diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..785503c --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +SOURCES/openlitespeed-1.8.2.tar.gz +SOURCES/third-party.tar.xz +SOURCES/admin_php.tar.xz +SOURCES/ls-hpack-2.3.3.tar.gz +SOURCES/ls-qpack-2.5.4.tar.gz +SOURCES/lsquic-4.0.12.tar.gz diff --git a/.openlitespeed.metadata b/.openlitespeed.metadata new file mode 100644 index 0000000..d38c93b --- /dev/null +++ b/.openlitespeed.metadata @@ -0,0 +1,6 @@ +b737416510aafc37fc2e1cf0f64b57b66f1db854 SOURCES/admin_php.tar.xz +343f961c9b93d36b4a8874f9fbf9e3087b0e7e00 SOURCES/ls-hpack-2.3.3.tar.gz +8ad5b9c2da97e40a0efc1927def334957ea14c58 SOURCES/ls-qpack-2.5.4.tar.gz +ea49cda7da4b07fe1cfd14d3c29f2232616c461c SOURCES/lsquic-4.0.12.tar.gz +068b78e67475debd2321fed6195989dad28dad43 SOURCES/openlitespeed-1.8.2.tar.gz +63ea80ec5e804e3b06cbe1d88ee300d08208719b SOURCES/third-party.tar.xz diff --git a/SOURCES/fix-tarball-for-local-build.patch b/SOURCES/fix-tarball-for-local-build.patch new file mode 100644 index 0000000..04bb987 --- /dev/null +++ b/SOURCES/fix-tarball-for-local-build.patch @@ -0,0 +1,467 @@ +diff --git a/build.sh b/build.sh +index 949dda5..398f906 100755 +--- a/build.sh ++++ b/build.sh +@@ -50,21 +50,21 @@ else + exit 1 + fi + +-APP_MGR_CMD= +-for APP_MGR in ${APP_MGRS}; do +- APP_MGR_CHECK=`which ${APP_MGR} &>/dev/null` +- if [ $? -eq 0 ] ; then +- APP_MGR_CMD="${APP_MGR}" +- FULL_APP_MGR_CMD=$APP_MGR_CMD +- break +- fi +-done +- +-echo OS is ${OS}, APP_MGR_CMD is ${APP_MGR_CMD}. +-if [ "x${APP_MGR_CMD}" = "x" ] ; then +- echo 'Can not find package installation command, quit.' +- exit 1 +-fi ++#APP_MGR_CMD= ++#for APP_MGR in ${APP_MGRS}; do ++# APP_MGR_CHECK=`which ${APP_MGR} &>/dev/null` ++# if [ $? -eq 0 ] ; then ++# APP_MGR_CMD="${APP_MGR}" ++# FULL_APP_MGR_CMD=$APP_MGR_CMD ++# break ++# fi ++#done ++# ++#echo OS is ${OS}, APP_MGR_CMD is ${APP_MGR_CMD}. ++#if [ "x${APP_MGR_CMD}" = "x" ] ; then ++# echo 'Can not find package installation command, quit.' ++# exit 1 ++#fi + + + # getVersionNumber0() +@@ -229,27 +229,6 @@ installgo() + fi + } + +- +-preparelibquic() +-{ +- if [ -e lsquic ] ; then +- ls src/ | grep liblsquic +- if [ $? -eq 0 ] ; then +- echo Need to git download the submodule ... +- rm -rf lsquic +- git clone https://github.com/litespeedtech/lsquic.git +- cd lsquic +- +- LIBQUICVER=`cat ../LSQUICCOMMIT` +- echo "LIBQUICVER is ${LIBQUICVER}" +- git checkout ${LIBQUICVER} +- git submodule update --init --recursive +- cd .. +- +- fi +- fi +-} +- + prepareLinux() + { + OSTYPE=unknownlinux +@@ -490,14 +469,14 @@ cpModuleSoFiles() + mkdir dist/modules/ + fi + +- for module in build/src/modules/*; do +- cp -f ${module}/*.so dist/modules/ +- done ++ #for module in build/src/modules/*; do ++ # cp -f ${module}/*.so dist/modules/ ++ #done + + if [ -e build/src/modules/modsecurity-ls/mod_security.so ] ; then + cp -f build/src/modules/modsecurity-ls/mod_security.so dist/modules/ + fi +- ++ + if [ -e build/src/modules/lua/mod_lua.so ] ; then + cp -f build/src/modules/lua/mod_lua.so dist/modules/ + fi +@@ -514,9 +493,6 @@ fixshmdir() + mkdir /tmp/shm + chmod 777 /tmp/shm + sed -i -e "s/\/dev\/shm/\/tmp\/shm/g" dist/conf/httpd_config.conf.in +- if [ "${OS}" = "FreeBSD" ] ; then +- echo 'link /tmp/shm shm' >> /etc/devfs.conf +- fi + fi + } + +@@ -574,7 +550,7 @@ if [ "${OS}" = "FreeBSD" ] ; then + prepareBsd + elif [ "${OS}" = "Linux" ] ; then + ISLINUX=yes +- prepareLinux ++# prepareLinux + elif [ "${OS}" = "Darwin" ] ; then + prepareMac + fi +@@ -582,32 +558,26 @@ fi + + + cd .. +-if [ ! -d third-party ]; then +- +- git clone https://github.com/litespeedtech/third-party.git +- mkdir third-party/lib64 +- cd third-party/script/ +- +- #Remove unittest-cpp and add bcrypt +- sed -i -e "s/unittest-cpp/bcrypt/g" ./build_ols.sh +- if [ "$MOD_SECURITY" != "ON" ]; then +- sed -i -e "s/libmodsec/ /g" ./build_ols.sh +- fi +- if [ "$MOD_PAGESPEED" != "ON" ]; then +- sed -i -e "s/psol/ /g" ./build_ols.sh +- fi +- if [ "$MOD_LUA" != "ON" ]; then +- sed -i -e "s/luajit/ /g" ./build_ols.sh +- fi +- +- ./build_ols.sh ++mkdir third-party/lib64 ++cd third-party/script/ + ++#Remove unittest-cpp and add bcrypt ++sed -i -e "s/unittest-cpp/bcrypt/g" ./build_ols.sh ++if [ "$MOD_SECURITY" != "ON" ]; then ++ sed -i -e "s/libmodsec/ /g" ./build_ols.sh ++fi ++if [ "$MOD_PAGESPEED" != "ON" ]; then ++ sed -i -e "s/psol/ /g" ./build_ols.sh + fi ++if [ "$MOD_LUA" != "ON" ]; then ++ sed -i -e "s/luajit/ /g" ./build_ols.sh ++fi ++ ++./build_ols.sh + + cd ${CURDIR} + + updateSrcCMakelistfile +-preparelibquic + + + if [ "$MOD_PAGESPEED" = "ON" ]; then +@@ -625,7 +595,7 @@ fi + cd src/modules/lsrecaptcha + export GOPATH=$CUR_PATH/src/modules/lsrecaptcha + export GO111MODULE=off +-go build lsrecaptcha ++./build_lsrecaptcha.sh + cp lsrecaptcha ../../../dist/lsrecaptcha/_recaptcha + cd ../../../ + +@@ -660,9 +630,9 @@ jobs=$(nproc) + make -j${jobs} + cd .. + +-cp build/src/openlitespeed dist/bin/ ++mv build/src/openlitespeed dist/bin/ + if [ -e build/support/unmount_ns/unmount_ns ] ; then +- cp build/support/unmount_ns/unmount_ns dist/bin/ ++ mv build/support/unmount_ns/unmount_ns dist/bin/ + fi + + cpModuleSoFiles +@@ -672,11 +642,11 @@ if [ -e src/liblsquic ] ; then + freebsdFix + fi + +-cat > ./ols.conf < ./dist/ols.conf < ./install.sh < ./dist/install.sh </dev/null 2>&1 + + +@@ -796,7 +765,7 @@ fi + + END + +-chmod 777 ./install.sh ++chmod 777 ./dist/install.sh + + echo -e "\033[38;5;71mBuilding finished, please run ./install.sh for installation.\033[39m" + echo -e "\033[38;5;71mYou may want to update the ols.conf to change the settings before installation.\033[39m" +diff --git a/dist/admin/misc/lscmctl b/dist/admin/misc/lscmctl +index ee0f595..e2372e8 100755 +--- a/dist/admin/misc/lscmctl ++++ b/dist/admin/misc/lscmctl +@@ -92,14 +92,7 @@ printHelp() + + updateMinAPIVerFile() + { +- MIN_VER=$(wget -q https://www.litespeed.sh/sub/shared/MIN_VER -O -) +- RET=$? +- +- if [ "${RET}" = "127" ] ; then +- errorExit "Required command 'wget' not found with exit code 127." +- elif [ "$RET" != "0" ] ; then +- errorExit "Failed to download latest MIN_VER file with wget exit status ${RET}." +- fi ++ MIN_VER=1.17.1.1 + + echo "${MIN_VER}" > "${SHARED_API_MIN_VER_FILE}" + } +diff --git a/dist/functions.sh b/dist/functions.sh +index fb7a33c..9ef9038 100755 +--- a/dist/functions.sh ++++ b/dist/functions.sh +@@ -398,11 +398,11 @@ EOF + DIR_OWN=$WS_USER:$WS_GROUP + CONF_OWN=$WS_USER:$WS_GROUP + +- if [ $INST_USER = "root" ]; then +- if [ $SUCC -eq "1" ]; then +- chown -R "$DIR_OWN" "$LSWS_HOME" +- fi +- fi ++# if [ $INST_USER = "root" ]; then ++# if [ $SUCC -eq "1" ]; then ++ # chown -R "$DIR_OWN" "$LSWS_HOME" ++ # fi ++ # fi + } + + stopLshttpd() +@@ -650,7 +650,7 @@ util_mkdir() + if [ ! -d "$LSWS_HOME/$arg" ]; then + mkdir "$LSWS_HOME/$arg" + fi +- chown "$OWNER" "$LSWS_HOME/$arg" ++ #chown "$OWNER" "$LSWS_HOME/$arg" + chmod $PERM "$LSWS_HOME/$arg" + done + +@@ -667,7 +667,7 @@ util_cpfile() + do + if [ -f "$LSINSTALL_DIR/$arg" ]; then + cp -f "$LSINSTALL_DIR/$arg" "$LSWS_HOME/$arg" +- chown "$OWNER" "$LSWS_HOME/$arg" ++ #chown "$OWNER" "$LSWS_HOME/$arg" + chmod $PERM "$LSWS_HOME/$arg" + fi + done +@@ -686,7 +686,7 @@ util_ccpfile() + cp "$LSINSTALL_DIR/$arg" "$LSWS_HOME/$arg" + fi + if [ -f "$LSWS_HOME/$arg" ]; then +- chown "$OWNER" "$LSWS_HOME/$arg" ++ #chown "$OWNER" "$LSWS_HOME/$arg" + chmod $PERM "$LSWS_HOME/$arg" + fi + done +@@ -702,7 +702,7 @@ util_cpdir() + for arg + do + cp -R "$LSINSTALL_DIR/$arg/"* "$LSWS_HOME/$arg/" +- chown -R "$OWNER" "$LSWS_HOME/$arg/"* ++ #chown -R "$OWNER" "$LSWS_HOME/$arg/"* + #chmod -R $PERM $LSWS_HOME/$arg/* + done + } +@@ -713,7 +713,7 @@ util_cp_htaccess() + PERM=$2 + arg=$3 + cp -R "$LSINSTALL_DIR/$arg/".htaccess "$LSWS_HOME/$arg/" +- chown -R "$OWNER" "$LSWS_HOME/$arg/".htaccess ++ #chown -R "$OWNER" "$LSWS_HOME/$arg/".htaccess + } + + +@@ -729,7 +729,7 @@ util_cpdirv() + for arg + do + cp -R "$LSINSTALL_DIR/$arg/"* "$LSWS_HOME/$arg.$VERSION/" +- chown -R "$OWNER" "$LSWS_HOME/$arg.$VERSION" ++ #chown -R "$OWNER" "$LSWS_HOME/$arg.$VERSION" + $TEST_BIN -L "$LSWS_HOME/$arg" + if [ $? -eq 0 ]; then + rm -f "$LSWS_HOME/$arg" +@@ -751,7 +751,7 @@ util_cpfilev() + for arg + do + cp -f "$LSINSTALL_DIR/$arg" "$LSWS_HOME/$arg.$VERSION" +- chown "$OWNER" "$LSWS_HOME/$arg.$VERSION" ++ #chown "$OWNER" "$LSWS_HOME/$arg.$VERSION" + chmod $PERM "$LSWS_HOME/$arg.$VERSION" + $TEST_BIN -L "$LSWS_HOME/$arg" + if [ $? -eq 0 ]; then +@@ -768,7 +768,7 @@ installation1() + umask 022 + if [ $INST_USER = "root" ]; then + SDIR_OWN="root:$ROOTGROUP" +- chown $SDIR_OWN $LSWS_HOME ++ #chown $SDIR_OWN $LSWS_HOME + else + SDIR_OWN=$DIR_OWN + fi +@@ -783,7 +783,7 @@ installation1() + if [ ! -f "$LSWS_HOME/$arg" ]; then + cp "$LSINSTALL_DIR/$arg" "$LSWS_HOME/$arg" + fi +- chown "$OWNER" "$LSWS_HOME/$arg" ++ #chown "$OWNER" "$LSWS_HOME/$arg" + chmod $PERM "$LSWS_HOME/$arg" + done + } +@@ -798,7 +798,7 @@ util_cpdir() + for arg + do + cp -R "$LSINSTALL_DIR/$arg/"* "$LSWS_HOME/$arg/" +- chown -R "$OWNER" "$LSWS_HOME/$arg/"* ++ #chown -R "$OWNER" "$LSWS_HOME/$arg/"* + #chmod -R $PERM $LSWS_HOME/$arg/* + done + } +@@ -817,7 +817,7 @@ util_cpdirv() + do + if [ -d "$LSINSTALL_DIR/$arg" ]; then + cp -R "$LSINSTALL_DIR/$arg/"* "$LSWS_HOME/$arg.$VERSION/" +- chown -R "$OWNER" "$LSWS_HOME/$arg.$VERSION" ++ #chown -R "$OWNER" "$LSWS_HOME/$arg.$VERSION" + $TEST_BIN -L "$LSWS_HOME/$arg" + if [ $? -eq 0 ]; then + rm -f "$LSWS_HOME/$arg" +@@ -842,7 +842,7 @@ util_cpfilev() + if [ -f "$LSINSTALL_DIR/$arg" ]; then + + cp -f "$LSINSTALL_DIR/$arg" "$LSWS_HOME/$arg.$VERSION" +- chown "$OWNER" "$LSWS_HOME/$arg.$VERSION" ++ #chown "$OWNER" "$LSWS_HOME/$arg.$VERSION" + chmod $PERM "$LSWS_HOME/$arg.$VERSION" + $TEST_BIN -L "$LSWS_HOME/$arg" + if [ $? -eq 0 ]; then +@@ -914,7 +914,7 @@ installation_lscpd() + fi + SDIR_OWN="root:$ROOTGROUP" + LOGDIR_OWN="root:$WS_GROUP" +- chown $SDIR_OWN $LSWS_HOME ++ #chown $SDIR_OWN $LSWS_HOME + else + SDIR_OWN=$DIR_OWN + LOGDIR_OWN=$DIR_OWN +@@ -974,7 +974,7 @@ installation() + fi + SDIR_OWN="root:$ROOTGROUP" + LOGDIR_OWN="root:$WS_GROUP" +- chown $SDIR_OWN $LSWS_HOME ++ #chown $SDIR_OWN $LSWS_HOME + else + SDIR_OWN=$DIR_OWN + LOGDIR_OWN=$DIR_OWN +@@ -991,12 +991,12 @@ installation() + util_mkdir "$CONF_OWN" $SDIR_MOD conf conf/cert conf/templates conf/vhosts conf/vhosts/Example admin/conf admin/tmp phpbuild + util_mkdir "$SDIR_OWN" $SDIR_MOD cgid admin/cgid admin/cgid/secret + util_mkdir "$DIR_OWN" $SDIR_MOD tmp/ocspcache +- chgrp $WS_GROUP $LSWS_HOME/admin/tmp $LSWS_HOME/admin/cgid $LSWS_HOME/cgid ++ #chgrp $WS_GROUP $LSWS_HOME/admin/tmp $LSWS_HOME/admin/cgid $LSWS_HOME/cgid + chmod g+x $LSWS_HOME/admin/tmp $LSWS_HOME/admin/cgid $LSWS_HOME/cgid +- chown $CONF_OWN $LSWS_HOME/admin/tmp/sess_* 1>/dev/null 2>&1 +- chown $DIR_OWN $LSWS_HOME/cachedata +- chown $DIR_OWN $LSWS_HOME/autoupdate +- chown $DIR_OWN $LSWS_HOME/tmp ++ #chown $CONF_OWN $LSWS_HOME/admin/tmp/sess_* 1>/dev/null 2>&1 ++ #chown $DIR_OWN $LSWS_HOME/cachedata ++ #chown $DIR_OWN $LSWS_HOME/autoupdate ++ #chown $DIR_OWN $LSWS_HOME/tmp + util_mkdir "$SDIR_OWN" $DIR_MOD Example + + find "$LSWS_HOME/admin/tmp" -type s -atime +1 -delete 2>/dev/null +@@ -1076,7 +1076,7 @@ installation() + fi + + #change conf own as lsadm:nobody permission 750 +- chown -R lsadm:$WS_GROUP "$LSWS_HOME/conf/" ++ #chown -R lsadm:$WS_GROUP "$LSWS_HOME/conf/" + chmod -R 0750 "$LSWS_HOME/conf/" + + chmod 0600 "$LSWS_HOME/conf/httpd_config.conf" +diff --git a/dist/install.sh b/dist/install.sh +index d38d958..acd4a94 100755 +--- a/dist/install.sh ++++ b/dist/install.sh +@@ -33,7 +33,7 @@ inst_admin_php() + + if [ "x$OS" = "xLinux" ] ; then + if [ "x$ARCH" = "xx86_64" ] ; then +- $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp5_bin/x86_64/lsphp5 ++ mv $TEMPDIR/admin/fcgi-bin/admin_php $LSWS_HOME/admin/fcgi-bin/ + elif [ "x$ARCH" = "xaarch64" ] ; then + $DLCMD $LSWS_HOME/admin/fcgi-bin/admin_php http://www.litespeedtech.com/packages/lsphp7_bin/aarch64/lsphp + else +@@ -183,6 +183,7 @@ inst_lsphp7() + + #script start here + cd `dirname "$0"` ++TEMPDIR=$(pwd) + . ./functions.sh + if [ $? != 0 ] ; then + echo "[ERROR] Can not include 'functions.sh'." +@@ -404,10 +405,9 @@ if [ "x$IS_LSCPD" != "xyes" ] ; then + $LSWS_HOME/admin/misc/create_admin_keypair.sh + fi + +- chown "$CONF_OWN" "$LSWS_HOME/admin/conf/jcryption_keypair" ++ + chmod 0600 "$LSWS_HOME/admin/conf/jcryption_keypair" + +- chown "$CONF_OWN" "$LSWS_HOME/admin/conf/htpasswd" + chmod 0600 "$LSWS_HOME/admin/conf/htpasswd" + + +diff --git a/src/modules/modsecurity-ls/CMakeLists.txt b/src/modules/modsecurity-ls/CMakeLists.txt +index c091ad9..f110452 100644 +--- a/src/modules/modsecurity-ls/CMakeLists.txt ++++ b/src/modules/modsecurity-ls/CMakeLists.txt +@@ -1,6 +1,6 @@ + cmake_minimum_required(VERSION 3.0) + +-set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=gnu++11 -Wall") ++set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=gnu++17 -Wall") + + include_directories(${PROJECT_SOURCE_DIR}/../third-party/ModSecurity/headers/) + diff --git a/SPECS/openlitespeed.spec b/SPECS/openlitespeed.spec new file mode 100644 index 0000000..a1cac0a --- /dev/null +++ b/SPECS/openlitespeed.spec @@ -0,0 +1,260 @@ +%global _lsws_dir %{_prefix}/lsws + +Name: openlitespeed +Version: 1.8.2 +Release: 1%{?dist} +Summary: Open source HTTP server developed and copyrighted by LiteSpeed Technologies. +License: GPLv3+ +Url: https://github.com/litespeedtech/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz + +Source0: https://github.com/litespeedtech/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Source1: third-party.tar.xz +Source2: https://github.com/litespeedtech/lsquic/archive/refs/tags/v4.0.12.tar.gz#/lsquic-4.0.12.tar.gz +Source3: https://github.com/litespeedtech/ls-hpack/archive/refs/tags/v2.3.3.tar.gz#/ls-hpack-2.3.3.tar.gz +Source4: admin_php.tar.xz +Source5: https://github.com/litespeedtech/ls-qpack/archive/refs/tags/v2.5.4.tar.gz#/ls-qpack-2.5.4.tar.gz + +Patch0: fix-tarball-for-local-build.patch + +BuildRequires: gcc +BuildRequires: g++ +BuildRequires: make +BuildRequires: cmake +BuildRequires: clang +BuildRequires: expat-devel +BuildRequires: libcap-devel +BuildRequires: libtool +BuildRequires: autoconf +BuildRequires: go +BuildRequires: libaio-devel +BuildRequires: doxygen +BuildRequires: docbook2X + +%if 0%{?systemd_requires} +Requires: systemd +%endif + +%description +OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. + +%package lua +Summary: Lua +Requires: %{name} = %{version}-%{release} + +%description lua +Mod Lua module for openlitespeed webserver. + +%package pagespeed +Summary: Pagespeed +Requires: %{name} = %{version}-%{release} + +%description pagespeed +Pagespeed module for openlitespeed webserver. + +%package modsecurity +Summary: Mod Security +Requires: %{name} = %{version}-%{release} + +%description modsecurity +Mod Security for openlitespeed webserver. + +%prep +%autosetup -p1 -b1 +tar -xpaf %{SOURCE2} +tar -xpaf %{SOURCE3} +mkdir %{_builddir}/%{name}-%{version}/dist/admin/fcgi-bin +tar -xpaf %{SOURCE4} -C %{_builddir}/%{name}-%{version}/dist/admin/fcgi-bin/ +tar -xpaf %{SOURCE5} + +%build +rm -rf lsquic +mv lsquic-4.0.12/ lsquic +rm -rf lsquic/src/lshpack +mv ls-hpack-2.3.3/ lsquic/src/lshpack +rm -rf lsquic/src/liblsquic/ls-qpack +mv ls-qpack-2.5.4/ lsquic/src/liblsquic/ls-qpack +sh -e build.sh + +%install +install -dm 755 %{buildroot}%{_lsws_dir} +rm -f dist/ols.conf +buildroot_path=$(rpm --eval "%{buildroot}") +sed -i -e 's:USE_LSPHP7=yes:USE_LSPHP7=no:g' dist/install.sh +sed -i -e "s:SERVERROOT=/usr/lsws:SERVERROOT=$buildroot_path/usr/lsws:g" dist/install.sh +sed -i -e 's:OPENLSWS_ADMINSSL=yes:OPENLSWS_ADMINSSL=no:g' dist/install.sh +sed -i -e 's:ln -sf "$LSWS_HOME/fcgi-bin/lsphp5" "$LSWS_HOME/fcgi-bin/lphp":cd $LSWS_HOME/fcgi-bin/; ln -sf lsphp5 ./lsphp; cd -:g' dist/_in.sh +sed -i -e 's:mkdir $SERVERROOT:mkdir -p $SERVERROOT:g' dist/install.sh +sed -i -e 's|s:%LSWS_CTRL%:$LSWS_HOME/bin/lswsctrl:|s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:|g' dist/functions.sh +dist/install.sh +rm -f %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf +cp -pr dist/admin/conf/admin_config_ssl.conf.in %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf +sed -i -e "s:%ADMIN_PORT%:7080:g" %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf +sed -i -e "s:%SSL_HOSTNAME%:webadmin:g" %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf +install -m 755 -d %{buildroot}%{_unitdir} +cp %{buildroot}%{_lsws_dir}/admin/misc/lshttpd.service %{buildroot}%{_unitdir} +chmod u+w %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc +sed "s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:" dist/admin/misc/lsws.rc.in > %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc +sed -i -e 's:fcgi-bin/lsphp:$SERVER_ROOT/lsphp73/bin/lsphp:g' %{buildroot}%{_lsws_dir}/conf/httpd_config.conf +echo 'RPM' > %{buildroot}%{_lsws_dir}/PLAT +chmod 755 %{buildroot}%{_lsws_dir}/bin/unmount_ns +chmod 755 %{buildroot}%{_lsws_dir}/lsrecaptcha/_recaptcha +chmod 755 %{buildroot}%{_lsws_dir}/admin/fcgi-bin/admin_php +chmod 755 %{buildroot}%{_lsws_dir}/fcgi-bin/lsphp5 +chmod 755 %{buildroot}%{_lsws_dir}/admin/fcgi-bin/admin_php +rm -f %{buildroot}%{_lsws_dir}/fcgi-bin/lsphp +rm -f %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc.gentoo + + +%pre +getent group lsadm > /dev/null || groupadd -r lsadm +lsadm_gid=`grep ^lsadm: /etc/group | awk -F : '{ print $3; }'` >/dev/null 2>&1 +getent passwd lsadm > /dev/null || useradd -g $lsadm_gid -d / -r -s /sbin/nologin -c "lsadm" lsadm >/dev/null 2>&1 +usermod -G lsadm,nobody lsadm >/dev/null 2>&1 +exit 0 + +%preun +%systemd_preun lsws + +%postun +userdel lsadm +%systemd_postun lsws + +%post +DEFAULT_USER="nobody" +DEFAULT_GROUP="nobody" +WS_USER=$DEFAULT_USER +WS_GROUP=$DEFAULT_GROUP +ADMIN_USER="lsadm" +LSWS_HOME="/usr/lsws" +OLD_USER=$DEFAULT_USER +OLD_GROUP=$DEFAULT_GROUP + +grep -q nobody: "/etc/group" + +if [ $? != 0 ] ; then + DEFAULT_GROUP="nogroup" +fi +if [ "$WS_GROUP" = "nobody" ] ; then + WS_GROUP=$DEFAULT_GROUP +fi +if [ -f "$LSWS_HOME/conf/httpd_config.xml" ] ; then + OLD_USER_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` + OLD_GROUP_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` + OLD_USER=`expr "$OLD_USER_CONF" : '.*\(.*\).*'` + OLD_GROUP=`expr "$OLD_GROUP_CONF" : '.*\(.*\).*'` +fi +if [ -f "$LSWS_HOME/conf/httpd_config.conf" ] ; then + #Now check if the user and group match with the conf file + OLD_USER_CONF=`grep "user" "$LSWS_HOME/conf/httpd_config.conf"` + OLD_GROUP_CONF=`grep "group" "$LSWS_HOME/conf/httpd_config.conf"` + OLD_USER=`expr "$OLD_USER_CONF" : '\s*user\s*\(\S*\)'` + OLD_GROUP=`expr "$OLD_GROUP_CONF" : '\s*group\s*\(\S*\)'` +fi +WS_USER=$OLD_USER +WS_GROUP=$OLD_GROUP +DIR_OWN=$WS_USER:$WS_GROUP +CONF_OWN=$WS_USER:$WS_GROUP +LOGDIR_OWN="root:$WS_GROUP" +grep "^lsadm:" /etc/passwd 1>/dev/null 2>&1 +if [ $? -eq 0 ]; then + CONF_OWN="lsadm:lsadm" +fi +SDIR_OWN="root:root" +chown $SDIR_OWN $LSWS_HOME >/dev/null 2>&1 +chown "$CONF_OWN" -R %{_lsws_dir}/conf >/dev/null 2>&1 +chown "$CONF_OWN" -R %{_lsws_dir}/phpbuild >/dev/null 2>&1 +if [ -d "/usr/lsws/autoupdate" ]; then + chown "$CONF_OWN" -R %{_lsws_dir}/autoupdate >/dev/null 2>&1 +fi +if [ -d "/usr/lsws/DEFAULT/conf" ]; then + chown "$CONF_OWN" -R %{_lsws_dir}/DEFAULT/conf >/dev/null 2>&1 +fi +if [ -d "/usr/lsws/Example/conf" ]; then + chown "$CONF_OWN" -R %{_lsws_dir}/Example/conf >/dev/null 2>&1 +fi +chown "$CONF_OWN" -R %{_lsws_dir}/admin/conf >/dev/null 2>&1 +chown "$CONF_OWN" -R %{_lsws_dir}/admin/tmp >/dev/null 2>&1 +chgrp $WS_GROUP %{_lsws_dir}/admin/cgid >/dev/null 2>&1 +chgrp $WS_GROUP %{_lsws_dir}/admin/tmp >/dev/null 2>&1 +chown "$CONF_OWN" $LSWS_HOME/admin/tmp/sess_* 1>/dev/null 2>&1 +chown "$DIR_OWN" $LSWS_HOME/cachedata >/dev/null 2>&1 +chown "$SDIR_OWN" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 +chmod "$EXEC_MOD" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 +chown "$CONF_OWN" "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 +chmod 0600 "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 +chown "$CONF_OWN" "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 +chmod 0600 "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 +chown "nobody:nobody" "$LSWS_HOME/tmp" >/dev/null 2>&1 +chmod 0700 "$LSWS_HOME/tmp" >/dev/null 2>&1 +chmod 0755 "$LSWS_HOME/autoupdate" >/dev/null 2>&1 +chown "$LOGDIR_OWN" "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 +chmod 0750 "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 +#########this is the end of script to fix rpm build related file group and permission problem. + +SSL_COUNTRY='RU' +SSL_STATE="Moscow" +SSL_LOCALITY='Virtual' +SSL_ORG='LiteSpeedCommunity' +SSL_ORGUNIT='Testing' +SSL_HOSTNAME='webadmin' +COMMNAME='openlitespeed.host' +csr="${SSL_HOSTNAME}.csr" +key="${SSL_HOSTNAME}.key" +cert="${SSL_HOSTNAME}.crt" + +%define sslcert %{_lsws_dir}/admin/conf/${cert} +%define sslkey %{_lsws_dir}/admin/conf/${key} + +cat << EOF > ${csr} +[req] +prompt=no +distinguished_name=openlitespeed +[openlitespeed] +commonName = ${COMMNAME} +countryName = ${SSL_COUNTRY} +localityName = Virtual +organizationName = LiteSpeedCommunity +organizationalUnitName = Testing +stateOrProvinceName = RU +emailAddress = mail@${COMMNAME} +name = openlitespeed +initials = CP +dnQualifier = openlitespeed +[server_exts] +extendedKeyUsage=1.3.6.1.5.5.7.3.1 +EOF + +openssl req -x509 -config $csr -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout %{sslkey} -out %{sslcert} +chown lsadm.lsadm %{sslcert}; chmod 400 %{sslcert}; +chown lsadm.lsadm %{sslkey}; chmod 400 %{sslkey}; +ln -s %{_lsws_dir}/fcgi-bin/lsphp5 %{_lsws_dir}/fcgi-bin/lsphp + +%systemd_post lsws + +echo "To change admin password run /usr/lsws/admin/misc/admpass.sh script" +echo "To start the openlitespeed server, run the command: systemctl start lsws" + + +%files +%{_unitdir}/lshttpd.service +%doc README.md +%dir %{_lsws_dir} +%{_lsws_dir}/* +%config(noreplace) %{_lsws_dir}/conf/* +%config(noreplace) %{_lsws_dir}/admin/conf/* +%config(noreplace) %{_lsws_dir}/fcgi-bin/* +%config(noreplace) %{_lsws_dir}/PLAT + +%files pagespeed +%{_lsws_dir}/modules/modpagespeed.so + +%files modsecurity +%{_lsws_dir}/modules/mod_security.so + +%files lua +%{_lsws_dir}/modules/mod_lua.so + +%changelog +* Wed Sep 18 2024 Eduard Basov - 1.8.2-1 +- Rebuild for MSVSphere 9.4 +