first commit

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-http-vhost.conf.tpl

@@ -0,0 +1,7 @@
+{{http_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{http_listen_addresses}}>
+  {{server_name_configuration}}
+  {{additional_http_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl

@@ -0,0 +1,10 @@
+{{https_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{https_listen_addresses}}>
+  {{server_name_configuration}}
+  SSLEngine on
+  SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
+  SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
+  {{additional_https_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl

@@ -0,0 +1 @@
+{{additional_configuration}}

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl

@@ -0,0 +1,15 @@
+{{http_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{http_listen_addresses}}>
+  {{server_name_configuration}}
+  DocumentRoot {{document_root}}
+  <Directory "{{document_root}}">
+    Options -Indexes +FollowSymLinks -MultiViews
+    AllowOverride {{allow_override}}
+    {{acl_configuration}}
+    {{extra_directory_configuration}}
+  </Directory>
+  {{additional_http_configuration}}
+  {{additional_configuration}}
+  {{htaccess_include}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl

@@ -0,0 +1,18 @@
+{{https_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{https_listen_addresses}}>
+  {{server_name_configuration}}
+  SSLEngine on
+  SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
+  SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
+  DocumentRoot {{document_root}}
+  <Directory "{{document_root}}">
+    Options -Indexes +FollowSymLinks -MultiViews
+    AllowOverride {{allow_override}}
+    {{acl_configuration}}
+    {{extra_directory_configuration}}
+  </Directory>
+  {{additional_https_configuration}}
+  {{additional_configuration}}
+  {{htaccess_include}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl

@@ -0,0 +1,9 @@
+{{prefix_conf}}
+<Directory "{{document_root}}">
+  Options -Indexes +FollowSymLinks -MultiViews
+  AllowOverride {{allow_override}}
+  {{acl_configuration}}
+  {{extra_directory_configuration}}
+</Directory>
+{{additional_configuration}}
+{{htaccess_include}}

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl

@@ -0,0 +1,11 @@
+{{http_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{http_listen_addresses}}>
+  {{server_name_configuration}}
+  {{proxy_configuration}}
+  {{proxy_http_configuration}}
+  ProxyPass / {{proxy_address}}
+  ProxyPassReverse / {{proxy_address}}
+  {{additional_http_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl

@@ -0,0 +1,14 @@
+{{https_listen_configuration}}
+{{before_vhost_configuration}}
+<VirtualHost {{https_listen_addresses}}>
+  {{server_name_configuration}}
+  SSLEngine on
+  SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
+  SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
+  {{proxy_configuration}}
+  {{proxy_https_configuration}}
+  ProxyPass / {{proxy_address}}
+  ProxyPassReverse / {{proxy_address}}
+  {{additional_https_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl

@@ -0,0 +1,11 @@
+{{prefix_conf}}
+<Directory "{{document_root}}">
+  Options -Indexes +FollowSymLinks -MultiViews
+  AllowOverride {{allow_override}}
+  {{acl_configuration}}
+  {{proxy_configuration}}
+  ProxyPass / {{proxy_address}}
+  ProxyPassReverse / {{proxy_address}}
+  {{extra_directory_configuration}}
+</Directory>
+{{additional_configuration}}

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl

@@ -0,0 +1,16 @@
+{{http_listen_configuration}}
+{{before_vhost_configuration}}
+PassengerPreStart http://localhost:{{http_port}}/
+<VirtualHost {{http_listen_addresses}}>
+  {{server_name_configuration}}
+  DocumentRoot {{document_root}}
+  <Directory "{{document_root}}">
+    Options -Indexes +FollowSymLinks -MultiViews
+    AllowOverride {{allow_override}}
+    {{acl_configuration}}
+    PassengerEnabled on
+    {{extra_directory_configuration}}
+  </Directory>
+  {{additional_http_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl

@@ -0,0 +1,19 @@
+{{https_listen_configuration}}
+{{before_vhost_configuration}}
+PassengerPreStart https://localhost:{{https_port}}/
+<VirtualHost {{https_listen_addresses}}>
+  {{server_name_configuration}}
+  SSLEngine on
+  SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
+  SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
+  DocumentRoot {{document_root}}
+  <Directory "{{document_root}}">
+    Options -Indexes +FollowSymLinks -MultiViews
+    AllowOverride {{allow_override}}
+    {{acl_configuration}}
+    PassengerEnabled on
+    {{extra_directory_configuration}}
+  </Directory>
+  {{additional_https_configuration}}
+  {{additional_configuration}}
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl

@@ -0,0 +1,9 @@
+{{prefix_conf}}
+<Directory "{{document_root}}">
+  Options -Indexes +FollowSymLinks -MultiViews
+  AllowOverride {{allow_override}}
+  {{acl_configuration}}
+  PassengerEnabled on
+  {{extra_directory_configuration}}
+</Directory>
+{{additional_configuration}}

rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl

@@ -0,0 +1,29 @@
+# Default SSL Virtual Host configuration.
+
+<IfModule !ssl_module>
+  LoadModule ssl_module modules/mod_ssl.so
+</IfModule>
+
+Listen 443
+SSLProtocol all -SSLv2 -SSLv3
+SSLHonorCipherOrder on
+SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
+SSLPassPhraseDialog  builtin
+SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)"
+SSLSessionCacheTimeout  300
+
+<VirtualHost _default_:443>
+  DocumentRoot "{{APACHE_BASE_DIR}}/htdocs"
+  SSLEngine on
+  SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt"
+  SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key"
+
+  <Directory "{{APACHE_BASE_DIR}}/htdocs">
+    Options Indexes FollowSymLinks
+    AllowOverride All
+    Require all granted
+  </Directory>
+
+  # Error Documents
+  ErrorDocument 503 /503.html
+</VirtualHost>

rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl

@@ -0,0 +1,17 @@
+# Default Virtual Host configuration.
+
+# Let Apache know we're behind a SSL reverse proxy
+SetEnvIf X-Forwarded-Proto https HTTPS=on
+
+<VirtualHost _default_:80>
+  DocumentRoot "{{APACHE_BASE_DIR}}/htdocs"
+  <Directory "{{APACHE_BASE_DIR}}/htdocs">
+    Options Indexes FollowSymLinks
+    AllowOverride All
+    Require all granted
+  </Directory>
+
+  # Error Documents
+  ErrorDocument 503 /503.html
+</VirtualHost>
+

rootfs/opt/bitnami/scripts/apache/entrypoint.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+#set -o xtrace
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/libbitnami.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment
+. /opt/bitnami/scripts/apache-env.sh
+
+print_welcome_page
+
+# We add the copy from default config in the entrypoint to not break users
+# bypassing the setup.sh logic. If the file already exists do not overwrite (in
+# case someone mounts a configuration file in /opt/bitnami/apache/conf)
+debug "Copying files from $APACHE_DEFAULT_CONF_DIR to $APACHE_CONF_DIR"
+cp -nr "$APACHE_DEFAULT_CONF_DIR"/. "$APACHE_CONF_DIR"
+
+if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then
+    info "** Starting Apache setup **"
+    /opt/bitnami/scripts/apache/setup.sh
+    info "** Apache setup finished! **"
+fi
+
+echo ""
+exec "$@"

rootfs/opt/bitnami/scripts/apache/postunpack.sh

@@ -0,0 +1,131 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/libfs.sh
+. /opt/bitnami/scripts/liblog.sh
+
+########################
+# Sets up the default Bitnami configuration
+# Globals:
+#   APACHE_*
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+apache_setup_bitnami_config() {
+    local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates"
+
+    # Enable Apache modules
+    local -a modules_to_enable=(
+        "deflate_module"
+        "negotiation_module"
+        "proxy[^\s]*_module"
+        "rewrite_module"
+        "slotmem_shm_module"
+        "socache_shmcb_module"
+        "ssl_module"
+        "status_module"
+        "version_module"
+    )
+    for module in "${modules_to_enable[@]}"; do
+        apache_enable_module "$module"
+    done
+
+    # Disable Apache modules
+    local -a modules_to_disable=(
+        "http2_module"
+        "proxy_hcheck_module"
+        "proxy_html_module"
+        "proxy_http2_module"
+    )
+    for module in "${modules_to_disable[@]}"; do
+        apache_disable_module "$module"
+    done
+
+    # Bitnami customizations
+    ensure_dir_exists "${APACHE_CONF_DIR}/bitnami"
+    render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
+    render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf"
+
+    # Add new configuration only once, to avoid a second postunpack run breaking Apache
+    local apache_conf_add
+    apache_conf_add="$(cat <<EOF
+Include "${APACHE_CONF_DIR}/extra/httpd-default.conf"
+PidFile "${APACHE_PID_FILE}"
+TraceEnable Off
+ServerTokens ${APACHE_SERVER_TOKENS}
+Include "${APACHE_CONF_DIR}/deflate.conf"
+IncludeOptional "${APACHE_VHOSTS_DIR}/*.conf"
+Include "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
+EOF
+)"
+    ensure_apache_configuration_exists "$apache_conf_add" "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
+
+    # Configure the default ports since the container is non root by default
+    apache_configure_http_port "$APACHE_DEFAULT_HTTP_PORT_NUMBER"
+    apache_configure_https_port "$APACHE_DEFAULT_HTTPS_PORT_NUMBER"
+
+    # Patch the HTTPoxy vulnerability - see: https://docs.bitnami.com/general/security/security-2016-07-18/
+    apache_patch_httpoxy_vulnerability
+
+    # Remove unnecessary directories that come with the tarball
+    rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/conf"
+}
+
+########################
+# Patches the HTTPoxy vulnerability - see: https://docs.bitnami.com/general/security/security-2016-07-18/
+# Globals:
+#   APACHE_CONF_FILE
+# Arguments:
+#   None
+# Returns:
+#   None
+#########################
+apache_patch_httpoxy_vulnerability() {
+    # Apache HTTPD includes the HTTPoxy fix since 2016, so we only add it if not present
+    if ! grep -q "RequestHeader unset Proxy" "$APACHE_CONF_FILE"; then
+        cat >>"$APACHE_CONF_FILE" <<EOF
+<IfModule mod_headers.c>
+  RequestHeader unset Proxy
+</IfModule>
+EOF
+    fi
+}
+
+# Load Apache environment
+. /opt/bitnami/scripts/apache-env.sh
+
+apache_setup_bitnami_config
+
+# Ensure non-root user has write permissions on a set of directories
+for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR" "$APACHE_DEFAULT_CONF_DIR"; do
+    ensure_dir_exists "$dir"
+    chmod -R g+rwX "$dir"
+done
+
+# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides
+ln -sf apache "${BITNAMI_ROOT_DIR}/apache2"
+
+ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log"
+ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log"
+
+# This file is necessary for avoiding the error
+# "unable to write random state"
+# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean
+
+touch /.rnd && chmod g+rw /.rnd
+
+# Copy all initially generated configuration files to the default directory
+# (this is to avoid breaking when entrypoint is being overridden)
+cp -r "$APACHE_CONF_DIR"/* "$APACHE_DEFAULT_CONF_DIR"

rootfs/opt/bitnami/scripts/apache/reload.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment
+. /opt/bitnami/scripts/apache-env.sh
+
+info "** Reloading Apache configuration **"
+exec "${APACHE_BIN_DIR}/apachectl" -k graceful

rootfs/opt/bitnami/scripts/apache/restart.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+
+# Load Apache environment variables
+. /opt/bitnami/scripts/apache-env.sh
+
+/opt/bitnami/scripts/apache/stop.sh
+/opt/bitnami/scripts/apache/start.sh

rootfs/opt/bitnami/scripts/apache/run.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment
+. /opt/bitnami/scripts/apache-env.sh
+
+info "** Starting Apache **"
+exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND"

rootfs/opt/bitnami/scripts/apache/setup.sh

@@ -0,0 +1,98 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libfs.sh
+. /opt/bitnami/scripts/liblog.sh
+. /opt/bitnami/scripts/libapache.sh
+
+# Load Apache environment
+. /opt/bitnami/scripts/apache-env.sh
+
+# Ensure Apache environment variables are valid
+apache_validate
+
+# Ensure Apache daemon user exists when running as 'root'
+am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP"
+
+if ! is_dir_empty "$APACHE_DEFAULT_CONF_DIR"; then
+    # We add the copy from default config in the initialize function for web applications
+    # that make use of the Apache setup.sh script
+    debug "Copying files from $APACHE_DEFAULT_CONF_DIR to $APACHE_CONF_DIR"
+    cp -nr "$APACHE_DEFAULT_CONF_DIR"/. "$APACHE_CONF_DIR"
+fi
+# Generate SSL certs (without a passphrase)
+ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs"
+if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then
+    info "Generating sample certificates"
+    SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key"
+    SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt"
+    SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr"
+    SSL_SUBJ="/CN=example.com"
+    SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1"
+    rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE"
+    openssl genrsa -out "$SSL_KEY_FILE" 4096
+    # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x
+    if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then
+        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ"
+    else
+        openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT"
+    fi
+    openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT")
+    rm -f "$SSL_CSR_FILE"
+fi
+# Load SSL configuration
+if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then
+    ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf"
+fi
+
+# Copy vhosts files
+if ! is_dir_empty "/vhosts"; then
+    info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'"
+    cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}"
+fi
+
+# Mount certificate files
+if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then
+    warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates"
+    warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'"
+    rm -rf "${APACHE_CONF_DIR}/bitnami/certs"
+    ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs"
+elif ! is_dir_empty "/certs"; then
+    info "Mounting certificates files from '/certs'"
+    rm -rf "${APACHE_CONF_DIR}/bitnami/certs"
+    ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs"
+fi
+
+# Mount application files
+if ! is_dir_empty "/app"; then
+    info "Mounting application files from '/app'"
+    rm -rf "$APACHE_HTDOCS_DIR"
+    ln -sf "/app" "$APACHE_HTDOCS_DIR"
+fi
+
+# Restore persisted configuration files (deprecated)
+if ! is_dir_empty "/bitnami/apache/conf"; then
+    warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration"
+    warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'"
+    rm -rf "$APACHE_CONF_DIR"
+    ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR"
+fi
+
+# Update ports in configuration
+[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER"
+[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER"
+
+# Configure ServerTokens with user values
+[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS"
+
+# Fix logging issue when running as root
+! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)"

rootfs/opt/bitnami/scripts/apache/start.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/libos.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment variables
+. /opt/bitnami/scripts/apache-env.sh
+
+error_code=0
+
+if is_apache_not_running; then
+    "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE"
+    if ! retry_while "is_apache_running"; then
+        error "apache did not start"
+        error_code=1
+    else
+        info "apache started"
+    fi
+else
+    info "apache is already running"
+fi
+
+exit "$error_code"

rootfs/opt/bitnami/scripts/apache/status.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment variables
+. /opt/bitnami/scripts/apache-env.sh
+
+if is_apache_running; then
+    info "apache is already running"
+else
+    info "apache is not running"
+fi

rootfs/opt/bitnami/scripts/apache/stop.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# Copyright Broadcom, Inc. All Rights Reserved.
+# SPDX-License-Identifier: APACHE-2.0
+
+# shellcheck disable=SC1091
+
+set -o errexit
+set -o nounset
+set -o pipefail
+# set -o xtrace # Uncomment this line for debugging purposes
+
+# Load libraries
+. /opt/bitnami/scripts/libapache.sh
+. /opt/bitnami/scripts/libos.sh
+. /opt/bitnami/scripts/liblog.sh
+
+# Load Apache environment variables
+. /opt/bitnami/scripts/apache-env.sh
+
+error_code=0
+
+if is_apache_running; then
+    BITNAMI_QUIET=1 apache_stop
+    if ! retry_while "is_apache_not_running"; then
+        error "apache could not be stopped"
+        error_code=1
+    else
+        info "apache stopped"
+    fi
+else
+    info "apache is not running"
+fi
+
+exit "$error_code"