]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/sh | |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | . /etc/sysconfig/rc | |
23 | . $rc_functions | |
24 | ||
25 | PIDFILE="/var/run/httpd.pid" | |
26 | ||
27 | generate_certificates() { | |
28 | if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then | |
29 | boot_mesg "Generating HTTPS ECDSA server key..." | |
30 | openssl ecparam -genkey -name secp384r1 -noout \ | |
31 | -out /etc/httpd/server-ecdsa.key &>/dev/null | |
32 | chmod 600 /etc/httpd/server-ecdsa.key | |
33 | evaluate_retval | |
34 | fi | |
35 | ||
36 | if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then | |
37 | sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \ | |
38 | openssl req -new -key /etc/httpd/server-ecdsa.key \ | |
39 | -out /etc/httpd/server-ecdsa.csr &>/dev/null | |
40 | fi | |
41 | ||
42 | if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then | |
43 | boot_mesg "Signing ECDSA certificate..." | |
44 | openssl x509 -req -days 999999 -sha256 \ | |
45 | -in /etc/httpd/server-ecdsa.csr \ | |
46 | -signkey /etc/httpd/server-ecdsa.key \ | |
47 | -out /etc/httpd/server-ecdsa.crt &>/dev/null | |
48 | evaluate_retval | |
49 | fi | |
50 | } | |
51 | ||
52 | case "$1" in | |
53 | start) | |
54 | # Generate all required certificates | |
55 | generate_certificates | |
56 | ||
57 | # Update hostname | |
58 | echo "ServerName ${HOSTNAME}" > /etc/httpd/conf/hostname.conf | |
59 | ||
60 | boot_mesg "Starting Apache daemon..." | |
61 | /usr/sbin/apachectl -k start | |
62 | evaluate_retval | |
63 | ;; | |
64 | ||
65 | stop) | |
66 | boot_mesg "Stopping Apache daemon..." | |
67 | killproc /usr/sbin/httpd | |
68 | ;; | |
69 | ||
70 | restart) | |
71 | $0 stop | |
72 | $0 start | |
73 | ;; | |
74 | ||
75 | reload) | |
76 | boot_mesg "Reloading Apache daemon..." | |
77 | /usr/sbin/apachectl -k graceful | |
78 | evaluate_retval | |
79 | ;; | |
80 | ||
81 | status) | |
82 | statusproc /usr/sbin/httpd | |
83 | ;; | |
84 | ||
85 | *) | |
86 | echo "Usage: $0 {start|stop|restart|status}" | |
87 | exit 1 | |
88 | ;; | |
89 | esac |