source: trunk/server/fedora/config/etc/httpd/vhosts.d/reify-vhost.py @ 2731

Last change on this file since 2731 was 2731, checked in by andersk, 10 years ago
Configure reified vhosts through LDAP Reduces duplication, allows the owners to configure these vhosts through Pony again, and potentially simplifies future automation.
  • Property svn:executable set to *
File size: 1.8 KB
Line 
1#!/usr/bin/python
2#
3# Converts an apacheConfig record from LDAP, as used by mod_vhost_ldap,
4# into a <VirtualHost> record as used in an Apache conf.d directory.
5# Useful for adding things like SSL server certs that mod_vhost_ldap
6# doesn't support.
7#
8# Usage:
9# scripts# cd /etc/httpd/vhosts.d
10# scripts# ./reify-vhost.py geofft > geofft.conf
11# scripts# service httpd graceful
12#
13# Geoffrey Thomas <geofft@mit.edu>, 2008, public domain.
14
15import ldap
16import ldap.filter
17import pwd
18import sys
19
20ll = ldap.initialize("ldapi://%2fvar%2frun%2fslapd-scripts.socket/")
21ll.simple_bind_s("", "")
22
23host = sys.argv[1]
24
25r = ll.search_s(
26    "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu",
27    ldap.SCOPE_SUBTREE,
28    ldap.filter.filter_format(
29            "(&(objectClass=apacheConfig)" +
30            "(|(apacheServerName=%s)" +
31            "(apacheServerAlias=%s)))",
32           [host, host]))
33if len(r) != 0:
34    serveralias = ""
35    if 'apacheServerAlias' in r[0][1]:
36        serveralias = "ServerAlias "+" ".join(r[0][1]['apacheServerAlias'])
37    print """\
38<IfModule ssl_module>
39        <VirtualHost *:443>
40                ServerName %(servername)s
41                %(serveralias)s
42                Include conf.d/vhost_ldap.conf
43                Include conf.d/vhosts-common-ssl.conf
44                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
45                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
46        </VirtualHost>
47        <VirtualHost *:444>
48                ServerName %(servername)s
49                %(serveralias)s
50                Include conf.d/vhost_ldap.conf
51                Include conf.d/vhosts-common-ssl.conf
52                Include conf.d/vhosts-common-ssl-cert.conf
53                SSLCertificateFile /etc/pki/tls/certs/%(hname)s.pem
54                SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key
55        </VirtualHost>
56</IfModule>""" % {
57    'servername': r[0][1]['apacheServerName'][0],
58    'serveralias': serveralias,
59    'hname': host
60}
61
62# vim: set ts=4 sw=4 et:
Note: See TracBrowser for help on using the repository browser.