diff --git a/install-koji-farm.sh b/install-koji-farm.sh
index bc27de4..adbdf93 100644
--- a/install-koji-farm.sh
+++ b/install-koji-farm.sh
@@ -101,6 +101,7 @@ export SCRIPT_GIT=$SCRIPT_GIT
export KOJI_DIR=$KOJI_DIR
export KOJI_HUB_FQDN=$KOJI_HUB_FQDN
export KOJI_URL=http://$KOJI_HUB_FQDN
+export KOJI_WEB_URL=http://$KOJI_WEB_FQDN
export KOJID_CAPACITY=$KOJID_CAPACITY
export TAG_NAME='$TAG_NAME'
# Use for koji SSL certificates
@@ -241,5 +242,5 @@ else
done
fi
-#
+# bootstrap the targets etc.
koji-bootstrap-build.sh
diff --git a/koji-setup/koji-deploy-hub.sh b/koji-setup/koji-deploy-hub.sh
index 3aef2b7..187624d 100644
--- a/koji-setup/koji-deploy-hub.sh
+++ b/koji-setup/koji-deploy-hub.sh
@@ -195,7 +195,7 @@ KojiDir = $KOJI_DIR
DNUsernameComponent = CN
ProxyDNs = C=$COUNTRY_CODE,ST=$STATE,L=$LOCATION,O=$ORGANIZATION,OU=kojiweb,CN=$KOJI_HUB_FQDN
LoginCreatesUser = On
-KojiWebURL = $KOJI_URL/koji
+KojiWebURL = $KOJI_WEB_URL/koji
DisableNotifications = True
EOF
@@ -223,38 +223,6 @@ EOF
# SELinux changes to allow db access
setsebool -P httpd_can_network_connect_db 1
-# Koji Web
-mkdir -p /etc/kojiweb
-cat > /etc/kojiweb/web.conf <<- EOF
-[web]
-SiteName = koji
-KojiHubURL = $KOJI_URL/kojihub
-KojiFilesURL = $KOJI_URL/kojifiles
-WebCert = $KOJI_PKI_DIR/kojiweb.pem
-ClientCA = $KOJI_PKI_DIR/koji_ca_cert.crt
-KojiHubCA = $KOJI_PKI_DIR/koji_ca_cert.crt
-LoginTimeout = 72
-Secret = NITRA_IS_NOT_CLEAR
-LibPath = /usr/share/koji-web/lib
-LiteralFooter = True
-EOF
-
-mkdir -p /etc/httpd/conf.d
-cat > /etc/httpd/conf.d/kojiweb.conf <<- EOF
-Alias /koji "/usr/share/koji-web/scripts/wsgi_publisher.py"
-
- Options ExecCGI
- SetHandler wsgi-script
- Require all granted
-
-Alias /koji-static "/usr/share/koji-web/static"
-
- Options None
- AllowOverride None
- Require all granted
-
-EOF
-
# SELinux changes to allow httpd network access
setsebool -P httpd_can_network_connect 1
diff --git a/koji-setup/koji-deploy-web.sh b/koji-setup/koji-deploy-web.sh
index c30ec8f..1e79bc1 100644
--- a/koji-setup/koji-deploy-web.sh
+++ b/koji-setup/koji-deploy-web.sh
@@ -54,7 +54,7 @@ LibPath = /usr/share/koji-web/lib
LiteralFooter = True
EOF
-mkdir -p /etc/httpd/conf.d
+if [[ ! -d /etc/httpd/conf.d ]] ; then mkdir -p /etc/httpd/conf.d ; fi
cat > /etc/httpd/conf.d/kojiweb.conf <<- EOF
Alias /koji "/usr/share/koji-web/scripts/wsgi_publisher.py"
@@ -73,12 +73,12 @@ Alias /koji-static "/usr/share/koji-web/static"
EOF
-# SELinux changes to allow httpd network access
-setsebool -P httpd_can_network_connect 1
-## Apache Configuration Files
-mkdir -p /etc/httpd/conf.d
-cat > /etc/httpd/conf.d/ssl.conf <<- EOF
+# if NOT on the hub, setup the standard httpd settings
+if [[ ! $KOJI_WEB_FQDN = $KOJI_HUB_FQDN ]] ; then
+
+ ## Apache ssl Configuration File
+ cat > /etc/httpd/conf.d/ssl.conf <<- EOF
ServerName $KOJI_WEB_FQDN
Listen 443 https
@@ -118,18 +118,26 @@ SSLRandomSeed connect builtin
EOF
-mkdir -p /etc/httpd/conf.modules.d
-cat > /etc/httpd/conf.modules.d/wsgi.conf <<- EOF
+ # SELinux changes to allow httpd network access
+ setsebool -P httpd_can_network_connect 1
+
+ mkdir -p /etc/httpd/conf.modules.d
+ cat > /etc/httpd/conf.modules.d/wsgi.conf <<- EOF
WSGISocketPrefix /run/httpd/wsgi
EOF
-cat > /etc/httpd/conf.modules.d/ssl.conf <<- EOF
+ cat > /etc/httpd/conf.modules.d/ssl.conf <<- EOF
LoadModule ssl_module lib/httpd/modules/mod_ssl.so
EOF
-# allow httpd access through firewall
-firewall-cmd --permanent --add-service=http
-firewall-cmd --permanent --add-service=https
-firewall-cmd --reload
+ # allow httpd access through firewall
+ firewall-cmd --permanent --add-service=http
+ firewall-cmd --permanent --add-service=https
+ firewall-cmd --reload
-# enable and start the httpd service
-systemctl enable --now httpd
+ # enable and start the httpd service
+ systemctl enable --now httpd
+
+else
+# we need to restart the httpd service
+ systemctl restart httpd
+fi