%global _lsws_dir %{_prefix}/lsws Name: openlitespeed Version: 1.8.2 Release: 1%{?dist} Summary: Open source HTTP server developed and copyrighted by LiteSpeed Technologies. License: GPLv3+ Url: https://github.com/litespeedtech/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source0: https://github.com/litespeedtech/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: third-party.tar.xz Source2: https://github.com/litespeedtech/lsquic/archive/refs/tags/v4.0.12.tar.gz#/lsquic-4.0.12.tar.gz Source3: https://github.com/litespeedtech/ls-hpack/archive/refs/tags/v2.3.3.tar.gz#/ls-hpack-2.3.3.tar.gz Source4: admin_php.tar.xz Source5: https://github.com/litespeedtech/ls-qpack/archive/refs/tags/v2.5.4.tar.gz#/ls-qpack-2.5.4.tar.gz Patch0: openlitespeed.patch BuildRequires: gcc BuildRequires: g++ BuildRequires: make BuildRequires: cmake BuildRequires: clang BuildRequires: expat-devel BuildRequires: libcap-devel BuildRequires: libtool BuildRequires: autoconf BuildRequires: go BuildRequires: libaio-devel BuildRequires: doxygen BuildRequires: docbook2X %description OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. %package lua Summary: Lua Requires: %{name} = %{version}-%{release} %description lua Mod Lua module for openlitespeed webserver. %package pagespeed Summary: Pagespeed Requires: %{name} = %{version}-%{release} %description pagespeed Pagespeed module for openlitespeed webserver. %package modsecurity Summary: Mod Security Requires: %{name} = %{version}-%{release} %description modsecurity Mod Security for openlitespeed webserver. %prep %autosetup -p1 -b1 tar -xpaf %{SOURCE2} tar -xpaf %{SOURCE3} mkdir %{_builddir}/%{name}-%{version}/dist/admin/fcgi-bin tar -xpaf %{SOURCE4} -C %{_builddir}/%{name}-%{version}/dist/admin/fcgi-bin/ tar -xpaf %{SOURCE5} %build rm -rf lsquic mv lsquic-4.0.12/ lsquic rm -rf lsquic/src/lshpack mv ls-hpack-2.3.3/ lsquic/src/lshpack rm -rf lsquic/src/liblsquic/ls-qpack mv ls-qpack-2.5.4/ lsquic/src/liblsquic/ls-qpack sh -e build.sh %install install -dm 755 %{buildroot}%{_lsws_dir} rm -f dist/ols.conf buildroot_path=$(rpm --eval "%{buildroot}") sed -i -e 's:USE_LSPHP7=yes:USE_LSPHP7=no:g' dist/install.sh sed -i -e "s:SERVERROOT=/usr/lsws:SERVERROOT=$buildroot_path/usr/lsws:g" dist/install.sh sed -i -e 's:OPENLSWS_ADMINSSL=yes:OPENLSWS_ADMINSSL=no:g' dist/install.sh sed -i -e 's:ln -sf "$LSWS_HOME/fcgi-bin/lsphp5" "$LSWS_HOME/fcgi-bin/lphp":cd $LSWS_HOME/fcgi-bin/; ln -sf lsphp5 ./lsphp; cd -:g' dist/_in.sh sed -i -e 's:mkdir $SERVERROOT:mkdir -p $SERVERROOT:g' dist/install.sh sed -i -e 's|s:%LSWS_CTRL%:$LSWS_HOME/bin/lswsctrl:|s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:|g' dist/functions.sh dist/install.sh rm -f %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf cp -pr dist/admin/conf/admin_config_ssl.conf.in %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf sed -i -e "s:%ADMIN_PORT%:7080:g" %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf sed -i -e "s:%SSL_HOSTNAME%:webadmin:g" %{buildroot}%{_lsws_dir}/admin/conf/admin_config.conf install -m 755 -d %{buildroot}/%{_sysconfdir}/systemd/system cp %{buildroot}%{_lsws_dir}/admin/misc/lshttpd.service %{buildroot}%{_sysconfdir}/systemd/system chmod u+w %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc sed "s:%LSWS_CTRL%:/usr/lsws/bin/lswsctrl:" dist/admin/misc/lsws.rc.in > %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc sed -i -e 's:fcgi-bin/lsphp:$SERVER_ROOT/lsphp73/bin/lsphp:g' %{buildroot}%{_lsws_dir}/conf/httpd_config.conf echo 'RPM' > %{buildroot}%{_lsws_dir}/PLAT chmod 755 %{buildroot}%{_lsws_dir}/bin/unmount_ns chmod 755 %{buildroot}%{_lsws_dir}/lsrecaptcha/_recaptcha chmod 755 %{buildroot}%{_lsws_dir}/admin/fcgi-bin/admin_php chmod 755 %{buildroot}%{_lsws_dir}/fcgi-bin/lsphp5 chmod 755 %{buildroot}%{_lsws_dir}/admin/fcgi-bin/admin_php rm -f %{buildroot}%{_lsws_dir}/fcgi-bin/lsphp rm -f %{buildroot}%{_lsws_dir}/admin/misc/lsws.rc.gentoo %pre getent group lsadm > /dev/null || groupadd -r lsadm lsadm_gid=`grep ^lsadm: /etc/group | awk -F : '{ print $3; }'` >/dev/null 2>&1 getent passwd lsadm > /dev/null || useradd -g $lsadm_gid -d / -r -s /sbin/nologin -c "lsadm" lsadm >/dev/null 2>&1 usermod -G lsadm,nobody lsadm >/dev/null 2>&1 exit 0 %preun %systemd_preun lsws %postun userdel -r lsadm groupdel lsadm rm -rf %{_lsws_dir} %systemd_postun lsws %post DEFAULT_USER="nobody" DEFAULT_GROUP="nobody" WS_USER=$DEFAULT_USER WS_GROUP=$DEFAULT_GROUP ADMIN_USER="lsadm" LSWS_HOME="/usr/lsws" OLD_USER=$DEFAULT_USER OLD_GROUP=$DEFAULT_GROUP grep -q nobody: "/etc/group" if [ $? != 0 ] ; then DEFAULT_GROUP="nogroup" fi if [ "$WS_GROUP" = "nobody" ] ; then WS_GROUP=$DEFAULT_GROUP fi if [ -f "$LSWS_HOME/conf/httpd_config.xml" ] ; then OLD_USER_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` OLD_GROUP_CONF=`grep "" "$LSWS_HOME/conf/httpd_config.xml"` OLD_USER=`expr "$OLD_USER_CONF" : '.*\(.*\).*'` OLD_GROUP=`expr "$OLD_GROUP_CONF" : '.*\(.*\).*'` fi if [ -f "$LSWS_HOME/conf/httpd_config.conf" ] ; then #Now check if the user and group match with the conf file OLD_USER_CONF=`grep "user" "$LSWS_HOME/conf/httpd_config.conf"` OLD_GROUP_CONF=`grep "group" "$LSWS_HOME/conf/httpd_config.conf"` OLD_USER=`expr "$OLD_USER_CONF" : '\s*user\s*\(\S*\)'` OLD_GROUP=`expr "$OLD_GROUP_CONF" : '\s*group\s*\(\S*\)'` fi WS_USER=$OLD_USER WS_GROUP=$OLD_GROUP DIR_OWN=$WS_USER:$WS_GROUP CONF_OWN=$WS_USER:$WS_GROUP LOGDIR_OWN="root:$WS_GROUP" grep "^lsadm:" /etc/passwd 1>/dev/null 2>&1 if [ $? -eq 0 ]; then CONF_OWN="lsadm:lsadm" fi SDIR_OWN="root:root" chown $SDIR_OWN $LSWS_HOME >/dev/null 2>&1 chown "$CONF_OWN" -R %{_lsws_dir}/conf >/dev/null 2>&1 chown "$CONF_OWN" -R %{_lsws_dir}/phpbuild >/dev/null 2>&1 if [ -d "/usr/lsws/autoupdate" ]; then chown "$CONF_OWN" -R %{_lsws_dir}/autoupdate >/dev/null 2>&1 fi if [ -d "/usr/lsws/DEFAULT/conf" ]; then chown "$CONF_OWN" -R %{_lsws_dir}/DEFAULT/conf >/dev/null 2>&1 fi if [ -d "/usr/lsws/Example/conf" ]; then chown "$CONF_OWN" -R %{_lsws_dir}/Example/conf >/dev/null 2>&1 fi chown "$CONF_OWN" -R %{_lsws_dir}/admin/conf >/dev/null 2>&1 chown "$CONF_OWN" -R %{_lsws_dir}/admin/tmp >/dev/null 2>&1 chgrp $WS_GROUP %{_lsws_dir}/admin/cgid >/dev/null 2>&1 chgrp $WS_GROUP %{_lsws_dir}/admin/tmp >/dev/null 2>&1 chown "$CONF_OWN" $LSWS_HOME/admin/tmp/sess_* 1>/dev/null 2>&1 chown "$DIR_OWN" $LSWS_HOME/cachedata >/dev/null 2>&1 chown "$SDIR_OWN" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 chmod "$EXEC_MOD" "$LSWS_HOME/fcgi-bin/lsphp" >/dev/null 2>&1 chown "$CONF_OWN" "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 chmod 0600 "$LSWS_HOME/admin/conf/jcryption_keypair" >/dev/null 2>&1 chown "$CONF_OWN" "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 chmod 0600 "$LSWS_HOME/admin/conf/htpasswd" >/dev/null 2>&1 chown "nobody:nobody" "$LSWS_HOME/tmp" >/dev/null 2>&1 chmod 0700 "$LSWS_HOME/tmp" >/dev/null 2>&1 chmod 0755 "$LSWS_HOME/autoupdate" >/dev/null 2>&1 chown "$LOGDIR_OWN" "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 chmod 0750 "$LSWS_HOME/logs" "$LSWS_HOME/admin/logs" >/dev/null 2>&1 #########this is the end of script to fix rpm build related file group and permission problem. SSL_COUNTRY='RU' SSL_STATE="Moscow" SSL_LOCALITY='Virtual' SSL_ORG='LiteSpeedCommunity' SSL_ORGUNIT='Testing' SSL_HOSTNAME='webadmin' COMMNAME='openlitespeed.host' SSL_COUNTRY=RU SSL_STATE="Moscow" csr="${SSL_HOSTNAME}.csr" key="${SSL_HOSTNAME}.key" cert="${SSL_HOSTNAME}.crt" %define sslcert %{_lsws_dir}/admin/conf/${cert} %define sslkey %{_lsws_dir}/admin/conf/${key} cat << EOF > ${csr} [req] prompt=no distinguished_name=openlitespeed [openlitespeed] commonName = ${COMMNAME} countryName = ${SSL_COUNTRY} localityName = Virtual organizationName = LiteSpeedCommunity organizationalUnitName = Testing stateOrProvinceName = RU emailAddress = mail@${COMMNAME} name = openlitespeed initials = CP dnQualifier = openlitespeed [server_exts] extendedKeyUsage=1.3.6.1.5.5.7.3.1 EOF openssl req -x509 -config $csr -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout %{sslkey} -out %{sslcert} chown lsadm.lsadm %{sslcert}; chmod 400 %{sslcert}; chown lsadm.lsadm %{sslkey}; chmod 400 %{sslkey}; ln -s %{_lsws_dir}/fcgi-bin/lsphp5 %{_lsws_dir}/fcgi-bin/lsphp %systemd_post lsws echo "To change admin password run /usr/lsws/admin/misc/admpass.sh script" echo "To start the openlitespeed server, run the command: systemctl start lsws" %files /etc/systemd/system/lshttpd.service %doc README.md %dir %{_lsws_dir} %{_lsws_dir}/* %config(noreplace) %{_lsws_dir}/conf/* %config(noreplace) %{_lsws_dir}/admin/conf/* %config(noreplace) %{_lsws_dir}/fcgi-bin/* %config(noreplace) %{_lsws_dir}/PLAT %files pagespeed %{_lsws_dir}/modules/modpagespeed.so %files modsecurity %{_lsws_dir}/modules/mod_security.so %files lua %{_lsws_dir}/modules/mod_lua.so %changelog * Wed Sep 18 2024 Eduard Basov - 1.8.2 - Rebuild for MSVSphere 9.4