| 7. YaPI::HTTPD | ||
|---|---|---|
 |  | |
| 7. YaPI::HTTPD | ||
|---|---|---|
| | | |
This package is the public Yast2 API to configure the apache2.
This function returns a reference to a list of strings of all host ids. Even without any virtual host, there is always the "default" host id for the default host. On error, undef is returned and the Error() function can be used to get the error hash.
Example 105.
my $list = GetHostsList();
if( not defined($list) ) {
return Error();
}
foreach my $hostid ( @$list ) {
print "ID: $hostid\n";
}Example 106.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 109.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function returns a reference to a host data list. The format of the Host data list is described above. In case of an error (for example, if there is no host with such an id) undef is returned.
Example 110.
# dumping all configured hosts
my $hostList = GetHostsList();
if( not defined $hostList ) {
# error
}
foreach my $hostid ( @$hostList ) {
my @host = GetHost( $hostid );
print "# dumping $hostid\n";
foreach my $directive ( @host ) {
print $directive->{OVERHEAD}."\n";
print $directive->{KEY}.' '.$directive->{VALUE}."\n";
}
}Example 111.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 114.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function modifies the host with $hostid. The complete host data will be replaced with $hostdata.
Example 115.
# turn off SSL and setting a comment in config file
my @host = GetHost( $hostid );
foreach my $directive ( @host ) {
if( $directive->{KEY} eq 'SSL' ) {
$directive->{VALUE} = 2;
$directive->{OVERHEAD} = "# customer wants SSL to be required\n";
}
}
ModifyHost( $hostid, \@host );Example 116.
my @hostData = GetHost( $hostid );
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, \@hostData );
replaceKey( 'ServerAdmin', { KEY => 'ServerAdmin', VALUE => 'my@my.dom' }, \@hostData );
ModifyHost( $hostid, \@hostData );
sub replaceKey {
my $key = shift;
my $new = shift;
my $hostData = shift;
my $found = 0;
foreach( @$hostData ) {
if( $_->{KEY} eq $new->{KEY} ) {
$new->{OVERHEAD} = $_ ->{OVERHEAD} unless( exists($new->{OVERHEAD}) );
$_ = $new;
$found = 1;
last;
}
}
push( @$hostData, $new ) unless( $found );
return 1;
}Example 117.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 120.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function creates a host with $hostid. $hostdata is the host data array.
Example 121.
my @newHost = (
{ KEY => "ServerName", VALUE => 'createTest2.suse.de' },
{ KEY => "VirtualByName", VALUE => 1 },
{ KEY => "ServerAdmin", VALUE => 'no@one.de' }
);
CreateHost( '192.168.1.2/createTest2.suse.de', \@temp );Example 122.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 125.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}This function removes the host with $hostid. If the hostid is not found, undef is returned.
Example 126.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 129.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a reference to an array of strings. The list contains all active apache2 module names. This is more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2.
Example 130.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}this function returns a reference to an array of hashes. Each has has the following keys:
Example 131.
# list all modules with enabled/disabled state
my $knownMods = GetKnownModules();
my $activeMods = GetModuleList();
my %activeMods = ();
@activeMods{@$activeMods} = ();
foreach my $km ( @$knownMods ) {
my $state = (grep(/^$km$/, @$activeMods))?('on'):('off');
delete($activeMods{$km});
print "$km->{name} = $state\n";
}
# list active unknown mods now
foreach my $m ( keys(%activeMods ) ) {
print "$m = on\n";
}Example 134.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can turn on and off modules of the apache2 $modulelist is an array reference to a list of modulenames. This modifes more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2. Unknown modules are allowed too but they will be appendet to the end of the list.
Example 138.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this functions returns a reference to an array that contains hashes with information about all known module selections. One hash has the following keys:
Example 139.
my $knownSelList = GetKnownModuleSelections();
foreach my $kms ( @$knownSelList ) {
print "$kms->{id} = $kms->{summary}\n";
}Example 142.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a reference to an array that contains strings with the names of the active module selections.
Example 143.
my $selList = GetModuleSelectionsList();
print "active selections: ".join(',', @$selList)."\n";Example 146.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function modifies the module selection list. You can turn on and off module selections with the boolean $status. Changing the selections will directly influence the module list.
Example 147.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 ); ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 150.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can turn on and off the apache2 runlevel script. Turning off means, no apache2 start at boot time.
Example 151.
ModifyService(0); # turn apache2 off at boot time ModifyService(1); # turn apache2 on at boot time
Example 154.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can start and stop the apache2 service.
Example 155.
SwitchService( 0 ); # turning off the apache2 service SwitchService( 1 ); # turning on the apache2 service
Example 158.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can reload the apache2 service
Example 162.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can read out the state of the apache2 runlevel script (starting apache2 at boot time).
Example 166.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can configure the addresses and ports the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 167.
CreateListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup CreateListen( 443, 443, '', 1 ); # HTTPS on all interfaces CreateListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 170.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}with this function you can delete an address and port the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. If the listen parameter can't be found, undef is returned. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 171.
DeleteListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup DeleteListen( 443, 443, '', 1 ); # HTTPS on all interfaces DeleteListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 174.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of hashes with the current listen data. Each hash has the following keys:
Example 175.
my $listenList = GetCurrentListen();
foreach my $ld ( @$listenList ) {
print "Listening on: ".$ld->{ADDRESS}."/".$ld->{PORT}."\n";
}Example 178.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of strings with the needed RPM packages for this service.
Example 179.
my $packList = GetServicePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run this service\n";
}Example 182.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns a list of strings with the needed RPM pacakges for all activated apache2 modules.
Example 183.
my $packList = GetModulePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run the selected modules\n";
}Example 186.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}returns a string with the apache2 server flags like "-DSSL"
Example 190.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Put into $params any server flags ("Defines") that you want to hand over to httpd at start time, or other command line flags. This could be -D SSL, for example. Or -DSTATUS.
Example 194.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function writes the server certificate for the host with $hostID to the right place and sets the SSLCertificateFile directive to the right path. The certificate must be in PEM format and it can contain the private key too. If there is a private key in the PEM data, the SSLCertificateKeyFile directive is set too. The key can also be set via WriteServerKey. If the $pemData is undefined, an old certificate gets deleted and SSLCertificateFile directive gets dropped. Writing the server certificate does not turn on SSL automatically. On failure, undef is returned. The path for writing the certificate is /etc/apache2/ssl.crt the filename is $hostname-cert.pem
Example 195.
WriteServerCert('*:443', $pemData);
$host = GetHost('*:443');
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, $host );
ModifyHost('*:443', $host);Example 198.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function writes the server key for the host with $hostID to the right place and sets the SSLCertificateKeyFile directive to the right path. The key must be in PEM format and it can contain the certificate too. If there is a certificate in the PEM data, the SSLCertificateFile directive is set too. The certificate can also be set via WriteServerCert. If the $pemData is undefined, an old key gets deleted and SSLCertificateKeyFile directive gets dropped. Writing the server key does not turn on SSL automatically. On failure, undef is returned. The path for writing the keyfile is /etc/apache2/ssl.key the filename is $hostname-key.pem
this function writes the server CA for the host with $hostID to the right place and sets the SSLCACertificateFile directive to the right path. The CA must be in PEM format. If the $pemData is undefined, an old CA file gets deleted and SSLCACertificateFile directive gets dropped. Writing the server CA does not turn on SSL automatically. On failure, undef is returned. The path for writing the ca certificate file is /etc/apache2/ssl.crt the filename is $hostname-cacert.pem
this function returns the server certificate PEM data. Even if the key is stored in the same file, just the certificate part is returned. On failure, undef is returned.
Example 201.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}this function returns the server key in PEM format. Even if the certificate is stored in the same file, just the private key part is returned. On failure, undef is returned.
| | | |
| 6. YaPI::DNSD |  | 8. YaPI::LdapServer |