diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bfbc67f --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/openlitespeed.tar.xz +SOURCES/third-party.tar.xz diff --git a/.openlitespeed.metadata b/.openlitespeed.metadata new file mode 100644 index 0000000..bc993ac --- /dev/null +++ b/.openlitespeed.metadata @@ -0,0 +1,2 @@ +c01524a8749eb18dff566966389c8a33eb8c443a SOURCES/openlitespeed.tar.xz +63ea80ec5e804e3b06cbe1d88ee300d08208719b SOURCES/third-party.tar.xz diff --git a/SPECS/openlitespeed.spec b/SPECS/openlitespeed.spec new file mode 100644 index 0000000..54a891e --- /dev/null +++ b/SPECS/openlitespeed.spec @@ -0,0 +1,242 @@ +Name: openlitespeed +Version: 1.8.2 +Release: 1%{?dist} +Summary: OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. +License: GNU General Public License v3.0 +Url: https://github.com/litespeedtech/openlitespeed + +Source0: %{name}.tar.xz +Source1: third-party.tar.xz + +BuildRequires: gcc +BuildRequires: g++ +BuildRequires: make +BuildRequires: cmake +BuildRequires: clang +BuildRequires: expat-devel +BuildRequires: libcap-devel +BuildRequires: libtool +BuildRequires: autoconf +BuildRequires: go +BuildRequires: libaio-devel +BuildRequires: doxygen +BuildRequires: docbook2X + +%description +OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. + +%package -n ols-lua +Group: Application/WebServer +Summary: Lua +Requires: openlitespeed == %{version} + +%description -n ols-lua +Mod Lua module for openlitespeed webserver. + +%package -n ols-pagespeed +Group: Application/WebServer +Summary: Pagespeed +Requires: openlitespeed == %{version} + +%description -n ols-pagespeed +Pagespeed module for openlitespeed webserver. + +%package -n ols-modsecurity +Group: Application/WebServer +Summary: Mod Security +Requires: openlitespeed == %{version} + +%description -n ols-modsecurity +Mod Security for openlitespeed webserver. + +%prep +tar -xpaf %{_sourcedir}/openlitespeed.tar.xz -C %{_builddir} +#mv %{_builddir}/openlitespeed-1.8.2-1/openlitespeed/ %{_builddir} +#rm -rf %{_builddir}/openlitespeed-1.8.2-1 +tar -xpaf %{_sourcedir}/third-party.tar.xz -C %{_builddir} + +%build +sh -xe %{_builddir}/openlitespeed/build.sh + +%install +install -m 755 -d %{buildroot}/usr/lsws +rm -rf %{_builddir}/openlitespeed/dist/ols.conf +buildroot_path=$(rpm --eval "%{buildroot}") +sed -i -e 's:USE_LSPHP7=yes:USE_LSPHP7=no:g' %{_builddir}/openlitespeed/dist/install.sh +sed -i -e "s:SERVERROOT=/usr/lsws:SERVERROOT=$buildroot_path/usr/lsws:g" %{_builddir}/openlitespeed/dist/install.sh +sed -i -e 's:OPENLSWS_ADMINSSL=yes:OPENLSWS_ADMINSSL=no:g' %{_builddir}/openlitespeed/dist/install.sh +sed -i -e 's:ln -sf "$LSWS_HOME/fcgi-bin/lsphp5" "$LSWS_HOME/fcgi-bin/lphp":cd $LSWS_HOME/fcgi-bin/; ln -sf lsphp5 ./lsphp; cd -:g' %{_builddir}/openlitespeed/dist/_in.sh +sed -i -e 's:mkdir $SERVERROOT:mkdir -p $SERVERROOT:g' %{_builddir}/openlitespeed/dist/install.sh +sed -i -e 's|s:%LSWS_CTRL%:$LSWS_HOME/bin/lswsctrl:|s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:|g' %{_builddir}/openlitespeed/dist/functions.sh +%{_builddir}/openlitespeed/dist/install.sh +rm -f %{buildroot}/usr/lsws/admin/conf/admin_config.conf +cp -pr %{_builddir}/openlitespeed/dist/admin/conf/admin_config_ssl.conf.in %{buildroot}/usr/lsws/admin/conf/admin_config.conf +sed -i -e "s:%ADMIN_PORT%:7080:g" %{buildroot}/usr/lsws/admin/conf/admin_config.conf +sed -i -e "s:%SSL_HOSTNAME%:webadmin:g" %{buildroot}/usr/lsws/admin/conf/admin_config.conf +install -m 755 -d %{buildroot}/etc/init.d +chmod u+w %{buildroot}/usr/lsws/admin/misc/lsws.rc +sed "s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:" %{_builddir}/openlitespeed/dist/admin/misc/lsws.rc.in > %{buildroot}/usr/lsws/admin/misc/lsws.rc +sed "s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:" %{_builddir}/openlitespeed/dist/admin/misc/lsws.rc.in > %{buildroot}/etc/init.d/lsws +chmod 0755 %{buildroot}/etc/init.d/lsws +sed -i -e 's:fcgi-bin/lsphp:$SERVER_ROOT/lsphp73/bin/lsphp:g' %{buildroot}/usr/lsws/conf/httpd_config.conf +echo 'RPM' > %{buildroot}/usr/lsws/PLAT +chmod 755 %{buildroot}/usr/lsws/bin/unmount_ns +chmod 755 %{buildroot}/usr/lsws/lsrecaptcha/_recaptcha +chmod 755 %{buildroot}/usr/lsws/admin/fcgi-bin/admin_php +chmod 755 %{buildroot}/usr/lsws/fcgi-bin/lsphp5 +chmod 755 %{buildroot}/usr/lsws/admin/fcgi-bin/admin_php +rm %{buildroot}/usr/lsws/fcgi-bin/lsphp +rm %{buildroot}/usr/lsws/admin/misc/lsws.rc.gentoo + + +%clean +%pre +getent group lsadm > /dev/null || groupadd -r lsadm +lsadm_gid=`grep ^lsadm: /etc/group | awk -F : '{ print $3; }'` >/dev/null 2>&1 +getent passwd lsadm > /dev/null || useradd -g $lsadm_gid -d / -r -s /sbin/nologin -c "lsadm" lsadm >/dev/null 2>&1 +usermod -G lsadm,nobody lsadm >/dev/null 2>&1 +exit 0 + +%post +DEFAULT_USER="nobody" +DEFAULT_GROUP="nobody" +WS_USER=$DEFAULT_USER +WS_GROUP=$DEFAULT_GROUP +ADMIN_USER="lsadm" +LSWS_HOME="/usr/lsws" +OLD_USER=$DEFAULT_USER +OLD_GROUP=$DEFAULT_GROUP + +grep -q nobody: "/etc/group" + +if [ $? != 0 ] ; then + DEFAULT_GROUP="nogroup" +fi +if [ "$WS_GROUP" = "nobody" ] ; then + WS_GROUP=$DEFAULT_GROUP +fi +if [ -f "$LSWS_HOME/conf/httpd_config.xml" ] ; then + OLD_USER_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` + OLD_GROUP_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` + OLD_USER=`expr "$OLD_USER_CONF" : '.*\(.*\).*'` + OLD_GROUP=`expr "$OLD_GROUP_CONF" : '.*\(.*\).*'` +fi +if [ -f "$LSWS_HOME/conf/httpd_config.conf" ] ; then + #Now check if the user and group match with the conf file + OLD_USER_CONF=`grep "user" "$LSWS_HOME/conf/httpd_config.conf"` + OLD_GROUP_CONF=`grep "group" "$LSWS_HOME/conf/httpd_config.conf"` + OLD_USER=`expr "$OLD_USER_CONF" : '\s*user\s*\(\S*\)'` + OLD_GROUP=`expr "$OLD_GROUP_CONF" : '\s*group\s*\(\S*\)'` +fi +WS_USER=$OLD_USER +WS_GROUP=$OLD_GROUP +DIR_OWN=$WS_USER:$WS_GROUP +CONF_OWN=$WS_USER:$WS_GROUP +LOGDIR_OWN="root:$WS_GROUP" +grep "^lsadm:" /etc/passwd 1>/dev/null 2>&1 +if [ $? -eq 0 ]; then + CONF_OWN="lsadm:lsadm" +fi +SDIR_OWN="root:root" +chown $SDIR_OWN $LSWS_HOME >/dev/null 2>&1 +chown "$CONF_OWN" -R /usr/lsws/conf >/dev/null 2>&1 +chown "$CONF_OWN" -R /usr/lsws/phpbuild >/dev/null 2>&1 +if [ -d "/usr/lsws/autoupdate" ]; then + chown "$CONF_OWN" -R /usr/lsws/autoupdate >/dev/null 2>&1 +fi +if [ -d "/usr/lsws/DEFAULT/conf" ]; then + chown "$CONF_OWN" -R /usr/lsws/DEFAULT/conf >/dev/null 2>&1 +fi +if [ -d "/usr/lsws/Example/conf" ]; then + chown "$CONF_OWN" -R /usr/lsws/Example/conf >/dev/null 2>&1 +fi +chown "$CONF_OWN" -R /usr/lsws/admin/conf >/dev/null 2>&1 +chown "$CONF_OWN" -R /usr/lsws/admin/tmp >/dev/null 2>&1 +chgrp $WS_GROUP /usr/lsws/admin/cgid >/dev/null 2>&1 +chgrp $WS_GROUP /usr/lsws/admin/tmp >/dev/null 2>&1 +chown "$CONF_OWN" $LSWS_HOME/admin/tmp/sess_* 1>/dev/null 2>&1 +chown "$DIR_OWN" $LSWS_HOME/cachedata >/dev/null 2>&1 +chown "$SDIR_OWN" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 +chmod "$EXEC_MOD" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 +chown "$CONF_OWN" "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 +chmod 0600 "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 +chown "$CONF_OWN" "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 +chmod 0600 "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 +chown "nobody:nobody" "$LSWS_HOME/tmp" >/dev/null 2>&1 +chmod 0700 "$LSWS_HOME/tmp" >/dev/null 2>&1 +chmod 0755 "$LSWS_HOME/autoupdate" >/dev/null 2>&1 +chown "$LOGDIR_OWN" "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 +chmod 0750 "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 +#########this is the end of script to fix rpm build related file group and permission problem. + +SSL_COUNTRY='US' +SSL_STATE="New Jersey" +SSL_LOCALITY='Virtual' +SSL_ORG='LiteSpeedCommunity' +SSL_ORGUNIT='Testing' +SSL_HOSTNAME='webadmin' +COMMNAME='openlitespeed.host' +SSL_COUNTRY=US +SSL_STATE="New Jersey" +csr="${SSL_HOSTNAME}.csr" +key="${SSL_HOSTNAME}.key" +cert="${SSL_HOSTNAME}.crt" + +%define sslcert /usr/lsws/admin/conf/${cert} +%define sslkey /usr/lsws/admin/conf/${key} + +cat << EOF > ${csr} +[req] +prompt=no +distinguished_name=openlitespeed +[openlitespeed] +commonName = ${COMMNAME} +countryName = ${SSL_COUNTRY} +localityName = Virtual +organizationName = LiteSpeedCommunity +organizationalUnitName = Testing +stateOrProvinceName = NJ +emailAddress = mail@${COMMNAME} +name = openlitespeed +initials = CP +dnQualifier = openlitespeed +[server_exts] +extendedKeyUsage=1.3.6.1.5.5.7.3.1 +EOF + +openssl req -x509 -config $csr -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout %{sslkey} -out %{sslcert} +chown lsadm.lsadm %{sslcert}; chmod 400 %{sslcert}; +chown lsadm.lsadm %{sslkey}; chmod 400 %{sslkey}; +ln -s /usr/lsws/fcgi-bin/lsphp5 /usr/lsws/fcgi-bin/lsphp + +/usr/lsws/admin/misc/rc-inst.sh > /dev/null 2>&1 +echo "Запустите скрипт admpass.sh от лица привилегированного пользователя root, чтобы задать пароль пользователю admin. Скрипт находится в директории: /usr/lsws/admin/misc/admpass.sh. Запишите пароль, чтобы не потерять доступ к веб серверу, после создания пароля он будет храниться в зашифрованном виде." +echo "Чтобы запустить сервер openlitespeed выполните команду: systemctl restart lsws" + + +%files +%defattr(-,root,root,-) +/etc/init.d/lsws +%dir /usr/lsws +/usr/lsws/* +%config(noreplace) /usr/lsws/conf/* +%config(noreplace) /usr/lsws/admin/conf/* +%config(noreplace) /usr/lsws/fcgi-bin/* +%config(noreplace) /usr/lsws/PLAT + +%files -n ols-pagespeed +%defattr(-,root,root,-) +%attr(-,root,root) /usr/lsws/modules/modpagespeed.so + +%files -n ols-modsecurity +%defattr(-,root,root,-) +%attr(-,root,root) /usr/lsws/modules/mod_security.so + +%files -n ols-lua +%defattr(-,root,root,-) +%attr(-,root,root) /usr/lsws/modules/mod_lua.so + +%changelog +* Wed Sep 18 2024 Eduard Basov - 1.8.2 +- Rebuild for MSVSphere 9.4 +