#!/bin/bash
#
# webconfig    Startup script for the Webconfig HTTP Server
#
# chkconfig: 2345 85 15
# description: The Webconfig HTTP Server
# processname: webconfig
# config: /usr/clearos/sandbox/etc/httpd/conf/httpd.conf
# config: /etc/sysconfig/webconfig
# pidfile: /var/run/webconfig/webconfig.pid
#
### BEGIN INIT INFO
# Provides: webconfig
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Short-Description: start and stop Webconfig HTTP Server
# Description: The Webconfig HTTP Server
### END INIT INFO

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/webconfig ]; then
        . /etc/sysconfig/webconfig
fi

KEY="/usr/clearos/sandbox/etc/httpd/conf/server.key"
CRT="/usr/clearos/sandbox/etc/httpd/conf/server.crt"
HOST_CONF="/usr/clearos/sandbox/etc/httpd/conf.d/servername.conf"
SSL_CONF="/usr/clearos/sandbox/etc/httpd/conf/openssl.cnf"

# Start httpd in the C locale by default.
HTTPD_LANG=${HTTPD_LANG-"C"}

# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""

# Set HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server
# with the thread-based "worker" MPM; BE WARNED that some modules may not
# work correctly with a thread-based MPM; notably PHP will refuse to start.

# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/clearos/sandbox/usr/sbin/apachectl
httpd=${HTTPD-/usr/sbin/webconfig}
prog=webconfig
pidfile=${PIDFILE-/var/run/webconfig/webconfig.pid}
lockfile=${LOCKFILE-/var/lock/subsys/webconfig}
RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}

hostcheck() {
        echo "ServerName $HOSTNAME" > $HOST_CONF
}

keygen() {
        if [ ! -s "$KEY" ]; then
                echo -n $"Generating webconfig SSL certificate: "

                # Bail if no openssl.cnf file exists
                if [ -e "$SSL_CONF" ]; then
                        SSLCONF="$SSL_CONF"
                else
                        failure
                        echo
                        exit 1
                fi

                # Determine our hostname
                umask 77
                if [ -f /etc/sysconfig/network ]; then
                        HOSTNAME=`grep "^HOSTNAME=" /etc/sysconfig/network | sed 's/HOSTNAME=//g' | sed 's/"//g'`
                fi

                if [ -z "$HOSTNAME" ]; then
                        HOSTNAME="myserver.lan"
                fi

                sed -e "s/^CN .*/CN = $HOSTNAME/" $SSLCONF > /var/tmp/openssl.cnf.$$

                # Generate keys
                /usr/bin/openssl genrsa -out $KEY 1024 2>/dev/null
                /usr/bin/openssl req -new -key $KEY -x509 -out $CRT -config /var/tmp/openssl.cnf.$$ \
                        -days 3000 -set_serial `date "+%s"` 2>/dev/null

                # Fix file permissions and ownership
                chown webconfig.webconfig $KEY $CRT /var/tmp/openssl.cnf.$$
                chmod 600 $KEY $CRT
                rm -f /var/tmp/openssl.cnf.$$

                success $"webconfig SSL certificate generated"
                echo
        fi
}

# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure.  So we just do it the way init scripts
# are expected to behave here.
start() {
        echo -n $"Starting $prog: "
        LANG=$HTTPD_LANG daemon --pidfile=${pidfile} $httpd $OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch ${lockfile}
        return $RETVAL
}

# When stopping httpd, a delay (of default 10 second) is required
# before SIGKILLing the httpd parent; this gives enough time for the
# httpd parent to SIGKILL any errant children.
stop() {
	status -p ${pidfile} $httpd > /dev/null
	if [[ $? = 0 ]]; then
		echo -n $"Stopping $prog: "
		killproc -p ${pidfile} -d ${STOP_TIMEOUT} $httpd
	else
		echo -n $"Stopping $prog: "
		success
	fi
	RETVAL=$?
	echo
	[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}

reload() {
    echo -n $"Reloading $prog: "
    if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
        RETVAL=6
        echo $"not reloading due to configuration syntax error"
        failure $"not reloading webconfig due to configuration syntax error"
    else
        # Force LSB behaviour from killproc
        LSB=1 killproc -p ${pidfile} $httpd -HUP
        RETVAL=$?
        if [ $RETVAL -eq 7 ]; then
            failure $"webconfig shutdown"
        fi
    fi
    echo
}

# See how we were called.
case "$1" in
  start)
	keygen
	hostcheck
	start
	;;
  stop)
	stop
	;;
  status)
        status -p ${pidfile} $httpd
	RETVAL=$?
	;;
  restart)
	stop
	start
	;;
  condrestart|try-restart)
	if status -p ${pidfile} $httpd >&/dev/null; then
		stop
		start
	fi
	;;
  force-reload|reload)
        reload
	;;
  graceful|help|configtest|fullstatus)
	$apachectl $@
	RETVAL=$?
	;;
  *)
	echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|reload|status|fullstatus|graceful|help|configtest}"
	RETVAL=2
esac

exit $RETVAL
