| 1 | (* HCoop Domtool (http://hcoop.sourceforge.net/) |
| 2 | * Copyright (c) 2006-2007, Adam Chlipala |
| 3 | * |
| 4 | * This program is free software; you can redistribute it and/or |
| 5 | * modify it under the terms of the GNU General Public License |
| 6 | * as published by the Free Software Foundation; either version 2 |
| 7 | * of the License, or (at your option) any later version. |
| 8 | * |
| 9 | * This program is distributed in the hope that it will be useful, |
| 10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | * GNU General Public License for more details. |
| 13 | * |
| 14 | * You should have received a copy of the GNU General Public License |
| 15 | * along with this program; if not, write to the Free Software |
| 16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | *) |
| 18 | |
| 19 | (* Apache HTTPD handling *) |
| 20 | |
| 21 | structure Apache :> APACHE = struct |
| 22 | |
| 23 | open Ast |
| 24 | |
| 25 | val dl = ErrorMsg.dummyLoc |
| 26 | |
| 27 | fun webNode node = |
| 28 | List.exists (fn (x, _) => x = node) Config.Apache.webNodes_all |
| 29 | orelse (Domain.hasPriv "www" |
| 30 | andalso List.exists (fn (x, _) => x = node) Config.Apache.webNodes_admin) |
| 31 | |
| 32 | val _ = Env.type_one "web_node" |
| 33 | Env.string |
| 34 | webNode |
| 35 | |
| 36 | val _ = Env.registerFunction ("web_node_to_node", |
| 37 | fn [e] => SOME e |
| 38 | | _ => NONE) |
| 39 | |
| 40 | fun webPlace (EApp ((EVar "web_place_default", _), (EString node, _)), _) = |
| 41 | SOME (node, Domain.nodeIp node) |
| 42 | | webPlace (EApp ((EApp ((EVar "web_place", _), (EString node, _)), _), (EString ip, _)), _) = |
| 43 | SOME (node, ip) |
| 44 | | webPlace _ = NONE |
| 45 | |
| 46 | fun webPlaceDefault node = (EApp ((EVar "web_place_default", dl), (EString node, dl)), dl) |
| 47 | |
| 48 | val _ = Env.registerFunction ("web_place_to_web_node", |
| 49 | fn [e] => Option.map (fn (node, _) => (EString node, dl)) (webPlace e) |
| 50 | | _ => NONE) |
| 51 | |
| 52 | val _ = Env.registerFunction ("web_place_to_node", |
| 53 | fn [e] => Option.map (fn (node, _) => (EString node, dl)) (webPlace e) |
| 54 | | _ => NONE) |
| 55 | |
| 56 | val _ = Env.registerFunction ("web_place_to_ip", |
| 57 | fn [e] => Option.map (fn (_, ip) => (EString ip, dl)) (webPlace e) |
| 58 | | _ => NONE) |
| 59 | |
| 60 | val _ = Env.type_one "proxy_port" |
| 61 | Env.int |
| 62 | (fn n => n > 1024) |
| 63 | |
| 64 | val _ = Env.type_one "proxy_target" |
| 65 | Env.string |
| 66 | (fn s => |
| 67 | let |
| 68 | fun default () = List.exists (fn s' => s = s') Config.Apache.proxyTargets |
| 69 | in |
| 70 | case String.fields (fn ch => ch = #":") s of |
| 71 | ["http", "//localhost", rest] => |
| 72 | (case String.fields (fn ch => ch = #"/") rest of |
| 73 | port :: _ => |
| 74 | (case Int.fromString port of |
| 75 | NONE => default () |
| 76 | | SOME n => n > 1024 orelse default ()) |
| 77 | | _ => default ()) |
| 78 | | _ => default () |
| 79 | end) |
| 80 | |
| 81 | val _ = Env.type_one "rewrite_arg" |
| 82 | Env.string |
| 83 | (CharVector.all Char.isAlphaNum) |
| 84 | |
| 85 | val _ = Env.type_one "suexec_flag" |
| 86 | Env.bool |
| 87 | (fn b => b orelse Domain.hasPriv "www") |
| 88 | |
| 89 | val _ = Env.type_one "regexp" |
| 90 | Env.string |
| 91 | Pcre.validRegexp |
| 92 | |
| 93 | fun validLocation s = |
| 94 | size s > 0 andalso size s < 1000 andalso CharVector.all |
| 95 | (fn ch => Char.isAlphaNum ch |
| 96 | orelse ch = #"-" |
| 97 | orelse ch = #"_" |
| 98 | orelse ch = #"." |
| 99 | orelse ch = #"/" |
| 100 | orelse ch = #"~") s |
| 101 | |
| 102 | val _ = Env.type_one "location" |
| 103 | Env.string |
| 104 | validLocation |
| 105 | |
| 106 | fun validCert s = Acl.query {user = Domain.getUser (), |
| 107 | class = "cert", |
| 108 | value = s} |
| 109 | |
| 110 | val _ = Env.type_one "ssl_cert_path" |
| 111 | Env.string |
| 112 | validCert |
| 113 | |
| 114 | fun ssl e = case e of |
| 115 | (EVar "no_ssl", _) => SOME NONE |
| 116 | | (EApp ((EVar "use_cert", _), s), _) => Option.map SOME (Env.string s) |
| 117 | | _ => NONE |
| 118 | |
| 119 | fun validExtension s = |
| 120 | size s > 0 |
| 121 | andalso size s < 20 |
| 122 | andalso CharVector.all (fn ch => Char.isAlphaNum ch orelse ch = #"_") s |
| 123 | |
| 124 | val _ = Env.type_one "file_extension" |
| 125 | Env.string |
| 126 | validExtension |
| 127 | |
| 128 | val defaults = [("WebPlaces", |
| 129 | (TList (TBase "web_place", dl), dl), |
| 130 | (fn () => (EList (map webPlaceDefault Config.Apache.webNodes_default), dl))), |
| 131 | ("SSL", |
| 132 | (TBase "ssl", dl), |
| 133 | (fn () => (EVar "no_ssl", dl))), |
| 134 | ("User", |
| 135 | (TBase "your_user", dl), |
| 136 | (fn () => (EString (Domain.getUser ()), dl))), |
| 137 | ("Group", |
| 138 | (TBase "your_group", dl), |
| 139 | (fn () => (EString "nogroup", dl))), |
| 140 | ("DocumentRoot", |
| 141 | (TBase "your_path", dl), |
| 142 | (fn () => (EString (Domain.homedir () ^ "/" ^ Config.Apache.public_html), dl))), |
| 143 | ("ServerAdmin", |
| 144 | (TBase "email", dl), |
| 145 | (fn () => (EString (Domain.getUser () ^ "@" ^ Config.defaultDomain), dl))), |
| 146 | ("SuExec", |
| 147 | (TBase "suexec_flag", dl), |
| 148 | (fn () => (EVar "true", dl))), |
| 149 | ("PhpVersion", |
| 150 | (TBase "php_version", dl), |
| 151 | (fn () => (EVar "php4", dl)))] |
| 152 | |
| 153 | val () = app Defaults.registerDefault defaults |
| 154 | |
| 155 | val redirect_code = fn (EVar "temp", _) => SOME "temp" |
| 156 | | (EVar "permanent", _) => SOME "permanent" |
| 157 | | (EVar "seeother", _) => SOME "seeother" |
| 158 | | (EVar "redir300", _) => SOME "300" |
| 159 | | (EVar "redir301", _) => SOME "301" |
| 160 | | (EVar "redir302", _) => SOME "302" |
| 161 | | (EVar "redir303", _) => SOME "303" |
| 162 | | (EVar "redir304", _) => SOME "304" |
| 163 | | (EVar "redir305", _) => SOME "305" |
| 164 | | (EVar "redir307", _) => SOME "307" |
| 165 | | _ => NONE |
| 166 | |
| 167 | val flag = fn (EVar "redirect", _) => SOME "R" |
| 168 | | (EVar "forbidden", _) => SOME "F" |
| 169 | | (EVar "gone", _) => SOME "G" |
| 170 | | (EVar "last", _) => SOME "L" |
| 171 | | (EVar "chain", _) => SOME "C" |
| 172 | | (EVar "nosubreq", _) => SOME "NS" |
| 173 | | (EVar "nocase", _) => SOME "NC" |
| 174 | | (EVar "qsappend", _) => SOME "QSA" |
| 175 | | (EVar "noescape", _) => SOME "NE" |
| 176 | | (EVar "passthrough", _) => SOME "PT" |
| 177 | | (EApp ((EVar "mimeType", _), e), _) => |
| 178 | Option.map (fn s => "T=" ^ s) (Env.string e) |
| 179 | | (EApp ((EVar "redirectWith", _), e), _) => |
| 180 | Option.map (fn s => "R=" ^ s) (redirect_code e) |
| 181 | | (EApp ((EVar "skip", _), e), _) => |
| 182 | Option.map (fn n => "S=" ^ Int.toString n) (Env.int e) |
| 183 | | (EApp ((EApp ((EVar "env", _), e1), _), e2), _) => |
| 184 | (case Env.string e1 of |
| 185 | NONE => NONE |
| 186 | | SOME s1 => Option.map (fn s2 => "E=" ^ s1 ^ ":" ^ s2) |
| 187 | (Env.string e2)) |
| 188 | |
| 189 | | _ => NONE |
| 190 | |
| 191 | val cond_flag = fn (EVar "cond_nocase", _) => SOME "NC" |
| 192 | | (EVar "ornext", _) => SOME "OR" |
| 193 | | _ => NONE |
| 194 | |
| 195 | val apache_option = fn (EVar "execCGI", _) => SOME "ExecCGI" |
| 196 | | (EVar "includesNOEXEC", _) => SOME "IncludesNOEXEC" |
| 197 | | (EVar "indexes", _) => SOME "Indexes" |
| 198 | | (EVar "followSymLinks", _) => SOME "FollowSymLinks" |
| 199 | | _ => NONE |
| 200 | |
| 201 | val autoindex_width = fn (EVar "autofit", _) => SOME "*" |
| 202 | | (EApp ((EVar "characters", _), n), _) => |
| 203 | Option.map Int.toString (Env.int n) |
| 204 | | _ => NONE |
| 205 | |
| 206 | val autoindex_option = fn (EApp ((EVar "descriptionWidth", _), w), _) => |
| 207 | Option.map (fn w => ("DescriptionWidth", SOME w)) |
| 208 | (autoindex_width w) |
| 209 | | (EVar "fancyIndexing", _) => SOME ("FancyIndexing", NONE) |
| 210 | | (EVar "foldersFirst", _) => SOME ("FoldersFirst", NONE) |
| 211 | | (EVar "htmlTable", _) => SOME ("HTMLTable", NONE) |
| 212 | | (EVar "iconsAreLinks", _) => SOME ("IconsAreLinks", NONE) |
| 213 | | (EApp ((EVar "iconHeight", _), n), _) => |
| 214 | Option.map (fn w => ("IconHeight", SOME (Int.toString w))) |
| 215 | (Env.int n) |
| 216 | | (EApp ((EVar "iconWidth", _), n), _) => |
| 217 | Option.map (fn w => ("IconWidth", SOME (Int.toString w))) |
| 218 | (Env.int n) |
| 219 | | (EVar "ignoreCase", _) => SOME ("IgnoreCase", NONE) |
| 220 | | (EVar "ignoreClient", _) => SOME ("IgnoreClient", NONE) |
| 221 | | (EApp ((EVar "nameWidth", _), w), _) => |
| 222 | Option.map (fn w => ("NameWidth", SOME w)) |
| 223 | (autoindex_width w) |
| 224 | | (EVar "scanHtmlTitles", _) => SOME ("ScanHTMLTitles", NONE) |
| 225 | | (EVar "suppressColumnSorting", _) => SOME ("SuppressColumnSorting", NONE) |
| 226 | | (EVar "suppressDescription", _) => SOME ("SuppressDescription", NONE) |
| 227 | | (EVar "suppressHtmlPreamble", _) => SOME ("SuppressHTMLPreamble", NONE) |
| 228 | | (EVar "suppressIcon", _) => SOME ("SuppressIcon", NONE) |
| 229 | | (EVar "suppressLastModified", _) => SOME ("SuppressLastModified", NONE) |
| 230 | | (EVar "suppressRules", _) => SOME ("SuppressRules", NONE) |
| 231 | | (EVar "suppressSize", _) => SOME ("SuppressSize", NONE) |
| 232 | | (EVar "trackModified", _) => SOME ("TrackModified", NONE) |
| 233 | | (EVar "versionSort", _) => SOME ("VersionSort", NONE) |
| 234 | | (EVar "xhtml", _) => SOME ("XHTML", NONE) |
| 235 | |
| 236 | | _ => NONE |
| 237 | |
| 238 | val vhostsChanged = ref false |
| 239 | val logDeleted = ref false |
| 240 | |
| 241 | val () = Slave.registerPreHandler |
| 242 | (fn () => (vhostsChanged := false; |
| 243 | logDeleted := false)) |
| 244 | |
| 245 | fun findVhostUser fname = |
| 246 | let |
| 247 | val inf = TextIO.openIn fname |
| 248 | |
| 249 | fun loop () = |
| 250 | case TextIO.inputLine inf of |
| 251 | NONE => NONE |
| 252 | | SOME line => |
| 253 | if String.isPrefix "# Owner: " line then |
| 254 | case String.tokens Char.isSpace line of |
| 255 | [_, _, user] => SOME user |
| 256 | | _ => NONE |
| 257 | else |
| 258 | loop () |
| 259 | in |
| 260 | loop () |
| 261 | before TextIO.closeIn inf |
| 262 | end handle _ => NONE |
| 263 | |
| 264 | val webNodes_full = Config.Apache.webNodes_all @ Config.Apache.webNodes_admin |
| 265 | |
| 266 | fun isVersion1 node = |
| 267 | List.exists (fn (n, {version = ConfigTypes.APACHE_1_3, ...}) => n = node |
| 268 | | _ => false) webNodes_full |
| 269 | |
| 270 | fun imVersion1 () = isVersion1 (Slave.hostname ()) |
| 271 | |
| 272 | fun isWaklog node = |
| 273 | List.exists (fn (n, {auth = ConfigTypes.MOD_WAKLOG, ...}) => n = node |
| 274 | | _ => false) webNodes_full |
| 275 | |
| 276 | fun down () = if imVersion1 () then Config.Apache.down1 else Config.Apache.down |
| 277 | fun undown () = if imVersion1 () then Config.Apache.undown1 else Config.Apache.undown |
| 278 | fun reload () = if imVersion1 () then Config.Apache.reload1 else Config.Apache.reload |
| 279 | fun fixperms () = if imVersion1 () then Config.Apache.fixperms1 else Config.Apache.fixperms |
| 280 | |
| 281 | fun logDir {user, node, vhostId} = |
| 282 | String.concat [Config.Apache.logDirOf (isVersion1 node) user, |
| 283 | "/", |
| 284 | node, |
| 285 | "/", |
| 286 | vhostId] |
| 287 | |
| 288 | fun realLogDir {user, node, vhostId} = |
| 289 | String.concat [Config.Apache.realLogDirOf user, |
| 290 | "/", |
| 291 | node, |
| 292 | "/", |
| 293 | vhostId] |
| 294 | |
| 295 | val () = Slave.registerFileHandler (fn fs => |
| 296 | let |
| 297 | val spl = OS.Path.splitDirFile (#file fs) |
| 298 | in |
| 299 | if String.isSuffix ".vhost" (#file spl) |
| 300 | orelse String.isSuffix ".vhost_ssl" (#file spl) then let |
| 301 | val realVhostFile = OS.Path.joinDirFile |
| 302 | {dir = Config.Apache.confDir, |
| 303 | file = #file spl} |
| 304 | |
| 305 | val user = findVhostUser (#file fs) |
| 306 | val oldUser = case #action fs of |
| 307 | Slave.Delete false => user |
| 308 | | _ => findVhostUser realVhostFile |
| 309 | in |
| 310 | if (oldUser = NONE andalso #action fs <> Slave.Add) |
| 311 | orelse (user = NONE andalso not (Slave.isDelete (#action fs))) then |
| 312 | print ("Can't find user in " ^ #file fs ^ " or " ^ realVhostFile ^ "! Taking no action.\n") |
| 313 | else |
| 314 | let |
| 315 | val vhostId = if OS.Path.ext (#file spl) = SOME "vhost_ssl" then |
| 316 | OS.Path.base (#file spl) ^ ".ssl" |
| 317 | else |
| 318 | OS.Path.base (#file spl) |
| 319 | |
| 320 | fun realLogDir user = |
| 321 | logDir {user = valOf user, |
| 322 | node = Slave.hostname (), |
| 323 | vhostId = vhostId} |
| 324 | |
| 325 | fun backupLogs () = |
| 326 | OS.Path.joinDirFile |
| 327 | {dir = Config.Apache.backupLogDirOf |
| 328 | (isVersion1 (Slave.hostname ())), |
| 329 | file = vhostId} |
| 330 | in |
| 331 | vhostsChanged := true; |
| 332 | case #action fs of |
| 333 | Slave.Delete _ => |
| 334 | let |
| 335 | val ldir = realLogDir oldUser |
| 336 | in |
| 337 | if !logDeleted then |
| 338 | () |
| 339 | else |
| 340 | (ignore (OS.Process.system (down ())); |
| 341 | ignore (OS.Process.system (fixperms ())); |
| 342 | logDeleted := true); |
| 343 | ignore (OS.Process.system (Config.rm |
| 344 | ^ " -rf " |
| 345 | ^ realVhostFile)); |
| 346 | Slave.moveDirCreate {from = ldir, |
| 347 | to = backupLogs ()} |
| 348 | end |
| 349 | | Slave.Add => |
| 350 | let |
| 351 | val rld = realLogDir user |
| 352 | in |
| 353 | ignore (OS.Process.system (Config.cp |
| 354 | ^ " " |
| 355 | ^ #file fs |
| 356 | ^ " " |
| 357 | ^ realVhostFile)); |
| 358 | if Posix.FileSys.access (rld, []) then |
| 359 | () |
| 360 | else |
| 361 | Slave.moveDirCreate {from = backupLogs (), |
| 362 | to = rld} |
| 363 | end |
| 364 | |
| 365 | | _ => |
| 366 | (ignore (OS.Process.system (Config.cp |
| 367 | ^ " " |
| 368 | ^ #file fs |
| 369 | ^ " " |
| 370 | ^ realVhostFile)); |
| 371 | if user <> oldUser then |
| 372 | let |
| 373 | val old = realLogDir oldUser |
| 374 | val rld = realLogDir user |
| 375 | in |
| 376 | if !logDeleted then |
| 377 | () |
| 378 | else |
| 379 | (ignore (OS.Process.system (down ())); |
| 380 | logDeleted := true); |
| 381 | ignore (OS.Process.system (Config.rm |
| 382 | ^ " -rf " |
| 383 | ^ realLogDir oldUser)); |
| 384 | if Posix.FileSys.access (rld, []) then |
| 385 | () |
| 386 | else |
| 387 | Slave.mkDirAll rld |
| 388 | end |
| 389 | else |
| 390 | ()) |
| 391 | end |
| 392 | end |
| 393 | else |
| 394 | () |
| 395 | end) |
| 396 | |
| 397 | val () = Slave.registerPostHandler |
| 398 | (fn () => |
| 399 | (if !vhostsChanged then |
| 400 | Slave.shellF ([if !logDeleted then undown () else reload ()], |
| 401 | fn cl => "Error reloading Apache with " ^ cl) |
| 402 | else |
| 403 | ())) |
| 404 | |
| 405 | val vhostFiles : (string * TextIO.outstream) list ref = ref [] |
| 406 | fun write' s = app (fn (node, file) => TextIO.output (file, s node)) (!vhostFiles) |
| 407 | fun write s = app (fn (_, file) => TextIO.output (file, s)) (!vhostFiles) |
| 408 | |
| 409 | val rewriteEnabled = ref false |
| 410 | val localRewriteEnabled = ref false |
| 411 | val currentVhost = ref "" |
| 412 | val currentVhostId = ref "" |
| 413 | val sslEnabled = ref false |
| 414 | |
| 415 | val pre = ref (fn _ : {user : string, nodes : string list, id : string, hostname : string} => ()) |
| 416 | fun registerPre f = |
| 417 | let |
| 418 | val old = !pre |
| 419 | in |
| 420 | pre := (fn x => (old x; f x)) |
| 421 | end |
| 422 | |
| 423 | val post = ref (fn () => ()) |
| 424 | fun registerPost f = |
| 425 | let |
| 426 | val old = !post |
| 427 | in |
| 428 | post := (fn () => (old (); f ())) |
| 429 | end |
| 430 | |
| 431 | fun doPre x = !pre x |
| 432 | fun doPost () = !post () |
| 433 | |
| 434 | val aliaser = ref (fn _ : string => ()) |
| 435 | fun registerAliaser f = |
| 436 | let |
| 437 | val old = !aliaser |
| 438 | in |
| 439 | aliaser := (fn x => (old x; f x)) |
| 440 | end |
| 441 | |
| 442 | fun vhostPost () = (!post (); |
| 443 | write "</VirtualHost>\n"; |
| 444 | app (TextIO.closeOut o #2) (!vhostFiles)) |
| 445 | |
| 446 | val php_version = fn (EVar "php4", _) => SOME 4 |
| 447 | | (EVar "php5", _) => SOME 5 |
| 448 | | _ => NONE |
| 449 | |
| 450 | fun vhostBody (env, makeFullHost) = |
| 451 | let |
| 452 | val places = Env.env (Env.list webPlace) (env, "WebPlaces") |
| 453 | |
| 454 | val ssl = Env.env ssl (env, "SSL") |
| 455 | val user = Env.env Env.string (env, "User") |
| 456 | val group = Env.env Env.string (env, "Group") |
| 457 | val docroot = Env.env Env.string (env, "DocumentRoot") |
| 458 | val sadmin = Env.env Env.string (env, "ServerAdmin") |
| 459 | val suexec = Env.env Env.bool (env, "SuExec") |
| 460 | val php = Env.env php_version (env, "PhpVersion") |
| 461 | |
| 462 | val fullHost = makeFullHost (Domain.currentDomain ()) |
| 463 | val vhostId = fullHost ^ (if Option.isSome ssl then ".ssl" else "") |
| 464 | val confFile = fullHost ^ (if Option.isSome ssl then ".vhost_ssl" else ".vhost") |
| 465 | in |
| 466 | currentVhost := fullHost; |
| 467 | currentVhostId := vhostId; |
| 468 | sslEnabled := Option.isSome ssl; |
| 469 | |
| 470 | rewriteEnabled := false; |
| 471 | localRewriteEnabled := false; |
| 472 | vhostFiles := map (fn (node, ip) => |
| 473 | let |
| 474 | val file = Domain.domainFile {node = node, |
| 475 | name = confFile} |
| 476 | |
| 477 | val ld = logDir {user = user, node = node, vhostId = vhostId} |
| 478 | in |
| 479 | TextIO.output (file, "# Owner: "); |
| 480 | TextIO.output (file, user); |
| 481 | TextIO.output (file, "\n<VirtualHost "); |
| 482 | TextIO.output (file, ip); |
| 483 | TextIO.output (file, ":"); |
| 484 | TextIO.output (file, case ssl of |
| 485 | SOME _ => "443" |
| 486 | | NONE => "80"); |
| 487 | TextIO.output (file, ">\n"); |
| 488 | TextIO.output (file, "\tErrorLog "); |
| 489 | TextIO.output (file, ld); |
| 490 | TextIO.output (file, "/error.log\n\tCustomLog "); |
| 491 | TextIO.output (file, ld); |
| 492 | TextIO.output (file, "/access.log combined\n"); |
| 493 | TextIO.output (file, "\tServerName "); |
| 494 | TextIO.output (file, fullHost); |
| 495 | app |
| 496 | (fn dom => (TextIO.output (file, "\n\tServerAlias "); |
| 497 | TextIO.output (file, makeFullHost dom))) |
| 498 | (Domain.currentAliasDomains ()); |
| 499 | |
| 500 | if suexec then |
| 501 | if isVersion1 node then |
| 502 | (TextIO.output (file, "\n\tUser "); |
| 503 | TextIO.output (file, user); |
| 504 | TextIO.output (file, "\n\tGroup "); |
| 505 | TextIO.output (file, group)) |
| 506 | else |
| 507 | (TextIO.output (file, "\n\tSuexecUserGroup "); |
| 508 | TextIO.output (file, user); |
| 509 | TextIO.output (file, " "); |
| 510 | TextIO.output (file, group)) |
| 511 | else |
| 512 | (); |
| 513 | |
| 514 | if isWaklog node then |
| 515 | (TextIO.output (file, "\n\tWaklogEnabled on\n\tWaklogLocationPrincipal "); |
| 516 | TextIO.output (file, user); |
| 517 | TextIO.output (file, "/daemon@HCOOP.NET /etc/keytabs/user.daemon/"); |
| 518 | TextIO.output (file, user)) |
| 519 | else |
| 520 | (); |
| 521 | |
| 522 | TextIO.output (file, "\n\tDAVLockDB /var/lock/apache2/dav/"); |
| 523 | TextIO.output (file, user); |
| 524 | TextIO.output (file, "/DAVLock"); |
| 525 | |
| 526 | if php <> Config.Apache.defaultPhpVersion then |
| 527 | (TextIO.output (file, "\n\tAddHandler x-httpd-php"); |
| 528 | TextIO.output (file, Int.toString php); |
| 529 | TextIO.output (file, " .php .phtml")) |
| 530 | else |
| 531 | (); |
| 532 | |
| 533 | (ld, file) |
| 534 | end) |
| 535 | places; |
| 536 | write "\n\tDocumentRoot "; |
| 537 | write docroot; |
| 538 | write "\n\tServerAdmin "; |
| 539 | write sadmin; |
| 540 | case ssl of |
| 541 | SOME cert => |
| 542 | (write "\n\tSSLEngine on\n\tSSLCertificateFile "; |
| 543 | write cert) |
| 544 | | NONE => (); |
| 545 | write "\n"; |
| 546 | !pre {user = user, nodes = map #1 places, id = vhostId, hostname = fullHost}; |
| 547 | app (fn dom => !aliaser (makeFullHost dom)) (Domain.currentAliasDomains ()) |
| 548 | end |
| 549 | |
| 550 | val () = Env.containerV_one "vhost" |
| 551 | ("host", Env.string) |
| 552 | (fn (env, host) => vhostBody (env, fn dom => host ^ "." ^ dom), |
| 553 | vhostPost) |
| 554 | |
| 555 | val () = Env.containerV_none "vhostDefault" |
| 556 | (fn env => vhostBody (env, fn dom => dom), |
| 557 | vhostPost) |
| 558 | |
| 559 | val inLocal = ref false |
| 560 | |
| 561 | val () = Env.container_one "location" |
| 562 | ("prefix", Env.string) |
| 563 | (fn prefix => |
| 564 | (write "\t<Location "; |
| 565 | write prefix; |
| 566 | write ">\n"; |
| 567 | inLocal := true), |
| 568 | fn () => (write "\t</Location>\n"; |
| 569 | inLocal := false; |
| 570 | localRewriteEnabled := false)) |
| 571 | |
| 572 | val () = Env.container_one "directory" |
| 573 | ("directory", Env.string) |
| 574 | (fn directory => |
| 575 | (write "\t<Directory "; |
| 576 | write directory; |
| 577 | write ">\n"; |
| 578 | inLocal := true), |
| 579 | fn () => (write "\t</Directory>\n"; |
| 580 | inLocal := false; |
| 581 | localRewriteEnabled := false)) |
| 582 | |
| 583 | fun checkRewrite () = |
| 584 | if !inLocal then |
| 585 | if !localRewriteEnabled then |
| 586 | () |
| 587 | else |
| 588 | (write "\tRewriteEngine on\n"; |
| 589 | localRewriteEnabled := true) |
| 590 | else if !rewriteEnabled then |
| 591 | () |
| 592 | else |
| 593 | (write "\tRewriteEngine on\n"; |
| 594 | rewriteEnabled := true) |
| 595 | |
| 596 | val () = Env.action_three "localProxyRewrite" |
| 597 | ("from", Env.string, "to", Env.string, "port", Env.int) |
| 598 | (fn (from, to, port) => |
| 599 | (checkRewrite (); |
| 600 | write "\tRewriteRule\t\""; |
| 601 | write from; |
| 602 | write "\"\thttp://localhost:"; |
| 603 | write (Int.toString port); |
| 604 | write "/"; |
| 605 | write to; |
| 606 | write " [P]\n")) |
| 607 | |
| 608 | val () = Env.action_two "proxyPass" |
| 609 | ("from", Env.string, "to", Env.string) |
| 610 | (fn (from, to) => |
| 611 | (write "\tProxyPass\t"; |
| 612 | write from; |
| 613 | write "\t"; |
| 614 | write to; |
| 615 | write "\n")) |
| 616 | |
| 617 | val () = Env.action_two "proxyPassReverse" |
| 618 | ("from", Env.string, "to", Env.string) |
| 619 | (fn (from, to) => |
| 620 | (write "\tProxyPassReverse\t"; |
| 621 | write from; |
| 622 | write "\t"; |
| 623 | write to; |
| 624 | write "\n")) |
| 625 | |
| 626 | val () = Env.action_three "rewriteRule" |
| 627 | ("from", Env.string, "to", Env.string, "flags", Env.list flag) |
| 628 | (fn (from, to, flags) => |
| 629 | (checkRewrite (); |
| 630 | write "\tRewriteRule\t\""; |
| 631 | write from; |
| 632 | write "\"\t\""; |
| 633 | write to; |
| 634 | write "\""; |
| 635 | case flags of |
| 636 | [] => () |
| 637 | | flag::rest => (write " ["; |
| 638 | write flag; |
| 639 | app (fn flag => (write ","; |
| 640 | write flag)) rest; |
| 641 | write "]"); |
| 642 | write "\n")) |
| 643 | |
| 644 | val () = Env.action_three "rewriteCond" |
| 645 | ("test", Env.string, "pattern", Env.string, "flags", Env.list cond_flag) |
| 646 | (fn (from, to, flags) => |
| 647 | (checkRewrite (); |
| 648 | write "\tRewriteCond\t\""; |
| 649 | write from; |
| 650 | write "\"\t\""; |
| 651 | write to; |
| 652 | write "\""; |
| 653 | case flags of |
| 654 | [] => () |
| 655 | | flag::rest => (write " ["; |
| 656 | write flag; |
| 657 | app (fn flag => (write ","; |
| 658 | write flag)) rest; |
| 659 | write "]"); |
| 660 | write "\n")) |
| 661 | |
| 662 | val () = Env.action_one "rewriteBase" |
| 663 | ("prefix", Env.string) |
| 664 | (fn prefix => |
| 665 | (checkRewrite (); |
| 666 | write "\tRewriteBase\t\""; |
| 667 | write prefix; |
| 668 | write "\"\n")) |
| 669 | |
| 670 | val () = Env.action_one "rewriteLogLevel" |
| 671 | ("level", Env.int) |
| 672 | (fn level => |
| 673 | (checkRewrite (); |
| 674 | write "\tRewriteLog "; |
| 675 | write' (fn x => x); |
| 676 | write "/rewrite.log\n\tRewriteLogLevel "; |
| 677 | write (Int.toString level); |
| 678 | write "\n")) |
| 679 | |
| 680 | val () = Env.action_two "alias" |
| 681 | ("from", Env.string, "to", Env.string) |
| 682 | (fn (from, to) => |
| 683 | (write "\tAlias\t"; |
| 684 | write from; |
| 685 | write " "; |
| 686 | write to; |
| 687 | write "\n")) |
| 688 | |
| 689 | val () = Env.action_two "scriptAlias" |
| 690 | ("from", Env.string, "to", Env.string) |
| 691 | (fn (from, to) => |
| 692 | (write "\tScriptAlias\t"; |
| 693 | write from; |
| 694 | write " "; |
| 695 | write to; |
| 696 | write "\n")) |
| 697 | |
| 698 | val () = Env.action_two "errorDocument" |
| 699 | ("code", Env.string, "handler", Env.string) |
| 700 | (fn (code, handler) => |
| 701 | let |
| 702 | val hasSpaces = CharVector.exists Char.isSpace handler |
| 703 | |
| 704 | fun maybeQuote () = |
| 705 | if hasSpaces then |
| 706 | write "\"" |
| 707 | else |
| 708 | () |
| 709 | in |
| 710 | write "\tErrorDocument\t"; |
| 711 | write code; |
| 712 | write " "; |
| 713 | maybeQuote (); |
| 714 | write handler; |
| 715 | maybeQuote (); |
| 716 | write "\n" |
| 717 | end) |
| 718 | |
| 719 | val () = Env.action_one "options" |
| 720 | ("options", Env.list apache_option) |
| 721 | (fn opts => |
| 722 | case opts of |
| 723 | [] => () |
| 724 | | _ => (write "\tOptions"; |
| 725 | app (fn opt => (write " "; write opt)) opts; |
| 726 | write "\n")) |
| 727 | |
| 728 | val () = Env.action_one "set_options" |
| 729 | ("options", Env.list apache_option) |
| 730 | (fn opts => |
| 731 | case opts of |
| 732 | [] => () |
| 733 | | _ => (write "\tOptions"; |
| 734 | app (fn opt => (write " +"; write opt)) opts; |
| 735 | write "\n")) |
| 736 | |
| 737 | val () = Env.action_one "unset_options" |
| 738 | ("options", Env.list apache_option) |
| 739 | (fn opts => |
| 740 | case opts of |
| 741 | [] => () |
| 742 | | _ => (write "\tOptions"; |
| 743 | app (fn opt => (write " -"; write opt)) opts; |
| 744 | write "\n")) |
| 745 | |
| 746 | val () = Env.action_one "cgiExtension" |
| 747 | ("extension", Env.string) |
| 748 | (fn ext => (write "\tAddHandler cgi-script "; |
| 749 | write ext; |
| 750 | write "\n")) |
| 751 | |
| 752 | val () = Env.action_one "directoryIndex" |
| 753 | ("filenames", Env.list Env.string) |
| 754 | (fn opts => |
| 755 | (write "\tDirectoryIndex"; |
| 756 | app (fn opt => (write " "; write opt)) opts; |
| 757 | write "\n")) |
| 758 | |
| 759 | val () = Env.action_one "serverAliasHost" |
| 760 | ("host", Env.string) |
| 761 | (fn host => |
| 762 | (write "\tServerAlias "; |
| 763 | write host; |
| 764 | write "\n"; |
| 765 | !aliaser host)) |
| 766 | |
| 767 | val () = Env.action_one "serverAlias" |
| 768 | ("host", Env.string) |
| 769 | (fn host => |
| 770 | (app |
| 771 | (fn dom => |
| 772 | let |
| 773 | val full = host ^ "." ^ dom |
| 774 | in |
| 775 | write "\tServerAlias "; |
| 776 | write full; |
| 777 | write "\n"; |
| 778 | !aliaser full |
| 779 | end) |
| 780 | (Domain.currentDomains ()))) |
| 781 | |
| 782 | val () = Env.action_none "serverAliasDefault" |
| 783 | (fn () => |
| 784 | (app |
| 785 | (fn dom => |
| 786 | (write "\tServerAlias "; |
| 787 | write dom; |
| 788 | write "\n"; |
| 789 | !aliaser dom)) |
| 790 | (Domain.currentDomains ()))) |
| 791 | |
| 792 | val authType = fn (EVar "basic", _) => SOME "basic" |
| 793 | | (EVar "digest", _) => SOME "digest" |
| 794 | | (EVar "kerberos", _) => SOME "kerberos" |
| 795 | | _ => NONE |
| 796 | |
| 797 | fun allowAuthType "kerberos" = !sslEnabled |
| 798 | | allowAuthType _ = true |
| 799 | |
| 800 | val () = Env.action_one "authType" |
| 801 | ("type", authType) |
| 802 | (fn ty => |
| 803 | if allowAuthType ty then |
| 804 | (write "\tAuthType "; |
| 805 | write ty; |
| 806 | write "\n"; |
| 807 | case ty of |
| 808 | "kerberos" => |
| 809 | write "\tKrbMethodNegotiate off\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC off\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n" |
| 810 | | _ => ()) |
| 811 | else |
| 812 | print "WARNING: Skipped Kerberos authType because this isn't an SSL vhost.\n") |
| 813 | |
| 814 | val () = Env.action_one "authName" |
| 815 | ("name", Env.string) |
| 816 | (fn name => |
| 817 | (write "\tAuthName \""; |
| 818 | write name; |
| 819 | write "\"\n")) |
| 820 | |
| 821 | val () = Env.action_one "authUserFile" |
| 822 | ("file", Env.string) |
| 823 | (fn name => |
| 824 | (write "\tAuthUserFile "; |
| 825 | write name; |
| 826 | write "\n")) |
| 827 | |
| 828 | val () = Env.action_none "requireValidUser" |
| 829 | (fn () => write "\tRequire valid-user\n") |
| 830 | |
| 831 | val () = Env.action_one "requireUser" |
| 832 | ("users", Env.list Env.string) |
| 833 | (fn names => |
| 834 | case names of |
| 835 | [] => () |
| 836 | | _ => (write "\tRequire user"; |
| 837 | app (fn name => (write " "; write name)) names; |
| 838 | write "\n")) |
| 839 | |
| 840 | val () = Env.action_one "requireGroup" |
| 841 | ("groups", Env.list Env.string) |
| 842 | (fn names => |
| 843 | case names of |
| 844 | [] => () |
| 845 | | _ => (write "\tRequire group"; |
| 846 | app (fn name => (write " "; write name)) names; |
| 847 | write "\n")) |
| 848 | |
| 849 | val () = Env.action_none "orderAllowDeny" |
| 850 | (fn () => write "\tOrder allow,deny\n") |
| 851 | |
| 852 | val () = Env.action_none "orderDenyAllow" |
| 853 | (fn () => write "\tOrder deny,allow\n") |
| 854 | |
| 855 | val () = Env.action_none "allowFromAll" |
| 856 | (fn () => write "\tAllow from all\n") |
| 857 | |
| 858 | val () = Env.action_one "allowFrom" |
| 859 | ("entries", Env.list Env.string) |
| 860 | (fn names => |
| 861 | case names of |
| 862 | [] => () |
| 863 | | _ => (write "\tAllow from"; |
| 864 | app (fn name => (write " "; write name)) names; |
| 865 | write "\n")) |
| 866 | |
| 867 | val () = Env.action_none "denyFromAll" |
| 868 | (fn () => write "\tDeny from all\n") |
| 869 | |
| 870 | val () = Env.action_one "denyFrom" |
| 871 | ("entries", Env.list Env.string) |
| 872 | (fn names => |
| 873 | case names of |
| 874 | [] => () |
| 875 | | _ => (write "\tDeny from"; |
| 876 | app (fn name => (write " "; write name)) names; |
| 877 | write "\n")) |
| 878 | |
| 879 | val () = Env.action_none "satisfyAll" |
| 880 | (fn () => write "\tSatisfy all\n") |
| 881 | |
| 882 | val () = Env.action_none "satisfyAny" |
| 883 | (fn () => write "\tSatisfy any\n") |
| 884 | |
| 885 | val () = Env.action_one "forceType" |
| 886 | ("type", Env.string) |
| 887 | (fn ty => (write "\tForceType "; |
| 888 | write ty; |
| 889 | write "\n")) |
| 890 | |
| 891 | val () = Env.action_none "forceTypeOff" |
| 892 | (fn () => write "\tForceType None\n") |
| 893 | |
| 894 | val () = Env.action_two "action" |
| 895 | ("what", Env.string, "how", Env.string) |
| 896 | (fn (what, how) => (write "\tAction "; |
| 897 | write what; |
| 898 | write " "; |
| 899 | write how; |
| 900 | write "\n")) |
| 901 | |
| 902 | val () = Env.action_one "addDefaultCharset" |
| 903 | ("charset", Env.string) |
| 904 | (fn ty => (write "\tAddDefaultCharset "; |
| 905 | write ty; |
| 906 | write "\n")) |
| 907 | |
| 908 | (*val () = Env.action_one "davSvn" |
| 909 | ("path", Env.string) |
| 910 | (fn path => (write "\tDAV svn\n\tSVNPath "; |
| 911 | write path; |
| 912 | write "\n")) |
| 913 | |
| 914 | val () = Env.action_one "authzSvnAccessFile" |
| 915 | ("path", Env.string) |
| 916 | (fn path => (write "\tAuthzSVNAccessFile "; |
| 917 | write path; |
| 918 | write "\n"))*) |
| 919 | |
| 920 | val () = Env.action_none "davFilesystem" |
| 921 | (fn path => write "\tDAV filesystem\n") |
| 922 | |
| 923 | val () = Env.action_two "addDescription" |
| 924 | ("description", Env.string, "patterns", Env.list Env.string) |
| 925 | (fn (desc, pats) => |
| 926 | case pats of |
| 927 | [] => () |
| 928 | | _ => (write "\tAddDescription \""; |
| 929 | write (String.toString desc); |
| 930 | write "\""; |
| 931 | app (fn pat => (write " "; write pat)) pats; |
| 932 | write "\n")) |
| 933 | |
| 934 | val () = Env.action_two "addIcon" |
| 935 | ("icon", Env.string, "patterns", Env.list Env.string) |
| 936 | (fn (icon, pats) => |
| 937 | case pats of |
| 938 | [] => () |
| 939 | | _ => (write "\tAddIcon \""; |
| 940 | write icon; |
| 941 | write "\""; |
| 942 | app (fn pat => (write " "; write pat)) pats; |
| 943 | write "\n")) |
| 944 | |
| 945 | val () = Env.action_one "indexOptions" |
| 946 | ("options", Env.list autoindex_option) |
| 947 | (fn opts => |
| 948 | case opts of |
| 949 | [] => () |
| 950 | | _ => (write "\tIndexOptions"; |
| 951 | app (fn (opt, arg) => |
| 952 | (write " "; |
| 953 | write opt; |
| 954 | Option.app (fn arg => |
| 955 | (write "="; write arg)) arg)) opts; |
| 956 | write "\n")) |
| 957 | |
| 958 | val () = Env.action_one "indexIgnore" |
| 959 | ("patterns", Env.list Env.string) |
| 960 | (fn pats => |
| 961 | case pats of |
| 962 | [] => () |
| 963 | | _ => (write "\tIndexIgnore"; |
| 964 | app (fn pat => (write " "; write pat)) pats; |
| 965 | write "\n")) |
| 966 | |
| 967 | val () = Env.action_one "set_indexOptions" |
| 968 | ("options", Env.list autoindex_option) |
| 969 | (fn opts => |
| 970 | case opts of |
| 971 | [] => () |
| 972 | | _ => (write "\tIndexOptions"; |
| 973 | app (fn (opt, arg) => |
| 974 | (write " +"; |
| 975 | write opt; |
| 976 | Option.app (fn arg => |
| 977 | (write "="; write arg)) arg)) opts; |
| 978 | write "\n")) |
| 979 | |
| 980 | val () = Env.action_one "unset_indexOptions" |
| 981 | ("options", Env.list autoindex_option) |
| 982 | (fn opts => |
| 983 | case opts of |
| 984 | [] => () |
| 985 | | _ => (write "\tIndexOptions"; |
| 986 | app (fn (opt, _) => |
| 987 | (write " -"; |
| 988 | write opt)) opts; |
| 989 | write "\n")) |
| 990 | |
| 991 | val () = Env.action_one "headerName" |
| 992 | ("name", Env.string) |
| 993 | (fn name => (write "\tHeaderName "; |
| 994 | write name; |
| 995 | write "\n")) |
| 996 | |
| 997 | val () = Env.action_one "readmeName" |
| 998 | ("name", Env.string) |
| 999 | (fn name => (write "\tReadmeName "; |
| 1000 | write name; |
| 1001 | write "\n")) |
| 1002 | |
| 1003 | val () = Env.action_two "setEnv" |
| 1004 | ("key", Env.string, "value", Env.string) |
| 1005 | (fn (key, value) => (write "\tSetEnv \""; |
| 1006 | write key; |
| 1007 | write "\" \""; |
| 1008 | write (String.translate (fn #"\"" => "\\\"" |
| 1009 | | ch => str ch) value); |
| 1010 | write "\"\n")) |
| 1011 | |
| 1012 | val () = Env.action_one "diskCache" |
| 1013 | ("path", Env.string) |
| 1014 | (fn path => (write "\tCacheEnable disk \""; |
| 1015 | write path; |
| 1016 | write "\"\n")) |
| 1017 | |
| 1018 | val () = Env.action_one "phpVersion" |
| 1019 | ("version", php_version) |
| 1020 | (fn version => (write "\tAddHandler x-httpd-php"; |
| 1021 | write (Int.toString version); |
| 1022 | write " .php .phtml\n")) |
| 1023 | |
| 1024 | val () = Env.action_two "addType" |
| 1025 | ("mime type", Env.string, "extension", Env.string) |
| 1026 | (fn (mt, ext) => (write "\tAddType "; |
| 1027 | write mt; |
| 1028 | write " "; |
| 1029 | write ext; |
| 1030 | write "\n")) |
| 1031 | |
| 1032 | val filter = fn (EVar "includes", _) => SOME "INCLUDES" |
| 1033 | | (EVar "deflate", _) => SOME "DEFLATE" |
| 1034 | | _ => NONE |
| 1035 | |
| 1036 | val () = Env.action_two "addOutputFilter" |
| 1037 | ("filters", Env.list filter, "extensions", Env.list Env.string) |
| 1038 | (fn (f :: fs, exts as (_ :: _)) => |
| 1039 | (write "\tAddOutputFilter "; |
| 1040 | write f; |
| 1041 | app (fn f => (write ";"; write f)) fs; |
| 1042 | app (fn ext => (write " "; write ext)) exts; |
| 1043 | write "\n") |
| 1044 | | _ => ()) |
| 1045 | |
| 1046 | val () = Domain.registerResetLocal (fn () => |
| 1047 | ignore (OS.Process.system (Config.rm ^ " -rf /var/domtool/vhosts/*"))) |
| 1048 | |
| 1049 | val () = Domain.registerDescriber (Domain.considerAll |
| 1050 | [Domain.Extension {extension = "vhost", |
| 1051 | heading = fn host => "Web vhost " ^ host ^ ":"}, |
| 1052 | Domain.Extension {extension = "vhost_ssl", |
| 1053 | heading = fn host => "SSL web vhost " ^ host ^ ":"}]) |
| 1054 | |
| 1055 | val () = Env.action_none "testNoHtaccess" |
| 1056 | (fn path => write "\tAllowOverride None\n") |
| 1057 | |
| 1058 | end |