#!/bin/sh
# Install v1.0  (c) 8.10.2002 by Andreas Ley  (u) 10.10.2002
# Set up virtual host

global=/usr/machine/etc/httpd
common=/usr/common/machine/etc/httpd
doc=/usr/common/rzserv/doc/apache
prefix=/usr/local/etc/httpd

usage()
{
	echo "Usage: `basename $0` [-s] [-m mailaddress] [-v] username subdirectory virtual-host" >&2
	echo "Or:    `basename $0` [-u] virtual-host" >&2
	#echo "-G  Set global path" >&2			# Unsupported
	#echo "-C  Set common path" >&2			# Unsupported
	#echo "-P  Set prefix (implies -c)" >&2		# Unsupported
	echo "-s  Install secure server" >&2
	#echo "-g  Generate self-signed certificate" >&2
	echo "-m  Set admin mail address (defaults to webmaster@domain)" >&2
	#echo "-l  Listen on given interface (hostname or ip-addr) (implies -c)" >&2
	echo "-u  Uninstall virtual host" >&2
	echo "    (You will loose all log files and local configuration, including ssl keys!)" >&2
	exit 1
}

set -- `getopt G:C:P:sgm:l:uhx $*` || usage

trace=false
while :; do
	case $1 in
		-h)     sed '1d;s/^# *//;/^$/q' $0; usage;;
		-x)	set -x; trace=true; shift;;
		-G)     global=$2; shift 2;;
		-C)     common=$2; shift 2;;
		-P)     prefix=$2; shift 2;;
		-s)     test -n "${uninstall}" && usage;
			cert=yes; shift;;
		-g)     test -n "${uninstall}" && usage;
			ssl_opts="-S"; shift;;
		-m)     test -n "${uninstall}" && usage;
			mail=$2; shift 2;;
		-l)     test -n "${uninstall}" && usage;
			listen=$2; shift 2;;
		-u)     test -n "${cert}${mail}${listen}" && usage;
			uninstall=yes; shift;;
		--)     shift; break;;
	esac
done

if test ! -d ${prefix}/conf/vhost -o ! -d ${prefix}/conf/vhosts; then
	echo "No support for virtual hosts! Use INSTALL with -v" >&2
	exit 1
fi

if test -z "${uninstall}"; then
	test $# -lt 2 && usage
	account="$1"
	subdir="$2"
	shift 2
fi
test $# -ne 1 && usage
vhost="$1"

if id | grep '^uid=0' >/dev/null; then :; else
	echo "Must be root to install." >&2
	exit 1
fi

PATH=/usr/machine/bin:/usr/machine/sbin:$PATH:/usr/segment/bin; export PATH

umask 0022

if test -n "${uninstall}"; then

###############################################################################
#
# Remove virtual host configuration, ssl keys and log files
#

if test -f ${prefix}/conf/vhosts/${vhost}; then
	rm -f ${prefix}/conf/vhosts/${vhost}
	rm -f ${prefix}/conf/vhost/${vhost}
	rm -f ${prefix}/conf/ssl/${vhost}.*
	rm -rf ${prefix}/logs/${vhost}
else
	echo "${vhost} not installed." >&2
	exit 1
fi

else

###############################################################################
#
# Check parameters
#

user=`getpwent -n ${account} 2>/dev/null`
if test -z "${user}"; then
	echo "Bad username: ${account}" >&2
	exit 1
fi

gid=`getpwent -g ${account}`
group=`getgrent -n -G ${gid} 2>/dev/null`
if test -z "${group}"; then
	echo "Bad group for: ${account}" >&2
	exit 1
fi

home=`getpwent -d ${account}`
if test -z "${home}" -o "${home}" = "/" -o "${home}" = "/tmp"; then
	echo "Bad home directory: ${account}" >&2
	exit 1
fi

#docs=`echo "${home}/${subdir}/htdocs" | sed 's/\/\/\/*/\//g;s/\/\/*$//'`
docs=`echo "${home}/${subdir}" | sed 's/\/\/\/*/\//g;s/\/\/*$//'`
if test ! -d "${docs}"; then
	echo "Bad subdirectory: ${docs}" >&2
	exit 1
fi

#cgis=`echo "${home}/${subdir}/cgi-bin" | sed 's/\/\/\/*/\//g;s/\/\/*$//'`
#if test ! -d "${cgis}"; then
#	#echo "Bad subdirectory: ${cgis}" >&2
#	#exit 1
#	unset cgis
#fi

if test -z "${mail}"; then
	domain=`echo "${vhost}" | sed 's/^[^.]*\.//'`
	mail="webmaster@${domain}"
fi

###############################################################################
#
# Check virtual host dns entry
#

if host -t a ${vhost}. >/dev/null 2>&1; then
	ip=`host -t a ${vhost}. | awk '$2=="A"{print$3}'`
else
	echo "Host ${vhost} not defined." >&2
	exit 1
fi

###############################################################################
#
# Create virtual host configuration file
#

(echo "################################################################################"
echo "#"
echo "#  Configuration for virtual hosts on ${vhost}"
echo "#"
echo "#  These are the configuration directives common to all virtual host entries."
echo "#  Note: These are not the real virtual host entries themselves; you will find"
echo "#  them in conf/vhosts/${vhost}"
echo "#"
echo
echo "ServerName	${vhost}"
echo "ServerAdmin	${mail}"
#echo
#echo "User		${user}"
#echo "Group		${group}"
echo
echo "DocumentRoot	${docs}"
echo
echo "TransferLog	logs/${vhost}/access_log"
echo "ScriptLog	logs/${vhost}/script_log"
#echo
#echo "ScriptAlias	/cgi-bin/ ${cgis}/"
#echo
#echo "<Directory ${cgis}>"
#echo "	Options FollowSymlinks"
#echo "	AllowOverride None"
#echo "	Order Allow,Deny"
#echo "	Allow from All"
#echo "</Directory>"
#echo
#echo "<Location /cgi-bin/phf*>"
#echo "	Order Allow,Deny"
#echo "	Deny from All"
#echo "	ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi"
#echo "</Location>"
) >${prefix}/conf/vhost/${vhost}
chown wwwadm ${prefix}/conf/vhost/${vhost}
chgrp wwwadm ${prefix}/conf/vhost/${vhost}

(echo "################################################################################"
echo "#"
echo "#  Virtual hosts on ${vhost}"
echo "#"
echo "#  These are the main virtual host entries. Note that they don't contain the"
echo "#  configuration directives common to all virtual host entries; you will find"
echo "#  them in conf/vhost/${vhost}"
echo "#"

name="_default_"
if test -n "${cert}"; then
	#echo
	#echo "Listen	${ip}:80"
	#echo "Listen	${ip}:443"
	name="${ip}"
fi

echo
echo "<VirtualHost ${name}:80>"
echo "Include			conf/vhost/${vhost}"
echo "</VirtualHost>"

if test -n "${cert}"; then
	echo
	echo "<IfModule mod_ssl.c>"
	echo "<VirtualHost ${name}:443>"
	echo "Include			conf/vhost/${vhost}"
	echo "Include			conf/ssl.conf"
	echo "SSLCertificateFile	conf/ssl/${vhost}.crt"
	echo "SSLCertificateKeyFile	conf/ssl/${vhost}.key"
#	echo "<Directory ${cgis}>"
#	echo "	SSLOptions +StdEnvVars"
#	echo "</Directory>"
	echo "SSLLogLevel		warn"
	echo "SSLLog			logs/${vhost}/ssl_log"
	echo "CustomLog		logs/${vhost}/ssl_request_log \"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \\\"%r\\\" %b\""
	echo "</VirtualHost>"
	echo "</IfModule>"
fi

) >${prefix}/conf/vhosts/${vhost}
chown wwwadm ${prefix}/conf/vhosts/${vhost}
chgrp wwwadm ${prefix}/conf/vhosts/${vhost}

###############################################################################
#
# Set up subdirectory for access log files
#

mkdir -p ${prefix}/logs/${vhost}
chown wwwadm ${prefix}/logs/${vhost}
chgrp www ${prefix}/logs/${vhost}
chmod 770 ${prefix}/logs/${vhost}

###############################################################################
#
# Create private key and certificate signing request
#

if test -n "${cert}"; then
	path=${prefix}/conf/ssl/${vhost}
	if test ! -s ${path}.crt; then
		echo "WARNING: Your secure server key hasn't been certified yet."
		rm -f ${path}.csr ${path}.txt
		su wwwadm -c "/usr/segment/bin/ssl-request ${ssl_opts} `test -s ${path}.key || echo \"-g\"` -n ${vhost} -m ${mail} ${path}.key"
	fi
fi

###############################################################################
#
# Reload http daemon configuration
#

if test -x ${prefix}/bin/vhost_setup; then
	eval ${prefix}/bin/vhost_setup
fi
if test -s ${prefix}/logs/httpd.pid; then
	kill -USR1 `head -1 ${prefix}/logs/httpd.pid`
fi

###############################################################################

fi

exit 0