conf.d/vhost_ldap.conf |
---|
51 | Include conf.d/vhosts-common-ssl.conf |
---|
52 | Include conf.d/vhosts-common-ssl-cert.conf |
---|
53 | SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem |
---|
54 | SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key |
---|
55 | </VirtualHost> |
---|
56 | </IfModule>""" % { |
---|
57 | 'servername': r[0][1]['apacheServerName'][0], |
---|
58 | 'serveralias': serveralias, |
---|
59 | 'hname': host |
---|
60 | } |
---|
61 | |
---|
62 | # vim: set ts=4 sw=4 et: |
---|