supress duplicate httpd stuff when web on hub

install-koji-farm.sh

@@ -101,6 +101,7 @@ export SCRIPT_GIT=$SCRIPT_GIT
 export KOJI_DIR=$KOJI_DIR
 export KOJI_HUB_FQDN=$KOJI_HUB_FQDN
 export KOJI_URL=http://$KOJI_HUB_FQDN
+export KOJI_WEB_URL=http://$KOJI_WEB_FQDN
 export KOJID_CAPACITY=$KOJID_CAPACITY
 export TAG_NAME='$TAG_NAME'
 # Use for koji SSL certificates
@@ -241,5 +242,5 @@ else
     done
 fi
 
-# 
+# bootstrap the targets etc.
 koji-bootstrap-build.sh

koji-setup/koji-deploy-hub.sh

@@ -195,7 +195,7 @@ KojiDir = $KOJI_DIR
 DNUsernameComponent = CN
 ProxyDNs = C=$COUNTRY_CODE,ST=$STATE,L=$LOCATION,O=$ORGANIZATION,OU=kojiweb,CN=$KOJI_HUB_FQDN
 LoginCreatesUser = On
-KojiWebURL = $KOJI_URL/koji
+KojiWebURL = $KOJI_WEB_URL/koji
 DisableNotifications = True
 EOF
 
@@ -223,38 +223,6 @@ EOF
 # SELinux changes to allow db access
 setsebool -P httpd_can_network_connect_db 1
 
-# Koji Web
-mkdir -p /etc/kojiweb
-cat > /etc/kojiweb/web.conf <<- EOF
-[web]
-SiteName = koji
-KojiHubURL = $KOJI_URL/kojihub
-KojiFilesURL = $KOJI_URL/kojifiles
-WebCert = $KOJI_PKI_DIR/kojiweb.pem
-ClientCA = $KOJI_PKI_DIR/koji_ca_cert.crt
-KojiHubCA = $KOJI_PKI_DIR/koji_ca_cert.crt
-LoginTimeout = 72
-Secret = NITRA_IS_NOT_CLEAR
-LibPath = /usr/share/koji-web/lib
-LiteralFooter = True
-EOF
-
-mkdir -p /etc/httpd/conf.d
-cat > /etc/httpd/conf.d/kojiweb.conf <<- EOF
-Alias /koji "/usr/share/koji-web/scripts/wsgi_publisher.py"
-<Directory "/usr/share/koji-web/scripts">
-    Options ExecCGI
-    SetHandler wsgi-script
-    Require all granted
-</Directory>
-Alias /koji-static "/usr/share/koji-web/static"
-<Directory "/usr/share/koji-web/static">
-    Options None
-    AllowOverride None
-    Require all granted
-</Directory>
-EOF
-
 # SELinux changes to allow httpd network access
 setsebool -P httpd_can_network_connect 1
 

koji-setup/koji-deploy-web.sh

@@ -54,7 +54,7 @@ LibPath = /usr/share/koji-web/lib
 LiteralFooter = True
 EOF
 
-mkdir -p /etc/httpd/conf.d
+if [[ ! -d /etc/httpd/conf.d ]] ; then mkdir -p /etc/httpd/conf.d ; fi
 cat > /etc/httpd/conf.d/kojiweb.conf <<- EOF
 Alias /koji "/usr/share/koji-web/scripts/wsgi_publisher.py"
 <Directory "/usr/share/koji-web/scripts">
@@ -73,12 +73,12 @@ Alias /koji-static "/usr/share/koji-web/static"
 </Location>
 EOF
 
-# SELinux changes to allow httpd network access
-setsebool -P httpd_can_network_connect 1
 
-## Apache Configuration Files
+# if NOT on the hub, setup the standard httpd settings
-mkdir -p /etc/httpd/conf.d
+if [[ ! $KOJI_WEB_FQDN = $KOJI_HUB_FQDN ]] ; then
-cat > /etc/httpd/conf.d/ssl.conf <<- EOF
+
+    ## Apache ssl Configuration File
+    cat > /etc/httpd/conf.d/ssl.conf <<- EOF
 ServerName $KOJI_WEB_FQDN
 
 Listen 443 https
@@ -118,18 +118,26 @@ SSLRandomSeed connect builtin
 </VirtualHost>
 EOF
 
-mkdir -p /etc/httpd/conf.modules.d
+    # SELinux changes to allow httpd network access
-cat > /etc/httpd/conf.modules.d/wsgi.conf <<- EOF
+    setsebool -P httpd_can_network_connect 1
+
+    mkdir -p /etc/httpd/conf.modules.d
+    cat > /etc/httpd/conf.modules.d/wsgi.conf <<- EOF
 WSGISocketPrefix /run/httpd/wsgi
 EOF
-cat > /etc/httpd/conf.modules.d/ssl.conf <<- EOF
+    cat > /etc/httpd/conf.modules.d/ssl.conf <<- EOF
 LoadModule ssl_module lib/httpd/modules/mod_ssl.so
 EOF
 
-# allow httpd access through firewall
+    # allow httpd access through firewall
-firewall-cmd --permanent --add-service=http
+    firewall-cmd --permanent --add-service=http
-firewall-cmd --permanent --add-service=https
+    firewall-cmd --permanent --add-service=https
-firewall-cmd --reload
+    firewall-cmd --reload
 
-# enable and start the httpd service
+    # enable and start the httpd service
-systemctl enable --now httpd
+    systemctl enable --now httpd
+
+else
+# we need to restart the httpd service
+    systemctl restart httpd
+fi