| 7. YaPI::HTTPD | ||
|---|---|---|
 |  | |
| 7. YaPI::HTTPD | ||
|---|---|---|
| | | |
This package is the public Yast2 API to configure the apache2.
This function returns a reference to a list of strings of all host ids. Even without any virtual host, there is always the "default" host id for the default host. On error, undef is returned and the Error() function can be used to get the error hash.
Example 101.
my $list = GetHostsList();
if( not defined($list) ) {
return Error();
}
foreach my $hostid ( @$list ) {
print "ID: $hostid\n";
}Example 104.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function returns a reference to a host data list. The format of the Host data list is described above. In case of an error (for example, if there is no host with such an id) undef is returned.
Example 105.
# dumping all configured hosts
my $hostList = GetHostsList();
if( not defined $hostList ) {
# error
}
foreach my $hostid ( @$hostList ) {
my @host = GetHost( $hostid );
print "# dumping $hostid\n";
foreach my $directive ( @host ) {
print $directive->{OVERHEAD}."\n";
print $directive->{KEY}.' '.$directive->{VALUE}."\n";
}
}Example 108.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function modifies the host with $hostid. The complete host data will be replaced with $hostdata.
Example 109.
# turn off SSL and setting a comment in config file
my @host = GetHost( $hostid );
foreach my $directive ( @host ) {
if( $directive->{KEY} eq 'SSL' ) {
$directive->{VALUE} = 2;
$directive->{OVERHEAD} = "# customer wants SSL to be required\n";
}
}
ModifyHost( $hostid, \@host );Example 110.
my @hostData = GetHost( $hostid );
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, \@hostData );
replaceKey( 'ServerAdmin', { KEY => 'ServerAdmin', VALUE => 'my@my.dom' }, \@hostData );
ModifyHost( $hostid, \@hostData );
sub replaceKey {
my $key = shift;
my $new = shift;
my $hostData = shift;
my $found = 0;
foreach( @$hostData ) {
if( $_->{KEY} eq $new->{KEY} ) {
$new->{OVERHEAD} = $_ ->{OVERHEAD} unless( exists($new->{OVERHEAD}) );
$_ = $new;
$found = 1;
last;
}
}
push( @$hostData, $new ) unless( $found );
return 1;
}Example 113.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function creates a host with $hostid. $hostdata is the host data array.
Example 114.
my @newHost = (
{ KEY => "ServerName", VALUE => 'createTest2.suse.de' },
{ KEY => "VirtualByName", VALUE => 1 },
{ KEY => "ServerAdmin", VALUE => 'no@one.de' }
);
CreateHost( '192.168.1.2/createTest2.suse.de', \@temp );Example 117.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function removes the host with $hostid. If the hostid is not found, undef is returned.
Example 120.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a reference to an array of strings. The list contains all active apache2 module names. This is more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2.
Example 121.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 124.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a reference to an array of hashes. Each has has the following keys:
Example 125.
# list all modules with enabled/disabled state
my $knownMods = GetKnownModules();
my $activeMods = GetModuleList();
my %activeMods = ();
@activeMods{@$activeMods} = ();
foreach my $km ( @$knownMods ) {
my $state = (grep(/^$km$/, @$activeMods))?('on'):('off');
delete($activeMods{$km});
print "$km->{name} = $state\n";
}
# list active unknown mods now
foreach my $m ( keys(%activeMods ) ) {
print "$m = on\n";
}Example 128.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can turn on and off modules of the apache2 $modulelist is an array reference to a list of modulenames. This modifes more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2. Unknown modules are allowed too but they will be appendet to the end of the list.
Example 132.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this functions returns a reference to an array that contains hashes with information about all known module selections. One hash has the following keys:
Example 133.
my $knownSelList = GetKnownModuleSelections();
foreach my $kms ( @$knownSelList ) {
print "$kms->{id} = $kms->{summary}\n";
}Example 136.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a reference to an array that contains strings with the names of the active module selections.
Example 137.
my $selList = GetModuleSelectionsList();
print "active selections: ".join(',', @$selList)."\n";Example 140.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function modifies the module selection list. You can turn on and off module selections with the boolean $status. Changing the selections will directly influence the module list.
Example 141.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 ); ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 144.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can turn on and off the apache2 runlevel script. Turning off means, no apache2 start at boot time.
Example 145.
ModifyService(0); # turn apache2 off at boot time ModifyService(1); # turn apache2 on at boot time
Example 148.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can start and stop the apache2 service.
Example 149.
SwitchService( 0 ); # turning off the apache2 service SwitchService( 1 ); # turning on the apache2 service
Example 152.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can reload the apache2 service
Example 156.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can read out the state of the apache2 runlevel script (starting apache2 at boot time).
Example 160.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can configure the addresses and ports the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 161.
CreateListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup CreateListen( 443, 443, '', 1 ); # HTTPS on all interfaces CreateListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 164.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can delete an address and port the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. If the listen parameter can't be found, undef is returned. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 165.
DeleteListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup DeleteListen( 443, 443, '', 1 ); # HTTPS on all interfaces DeleteListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 168.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of hashes with the current listen data. Each hash has the following keys:
Example 169.
my $listenList = GetCurrentListen();
foreach my $ld ( @$listenList ) {
print "Listening on: ".$ld->{ADDRESS}."/".$ld->{PORT}."\n";
}Example 172.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of strings with the needed RPM packages for this service.
Example 173.
my $packList = GetServicePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run this service\n";
}Example 176.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of strings with the needed RPM pacakges for all activated apache2 modules.
Example 177.
my $packList = GetModulePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run the selected modules\n";
}Example 180.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}returns a string with the apache2 server flags like "-DSSL"
Example 184.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Put into $params any server flags ("Defines") that you want to hand over to httpd at start time, or other command line flags. This could be -D SSL, for example. Or -DSTATUS.
Example 188.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function writes the server certificate for the host with $hostID to the right place and sets the SSLCertificateFile directive to the right path. The certificate must be in PEM format and it can contain the private key too. If there is a private key in the PEM data, the SSLCertificateKeyFile directive is set too. The key can also be set via WriteServerKey. If the $pemData is undefined, an old certificate gets deleted and SSLCertificateFile directive gets dropped. Writing the server certificate does not turn on SSL automatically. On failure, undef is returned. The path for writing the certificate is /etc/apache2/ssl.crt the filename is $hostname-cert.pem
Example 189.
WriteServerCert('*:443', $pemData);
$host = GetHost('*:443');
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, $host );
ModifyHost('*:443', $host);Example 192.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function writes the server key for the host with $hostID to the right place and sets the SSLCertificateKeyFile directive to the right path. The key must be in PEM format and it can contain the certificate too. If there is a certificate in the PEM data, the SSLCertificateFile directive is set too. The certificate can also be set via WriteServerCert. If the $pemData is undefined, an old key gets deleted and SSLCertificateKeyFile directive gets dropped. Writing the server key does not turn on SSL automatically. On failure, undef is returned. The path for writing the keyfile is /etc/apache2/ssl.key the filename is $hostname-key.pem
this function writes the server CA for the host with $hostID to the right place and sets the SSLCACertificateFile directive to the right path. The CA must be in PEM format. If the $pemData is undefined, an old CA file gets deleted and SSLCACertificateFile directive gets dropped. Writing the server CA does not turn on SSL automatically. On failure, undef is returned. The path for writing the ca certificate file is /etc/apache2/ssl.crt the filename is $hostname-cacert.pem
this function returns the server certificate PEM data. Even if the key is stored in the same file, just the certificate part is returned. On failure, undef is returned.
Example 195.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns the server key in PEM format. Even if the certificate is stored in the same file, just the private key part is returned. On failure, undef is returned.
| | | |
| 6. YaPI::DNSD |  | 8. YaPI::LdapServer |