initial commit of file from CVS for smeserver-geneweb on Sat Sep 7 19:54:18 AEST 2024

2024-09-07 19:54:18 +10:00
parent 1bce18ef70
commit 3100c4d82e
94 changed files with 6132 additions and 2 deletions
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86GwsetupAlias
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86GwsetupAlias
@@ -0,0 +1,43 @@
+{
+# gwsetup (geneweb)
+  my $status = $gwsetup{'status'} || 'disabled';
+ 
+  if ($status eq 'enabled') 
+  {
+    $OUT .="#-------------------------------------------------\n";
+    $OUT .="# gwsetup settings from smeserver-geneweb\n";
+    $OUT .="#-------------------------------------------------\n";
+    $OUT .="\n";
+
+  $OUT .= qq(
+<LocationMatch ^/(gwsetup|gwd)>
+    SSLRequireSSL
+    AuthName "Gwsetup (geneweb)"
+    AuthType Basic
+    AuthBasicProvider external
+    AuthExternal pwauth
+    <RequireAll>
+  );
+    my $access = ($gwsetup{'access'} || 'private');
+    if ("$access" eq "private")
+    {
+      $OUT .= "    	Require ip $localAccess $externalSSLAccess\n";
+    }
+    elsif ("$access" eq "public")
+    {
+      $OUT .= "    	Require all granted\n";
+    }
+    else {
+      $OUT .= "    	Require ip 127.0.0.1\n";
+    }
+  $OUT .= qq(
+	Require user admin
+    </RequireAll>
+</LocationMatch>
+  );
+  }
+  else 
+  {
+  $OUT .= "# gwsetup is disabled";
+  }
+}
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28gwd_gwsProxyPass
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28gwd_gwsProxyPass
@@ -0,0 +1,40 @@
+{
+    # vim: ft=perl:
+# proxypass for geneweb and gwsetup
+# difference TCPPort & TcpPort (masq!)
+
+    $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';
+    $plainPort = ${'httpd-e-smith'}{TCPPort} || '80';
+    $sslPort = ${modSSL}{TCPPort} || '443';
+
+    $OUT = '';
+    foreach $place ('geneweb','gwsetup') {
+      if ((${$place}{'status'} || 'disabled') eq 'enabled'){
+        if (($port eq $plainPort) && ($haveSSL eq 'yes')) {
+            $OUT .= '    RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n";
+            $OUT .= "    RewriteRule ^/$place(/.*|\$)    https://%{HTTP_HOST}/$place\$1 [L,R]\n\n";
+        }
+        $OUT .= "    RewriteRule ^/$place\$   https://%{HTTP_HOST}/$place/ [L,R]\n\n";
+
+        $OUT .= "    ProxyRequests Off\n";
+        $OUT .= "    ProxyPreserveHost On\n";
+        $OUT .= "    ProxyPass /$place http://127.0.0.1:${$place}{TcpPort} KeepAlive=On\n";
+        $OUT .= "    ProxyPassReverse /$place http://127.0.0.1:${$place}{TcpPort}\n";
+        $OUT .= "    RequestHeader set X-Forwarded-Proto 'http'\n";
+
+        $OUT .= "    <Proxy '/$place'>\n";
+        if ($port eq $plainPort) {
+            $OUT .= '        Require ip 127.0.0.1' . "\n";
+        } elsif (($haveSSL eq 'yes') && ($port eq $sslPort)) {
+            $OUT .= "        Require ip $localAccess $externalSSLAccess\n";
+        } else {
+            $OUT .= "        Require ip $localAccess\n";
+        }
+
+        $OUT .= "    </Proxy>\n\n";
+
+      } else {
+	$OUT .= "    #  $place disabled\n";
+      }
+    }
+}
--- a/root/etc/e-smith/templates/etc/rc.d/init.d/masq/91Geneweb
+++ b/root/etc/e-smith/templates/etc/rc.d/init.d/masq/91Geneweb
@@ -0,0 +1,22 @@
+{
+    # geneweb port access only from localhost
+    my $gwd_status = ${'geneweb'}{'status'} || "disabled";
+    my $gwd_port = ${'geneweb'}{'TcpPort'} || '';
+    if ($gwd_status eq 'enabled') {
+        $OUT .= "    # Geneweb enabled\n";
+        $OUT .= "    /sbin/iptables -I INPUT -p tcp ! -s 127.0.0.1 --dport $gwd_port --jump DROP \n";
+    } else {
+        $OUT .= "    # Geneweb disabled\n";
+    }
+
+    # gwsetup port access only from localhost
+    my $gws_status = ${'gwsetup'}{'status'} || "disabled";
+    my $gws_port = ${'gwsetup'}{'TcpPort'} || '';
+    if ($gws_status eq 'enabled') {
+        $OUT .= "    # gwsetup enabled\n";
+        $OUT .= "    /sbin/iptables -I INPUT -p tcp ! -s 127.0.0.1 --dport $gws_port --jump DROP \n";
+    } else {
+        $OUT .= "    # gwsetup disabled\n";
+    }
+}
+
--- a/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/80-koozali-geneweb.preset
+++ b/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/80-koozali-geneweb.preset
@@ -0,0 +1,14 @@
+# geneweb specific service
+{
+$status = $geneweb{status} || 'disabled';
+$status = ($status eq "enabled") ? "enable" : "disable";
+$OUT .= "$status                geneweb.service\n";
+}
+
+# gwsetup specific service
+{
+$status = $gwsetup{status} || 'disabled';
+$status = ($status eq "enabled") ? "enable" : "disable";
+$OUT .= "$status                gwsetup.service\n";
+}
+
--- a/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/only.txt
+++ b/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/only.txt
@@ -0,0 +1,6 @@
+{
+    my $only	= $geneweb{'only'}  || '127.0.0.1';
+    
+    $OUT = "\n";
+    $OUT = "$only";
+}
--- a/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/template-begin
+++ b/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/template-begin
--- a/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/template-end
+++ b/root/etc/e-smith/templates/opt/geneweb/gw/gw/only.txt/template-end