From ee18e372f6f23eeb909f03248b853be2db844477 Mon Sep 17 00:00:00 2001
From: Adrian Rossouw <adrian@developmentseed.org>
Date: Mon, 25 Feb 2008 17:54:58 +0000
Subject: [PATCH] missed the provision_apache module during file move
 @http://drupal.org/node/225572. Thanks anarcat.

---
 web_server/provision_apache.module | 272 +++++++++++++++++++++++++++++
 1 file changed, 272 insertions(+)
 create mode 100644 web_server/provision_apache.module

diff --git a/web_server/provision_apache.module b/web_server/provision_apache.module
new file mode 100644
index 000000000..359ba5a23
--- /dev/null
+++ b/web_server/provision_apache.module
@@ -0,0 +1,272 @@
+<?php
+/**
+ * @file
+ * Apache provisioning module
+ * This module simply serves to generate the virtual host entry, and make sure apache gets reloaded properly.
+ * Because Drupal is running via the command line for the entirety of this process, it is only necessary to make
+ * it available online once everything has been completed.
+ *
+ * This module still requires configuration and sanity checks. Need to figure out a way to inspect the apache configuration, 
+ * to ensure that the sites are getting loaded up correctly.
+ */
+
+function provision_apache_provision_service() {
+  return array( "web_server" => t("Web Server"));
+}
+
+/**
+ * Implementation of hook_help().
+ */
+function provision_apache_help($section) {
+  switch ($section) {
+    case 'admin/help/provision#requirements':
+      $username = provision_get_script_owner();
+      $group = provision_get_group_name();
+      $vhost_path = _provision_vhost_path();
+      $mkdir_cmd['@vhost_path'] = $vhost_path;
+      $mkdir_cmd['@provision_link'] = url('admin/settings/provision');
+      $mkdir_cmd['@mkdir_cmd'] = <<<EOF
+    [$username@hm2 ~]$ mkdir $vhost_path
+    [$username@hm2 ~]$ chown $username:$username $vhost_path
+    [$username@hm2 ~]$ chmod 0700 $vhost_path
+EOF;
+      $visudo_cmd['@visudo_cmd'] = <<<EOF
+    [$username@hm2 ~]$ sudo su -
+    password:
+    [root@hm2 ~]$ visudo
+EOF;
+      $visudo_cmd['@visudo_line'] = <<<EOF
+    $username ALL=NOPASSWD: /usr/sbin/apachectl
+EOF;
+
+    $vhost_line = <<<EOF
+    Include $vhost_path
+EOF;
+      
+      $output .= "<ol>";
+
+      $output .= '<li>' . t('<p><strong>Web server inaccessible directory to store Virtual Host information.</strong> 
+                            The provision framework takes special care to make sure that the file permissions of the 
+                            hosted sites are always as safe as can be, especially to make sure that the web server does 
+                            not have the ability to modify the code of the site, therefor this information is required 
+                            to assure that safety while keeping the sites accessible. 
+                            The recommended path is directly above your platform path, but it can be anywhere.</p>
+                            <p>Based on your server configuration we have determined that your path should be <code>@vhost_path</code>, 
+                            but you can change it change them in the <a href="@provision_link">provisioning section</a></p>
+                            <p><strong>To configure:</strong> this directory correctly, please enter the following commands :
+                            <pre>@mkdir_cmd</pre></p>',$mkdir_cmd) . '</li>';
+
+      $output .= '<li>' . t('<p><strong>Access to the server\'s <code>httpd.conf</code> file.</strong> 
+                            You are required to add a single line to the httpd.conf file, which allows 
+                            the system to load the additional virtual hosts that are generated.</p>
+                            The location of this file differs between distributions, 
+                            but is most commonly found in <code>/etc/httpd</code> or <code>/etc/apache</a>.</p>
+                            <p><strong>To configure:</strong> Once you have determined the location of your httpd.conf file, add the following line to it :
+                            <pre>@vhost_line</pre></p>', array('@vhost_line' => $vhost_line)) . '</li>';
+      $output .= '<li>' . t('<p><strong>Ability to reload the httpd daemon.</strong> 
+                             As the provisioning framework should not be run as root,
+                             and the web server group should not be allowed access to the 
+                             functionality to stop/start the web server, it is required that you provide access
+                             to the Apache restart command for the user account the script will be running as. 
+                             If this is not configured, every command will ask for a sudo password when restarting the server.</p>
+                             <p><strong>To configure:</strong> Run the visudo command: <pre>@visudo_cmd</pre>
+                             Then add the following line to the file: <pre>@visudo_line</pre></p>', 
+                             $visudo_cmd) . '</li>';
+      $output .= "</ol>";
+      return $output;
+      break;
+  }
+}
+
+/**
+ * Hook into central configuration form for provisioning framework.
+ */
+function provision_apache_provision_configure($node = null) {
+  $form['ip_address'] = array(
+    '#type' => 'textfield',
+    '#title' => t('IP address'),
+    '#default_value' => $node->ip_address,
+    '#description' => t("The IP address the server can be accessed by. If this is empty, the hostname field will be used instead.")
+  );
+  
+  $form['script_user'] = array(
+    '#type' => 'textfield',
+    '#title' => t('System account'),
+    '#required' => TRUE,
+    '#description' => t('The system account that the hosted files will belong to, for security reasons, this should be a different to the account the web server is running as.'),
+    '#default_value' => ($node->script_user) ? $node->script_user : provision_get_script_owner(),
+    '#size' => 40,
+    '#maxlength' => 255,
+  );
+  
+  $form['web_group'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Web server group'),
+    '#required' => TRUE,
+    '#description' => t('The group that the hosted files will belong to. Should be the group the web server is running as.'),
+    '#default_value' => ($node->web_group) ? $node->web_group : provision_get_group_name(),
+    '#size' => 40,
+    '#maxlength' => 255,
+  );
+  
+  $form['config_path'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Configuration path'),
+    '#required' => TRUE,
+    '#size' => 40,
+    '#default_value' => ($node->config_path) ? $node->config_path : _provision_config_path(),
+    '#description' => t("The path on the server where configuration files will be stored.
+        It is essential that this directory should not be accessible via a web browser."),
+    '#maxlength' => 255,
+  );
+  
+  $form['backup_path'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Backup path'),
+    '#required' => TRUE,
+    '#size' => 40,
+    '#default_value' => ($node->backup_path) ? $node->backup_path : _provision_backup_path(),
+    '#description' => t("The path on the server where backups will be stored.
+        It is essential that this directory should not be accessible via a web browser."),
+    '#maxlength' => 255,
+  );
+  
+  return $form;
+}
+
+/**
+ * Implementation of hook_provision_templates
+ */
+function provision_apache_provision_templates() {
+  $form['vhost_template'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Virtual Host configuration template'),
+    '#description' => t('The text to use when generating a virtual host configuration file for apache'),
+    '#default_value' => variable_get('provision_apache_vhost_template', _provision_apache_default_template()),
+    '#cols' => 60,
+    '#rows' => 5,
+  );
+  return $form; 
+}
+
+/**
+ * The default template provided for the virtual host configuration
+ */
+function _provision_apache_default_template() {
+  return file_get_contents(drupal_get_path('module', 'provision_apache') . "/templates/apache_vhost.tpl.php");
+}
+
+/**
+ * Implementation of hook_provision_pre_install
+ */
+function provision_apache_provision_pre_install($url, &$data) {
+  #safety mechanism to ensure back end calls are not made via the front end.
+  if (!provision_confirm_drush()) return null;
+  return _provision_apache_create_vhost_config($url, $data);
+}
+
+/**
+ * Implementation of hook_provision_post_install
+ */
+function provision_apache_provision_post_install($url, &$data) {
+  #safety mechanism to ensure back end calls are not made via the front end.
+  if (!provision_confirm_drush()) return null;
+  return _provision_apache_restart_apache();  
+}
+
+/**
+ * Implementation of hook_provision_enable
+ */
+function provision_apache_provision_enable($url, &$data) {
+  #safety mechanism to ensure back end calls are not made via the front end.
+  if (!provision_confirm_drush()) return null;
+
+  _provision_apache_create_vhost_config($url, $data);
+  _provision_apache_restart_apache();
+}
+
+/**
+ * Implementation of hook_provision_disable
+ */
+function provision_apache_provision_disable($url, &$data) {
+  #safety mechanism to ensure back end calls are not made via the front end.
+  if (!provision_confirm_drush()) return null;
+
+  _provision_apache_delete_vhost_config($url, $data);
+  _provision_apache_restart_apache();
+}
+
+/**
+ * Implementation of hook_provision_sync
+ */
+function provision_apache_provision_synch($url, &$data) {
+  _provision_apache_create_vhost_config($url, $data);
+  _provision_apache_restart_apache();
+}
+
+/**
+ * Delete virtual host file
+ */
+function _provision_apache_delete_vhost_config($url, $data) {
+  provision_check_path(_provision_vhost_path() . "/$url", "unlink", true, 
+      t("Removed apache virtual host configuration"));
+}
+
+/**
+ * Generate virtual host file
+ */
+function _provision_apache_create_vhost_config($url, $data) {
+  $writable = provision_check_path(_provision_vhost_path(), "writable", true ,
+      t("Virtual host configuration path is writable."),
+      t("Virtual host configuration path is not writable."), 
+      PROVISION_PERM_ERROR | PROVISION_FRAMEWORK_ERROR);
+  if ($writable) {
+    $file = fopen(_provision_vhost_path() . '/' . $url, "w");
+    $text = provision_render_config(variable_get('provision_apache_vhost_template', _provision_apache_default_template()), $data);
+    fwrite($file, $text);
+    fclose($file);
+  }
+}
+ 
+/**
+ * Restart Apache
+ */
+function _provision_apache_restart_apache() {
+  # This is required to be configurable, due to the fact that different hosts might need to do this differently.
+  # TODO : add configuration / test for this
+  $apache_restart_cmd = escapeshellcmd(variable_get('provision_apache_restart_cmd', 'sudo apachectl graceful'));
+  $return = drush_shell_exec(escapeshellcmd($apache_restart_cmd));
+  if (!$return) {
+    provision_set_error(PROVISION_WEB_ERROR);
+    provision_log("error", "Web server could not be restarted. Changes might not be available until this has been done.");
+  }
+}
+
+function provision_apache_provision_verify() {
+  $path = _provision_vhost_path();
+  $exists = provision_check_path($path, "exists", true ,
+    t("Virtual Host configuration path exists."),
+    t("Virtual Host configuration path does not exist."));
+  if (!$exists) {
+    $made = provision_check_path($path, "mkdir", true, 
+        t("Virtual host configuration path has been created."),
+        t("Virtual host configuration path could not be created."), 
+        PROVISION_PERM_ERROR | PROVISION_FRAMEWORK_ERROR);
+  }
+  else {
+    $writable = provision_check_path($path, "writable", true ,
+        t("Virtual host configuration path is writable."),
+        t("Virtual host configuration path is not writable."), 
+        PROVISION_PERM_ERROR | PROVISION_FRAMEWORK_ERROR);
+    if (!$writable) {
+      provision_check_path($path, "chown", provision_get_script_owner(), 
+        t("Changed ownership of <code>%path</code>", array("%path" => $path)),
+        t("Could not change ownership <code>%path</code>", array("%path" => $path)),
+        PROVISION_PERM_ERROR);
+      provision_check_path($path, "chmod", 0700, 
+        t("Changed permissions of <code>%path</code> to %perms", array("%path" => $path, '%perms' => 0700)),
+        t("Could not change ownership <code>%path</code> to %perms", array("%path" => $path, '%perms' => 0700)),
+        PROVISION_PERM_ERROR );
+    }
+  }
+}
-- 
GitLab