]>
Commit | Line | Data |
---|---|---|
23104841 | 1 | #!/bin/sh |
66c36198 PM |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
23104841 | 21 | |
23104841 MT |
22 | . /etc/sysconfig/rc |
23 | . $rc_functions | |
24 | ||
9064ba72 AF |
25 | generate_certificates() { |
26 | if [ ! -f "/etc/httpd/server.key" ]; then | |
27 | boot_mesg "Generating HTTPS RSA server key (this will take a moment)..." | |
28 | openssl genrsa -out /etc/httpd/server.key 4096 &>/dev/null | |
d4092860 | 29 | chmod 600 /etc/httpd/server.key |
9064ba72 AF |
30 | evaluate_retval |
31 | fi | |
32 | ||
33 | if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then | |
34 | boot_mesg "Generating HTTPS ECDSA server key..." | |
35 | openssl ecparam -genkey -name secp384r1 -noout \ | |
36 | -out /etc/httpd/server-ecdsa.key &>/dev/null | |
d4092860 | 37 | chmod 600 /etc/httpd/server-ecdsa.key |
9064ba72 AF |
38 | evaluate_retval |
39 | fi | |
40 | ||
41 | # Generate RSA CSR | |
42 | if [ ! -f "/etc/httpd/server.csr" ]; then | |
43 | sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \ | |
44 | openssl req -new -key /etc/httpd/server.key \ | |
45 | -out /etc/httpd/server.csr &>/dev/null | |
46 | fi | |
47 | ||
48 | # Generate ECDSA CSR | |
49 | if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then | |
50 | sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \ | |
51 | openssl req -new -key /etc/httpd/server-ecdsa.key \ | |
52 | -out /etc/httpd/server-ecdsa.csr &>/dev/null | |
53 | fi | |
54 | ||
55 | if [ ! -f "/etc/httpd/server.crt" ]; then | |
56 | boot_mesg "Signing RSA certificate..." | |
57 | openssl x509 -req -days 999999 -sha256 \ | |
58 | -in /etc/httpd/server.csr \ | |
59 | -signkey /etc/httpd/server.key \ | |
60 | -out /etc/httpd/server.crt &>/dev/null | |
61 | evaluate_retval | |
62 | fi | |
63 | ||
64 | if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then | |
65 | boot_mesg "Signing ECDSA certificate..." | |
66 | openssl x509 -req -days 999999 -sha256 \ | |
67 | -in /etc/httpd/server-ecdsa.csr \ | |
68 | -signkey /etc/httpd/server-ecdsa.key \ | |
69 | -out /etc/httpd/server-ecdsa.crt &>/dev/null | |
70 | evaluate_retval | |
71 | fi | |
72 | } | |
73 | ||
23104841 MT |
74 | case "$1" in |
75 | start) | |
9064ba72 AF |
76 | # Generate all required certificates |
77 | generate_certificates | |
78 | ||
6723afef MT |
79 | # Update hostname |
80 | echo "ServerName ${HOSTNAME}" > /etc/httpd/conf/hostname.conf | |
81 | ||
75474c3c | 82 | boot_mesg "Starting Apache daemon..." |
23104841 MT |
83 | /usr/sbin/apachectl -k start |
84 | evaluate_retval | |
85 | ;; | |
86 | ||
87 | stop) | |
88 | boot_mesg "Stopping Apache daemon..." | |
c7b8f363 | 89 | /usr/sbin/apachectl -k stop |
23104841 MT |
90 | evaluate_retval |
91 | ;; | |
92 | ||
93 | restart) | |
c7b8f363 MT |
94 | $0 stop |
95 | $0 start | |
23104841 | 96 | ;; |
66c36198 | 97 | |
256575b3 CS |
98 | reload) |
99 | boot_mesg "Reloading Apache daemon..." | |
100 | /usr/sbin/apachectl -k graceful | |
101 | evaluate_retval | |
102 | ;; | |
23104841 MT |
103 | |
104 | status) | |
105 | statusproc /usr/sbin/httpd | |
106 | ;; | |
107 | ||
108 | *) | |
109 | echo "Usage: $0 {start|stop|restart|status}" | |
110 | exit 1 | |
111 | ;; | |
112 | esac |