docker-dokuwiki-debian12/rootfs/opt/bitnami/scripts/apache/setup.sh

#!/bin/bash
# Copyright Broadcom, Inc. All Rights Reserved.
# SPDX-License-Identifier: APACHE-2.0

# shellcheck disable=SC1091

set -o errexit
set -o nounset
set -o pipefail
# set -o xtrace # Uncomment this line for debugging purposes

# Load libraries
. /opt/bitnami/scripts/libfs.sh
. /opt/bitnami/scripts/liblog.sh
. /opt/bitnami/scripts/libapache.sh

# Load Apache environment
. /opt/bitnami/scripts/apache-env.sh

# Ensure Apache environment variables are valid
apache_validate

# Ensure Apache daemon user exists when running as 'root'
am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP"

if ! is_dir_empty "$APACHE_DEFAULT_CONF_DIR"; then
    # We add the copy from default config in the initialize function for web applications
    # that make use of the Apache setup.sh script
    debug "Copying files from $APACHE_DEFAULT_CONF_DIR to $APACHE_CONF_DIR"
    cp -nr "$APACHE_DEFAULT_CONF_DIR"/. "$APACHE_CONF_DIR"
fi
# Generate SSL certs (without a passphrase)
ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs"
if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then
    info "Generating sample certificates"
    SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key"
    SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt"
    SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr"
    SSL_SUBJ="/CN=example.com"
    SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
    rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
    openssl genrsa -out "$SSL_KEY_FILE" 4096
    # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x
    if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then
        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ"
    else
        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
    fi
    openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
    rm -f "$SSL_CSR_FILE"
fi
# Load SSL configuration
if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then
    ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
fi

# Copy vhosts files
if ! is_dir_empty "/vhosts"; then
    info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'"
    cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}"
fi

# Mount certificate files
if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then
    warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates"
    warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'"
    rm -rf "${APACHE_CONF_DIR}/bitnami/certs"
    ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs"
elif ! is_dir_empty "/certs"; then
    info "Mounting certificates files from '/certs'"
    rm -rf "${APACHE_CONF_DIR}/bitnami/certs"
    ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs"
fi

# Mount application files
if ! is_dir_empty "/app"; then
    info "Mounting application files from '/app'"
    rm -rf "$APACHE_HTDOCS_DIR"
    ln -sf "/app" "$APACHE_HTDOCS_DIR"
fi

# Restore persisted configuration files (deprecated)
if ! is_dir_empty "/bitnami/apache/conf"; then
    warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration"
    warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'"
    rm -rf "$APACHE_CONF_DIR"
    ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR"
fi

# Update ports in configuration
[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER"
[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER"

# Configure ServerTokens with user values
[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS"

# Fix logging issue when running as root
! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"
first commit 2024-08-12 14:51:56 +02:00			`#!/bin/bash`
			`# Copyright Broadcom, Inc. All Rights Reserved.`
			`# SPDX-License-Identifier: APACHE-2.0`

			`# shellcheck disable=SC1091`

			`set -o errexit`
			`set -o nounset`
			`set -o pipefail`
			`# set -o xtrace # Uncomment this line for debugging purposes`

			`# Load libraries`
			`. /opt/bitnami/scripts/libfs.sh`
			`. /opt/bitnami/scripts/liblog.sh`
			`. /opt/bitnami/scripts/libapache.sh`

			`# Load Apache environment`
			`. /opt/bitnami/scripts/apache-env.sh`

			`# Ensure Apache environment variables are valid`
			`apache_validate`

			`# Ensure Apache daemon user exists when running as 'root'`
			`am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP"`

			`if ! is_dir_empty "$APACHE_DEFAULT_CONF_DIR"; then`
			`# We add the copy from default config in the initialize function for web applications`
			`# that make use of the Apache setup.sh script`
			`debug "Copying files from $APACHE_DEFAULT_CONF_DIR to $APACHE_CONF_DIR"`
			`cp -nr "$APACHE_DEFAULT_CONF_DIR"/. "$APACHE_CONF_DIR"`
			`fi`
			`# Generate SSL certs (without a passphrase)`
			`ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs"`
			`if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then`
			`info "Generating sample certificates"`
			`SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key"`
			`SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt"`
			`SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr"`
			`SSL_SUBJ="/CN=example.com"`
			`SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"`
			`rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"`
			`openssl genrsa -out "$SSL_KEY_FILE" 4096`
			`# OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x`
			`if [[ "$(openssl version \| grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then`
			`openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ"`
			`else`
			`openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"`
			`fi`
			`openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")`
			`rm -f "$SSL_CSR_FILE"`
			`fi`
			`# Load SSL configuration`
			`if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then`
			`ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf"`
			`fi`

			`# Copy vhosts files`
			`if ! is_dir_empty "/vhosts"; then`
			`info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'"`
			`cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}"`
			`fi`

			`# Mount certificate files`
			`if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then`
			`warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates"`
			`warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'"`
			`rm -rf "${APACHE_CONF_DIR}/bitnami/certs"`
			`ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs"`
			`elif ! is_dir_empty "/certs"; then`
			`info "Mounting certificates files from '/certs'"`
			`rm -rf "${APACHE_CONF_DIR}/bitnami/certs"`
			`ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs"`
			`fi`

			`# Mount application files`
			`if ! is_dir_empty "/app"; then`
			`info "Mounting application files from '/app'"`
			`rm -rf "$APACHE_HTDOCS_DIR"`
			`ln -sf "/app" "$APACHE_HTDOCS_DIR"`
			`fi`

			`# Restore persisted configuration files (deprecated)`
			`if ! is_dir_empty "/bitnami/apache/conf"; then`
			`warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration"`
			`warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'"`
			`rm -rf "$APACHE_CONF_DIR"`
			`ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR"`
			`fi`

			`# Update ports in configuration`
			`[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER"`
			`[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER"`

			`# Configure ServerTokens with user values`
			`[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS"`

			`# Fix logging issue when running as root`
			`! am_i_root \|\| chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"`