ok, seems to work.
--- a/debian/MISC/apache/littlebird-tc Fri Sep 02 11:10:36 2011 +0200
+++ b/debian/MISC/apache/littlebird-tc Fri Sep 02 12:57:40 2011 +0200
@@ -1,17 +1,22 @@
# Note: all lines following a # debconf line are managed
# by debconf. If you want to take control, just remove the
# # debconf line.
+<IfModule mod_ssl.c>
+ # debconf: {{listen}}
+ # Listen 443
+</IfModule>
<VirtualHost *:80>
# debconf: ServerAdmin {{serveradmin}}
ServerAdmin webmaster@example.com
# debconf: ServerName {{servername}}
ServerName www.example.com
- # debconf: Redirect permanent / https://{{servername}}/
+ # debconf: Redirect permanent / {{serverurl}}
Redirect permanent / https://www.example.com/
</VirtualHost>
<IfModule mod_ssl.c>
+ # debconf: <VirtualHost _default_:{{serverport}}>
<VirtualHost _default_:443>
# debconf: ServerAdmin {{serveradmin}}
--- a/debian/changelog Fri Sep 02 11:10:36 2011 +0200
+++ b/debian/changelog Fri Sep 02 12:57:40 2011 +0200
@@ -1,3 +1,10 @@
+littlebird (2011072500-46) stable; urgency=low
+
+ * ssl port is debconf managed now, application ini is
+ managed (no config file!) and everthing seems to work
+
+ -- Heiko Schlittermann <hs@schlittermann.de> Fri, 02 Sep 2011 12:56:10 +0200
+
littlebird (2011072500-40) stable; urgency=low
* almost perfect now. ssl gets started.
--- a/debian/littlebird-tc-core.config Fri Sep 02 11:10:36 2011 +0200
+++ b/debian/littlebird-tc-core.config Fri Sep 02 12:57:40 2011 +0200
@@ -5,6 +5,7 @@
prefix=littlebird-tc
db_input critical $prefix/web/servername || true
+db_input medium $prefix/web/serverport || true
db_go || true
db_get $prefix/web/servername && servername="${RET:-example.com}" || true
--- a/debian/littlebird-tc-core.postinst Fri Sep 02 11:10:36 2011 +0200
+++ b/debian/littlebird-tc-core.postinst Fri Sep 02 12:57:40 2011 +0200
@@ -67,6 +67,7 @@
# apache configuration
db_get littlebird-tc/web/servername && servername="$RET" || true
+ db_get littlebird-tc/web/serverport && serverport="$RET" || true
db_get littlebird-tc/web/serveradmin && serveradmin="$RET" || true
db_get littlebird-tc/web/crt && crt="$RET" || true
db_get littlebird-tc/web/key && key="$RET" || true
@@ -94,23 +95,28 @@
db_go || true
fi
fi
- # permissions for the cert
- test "$key" && {
- chown root: "$key"
- chmod -v go= "$key"
- }
# tweak the config file, but just the lines following a magical
# debconf line
- perl - serveradmin="$serveradmin" servername="$servername" \
+ perl - serveradmin="$serveradmin" servername="$servername" serverport="$serverport" \
crt="$crt" key="$key" <<'_'
use strict;
use warnings;
my $mark = '# debconf:';
my %o;
- foreach (@ARGV) { my ($k, $v) = split /=/, $_, 2; $o{$k} = $v; }
+ foreach (@ARGV) { my ($k, $v) = split /=/, $_, 2; $o{$k} = $v }
+ if ($o{serverport} eq "443") {
+ $o{serverurl} = "https://$o{servername}/";
+ $o{listen} = "# Listen 443";
+ }
+ else {
+ $o{serverurl} = "https://$o{servername}:$o{serverport}/";
+ $o{listen} = "Listen $o{serverport}";
+ }
+
+
open(F, "+</etc/apache2/conf.d/littlebird-tc") or die;
- $_ = join "", <F>;
+ $_ = join "" => <F>;
s|^(([ \t]*?)# debconf: (.*?){{(.*?)}}(.*?)\n).*?\n|$1$2$3$o{$4}$5\n|migs;
seek(F, 0, 0);
print(F $_);
@@ -128,6 +134,38 @@
mkdir -p "$dir"
)
+ # fix application_ini, there should be a cleaner approach
+
+ db_get littlebird-tc/db/name && dbname="$RET" || true
+ db_get littlebird-tc/db/host && dbhost="$RET" || true
+ db_get littlebird-tc/db/user && dbuser="$RET" || true
+ db_get littlebird-tc/db/pass && dbpass="$RET" || true
+ perl - dbname="$dbname" dbhost="$dbhost" dbuser="$dbuser" dbpass="$dbpass" \
+ servername="$servername" serverport="$serverport" \
+ <<'_'
+ use strict;
+ use warnings;
+ my %o; foreach (@ARGV) { my ($k, $v) = split /=/, $_, 2; $o{$k} = $v }
+
+ if ($o{serverport} eq "443") { $o{serverurl} = "https://$o{servername}" }
+ else { $o{serverurl} = "https://$o{servername}:$o{serverport}" }
+
+ open(F, "+</srv/www/littlebird/TrustCenter/application/configs/application_installation.ini")
+ or die;
+ $_ = join "" => <F>;
+ s|^(\Qresources.db.params.dbname\E\s*=).*|$1 $o{dbname}|mig;
+ s|^(\Qresources.db.params.host\E\s*=).*|$1 $o{dbhost}|mig;
+ s|^(\Qresources.db.params.username\E\s*=).*|$1 $o{dbuser}|mig;
+ s|^(\Qresources.db.params.password\E\s*=).*|$1 $o{dbpass}|mig;
+ s|^(\Qlittlebird.trustcenter.url\E\s*=).*|$1 $o{serverurl}|mig;
+ s|/opt/LittleBird/LittleBird(?:-Test)?|/srv/www/littlebird|mig;
+ seek(F, 0, 0);
+ print(F $_);
+ truncate(F, tell F);
+ close(F);
+_
+
+
db_stop || true
a2enmod ssl
--- a/debian/littlebird-tc-core.templates Fri Sep 02 11:10:36 2011 +0200
+++ b/debian/littlebird-tc-core.templates Fri Sep 02 12:57:40 2011 +0200
@@ -4,10 +4,17 @@
Template: littlebird-tc/web/servername
Type: string
-Description: The hostname we use to connect to the web server.
+Description: The hostname the clients use to connect to the web server.
To connect to the web service we need a hostname. Please enter
the name of the host, the clients will try to connect to.
- The name should match the CN of your SSL certificate.
+ The name should match the CN of your SSL certificate, if you have any.
+
+Template: littlebird-tc/web/serverport
+Type: string
+Default: 443
+Description: The port your SSL (HTTPS) server listens on.
+ If you choose any other than the default, please beware that your
+ clients may not be able to connect to your HTTPS server.
Template: littlebird-tc/web/serveradmin
Type: string