--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/MISC/apache/littlebird-tc Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,63 @@
+# Note: all lines following a # debconf line are managed
+# by debconf. If you want to take control, just remove the
+# # debconf line.
+
+<VirtualHost *:80>
+ # debconf: ServerAdmin {{serveradmin}}
+ ServerAdmin webmaster@example.com
+ # debconf: ServerName {{servername}}
+ ServerName www.example.com
+ # debconf: Redirect permanent / https://{{servername}}/
+ Redirect permanent / https://www.example.com/
+</VirtualHost>
+
+<IfModule mod_ssl.c>
+ <VirtualHost _default_:443>
+
+ # debconf: ServerAdmin {{serveradmin}}
+ ServerAdmin webmaster@example.com
+ # debconf: ServerName {{servername}}
+ ServerName www.example.com
+
+ DocumentRoot /srv/www/littlebird/TrustCenter/public
+ <Directory /srv/www/littlebird/TrustCenter/public>
+ RewriteEngine On
+ RewriteCond %{REQUEST_FILENAME} -s [OR]
+ RewriteCond %{REQUEST_FILENAME} -l [OR]
+ RewriteCond %{REQUEST_FILENAME} -d
+ RewriteRule ^.*$ - [NC,L]
+ RewriteRule ^.*$ index.php [NC,L]
+ AllowOverride All
+ Order allow,deny
+ allow from all
+ </Directory>
+
+ SSLEngine on
+ # debconf: SSLCertificateFile {{crt}}
+ SSLCertificateFile /etc/ssl/certs/www.example.com-crt.pem
+ # debconf: SSLCertificateKeyFile {{key}}
+ SSLCertificateKeyFile /etc/ssl/key/www.example.com-key.pem
+
+ SSLOptions +ExportCertData
+
+ SSLVerifyClient require
+ SSLVerifyDepth 2
+ SSLCACertificateFile /srv/www/littlebird/CA/certs/Trustcenter_CA_LB.pem
+ SSLCADNRequestFile /srv/www/littlebird/CA/certs/Trustcenter_CA.pem
+ <Location /css>
+ SSLVerifyClient none
+ </Location>
+ <Location /js>
+ SSLVerifyClient none
+ </Location>
+ <Location /images>
+ SSLVerifyClient none
+ </Location>
+
+ LogLevel warn
+ # debconf: ErrorLog ${APACHE_LOG_DIR}/{{servername}}/error.log
+ ErrorLog ${APACHE_LOG_DIR}/www.example.com/error.log
+ # debconf: CustomLog ${APACHE_LOG_DIR}/{{servername}}/access.log combined
+ CustomLog ${APACHE_LOG_DIR}/www.example.com/access.log combined
+ </VirtualHost>
+</IfModule>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/MISC/mysql/littlebird-tc-core.cnf Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,2 @@
+[mysql]
+default-character-set = utf8
--- a/debian/changelog Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/changelog Fri Sep 02 01:13:25 2011 +0200
@@ -1,3 +1,15 @@
+littlebird (2011072500-29) stable; urgency=low
+
+ * apache config and cert creation work now
+
+ -- Heiko Schlittermann <hs@schlittermann.de> Fri, 02 Sep 2011 01:12:43 +0200
+
+littlebird (2011072500-18) stable; urgency=low
+
+ * php configuration
+
+ -- Heiko Schlittermann <hs@schlittermann.de> Thu, 01 Sep 2011 15:14:03 +0200
+
littlebird (2011072500-17) stable; urgency=low
* database handling seems to be better than ever before.
--- a/debian/control Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/control Fri Sep 02 01:13:25 2011 +0200
@@ -2,7 +2,7 @@
Section: unknown
Priority: extra
Maintainer: Heiko Schlittermann <hs@schlittermann.de>
-Build-Depends: debhelper (>= 7.0.50~), rsync, bash
+Build-Depends: debhelper (>= 7.0.50~)
Standards-Version: 3.8.4
Homepage: <insert the upstream URL, if relevant>
#Vcs-Git: git://git.debian.org/collab-maint/littlebird.git
@@ -24,7 +24,7 @@
Architecture: all
Depends: ${shlibs:Depends}, ${misc:Depends}, littlebird-tc-common (>= ${source:Version}),
littlebird-tc-common (>= ${source:Version}),
- zend-server-php-5.3, php-5.3-loader-zend-server, bash
+ zend-server-php-5.3, php-5.3-loader-zend-server, php5-cli
Recommends: littlebird-tc-sql (>= ${source:Version})
Provides: littlebird-tc
Description: littlebird trustcenter core
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/littlebird-tc-core.config Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,23 @@
+#! /bin/sh
+set -e
+. /usr/share/debconf/confmodule
+
+prefix=littlebird-tc
+
+db_input critical $prefix/web/servername || true
+db_go || true
+
+db_get $prefix/web/servername && servername="${RET:-example.com}" || true
+
+domain=`echo $servername | tr . ' ' | fmt -1 | tail -n 2 | fmt -1000 | tr ' ' .`
+serveradmin="webmaster@$domain"
+
+db_set $prefix/web/serveradmin "$serveradmin" || true
+db_set $prefix/web/crt "/etc/ssl/certs/$servername-crt.pem" || true
+db_set $prefix/web/key "/etc/ssl/key/$servername-key.pem" || true
+
+db_input medium $prefix/web/serveradmin || true
+db_input medium $prefix/web/crt || true
+db_input medium $prefix/web/key || true
+
+db_go || true
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/littlebird-tc-core.install Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,3 @@
+LittleBird/encoded/LittleBird-Test/{CA,library,TrustCenter} /srv/www/littlebird
+debian/MISC/mysql/littlebird-tc-core.cnf /etc/mysql/conf.d
+debian/MISC/apache/littlebird-tc /etc/apache2/conf.d
--- a/debian/littlebird-tc-core.postinst Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/littlebird-tc-core.postinst Fri Sep 02 01:13:25 2011 +0200
@@ -3,6 +3,7 @@
# postinst script for littlebird
#
# see: dh_installdeb(1)
+. /usr/share/debconf/confmodule
set -e
@@ -26,6 +27,88 @@
chown -R :www-data "$DIR"
chmod -R g+w "$DIR"
+ # Timezone in /usr/local/zend/etc/php.ini
+ f=/usr/local/zend/etc/php.ini
+ perl -pi -e 's{^;?\s*(date\.timezone\s*=).*$}{$1 "Europe/Berlin"}' $f
+
+ # not sure if this conforms to policy: changing another packages
+ # config files
+ if test -d /etc/php5/cli; then
+ echo "# linking php.ini to zend" >&2
+ ( set -e
+ cd /etc/php5/cli
+ s=/usr/local/zend/etc/conf.php.ini
+ if test `readlink -f php.ini` != `readlink -f $s`
+ then
+ rm -vf php.ini
+ ln -vs $s php.ini
+ fi
+ )
+ fi
+
+ if test -d "/etc/php5/conf.d"; then
+ echo "# linkin other zend inis" >&2
+ ( set -e
+ cd /etc/php5/conf.d
+ for p in mysqli.ini curl.ini mcrypt.ini gd.ini
+ do
+ s=/usr/local/zend/etc/conf.d/$p
+ if test `readlink -f $p` != `readlink -f $s`
+ then
+ rm -vf $p
+ ln -vs $s .
+ fi
+ done
+ )
+ fi
+
+
+ # apache configuration
+ db_get littlebird-tc/web/servername && servername="$RET" || true
+ db_get littlebird-tc/web/serveradmin && serveradmin="$RET" || true
+ db_get littlebird-tc/web/crt && crt="$RET" || true
+ db_get littlebird-tc/web/key && key="$RET" || true
+
+ # snakeoil certificate
+ if test "$crt" && test "$key" && ! test -f "$crt" && ! test -f "$key"; then
+ mkdir -p `dirname $crt`
+ mkdir -p `dirname $key`
+ openssl req -new -x509 -days 10 -subj "/O=DEMO/CN=$servername" \
+ -out "$crt" -keyout "$key" -nodes
+ fi
+
+ # tweak the config file, but just the lines following a magical
+ # debconf line
+ perl - serveradmin="$serveradmin" servername="$servername" \
+ crt="$crt" key="$key" <<'_'
+ use strict;
+ use warnings;
+ my $mark = '# debconf:';
+ my %o;
+ foreach (@ARGV) { my ($k, $v) = split /=/, $_, 2; $o{$k} = $v; }
+ open(F, "+</etc/apache2/conf.d/littlebird-tc") or die;
+ $_ = join "", <F>;
+ s|^(([ \t]*?)# debconf: (.*?){{(.*?)}}(.*?)\n).*?\n|$1$2$3$o{$4}$5\n|migs;
+ seek(F, 0, 0);
+ print(F $_);
+ truncate(F, tell F);
+ close(F);
+_
+
+ # need log dir(s)
+ ( . /etc/apache2/envvars
+ file=`perl -ne '/^\s*errorlog\s+(\S+)/i&&print "$1\n"' /etc/apache2/conf.d/littlebird-tc`
+ dir=`eval dirname "$file"`
+ mkdir -p "$dir"
+ file=`perl -ne '/^\s*customlog\s+(\S+)/i&&print "$1\n"' /etc/apache2/conf.d/littlebird-tc`
+ dir=`eval dirname "$file"`
+ mkdir -p "$dir"
+ )
+
+
+ invoke-rc.d apache2 reload 1>&1
+ echo >&2
+
;;
abort-upgrade|abort-remove|abort-deconfigure)
@@ -40,6 +123,6 @@
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
-#DEBHELPER#
+
exit 0
--- a/debian/littlebird-tc-core.templates Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/littlebird-tc-core.templates Fri Sep 02 01:13:25 2011 +0200
@@ -1,3 +1,18 @@
+Template: littlebird-tc-core/TITLE
+Type: title
+Description: The littlebird trust center core package.
+
+Template: littlebird-tc/web/servername
+Type: string
+Description: The hostname we use to connect to the web server.
+ To connect to the web service we need a hostname. Please enter
+ the name of the host, the clients will try to connect to.
+ The name should match the CN of your SSL certificate.
+
+Template: littlebird-tc/web/serveradmin
+Type: string
+Description: Mail address of the (web) server admin.
+
Template: littlebird-tc/removal
Type: note
Description: The database needs to be cleaned!?
@@ -7,3 +22,15 @@
Please think about it, if you need to remove ANY traces,
you should consider dropping the database. Contact your friendly
database admin for doing it :-)
+
+Template: littlebird-tc/web/crt
+Type: string
+Description: pathname of the SSL certificate file
+ The HTTPS server uses an SSL certificate. Where is or where
+ will be the certificate file located?
+
+Template: littlebird-tc/web/key
+Type: string
+Description: pathname of the SSL certificate key file
+ The HTTPS server uses an SSL certificate. Where is or where
+ will be the certificate *KEY* file located?
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/littlebird-tc-sql.install Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,1 @@
+LittleBird/encoded/LittleBird-Test/Database/. /usr/share/littlebird/tc-sql
--- a/debian/littlebird-tc-sql.postinst Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/littlebird-tc-sql.postinst Fri Sep 02 01:13:25 2011 +0200
@@ -20,6 +20,8 @@
_mysql() { mysql -h"$host" -u"$adminuser" -p"$adminpass" "$@"; }
+tmp=`mktemp`
+trap "rm -f $tmp" EXIT INT QUIT TERM
case "$1" in
configure)
@@ -33,10 +35,14 @@
db_get littlebird-tc/db/name && name="$RET" || true
# check admin access
- _mysql -e "" mysql || {
- echo "Access to mysql database failed!" >&2
+ if ! _mysql -e "" mysql 2>$tmp; then
+ db_subst littlebird-tc/db/failure message "`cat $tmp`" || true
+ db_subst littlebird-tc/db/failure name "$name" || true
+ db_subst littlebird-tc/db/failure host "$host" || true
+ db_input critical littlebird-tc/db/failure || true
+ db_go || true
exit 1
- }
+ fi
if _mysql -e "" "$name" 2>/dev/null; then
db_subst littlebird-tc/db/exists name "$name" || true
--- a/debian/littlebird-tc-sql.templates Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/littlebird-tc-sql.templates Fri Sep 02 01:13:25 2011 +0200
@@ -4,7 +4,7 @@
Template: littlebird-tc/db/have-admin
Type: boolean
-Default: yes
+Default: no
Description: Do you have the data to access your database server as admin?
During the package configuration (postinst) we need to connect
to your database server and setup the littlebird schema, install
@@ -30,9 +30,19 @@
in the debconf database.)
Template: littlebird-tc/db/exists
-Type: note
+Type: error
Description: The database "${name}" exists already.
Since the database "${name}" seems to exist already, we will not
start any attempt to do anything.
.
Sorry, if this is not what you expected.
+
+Template: littlebird-tc/db/failure
+Type: error
+Description: Admin access to database failed.
+ We cannot access the database "${name}" on host "${host}".
+ The excuse we got:
+ .
+ ${message}
+ .
+ Sorry, if this is not what you expected.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/debian/patches/debian-changes-2011072500-18 Fri Sep 02 01:13:25 2011 +0200
@@ -0,0 +1,51 @@
+Description: Upstream changes introduced in version 2011072500-18
+ This patch has been created by dpkg-source during the package build.
+ Here's the last changelog entry, hopefully it gives details on why
+ those changes were made:
+ .
+ littlebird (2011072500-18) stable; urgency=low
+ .
+ * php configuration
+ .
+ The person named in the Author field signed this changelog entry.
+Author: Heiko Schlittermann <hs@schlittermann.de>
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- littlebird-2011072500.orig/LittleBird/encoded/LittleBird-Test/Database/install_test_iteration_2011-06.sh
++++ littlebird-2011072500/LittleBird/encoded/LittleBird-Test/Database/install_test_iteration_2011-06.sh
+@@ -2,7 +2,7 @@
+ # leichte Anpassungen durch hs@schlittermann.de
+ # Aufruf wie immer, dann werden die bisherigen Angaben *root* und das bisherige
+ # Passwort verwendet. Oder
+-# install_test_iteration_2011-06.sh DB_HOST DB_NAME DB_ADMINUSER DB_ADMINPASS DB_USER DB_PASS
++# install_test_iteration_2011-06.sh [options|--help]
+
+ # ACHTUNG: DIE DATENBANK WIRD KOMPLETT GEERDET!
+
+@@ -42,13 +42,13 @@ while true; do
+ --help) cat <<_HELP
+ Usage: $0 [options]
+ Options are
++ --replacing=s The version of the package being replaced ($REPLACING).
+ --host=s The address of the database host ($DB_HOST).
+ --db=s The name of the database to be used ($DB_NAME).
+ --adminuser=s The name of the SUPER user on the db server ($DB_ADMINUSER).
+ --adminpass=s The password for the user above ($DB_ADMINPASS).
+ --user=s The name of the user for NORMAL db operations ($DB_USER).
+ --pass=s The password for the user above ($DB_PASS).
+- --replacing=s The version of the package being replaced ($REPLACING).
+ _HELP
+ exit;;
+ --) break;;
--- a/debian/patches/series Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/patches/series Fri Sep 02 01:13:25 2011 +0200
@@ -1,3 +1,4 @@
debian-changes-2011072500-8
debian-changes-2011072500-14
debian-changes-2011072500-17
+debian-changes-2011072500-18
--- a/debian/rules Thu Sep 01 12:28:28 2011 +0200
+++ b/debian/rules Fri Sep 02 01:13:25 2011 +0200
@@ -7,24 +7,11 @@
# This special exception was added by Craig Small in version 0.37 of dh-make.
# Uncomment this to turn on verbose mode.
-#export DH_VERBOSE=1
-
-SHELL=/bin/bash
-
-core=debian/littlebird-tc-core
-sql=debian/littlebird-tc-sql
-
+export DH_VERBOSE=1
%:
dh $@
-override_dh_auto_install:
- # tc core -> ${core}
- install -d -m 0755 ${core}/srv/www/littlebird
- rsync -a LittleBird/encoded/LittleBird-Test/{CA,library,TrustCenter} ${core}/srv/www/littlebird/
- # tc sql -> ${sql}
- install -d -m 0755 ${sql}/usr/share/littlebird/tc-sql/
- rsync -a LittleBird/encoded/LittleBird-Test/Database/ ${sql}/usr/share/littlebird/tc-sql/
-
+# to speed up things during build process
override_dh_strip: ; true
override_dh_shlibdeps: ; true