Mail::Toaster::Apache
Install Apache 1 or 2 based on settings in toaster-watcher.conf
Perl methods for working with Apache.
Install section builds a high performance statically compiled web server with SSL, PHP, and Perl support.
use Mail::Toaster::Apache my $apache = Mail::Toaster::Apache->new();
use this function to create a new apache object. From there you can use all the functions included in this document.
Each method expect to recieve one or two hashrefs. The first hashref must have a value set for <i>vhost</i> and optional values set for the following: ip, serveralias serveradmin, documentroot, redirect, ssl, sslcert, sslkey, cgi, customlog, customerror.
The second hashref is key/value pairs from sysadmin.conf. See that file for details of what options you can set there to influence the behavior of these methods..
use Mail::Toaster::Apache;
my $apache = new Mail::Toaster::Apache;
$apache->install_apache1("/usr/local/src")
Builds Apache from sources with DSO for all but mod_perl which must be compiled statically in order to work at all.
Will build Apache in the directory as shown. After compile, the script will show you a few options for testing and completing the installation.
Also installs mod_php4 and mod_ssl.
use Mail::Toaster::Apache;
my $apache = new Mail::Toaster::Apache;
$apache->install_apache2($conf);
Builds Apache from sources with DSO for all modules. Also installs mod_perl2 and mod_php4.
Currently tested on FreeBSD and Mac OS X. On FreeBSD, the php is installed. It installs both the PHP cli and mod_php Apache module. This is done because the SpamAssassin + SQL module requires pear-DB and the pear-DB port thinks it needs the lang/php port installed. There are other ports which also have this requirement so it's best to just have it installed.
This script also builds default SSL certificates, based on your preferences in openssl.cnf (usually in /etc/ssl) and makes a few tweaks to your httpd.conf (for using PHP & perl scripts).
Values in $conf are set in toaster-watcher.conf. Please refer to that file to see how you can influence your Apache build.
Builds and installs SSL certificates in the locations that Apache expects to find them. This allows me to build a SSL enabled web server with a minimal amount of human interaction.
Restarts Apache.
On FreeBSD, we use the rc.d script if it's available because it's smarter than apachectl. Under some instances, sending apache a restart signal will cause it to crash and not restart. The control script sends it a TERM, waits until it has done so, then starts it back up.
$apache->restart($vals);
Create an Apache vhost container like this:
<VirtualHost *:80 >
ServerName blockads.com
ServerAlias ads.blockads.com
DocumentRoot /usr/home/blockads.com/ads
ServerAdmin admin@blockads.com
CustomLog "| /usr/local/sbin/cronolog /usr/home/example.com/logs/access.log" combined
ErrorDocument 404 "blockads.com
</VirtualHost>
my $apache->vhost_create($vals, $conf);
Required values:
ip - an ip address
name - vhost name (ServerName)
docroot - Apache DocumentRoot
Optional values
serveralias - Apache ServerAlias names (comma seperated)
serveradmin - Server Admin (email address)
cgi - CGI directory
customlog - obvious
customerror - obvious
sslkey - SSL certificate key
sslcert - SSL certificate
=cut
sub vhost_create($$)
{
my ($self, $vals, $conf) = @_;
if ( $self->vhost_exists($vals, $conf) ) {
return { error_code=>400, error_desc=>"Sorry, that virtual host already exists!"};
};
# test all the values and make sure we've got enough to form a vhost
# minimum needed: vhost servername, ip[:port], documentroot
my $ip = $vals->{'ip'} || '*:80'; # a default value
my $name = lc($vals->{'vhost'});
my $docroot = $vals->{'documentroot'};
my $home = $vals->{'admin_home'} || "/home";
unless ( $docroot ) {
if ( -d "$home/$name" ) { $docroot = "$home/$name" };
return { error_code=>400, error_desc=>"documentroot was not set and could not be determined!"} unless -d $docroot;
};
if ($vals->{'debug'}) { use Data::Dumper; print Dumper($vals); };
# define the vhost
my @lines = "\n<VirtualHost $ip>";
push @lines, " ServerName $name";
push @lines, " DocumentRoot $docroot";
push @lines, " ServerAdmin " . $vals->{'serveradmin'} if $vals->{'serveradmin'};
push @lines, " ServerAlias " . $vals->{'serveralias'} if $vals->{'serveralias'};
if ( $vals->{'cgi'} ) {
if ( $vals->{'cgi'} eq "basic" ) { push @lines, " ScriptAlias /cgi-bin/ \"/usr/local/www/cgi-bin.basic/"; }
elsif ( $vals->{'cgi'} eq "advanced" ) { push @lines, " ScriptAlias /cgi-bin/ \"/usr/local/www/cgi-bin.advanced/\""; }
elsif ( $vals->{'cgi'} eq "custom" ) { push @lines, " ScriptAlias /cgi-bin/ \"" . $vals->{'documentroot'} . "/cgi-bin/\""; }
else { push @lines, " ScriptAlias " . $vals->{'cgi'} };
};
# options needs some directory logic included if it's going to be used
# I won't be using this initially, but maybe eventually...
#push @lines, " Options " . $vals->{'options'} if $vals->{'options'};
push @lines, " CustomLog " . $vals->{'customlog'} if $vals->{'customlog'};
push @lines, " CustomError " . $vals->{'customerror'} if $vals->{'customerror'};
if ( $vals->{'ssl'} ) {
if ( $vals->{'sslkey'} && $vals->{'sslcert'} && -f $vals->{'sslkey'} && $vals->{'sslcert'} ) {
push @lines, " SSLEngine on";
push @lines, " SSLCertificateKey " . $vals->{'sslkey'} if $vals->{'sslkey'};
push @lines, " SSLCertificateFile " . $vals->{'sslcert'} if $vals->{'sslcert'};
} else {
return { error_code=>400, error_desc=>"FATAL: ssl is enabled but either the key or cert is missing!"};
};
};
push @lines, "</VirtualHost>\n";
print join ("\n", @lines) if $vals->{'debug'};
# write vhost definition to a file
my ($vhosts_conf) = $self->vhosts_get_file($vals, $conf);
if ( -f $vhosts_conf ) {
print "appending to file: $vhosts_conf\n" if $vals->{'debug'};
$utility->file_append($vhosts_conf, \@lines);
} else {
print "writing to file: $vhosts_conf\n" if $vals->{'debug'};
$utility->file_write($vhosts_conf, @lines);
};
$self->restart($vals);
print "returning success or error\n" if $vals->{'debug'};
return { error_code=>200, error_desc=>"vhost creation successful"};
};
Enable a (previously) disabled virtual host.
$apache->vhost_enable($vals, $conf);
Disable a previously disabled vhost.
$apache->vhost_disable($vals, $conf);
Delete's an Apache vhost.
$apache->vhost_delete();
Tests to see if a vhost definition already exists in your Apache config file(s).
Shows the contents of a virtualhost block that matches the virtual domain name passed in the $vals hashref.
$apache->vhost_show($vals, $conf);
If vhosts are each in their own file, this determines the file name the vhost will live in and returns it. The general methods on my systems works like this:
example.com would be stored in $apache/vhosts/example.com.conf
so would any subdomains of example.com.
thus, a return value for *.example.com will be ``$apache/vhosts/example.com.conf''.
$apache is looked up from the contents of $conf.
Find a vhost declaration block in the Apache config file(s).
use Mail::Toaster::Apache;
my $apache = Mail::Toaster::Apache->new();
$apache->conf_patch($conf);
Patch apache's default httpd.conf file. See the patch in contrib of Mail::Toaster to see what changes are being made.
Builds and installs a DSA Certificate.
Builds and installs a RSA certificate.
use Mail::Toaster::Apache;
InstallRSACert($crtdir, $keydir);
Mail::Toaster - http://www.tnpi.biz/internet/mail/toaster/
Matt Simerson <matt@tnpi.biz>
None known. Report any to author.
Don't export any of the symbols by default. Move all symbols to EXPORT_OK and explicitely pull in the required ones in programs that need them.
The following are all man/perldoc pages:
Mail::Toaster Mail::Toaster::Apache Mail::Toaster::CGI Mail::Toaster::DNS Mail::Toaster::Darwin Mail::Toaster::Ezmlm Mail::Toaster::FreeBSD Mail::Toaster::Logs Mail::Toaster::Mysql Mail::Toaster::Passwd Mail::Toaster::Perl Mail::Toaster::Provision Mail::Toaster::Qmail Mail::Toaster::Setup Mail::Toaster::Utility
Mail::Toaster::Conf toaster.conf toaster-watcher.conf
http://matt.simerson.net/computing/mail/toaster/ http://matt.simerson.net/computing/mail/toaster/docs/
Copyright (c) 2003-2005, The Network People, Inc. All Rights Reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the name of the The Network People, Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.