wok view lighttpd-ssl/receipt @ rev 17720

lighttpd-ssl: no more /var/www files
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu Mar 05 16:54:19 2015 +0100 (2015-03-05)
parents f2bdc266fba2
children d3eb5f4b53ea
line source
1 # SliTaz package receipt.
2
3 PACKAGE="lighttpd-ssl"
4 VERSION="1.4.33"
5 CATEGORY="network"
6 SHORT_DESC="Fast and light HTTP Web server with SSL support."
7 MAINTAINER="pankso@slitaz.org"
8 LICENSE="BSD"
9 SUGGESTED="lighttpd-modules php perl python"
10 SOURCE="lighttpd"
11 TARBALL="$SOURCE-$VERSION.tar.xz"
12 WEB_SITE="http://www.lighttpd.net/"
13 WGET_URL="http://download.lighttpd.net/lighttpd/releases-1.4.x/$TARBALL"
14 CONFIG_FILES="/etc/lighttpd/vhosts.conf /etc/lighttpd/lighttpd.conf /etc/ssl/lighttpd"
15 PROVIDE="lighttpd"
16 HOST_ARCH="i486 arm"
17
18 DEPENDS="pcre openssl"
19 BUILD_DEPENDS="pcre-dev bzip2-dev openssl-dev"
20
21 BASE_MODULES="
22 access
23 accesslog
24 alias
25 cgi
26 dirlisting
27 indexfile
28 staticfile
29 rewrite
30 status
31 userdir"
32
33 # Rules to configure and make the package.
34 compile_rules()
35 {
36 cd $src
37 sed -i '/addrs_left/d' src/mod_extforward.c
38 ./configure \
39 --enable-shared \
40 --disable-ipv6 \
41 --with-openssl \
42 --prefix=/usr \
43 --libdir=/usr/lib/lighttpd \
44 --mandir=/usr/share/man \
45 $CONFIGURE_ARGS &&
46 make &&
47 make DESTDIR=$DESTDIR install
48 }
49
50 # Rules to gen a SliTaz package suitable for Tazpkg.
51 # On SliTaz Lighttpd runs as user/group : www/www or 80/80.
52 genpkg_rules()
53 {
54 mkdir -p $fs/usr
55 #cp -a $install/usr/bin $fs/usr
56 cp -a $install/usr/sbin $fs/usr
57
58 # Modules.
59 mkdir -p $fs/usr/lib/lighttpd
60 for module in $BASE_MODULES
61 do
62 cp $install/usr/lib/lighttpd/mod_${module}.so $fs/usr/lib/lighttpd
63 echo -n "Copying : mod_${module}.so" && status
64 done
65
66 # Server root and config file.
67 cp -a $WOK/$SOURCE/stuff/etc $fs
68 chown -R 0.0 $fs/etc
69 mkdir -p $fs/etc/ssl/lighttpd
70 cat >> $fs/etc/lighttpd/lighttpd.conf <<EOT
71
72 # Enable HTTPS support
73 #
74 \$SERVER["socket"] == ":443" {
75 protocol = "https://"
76 ssl.engine = "enable"
77 # Unsafe, see CVE-2014-3566 POODLE
78 ssl.use-sslv2 = "disable"
79 ssl.use-sslv3 = "disable"
80 ssl.pemfile = "/etc/ssl/lighttpd/lighttpd.pem"
81 }
82 EOT
83
84 # Logs directory.
85 mkdir -p $fs/var/log/lighttpd
86 chown 80.80 $fs/var/log/lighttpd
87 }
88
89 # Make sur it as cross compile properly
90 testsuite()
91 {
92 readelf -h $install/usr/sbin/lighttpd
93 }
94
95 # Pre and post install commands for Tazpkg.
96 # We stop the server by default in case of upgarde.
97 pre_install()
98 {
99 echo "Processing pre-install commands..."
100 [ -f /etc/init.d/lighttpd ] && /etc/init.d/lighttpd stop
101 }
102
103 post_install()
104 {
105 echo "Processing post-install commands..."
106 if [ ! -f $1/etc/ssl/lighttpd/lighttpd.pem ]; then
107 openssl req -new -x509 \
108 -keyout $1/etc/ssl/lighttpd/lighttpd.pem \
109 -out $1/etc/ssl/lighttpd/lighttpd.pem \
110 -days 3650 -nodes <<EOT
111 $(. /etc/locale.conf ; echo ${LANG#*_})
112 $(cat /etc/TZ)
113
114 $(cat /etc/hostname)
115
116
117
118 EOT
119 fi
120 # Just in case.
121 chown www.www $1/var/log/lighttpd
122 if [ -z "$1" ]; then
123 for i in apache ; do
124 [ -f /etc/init.d/$i ] && /etc/init.d/$i stop
125 done
126 /etc/init.d/lighttpd start
127 fi
128 }