From: Clinton Ebadi Date: Wed, 26 Dec 2018 02:37:21 +0000 (-0500) Subject: apache: add ipv6 support X-Git-Tag: release_20181215~2 X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/commitdiff_plain/f924c1cf6ee6ac92e7606b2d9577a130e89912e5 apache: add ipv6 support web_place and web_node now have mandatory IPv6 addresses, and vhosts will always listen on both IPv4 and IPv6. mailman plugin updated as well --- diff --git a/lib/apache.dtl b/lib/apache.dtl index feabe77..a75dd0d 100644 --- a/lib/apache.dtl +++ b/lib/apache.dtl @@ -7,10 +7,11 @@ extern val web_node_to_node : web_node -> node; extern type web_place; extern val web_place_default : web_node -> web_place; -extern val web_place : web_node -> your_ip -> web_place; +extern val web_place : web_node -> your_ip -> your_ipv6 -> web_place; extern val web_place_to_web_node : web_place -> web_node; extern val web_place_to_node : web_place -> node; extern val web_place_to_ip : web_place -> ip; +extern val web_place_to_ipv6 : web_place -> ipv6; {{Web places are combinations of web nodes (servers on which you are allowed to run web sites) and IP addresses on which those servers should listen for requests.}} diff --git a/lib/mailman.dtl b/lib/mailman.dtl index f2158b7..115f45f 100644 --- a/lib/mailman.dtl +++ b/lib/mailman.dtl @@ -15,10 +15,11 @@ extern val mailman_node_to_node : mailman_node -> node; extern type mailman_place; extern val mailman_place_default : mailman_node -> mailman_place; -extern val mailman_place : mailman_node -> your_ip -> mailman_place; +extern val mailman_place : mailman_node -> your_ip -> your_ipv6 -> mailman_place; extern val mailman_place_to_web_node : mailman_place -> web_node; extern val mailman_place_to_node : mailman_place -> node; extern val mailman_place_to_ip : mailman_place -> ip; +extern val mailman_place_to_ipv6 : mailman_place -> ipv6; {{Analogous to web_place, but based on mailman_nodes}} extern val mailmanVhost : host -> [Domain] diff --git a/src/plugins/apache.sig b/src/plugins/apache.sig index 31f0587..7115086 100644 --- a/src/plugins/apache.sig +++ b/src/plugins/apache.sig @@ -39,7 +39,7 @@ signature APACHE = sig (* OK, where is it _really_ located? (Target of log syncing into AFS) *) val ssl : string option Env.arg - val webPlace : (string * string) Env.arg + val webPlace : (string * string * string) Env.arg val webNode : string -> bool end diff --git a/src/plugins/apache.sml b/src/plugins/apache.sml index 6a9fa39..5a3bb88 100644 --- a/src/plugins/apache.sml +++ b/src/plugins/apache.sml @@ -39,24 +39,28 @@ val _ = Env.registerFunction ("web_node_to_node", | _ => NONE) fun webPlace (EApp ((EVar "web_place_default", _), (EString node, _)), _) = - SOME (node, Domain.nodeIp node) - | webPlace (EApp ((EApp ((EVar "web_place", _), (EString node, _)), _), (EString ip, _)), _) = - SOME (node, ip) + SOME (node, Domain.nodeIp node, Domain.nodeIpv6 node) + | webPlace (EApp ((EApp ((EApp ((EVar "web_place", _), (EString node, _)), _), (EString ip, _)), _), (EString ipv6, _)), _) = + SOME (node, ip, ipv6) | webPlace _ = NONE fun webPlaceDefault node = (EApp ((EVar "web_place_default", dl), (EString node, dl)), dl) val _ = Env.registerFunction ("web_place_to_web_node", - fn [e] => Option.map (fn (node, _) => (EString node, dl)) (webPlace e) + fn [e] => Option.map (fn (node, _, _) => (EString node, dl)) (webPlace e) | _ => NONE) val _ = Env.registerFunction ("web_place_to_node", - fn [e] => Option.map (fn (node, _) => (EString node, dl)) (webPlace e) + fn [e] => Option.map (fn (node, _, _) => (EString node, dl)) (webPlace e) | _ => NONE) val _ = Env.registerFunction ("web_place_to_ip", - fn [e] => Option.map (fn (_, ip) => (EString ip, dl)) (webPlace e) - | _ => NONE) + fn [e] => Option.map (fn (_, ip, _) => (EString ip, dl)) (webPlace e) + | _ => NONE) + +val _ = Env.registerFunction ("web_place_to_ipv6", + fn [e] => Option.map (fn (_, _, ipv6) => (EString ipv6, dl)) (webPlace e) + | _ => NONE) val _ = Env.type_one "proxy_port" Env.int @@ -378,7 +382,7 @@ val () = Slave.registerFileHandler (fn fs => Slave.moveDirCreate {from = backupLogs (), to = rld} end - + | _ => (ignore (OS.Process.system (Config.cp ^ " " @@ -493,7 +497,7 @@ fun vhostBody (env, makeFullHost) = localRewriteEnabled := false; expiresEnabled := false; localExpiresEnabled := false; - vhostFiles := map (fn (node, ip) => + vhostFiles := map (fn (node, ip, ipv6) => let val file = Domain.domainFile {node = node, name = confFile} @@ -503,11 +507,21 @@ fun vhostBody (env, makeFullHost) = TextIO.output (file, "# Owner: "); TextIO.output (file, user); TextIO.output (file, "\n "443" | NONE => "80"); + + TextIO.output (file, " ["); + TextIO.output (file, ipv6); + TextIO.output (file, "]"); + TextIO.output (file, ":"); + TextIO.output (file, case ssl of + SOME _ => "443" + | NONE => "80"); + TextIO.output (file, ">\n"); TextIO.output (file, "\tErrorLog "); TextIO.output (file, ld); @@ -582,7 +596,7 @@ fun vhostBody (env, makeFullHost) = write "\n"; !pre {user = user, nodes = map #1 places, id = vhostId, hostname = fullHost}; app (fn dom => !aliaser (makeFullHost dom)) (Domain.currentAliasDomains ()) - end + end val () = Env.containerV_one "vhost" ("host", Env.string) @@ -838,7 +852,7 @@ val () = Env.action_two "errorDocument" maybeQuote (); write "\n" end) - + val () = Env.action_one "options" ("options", Env.list apache_option) (fn opts => @@ -928,7 +942,7 @@ val () = Env.action_one "authType" write ty; write "\n"; case ty of - "kerberos" => + "kerberos" => write "\tKrbServiceName HTTP\n\tKrb5Keytab /etc/keytabs/service/apache\n\tKrbMethodNegotiate on\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC on\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n" | _ => ()) else diff --git a/src/plugins/mailman.sml b/src/plugins/mailman.sml index d165dc6..4a2bfeb 100644 --- a/src/plugins/mailman.sml +++ b/src/plugins/mailman.sml @@ -37,21 +37,25 @@ val () = Env.registerFunction ("mailman_node_to_node", | _ => NONE) fun mailmanPlace (EApp ((EVar "mailman_place_default", _), (EString node, _)), _) = - SOME (node, Domain.nodeIp node) - | mailmanPlace (EApp ((EApp ((EVar "mailman_place", _), (EString node, _)), _), (EString ip, _)), _) = - SOME (node, ip) + SOME (node, Domain.nodeIp node, Domain.nodeIpv6 node) + | mailmanPlace (EApp ((EApp ((EApp ((EVar "mailman_place", _), (EString node, _)), _), (EString ip, _)), _), (EString ipv6, _)), _) = + SOME (node, ip, ipv6) | mailmanPlace _ = NONE val _ = Env.registerFunction ("mailman_place_to_web_node", - fn [e] => Option.map (fn (node, _) => (EString node, dl)) (mailmanPlace e) + fn [e] => Option.map (fn (node, _, _) => (EString node, dl)) (mailmanPlace e) | _ => NONE) val _ = Env.registerFunction ("mailman_place_to_node", - fn [e] => Option.map (fn (node, _) => (EString node, dl)) (mailmanPlace e) + fn [e] => Option.map (fn (node, _, _) => (EString node, dl)) (mailmanPlace e) | _ => NONE) val _ = Env.registerFunction ("mailman_place_to_ip", - fn [e] => Option.map (fn (_, ip) => (EString ip, dl)) (mailmanPlace e) + fn [e] => Option.map (fn (_, ip, _) => (EString ip, dl)) (mailmanPlace e) + | _ => NONE) + +val _ = Env.registerFunction ("mailman_place_to_ip", + fn [e] => Option.map (fn (_, _, ipv6) => (EString ipv6, dl)) (mailmanPlace e) | _ => NONE) val files = ref ([] : TextIO.outstream list) @@ -86,7 +90,7 @@ val () = Env.actionV_one "mailmanVhost" val vhostId = fullHost ^ (if Option.isSome ssl then ".ssl" else "") val confFile = fullHost ^ (if Option.isSome ssl then ".vhost_ssl" else ".vhost") in - app (fn (node, ip) => + app (fn (node, ip, ipv6) => let val file = Domain.domainFile {node = node, name = confFile} @@ -98,11 +102,21 @@ val () = Env.actionV_one "mailmanVhost" print user; print "\n"; print " "443" | NONE => "80"); + + print " ["; + print ipv6; + print "]"; + print ":"; + print (case ssl of + SOME _ => "443" + | NONE => "80"); + print ">\n"; print " ServerName "; print host; @@ -112,7 +126,7 @@ val () = Env.actionV_one "mailmanVhost" print " ServerAdmin "; print sadmin; print "\n"; - (* + (* print " SuexecUserGroup list list\n"; print "\n"; *)