summaryrefslogtreecommitdiff
path: root/recipes-core
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-core')
-rw-r--r--recipes-core/lighttpd/files/lighttpd.init310
-rw-r--r--recipes-core/lighttpd/lighttpd_1.4.48.bb2
2 files changed, 0 insertions, 312 deletions
diff --git a/recipes-core/lighttpd/files/lighttpd.init b/recipes-core/lighttpd/files/lighttpd.init
deleted file mode 100644
index 39860d3..0000000
--- a/recipes-core/lighttpd/files/lighttpd.init
+++ /dev/null
@@ -1,310 +0,0 @@
-#!/bin/sh
-
-enable -f libjsonget.so jsonget
-
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/sbin/lighttpd
-NAME=lighttpd
-ANGEL=/sbin/lighttpd-angel
-DESC="Lighttpd Web Server"
-# Web UI
-OPTS="-D -f /etc/lighttpd.conf"
-# Node-RED stub
-OPTS_NRS="-f /etc/lighttpd_nrs.conf"
-
-CAPA_NODE_RED=$(jsonget "$(< /var/run/config/device_info.json)" /capabilities/nodeRed)
-
-CONF_DIR=/var/config
-RUN_CONF_DIR=/var/run/config
-
-true2enable() {
- if [[ "$1" == "true" ]]; then
- echo "enable"
- else
- echo "disable"
- fi
-}
-
-#Generates additional lighttpd configuration files
-#1) Enables HTTPS
-#2) Allows port configurations for HTTP and HTTPS
-#3) Enables dipservice
-#4) Allows port configurations for dipservice
-generate_config() {
- FILE="$RUN_CONF_DIR/lighttpd_port.conf"
- FILE_DIP="$RUN_CONF_DIR/lighttpd_dipservice.conf"
-
- #Pull Webserver Ports
- RMA=$(jsonget "$(< "/var/config/db.json")" /remoteAccess)
- HTTP_ENABLED=$(jsonget "$RMA" /http/enabled)
- HTTP_PORT=$(jsonget "$RMA" /http/port)
- HTTPS_REDIRECT=$(jsonget "$RMA" /http/redirectToHttps)
- HTTPS_ENABLED=$(jsonget "$RMA" /https/enabled)
- HTTPS_PORT=$(jsonget "$RMA" /https/port)
-
- # Advanced secure protocol settings
- ADVANCED_SEC_VALID="false"
- ADVANCED_SEC=$(jsonget "$(< "/var/config/db.json")" /secureProtocols/2)
-
- if [[ "0" == "$?" ]]; then
- ADVANCED_SEC_NAME=$(jsonget "$ADVANCED_SEC" /name)
- if [[ "$ADVANCED_SEC_NAME" == "lighttpd" ]]; then
- ADVANCED_SEC_VALID="true"
- HTTPS_SSL3=$(true2enable "false") # $(true2enable $(jsonget "$ADVANCED_SEC" /protocol/ssl3))
- HTTPS_TLS1=$(true2enable "false") # $(true2enable $(jsonget "$ADVANCED_SEC" /protocol/tls1))
- HTTPS_TLS1_1=$(true2enable $(jsonget "$ADVANCED_SEC" /protocol/tls1_1))
- HTTPS_TLS1_2=$(true2enable $(jsonget "$ADVANCED_SEC" /protocol/tls1_2))
- HTTPS_CIPHER=$(jsonget "$ADVANCED_SEC" /cipherSuite)
- if [[ -z $HTTPS_CIPHER && -f /etc/ssl/allowed_ciphersuites ]]; then
- HTTPS_CIPHER=$( cat /etc/ssl/allowed_ciphersuites | tr "\n" ":" )
- fi
- CLIENT_VERIFY=$(jsonget "$ADVANCED_SEC" /client/verify )
- fi
- fi
-
- if [[ "$ADVANCED_SEC_VALID" != "true" ]]; then
- echo "API init. Using default SSL security settings"
- # In case of invalid Advanced Security section - start with default parameters
- HTTPS_SSL3=$(true2enable "false")
- HTTPS_TLS1=$(true2enable "false")
- HTTPS_TLS1_1=$(true2enable "false")
- HTTPS_TLS1_2=$(true2enable "true")
- HTTPS_CIPHER=""
- CLIENT_VERIFY="false"
- fi
-
- #("Protocol" => "-ALL, TLSv1.2")
- HTTPS_SSL_CONF='("Protocol" => "-ALL'
-
- if [[ "$HTTPS_TLS1" == "enable" ]]; then
- HTTPS_SSL_CONF+=', TLSv1'
- fi
- if [[ "$HTTPS_TLS1_1" == "enable" ]]; then
- HTTPS_SSL_CONF+=', TLSv1.1'
- fi
- if [[ "$HTTPS_TLS1_2" == "enable" ]]; then
- HTTPS_SSL_CONF+=', TLSv1.2'
- fi
- HTTPS_SSL_CONF+='")'
-
- #Generate Lighttpd dipservice config
- DIP=$(jsonget "$(< "$CONF_DIR/db.json")" /customDiagnostic || echo '{ "enabled": false, "port":8080 }')
- DIP_ENABLED=$(jsonget "$DIP" /enabled)
- DIP_PORT=$(jsonget "$DIP" /port)
-
- echo "Generating $FILE_DIP"
- > "$FILE_DIP"
-
- #Generate Lighttpd Port Config
- echo "Generating $FILE"
- > "$FILE"
-
- if [[ "$DIP_ENABLED" == "true" ]]; then
- cat >> $FILE_DIP <<END
-\$SERVER["socket"] == "0.0.0.0:$DIP_PORT" {
- fastcgi.server = (
- "/" => (
- (
- "host" => "127.0.0.1",
- "port" => 9009,
- "check-local" => "disable",
- "bin-path" => "/sbin/dipservice -d /var/config/dipdata",
- "max-procs" => 1,
- "docroot" => "/var/config/dipdata"
- )
- )
- )
-}
-END
- fi
-
- cat >> $FILE <<END
-#AUTO-GENERATED LIGHTTPD HTTP/HTTPS CONFIGURATIONS
-#DO NOT CHANGE THIS FILE -> CHANGE $0
-END
-
-#Explicitly set the default listening port to HTTP port.
-cat >> $FILE <<END
-
-# listen to ipv4
-server.bind = "0.0.0.0"
-server.port = "$HTTP_PORT"
-END
-
- if [ "$HTTPS_ENABLED" = "true" ]; then
- # Enable HTTPS for ipv4/ipv6
- # See (https://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config#Recommended-IPv6-setup)
-
- HTTPS_SSL_ENGINE_CONFIG="ssl.engine = \"enable\"
- ssl.use-sslv3 = \"$HTTPS_SSL3\"
- ssl.openssl.ssl-conf-cmd = $HTTPS_SSL_CONF
- ssl.pemfile = \"$CONF_DIR/server.pem\""
-
- if [ "$CLIENT_VERIFY" = "true" ]; then
- HTTPS_SSL_ENGINE_CONFIG+="ssl.ca-file = \"/etc/ssl/certs/ca-certificates.crt\"
- ssl.verifyclient.activate = \"enable\"
- ssl.verifyclient.enforce = \"enable\""
- fi
-
- if [ -n "$HTTPS_CIPHER" ]; then
- HTTPS_SSL_ENGINE_CONFIG+="
- ssl.cipher-list = \"$HTTPS_CIPHER\""
- fi
-
- cat >> $FILE <<END
-
-# ipv4 socket
-\$SERVER["socket"] == "0.0.0.0:$HTTPS_PORT" {
- $HTTPS_SSL_ENGINE_CONFIG
-}
-
-# ipv6 socket
-\$SERVER["socket"] == "[::]:$HTTPS_PORT" {
- $HTTPS_SSL_ENGINE_CONFIG
-}
-
-END
-
- fi
-
-
- # Ensure that loopback can always access port 80
- if [ "$HTTP_PORT" != 80 ]; then
- echo "\$SERVER[\"socket\"] == \"127.0.0.1:80\" { }" >> $FILE
- fi
-
- # Enable redirect from HTTP to HTTPS if enabled
- if [ "$HTTPS_REDIRECT" == "true" ]; then
- HTTPS_REDIRECT_CONFIG="\$SERVER[\"socket\"] == \":$HTTP_PORT\" {
- \$HTTP[\"host\"] =~ \"^([^:^/]*)(:\d*)?(.*)\" {
- url.redirect = ( \"^/(.*)\" => \"https://%1:$HTTPS_PORT/\$1\" )
- }
- } else "
- fi
-
- HTTPX_REWRITE_URL='url.rewrite-once = ( "^/(?!static|api|tmp|help)(.+)/?$" => "/index.html" )'
-
- #BREAKDOWN
- # LINE 1: CHECK: REMOTE IP IS NOT 127.0.0.1 (LOOPBACK)
- # LINE 2: CHECK: DEST PORT IS THE HTTP PORT LIGHTTPD IS LISTENING ON
- # LINE 3: CHECK: HOST ADDRESS (ex: 192.168.2.1:81/whatever) MATCHES THE REGEX [DOMAIN][PORT (optional)][URI]
- # THE REGEX FROM LINE 3 CAN BE ACCESSED IN LINE 4 WITH '%#' (ex: %1 == DOMAIN, %2 == PORT, %3 == URI)
- # LINE 4: FUNCTION: REGEX THE URI ([MATCH ALL]) AND BUILD THE REDIRECT URL
- # THE REGEX FROM LINE 4 CAN BE ACCESSED IN THE REDIRECT CONSTRUCTION WITH '$#' (ex: $1 == THE ENTIRE URI)
-
- cat >> $FILE <<END
-\$HTTP["remoteip"] != "127.0.0.1" {
- $HTTPS_REDIRECT_CONFIG \$HTTP["host"] =~ "^([^:^/]*)(:\d*)?(.*)" {
- \$SERVER["socket"] == "[::]:$HTTPS_PORT" {
- $HTTPX_REWRITE_URL
- }
- \$SERVER["socket"] == ":$HTTPS_PORT" {
- $HTTPX_REWRITE_URL
- }
- \$SERVER["socket"] == ":$HTTP_PORT" {
- $HTTPX_REWRITE_URL
- }
- }
-}
-END
-}
-
-populate_www_images() {
- local CONFIGIMAGES="/var/config/images"
- local OEMIMAGES="/var/oem/images"
- local WWWIMAGES="/var/volatile/www/images"
- local WWWIMAGES_RO="/var/www/images_ro"
-
- # Populate images only once per boot
- if [ ! -d $WWWIMAGES ]; then
-
- # Copy from oem partition to config partition
- if [ ! -d $CONFIGIMAGES ]; then
- if [ -d $OEMIMAGES ]; then
- echo "Copying oem images"
- mkdir -p $CONFIGIMAGES
- cp -rf $OEMIMAGES/* $CONFIGIMAGES
- fi
- fi
-
- # Copy from root partition to RAM
- mkdir -p $WWWIMAGES
- cp -rf $WWWIMAGES_RO/* $WWWIMAGES
-
- # Overwrite with /var/config/images
- if [ -d $CONFIGIMAGES ]; then
- cp -rf $CONFIGIMAGES/* $WWWIMAGES
- fi
- fi
-}
-
-wait_ready() {
- # wait api
- local retry=0
- local MAX=30
- sleep 1
- while [ $retry -lt $MAX ]; do
- if [ "200" == "$(curl -s --unix-socket /var/run/api/http.sock -I -o /dev/null -w "%{http_code}" http://localhost/api/system)" ]; then
- return
- fi
- retry=$(( $retry + 1 ))
- echo "Waiting for API ($retry/$MAX)..."
- sleep 1
- done
- echo "Failed waiting API!"
-}
-
-start() {
- mkdir -p /var/volatile/www/tmp
- lighttpd_custom_images_setup # detect mime types for UI Customization images and generate Lighttpd config fragment
-
- generate_config
-
- start-stop-daemon --start --background --exec $ANGEL -- $DAEMON $OPTS
-
- if [ "$CAPA_NODE_RED" = "true" ]; then
- start-stop-daemon --start -x "$DAEMON" -p /var/run/lighttpd_nrs.pid -- $OPTS_NRS
- fi
-
- wait_ready
-}
-
-stop() {
- start-stop-daemon --stop --exec $ANGEL
-
- if [ "$CAPA_NODE_RED" = "true" ]; then
- start-stop-daemon --stop -x "$DAEMON" -p /var/run/lighttpd_nrs.pid
- rm -f /var/run/lighttpd_nrs.pid
- fi
-
- rm -f /var/run/config/lighttpd_*
-}
-
-populate_www_images
-
-case "$1" in
- start)
- echo -n "Starting $DESC: "
- start
- echo "$NAME."
- ;;
- stop)
- echo -n "Stopping $DESC: "
- stop
- echo "$NAME."
- ;;
- restart|force-reload)
- echo -n "Restarting $DESC: "
- stop
- sleep 1
- start
- echo "$NAME."
- ;;
- *)
- N=/etc/init.d/$NAME
- echo "Usage: $N {start|stop|restart|force-reload}" >&2
- exit 1
- ;;
-esac
-
-exit 0
diff --git a/recipes-core/lighttpd/lighttpd_1.4.48.bb b/recipes-core/lighttpd/lighttpd_1.4.48.bb
index a6b5d60..776acc9 100644
--- a/recipes-core/lighttpd/lighttpd_1.4.48.bb
+++ b/recipes-core/lighttpd/lighttpd_1.4.48.bb
@@ -28,7 +28,6 @@ RDEPENDS_${PN} += "bash file file-magic-db-images"
SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.gz \
file://lighttpd.conf \
file://lighttpd_nrs.conf \
- file://lighttpd.init \
file://lighttpd_custom_images_setup \
file://0001-lighttpd-pcre-use-pkg-config.patch;apply=true \
file://0004_fastcgi_env_with_unixsocket.patch;apply=true \
@@ -65,7 +64,6 @@ do_install_append() {
install -d ${D}${sysconfdir}/init.d ${D}${sysconfdir}/lighttpd.d ${D}/www/pages/dav
install -d 0644 ${D}${sysconfdir}/ssl
install -m 0755 --group www -d ${D}${localstatedir}/www
- install -m 0755 ${WORKDIR}/lighttpd.init ${D}${sysconfdir}/init.d/lighttpd
install -m 0644 --group www ${WORKDIR}/lighttpd.conf ${D}${sysconfdir}
install -m 0644 --group www ${WORKDIR}/lighttpd_nrs.conf ${D}${sysconfdir}