[ipfire-2.x.git] / src / initscripts / system / apache

#!/bin/sh
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /etc/sysconfig/rc
. $rc_functions

PIDFILE="/var/run/httpd.pid"

generate_certificates() {
	if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then
		boot_mesg "Generating HTTPS ECDSA server key..."
		openssl ecparam -genkey -name secp384r1 -noout \
			-out /etc/httpd/server-ecdsa.key &>/dev/null
		chmod 600 /etc/httpd/server-ecdsa.key
		evaluate_retval
	fi

	if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then
		sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams | \
			openssl req -new -key /etc/httpd/server-ecdsa.key \
			-out /etc/httpd/server-ecdsa.csr &>/dev/null
	fi

	if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then
		boot_mesg "Signing ECDSA certificate..."
		openssl x509 -req -days 999999 -sha256 \
			-in /etc/httpd/server-ecdsa.csr \
			-signkey /etc/httpd/server-ecdsa.key \
			-out /etc/httpd/server-ecdsa.crt &>/dev/null
		evaluate_retval
	fi
}

case "$1" in
	start)
		# Generate all required certificates
		generate_certificates

		# Update hostname
		echo "ServerName ${HOSTNAME}" > /etc/httpd/conf/hostname.conf

		boot_mesg "Starting Apache daemon..."
		/usr/sbin/apachectl -k start
		evaluate_retval
		;;

	stop)
		boot_mesg "Stopping Apache daemon..."
		killproc /usr/sbin/httpd
		;;

	restart)
		$0 stop
		$0 start
		;;

	reload)
		boot_mesg "Reloading Apache daemon..."
		/usr/sbin/apachectl -k graceful
		evaluate_retval
		;;

	status)
		statusproc /usr/sbin/httpd
		;;

	*)
		echo "Usage: $0 {start|stop|restart|status}"
		exit 1
		;;
esac
Commit	Line	Data
	1	#!/bin/sh
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	. /etc/sysconfig/rc
	23	. $rc_functions
	24
	25	PIDFILE="/var/run/httpd.pid"
	26
	27	generate_certificates() {
	28	if [ ! -f "/etc/httpd/server-ecdsa.key" ]; then
	29	boot_mesg "Generating HTTPS ECDSA server key..."
	30	openssl ecparam -genkey -name secp384r1 -noout \
	31	-out /etc/httpd/server-ecdsa.key &>/dev/null
	32	chmod 600 /etc/httpd/server-ecdsa.key
	33	evaluate_retval
	34	fi
	35
	36	if [ ! -f "/etc/httpd/server-ecdsa.csr" ]; then
	37	sed "s/HOSTNAME/`hostname -f`/" < /etc/certparams \| \
	38	openssl req -new -key /etc/httpd/server-ecdsa.key \
	39	-out /etc/httpd/server-ecdsa.csr &>/dev/null
	40	fi
	41
	42	if [ ! -f "/etc/httpd/server-ecdsa.crt" ]; then
	43	boot_mesg "Signing ECDSA certificate..."
	44	openssl x509 -req -days 999999 -sha256 \
	45	-in /etc/httpd/server-ecdsa.csr \
	46	-signkey /etc/httpd/server-ecdsa.key \
	47	-out /etc/httpd/server-ecdsa.crt &>/dev/null
	48	evaluate_retval
	49	fi
	50	}
	51
	52	case "$1" in
	53	start)
	54	# Generate all required certificates
	55	generate_certificates
	56
	57	# Update hostname
	58	echo "ServerName ${HOSTNAME}" > /etc/httpd/conf/hostname.conf
	59
	60	boot_mesg "Starting Apache daemon..."
	61	/usr/sbin/apachectl -k start
	62	evaluate_retval
	63	;;
	64
	65	stop)
	66	boot_mesg "Stopping Apache daemon..."
	67	killproc /usr/sbin/httpd
	68	;;
	69
	70	restart)
	71	$0 stop
	72	$0 start
	73	;;
	74
	75	reload)
	76	boot_mesg "Reloading Apache daemon..."
	77	/usr/sbin/apachectl -k graceful
	78	evaluate_retval
	79	;;
	80
	81	status)
	82	statusproc /usr/sbin/httpd
	83	;;
	84
	85	*)
	86	echo "Usage: $0 {start\|stop\|restart\|status}"
	87	exit 1
	88	;;
	89	esac