added apache-add-vhost and sftponly group to simplify virtualhosts creation with sftp access

removed obsolete sysv initscript [release 2.4.12-2mamba;Thu Feb 12 2015]

apache-add-vhost

@@ -0,0 +1,121 @@
+#!/bin/bash
+# Copyright (c) 2015 by Silvan Calarco <silvan.calarco@mambasoft.it>
+
+usage() {
+   echo "Script to create a virtual host for Apache.
+
+Usage:
+$0 sitename.domain.ext
+"
+}
+
+[ "`id -u`" = "0" ] || {
+   usage
+   echo "
+ERROR: this script must be run as root user; aborting."
+exit 1
+}
+
+SERVERNAME=$1
+
+[ ${SERVERNAME} ] || {
+   usage
+   exit 1
+}
+
+SERVERUSER=${SERVERNAME/.*}
+SERVERPASSWORD=`mkpasswd -l 9 -s 0`
+
+SERVERADMIN="webmaster@`hostname -d`"
+SERVERROOT=/var/www/${SERVERNAME}
+DOCUMENTROOT=${SERVERROOT}/www
+LOGROOT=${SERVERROOT}/log
+ACCESSLOG=${LOGROOT}/access_log
+ERRORLOG=${LOGROOT}/error_log
+
+SERVERHOSTNAME=`hostname -f`
+SERVERIP=`host $SERVERHOSTNAME | sed "s|.* has address ||"`
+
+echo "%--------------------------------------------------------------------------------%
+Creating the following Apache virtual host (please take note of this information):
+
+Server Name:   $SERVERNAME
+Server Admin:  $SERVERADMIN
+
+SFTP user:     $SERVERUSER
+SFTP password: $SERVERPASSWORD
+
+Document root: $DOCUMENTROOT
+Access log:    $ACCESSLOG
+Error log:     $ERRORLOG
+
+NOTE: remember to add A or CNAME record so that it points to IP $SERVERIP.
+%--------------------------------------------------------------------------------%
+
+"
+
+getent passwd $SERVERUSER >/dev/null && {
+   echo "ERROR: user $SERVERUSER already exists; aborting."
+   exit 1
+}
+
+[ -e /etc/httpd/httpd.d/${SITEURL}.conf ] && {
+   echo "ERROR: a virtual host for ${SITEURL} is already configured; aborting."
+   exit 1
+}
+
+[ -e $DOCUMENTROOT ] && {
+   echo "ERROR: document root $DOCUMENTROOT already exists; aborting."
+   exit 1
+}
+
+echo "If all the above is correct type 'yes' + ENTER to confirm or press CTRL-C to abort."
+read ans
+
+[ "$ans" = "yes" ] || exit 1
+
+useradd ${SERVERUSER} -g sftponly -d ${SERVERROOT} -p ${SERVERPASSWORD} -c "${SERVERNAME} user" -s /bin/false || {
+   echo "ERROR: unable to create ${SERVERUSER} user; aborting."
+   exit 1
+}
+
+echo ${SERVERPASSWORD} | passwd ${SERVERPASSWORD} --stdin || {
+   echo "ERROR: unable to set password for ${SERVERUSER}; aborting."
+   exit 1
+}
+
+mkdir -p ${DOCUMENTROOT} ${LOGROOT}
+chown ${SERVERUSER}.sftponly ${DOCUMENTROOT}
+
+cat > /etc/httpd/httpd.d/${SITEURL}.conf << _EOF
+<VirtualHost *:80>
+   ServerAdmin $SERVERADMIN
+   DocumentRoot $DOCUMENTROOT
+   ServerName $SERVERNAME
+   LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %X" combinedom
+   ErrorLog $ERRORLOG
+   CustomLog $ACCESSLOG combinedom
+</VirtualHost>
+
+<Directory $DOCUMENTROOT>
+    Options Indexes FollowSymLinks Includes
+    AllowOverride All
+    Require all granted
+    Order allow,deny
+    Allow from All
+    DirectoryIndex index.php index.html
+</Directory>
+_EOF
+
+apachectl configtest >/dev/null || {
+   echo "ERROR: there is a problem in Apache configuration, so I won't reload it; aborting."
+   exit 1
+}
+
+apachectl graceful || {
+   echo "ERROR: error reloading Apache configuration; please check for it because all your web services are now unavailable. Aborting."
+   exit 1
+}
+
+echo "All done!"
+exit 0

apache.spec

@@ -2,10 +2,11 @@
 %define userid  65026
 %define nobodygroupid 65013
 %define nobodyuserid 65013
+%define sftponlygroupid 65437
 
 Name:          apache
 Version:       2.4.12
-Release:       1mamba
+Release:       2mamba
 Epoch:         1
 Summary:       The Apache webserver
 Group:         System/Servers
@@ -19,6 +20,7 @@ Source2:       httpd-sysconfig
 Source3:       httpd-logrotate
 Source4:       httpd-update_httpdconf.sh
 Source5:       httpd.service
+Source6:       apache-add-vhost
 License:       Apache License 2.0
 ## AUTOBUILDREQ-BEGIN
 BuildRequires: glibc-devel
@@ -218,12 +220,13 @@ install -d %{buildroot}/var/log/httpd
 
 #mv %{buildroot}/var/www/build/* %{buildroot}%{_libdir}/apache/build/
 
-install -p -D -m 0755 %{S:1} %{buildroot}%{_initrddir}/httpd
 install -p -D -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/sysconfig/httpd
 
 # logrotate stuff
 install -D -m 0644 %{S:3} %{buildroot}%{_sysconfdir}/logrotate.d/httpd
 
+install -D -m 0755 %{S:6} %{buildroot}%{_sbindir}/apache-add-vhost
+
 # create void log files
 > %{buildroot}/var/log/httpd/access_log
 > %{buildroot}/var/log/httpd/error_log
@@ -280,6 +283,7 @@ if [ $1 -ge 1 ]; then
    /usr/sbin/groupadd nobody -g %{nobodygroupid} 2>/dev/null
    /usr/sbin/useradd -c nobody -u %{nobodyuserid} -d /dev/null -g nobody \
    -s /bin/false nobody 2>/dev/null
+   /usr/sbin/groupadd sftponly -g %{sftponlygroupid} 2>/dev/null
 fi
 exit 0
 
@@ -378,7 +382,6 @@ exit 0
 %config(noreplace) %{_sysconfdir}/sysconfig/httpd
 %config(noreplace) %{_sysconfdir}/logrotate.d/httpd
 %dir %{_sysconfdir}/httpd/httpd.d
-%{_initrddir}/httpd
 %{_bindir}/ab
 %{_bindir}/apxs
 %{_bindir}/dbmmanage
@@ -395,6 +398,7 @@ exit 0
 %{_sbindir}/rotatelogs
 %{_sbindir}/htcacheclean
 %{_sbindir}/update_httpdconf
+%{_sbindir}/apache-add-vhost
 /lib/systemd/system/httpd.service
 %dir %{_libdir}/apache
 %{_libdir}/apache/httpd.exp
@@ -431,6 +435,10 @@ exit 0
 %{_libdir}/apache/mod_suexec.so
 
 %changelog
+* Thu Feb 12 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 2.4.12-2mamba
+- added apache-add-vhost and sftponly group to simplify virtualhosts creation with sftp access
+- removed obsolete sysv initscript
+
 * Thu Feb 05 2015 Automatic Build System <autodist@mambasoft.it> 2.4.12-1mamba
 - automatic version update by autodist