summaryrefslogtreecommitdiffstats
path: root/2.4/docker-entrypoint.sh
diff options
context:
space:
mode:
authorSuren A. Chilingaryan <csa@suren.me>2019-08-21 03:19:29 +0200
committerSuren A. Chilingaryan <csa@suren.me>2019-08-21 03:19:29 +0200
commit2d8efa1787ffa56dfc78edb62f4dbc94c1c9450e (patch)
treef200f1be9028033bb4470b2684d5b75bf070d150 /2.4/docker-entrypoint.sh
parent95601d0dbf09cf500b9b0aeb6963d7ee27d8cb2e (diff)
downloadapache-2d8efa1787ffa56dfc78edb62f4dbc94c1c9450e.tar.gz
apache-2d8efa1787ffa56dfc78edb62f4dbc94c1c9450e.tar.bz2
apache-2d8efa1787ffa56dfc78edb62f4dbc94c1c9450e.tar.xz
apache-2d8efa1787ffa56dfc78edb62f4dbc94c1c9450e.zip
Change to system-wide Apache installation
Diffstat (limited to '2.4/docker-entrypoint.sh')
-rwxr-xr-x2.4/docker-entrypoint.sh90
1 files changed, 14 insertions, 76 deletions
diff --git a/2.4/docker-entrypoint.sh b/2.4/docker-entrypoint.sh
index cab689a..d565765 100755
--- a/2.4/docker-entrypoint.sh
+++ b/2.4/docker-entrypoint.sh
@@ -1,56 +1,10 @@
#!/bin/sh
set -e
-# Environment variables that are used if not empty:
-# SERVER_NAMES
-# LOCATION
-# AUTH_TYPE
-# REALM
-# USERNAME
-# PASSWORD
-# ANONYMOUS_METHODS
-# SSL_CERT
-
-# Just in case this environment variable has gone missing.
-HTTPD_PREFIX="${HTTPD_PREFIX:-/usr/local/apache2}"
-
-# Configure vhosts.
-if [ "x$SERVER_NAMES" != "x" ]; then
- # Use first domain as Apache ServerName.
- SERVER_NAME="${SERVER_NAMES%%,*}"
- sed -e "s|ServerName .*|ServerName $SERVER_NAME|" \
- -i "$HTTPD_PREFIX"/conf/sites-available/default*.conf
-
- # Replace commas with spaces and set as Apache ServerAlias.
- SERVER_ALIAS="`printf '%s\n' "$SERVER_NAMES" | tr ',' ' '`"
- sed -e "/ServerName/a\ \ ServerAlias $SERVER_ALIAS" \
- -i "$HTTPD_PREFIX"/conf/sites-available/default*.conf
-fi
-
-# Configure dav.conf
-if [ "x$LOCATION" != "x" ]; then
- sed -e "s|Alias .*|Alias $LOCATION /var/lib/dav/data/|" \
- -i "$HTTPD_PREFIX/conf/conf-available/dav.conf"
-fi
-if [ "x$REALM" != "x" ]; then
- sed -e "s|AuthName .*|AuthName \"$REALM\"|" \
- -i "$HTTPD_PREFIX/conf/conf-available/dav.conf"
-else
- REALM="WebDAV"
-fi
-if [ "x$AUTH_TYPE" != "x" ]; then
- # Only support "Basic" and "Digest".
- if [ "$AUTH_TYPE" != "Basic" ] && [ "$AUTH_TYPE" != "Digest" ]; then
- printf '%s\n' "$AUTH_TYPE: Unknown AuthType" 1>&2
- exit 1
- fi
- sed -e "s|AuthType .*|AuthType $AUTH_TYPE|" \
- -i "$HTTPD_PREFIX/conf/conf-available/dav.conf"
-fi
-
# Add password hash, unless "user.passwd" already exists (ie, bind mounted).
-if [ ! -e "/tmp/user.passwd" ]; then
- touch "/tmp/user.passwd"
+REALM="WebDAV"
+if [ ! -e "/tmp/conf/user.passwd" ]; then
+ touch "/tmp/conf/user.passwd"
# Only generate a password hash if both username and password given.
if [ "x$USERNAME" != "x" ] && [ "x$PASSWORD" != "x" ]; then
if [ "$AUTH_TYPE" = "Digest" ]; then
@@ -58,7 +12,7 @@ if [ ! -e "/tmp/user.passwd" ]; then
HASH="`printf '%s' "$USERNAME:$REALM:$PASSWORD" | md5sum | awk '{print $1}'`"
printf '%s\n' "$USERNAME:$REALM:$HASH" > /tmp/user.passwd
else
- htpasswd -B -b -c "/tmp/user.passwd" $USERNAME $PASSWORD
+ htpasswd -B -b -c "/tmp/conf/user.passwd" $USERNAME $PASSWORD
fi
fi
fi
@@ -67,39 +21,23 @@ fi
if [ "x$ANONYMOUS_METHODS" != "x" ]; then
if [ "$ANONYMOUS_METHODS" = "ALL" ]; then
sed -e "s/Require valid-user/Require all granted/" \
- -i "$HTTPD_PREFIX/conf/conf-available/dav.conf"
+ -i "/tmp/conf/conf-available/dav.conf"
else
ANONYMOUS_METHODS="`printf '%s\n' "$ANONYMOUS_METHODS" | tr ',' ' '`"
sed -e "/Require valid-user/a\ \ \ \ Require method $ANONYMOUS_METHODS" \
- -i "$HTTPD_PREFIX/conf/conf-available/dav.conf"
+ -i "/tmp/conf/conf-available/dav.conf"
fi
fi
-# If specified, generate a selfsigned certificate.
-if [ "${SSL_CERT:-none}" = "selfsigned" ]; then
- # Generate self-signed SSL certificate.
- # If SERVER_NAMES is given, use the first domain as the Common Name.
- if [ ! -e /privkey.pem ] || [ ! -e /cert.pem ]; then
- openssl req -x509 -newkey rsa:2048 -days 1000 -nodes \
- -keyout /privkey.pem -out /cert.pem -subj "/CN=${SERVER_NAME:-selfsigned}"
- fi
-fi
-
-# This will either be the self-signed certificate generated above or one that
-# has been bind mounted in by the user.
-if [ -e /privkey.pem ] && [ -e /cert.pem ]; then
- # Enable SSL Apache modules.
- for i in http2 ssl; do
- sed -e "/^#LoadModule ${i}_module.*/s/^#//" \
- -i "$HTTPD_PREFIX/conf/httpd.conf"
- done
- # Enable SSL vhost.
- ln -sf ../sites-available/default-ssl.conf \
- "$HTTPD_PREFIX/conf/sites-enabled"
-fi
-
# Create directories for Dav data and lock database.
-[ ! -d "/var/lib/dav/data" ] && mkdir -p "/var/lib/dav/data"
+[ ! -d "/var/dav/data" ] && mkdir -p "/var/dav/data"
[ ! -e "/tmp/DavLock" ] && touch "/tmp/DavLock"
+
+if ! whoami &> /dev/null; then
+ if [ -w /etc/passwd ]; then
+ echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >> /etc/passwd
+ fi
+fi
+
exec "$@"