install/apache2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: install:86a4da1acacfdf3c323fc53c4049d9b510a9a9e3
Branches Tags
install:master
..
compare: install:master
Branches Tags
install:master

20 Commits
86a4da1aca ... master

Author SHA1 Message Date
Christoph
bca10b8c09 Adjust PHP script 'Files/opcache_clear.php'. 2025-07-18 12:04:29 +02:00
Christoph
d9388f38d1 Add PHP script 'Files/opcache_clear.php'. 2025-07-18 11:28:10 +02:00
Christoph
0074ba32ab install_httpd-2.4.sh: new apache version 2.4.63 2025-02-01 00:07:52 +01:00
root
d7100c67c2 install_httpd-2.4.sh: adjust apr version to 1.7.5 2024-09-26 16:31:58 +02:00
root
3754abeba4 install_httpd-2.4.sh: adjust apache version to 2.4.62. 2024-09-26 16:25:02 +02:00
Christoph
4dd0c84a6d install_httpd-2.4.sh: update apache version.. 2024-07-04 00:39:25 +02:00
Christoph
7edc6bce62 Add 'DOC/README.bad_bot'. 2024-06-29 00:29:01 +02:00
Christoph
ef4725adf2 install_httpd-2.4.sh: set default timeout to 360 seconds. 2024-05-06 00:33:57 +02:00
Christoph
fb6d548ec2 install_httpd-2.4.sh: change default value for FcgidMaxRequestsPerProcess from '500' to '499'. 2024-04-26 00:30:44 +02:00
Christoph
3788d853f9 /install_httpd-2.4.sh: rewrite file 'extra/httpd-mpm.conf'; Add Parameter 'Timeout' and 'ProxyTimeout' to httpd.conf file. 2024-04-24 16:41:44 +02:00
Christoph
f99a982021 add file 'README.SSL-Configuration'. 2024-03-03 18:05:52 +01:00
Christoph
0f5a1fad53 Add 'README.mod_passenger'. 2023-11-21 17:44:48 +01:00
Christoph Kuchenbuch
2786d6c592 update versions.. 2023-10-22 16:09:05 +02:00
Christoph
5ee3139024 install_httpd-2.4.sh: fix error determin HTTPD binary; 2023-07-05 13:53:23 +02:00
Christoph
7aa2b93d21 install_httpd-2.4.sh: some minor changes on script output.. 2023-06-23 14:08:00 +02:00
Christoph
b847843ea7 install_httpd-2.4.sh: fix minor error in decting the patch level of OpenSSL version. 2023-06-21 15:13:12 +02:00
Christoph
2d796ce216 install_httpd-2.4.sh: fix error lookung for file 'dhparam-openssl-3.0-4096.pem'. 2023-06-19 01:30:22 +02:00
Christoph
2ce7b0da2f Merge branch 'master' of git.oopen.de:install/apache2 2023-06-19 01:20:50 +02:00
Christoph
4f7b41dadd Merge branch 'master' of git.oopen.de:install/apache2 2023-06-19 01:12:40 +02:00
Christoph
35fb13313a install_httpd-2.4.sh: replace '<user>.<user>' with '<user>:<user>'. 2023-06-18 18:29:30 +02:00
6 changed files with 589 additions and 51 deletions
Expand all files Collapse all files

7
DOC/README.SSL-Configuration Normal file
View File

@ -0,0 +1,7 @@
# --------------------
# SSL Configuration Generator
# --------------------
# ---
# see: https://ssl-config.mozilla.org/
# ---

18
DOC/README.bad_bot Normal file
View File

@ -0,0 +1,18 @@
# ----
# Deny User-Agent (i.e. Bbots not recognizing robots.txt
# ----
# Add to .htavvess
#
SetEnvIfNoCase User-Agent ".*MJ12bot.*" bad_bot
SetEnvIfNoCase User-Agent ".*Baiduspider.*" bad_bot
SetEnvIfNoCase User-Agent ".*Vagabondo.*" bad_bot
SetEnvIfNoCase User-Agent ".*lwp-trivial.*" bad_bot
SetEnvIfNoCase User-Agent ".*libwww.*" bad_bot
SetEnvIfNoCase User-Agent ".*Wget.*" bad_bot
SetEnvIfNoCase User-Agent ".*XoviBot.*" bad_bot
SetEnvIfNoCase User-Agent ".*xovibot.*" bad_bot
SetEnvIfNoCase User-Agent ".*AhrefsBot.*" bad_bot
SetEnvIfNoCase User-Agent ".*ClaudeBot.*" bad_bot
SetEnvIfNoCase User-Agent "SemrushBot" bad_bot
Deny from env=bad_bot

21
DOC/README.mod_passenger Normal file
View File

@ -0,0 +1,21 @@
# ----------
# Install mod_passemger for apache2
# ----------
# Install ruby gem 'passenger
#
# this will install script 'passenger-install-apache2-module'
#
# show aktuall versions of passenger gem's
gem list passenger --remote
# install aktuall version of gem passenger
gem install passenger
# install apache2 moudule 'mod_passenger'
#
passenger-install-apache2-module

99
Files/opcache_clear.php Normal file
View File

@ -0,0 +1,99 @@
<?php
// -------------------- KONFIGURATION --------------------
$valid_user = 'admin';
$valid_pass = 'supergeheim';
$allowed_ips = []; // z.B. ['127.0.0.1', '192.168.1.100']; leer = keine Prüfung
session_start();
// -------------------- IP-WHITELIST --------------------
$remote_ip = $_SERVER['REMOTE_ADDR'];
if (!empty($allowed_ips) && !in_array($remote_ip, $allowed_ips)) {
http_response_code(403);
exit("Zugriff verweigert für IP: $remote_ip");
}
// -------------------- LOGIN VERARBEITUNG --------------------
if (isset($_POST['username'], $_POST['password'])) {
if ($_POST['username'] === $valid_user && $_POST['password'] === $valid_pass) {
$_SESSION['authenticated'] = true;
} else {
$error = "Falscher Benutzername oder Passwort.";
}
}
// -------------------- LOGOUT --------------------
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . strtok($_SERVER["REQUEST_URI"], '?'));
exit;
}
// -------------------- HTML-AUSGABE --------------------
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<title>OPCache-Verwaltung</title>
<style>
body { font-family: sans-serif; background: #f4f4f4; padding: 2em; }
.box { background: white; padding: 1.5em; max-width: 500px; margin: auto; border-radius: 10px; box-shadow: 0 0 10px #ccc; }
h1 { font-size: 1.4em; }
input[type="text"], input[type="password"] { width: 100%; padding: 0.5em; margin-top: 0.3em; }
input[type="submit"] { padding: 0.6em 1.2em; margin-top: 1em; }
.button-block { margin-bottom: 1em; }
.separator { border-top: 1px solid #ccc; margin: 1.5em 0; }
.status { margin-top: 1em; padding: 1em; background: #eef; border-left: 4px solid #99f; }
.error { color: red; }
.logout { float: right; }
</style>
</head>
<body>
<div class="box">
<?php if (!isset($_SESSION['authenticated'])): ?>
<h1>Login zur OPCache-Verwaltung</h1>
<?php if (!empty($error)): ?><p class="error"><?= htmlspecialchars($error) ?></p><?php endif; ?>
<form method="post">
<label>Benutzername:<br><input type="text" name="username" required></label><br><br>
<label>Passwort:<br><input type="password" name="password" required></label><br>
<input type="submit" value="Anmelden">
</form>
<?php else: ?>
<div class="logout">
<a href="?logout=1">Abmelden</a>
</div>
<h1>OPCache-Verwaltung</h1>
<div class="status">
<?php
if (function_exists('opcache_get_status') && function_exists('opcache_reset')) {
$status = @opcache_get_status(false);
if (!$status || empty($status['opcache_enabled'])) {
echo " OPCache ist installiert, aber aktuell nicht aktiviert.";
} else {
echo "✅ OPCache ist aktiviert.<br>";
// Zeige Button nur wenn aktiv
echo '<form method="post" class="button-block">';
echo '<input type="submit" name="clear" value="OPCache jetzt leeren">';
echo '</form>';
if (isset($_POST['clear'])) {
echo '<div class="separator"></div>';
if (opcache_reset()) {
echo "✅ OPCache wurde erfolgreich geleert.";
} else {
echo "⚠️ Fehler beim Leeren des OPCache.";
}
}
}
} else {
echo "❌ OPCache ist auf diesem Server nicht verfügbar.";
}
?>
</div>
<?php endif; ?>
</div>
</body>
</html>

94
Files/opcache_clear.php.00 Normal file
View File

@ -0,0 +1,94 @@
<?php
// -------------------- KONFIGURATION --------------------
$valid_user = 'admin';
$valid_pass = 'supergeheim';
$allowed_ips = []; // z.B. ['127.0.0.1', '192.168.1.100']; leer = keine Prüfung
session_start();
// -------------------- IP-WHITELIST --------------------
$remote_ip = $_SERVER['REMOTE_ADDR'];
if (!empty($allowed_ips) && !in_array($remote_ip, $allowed_ips)) {
http_response_code(403);
exit("Zugriff verweigert für IP: $remote_ip");
}
// -------------------- LOGIN VERARBEITUNG --------------------
if (isset($_POST['username'], $_POST['password'])) {
if ($_POST['username'] === $valid_user && $_POST['password'] === $valid_pass) {
$_SESSION['authenticated'] = true;
} else {
$error = "Falscher Benutzername oder Passwort.";
}
}
// -------------------- LOGOUT --------------------
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . strtok($_SERVER["REQUEST_URI"], '?'));
exit;
}
// -------------------- HTML-AUSGABE --------------------
?>
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<title>OPCache-Verwaltung</title>
<style>
body { font-family: sans-serif; background: #f4f4f4; padding: 2em; }
.box { background: white; padding: 1.5em; max-width: 500px; margin: auto; border-radius: 10px; box-shadow: 0 0 10px #ccc; }
h1 { font-size: 1.4em; }
input[type="text"], input[type="password"] { width: 100%; padding: 0.5em; margin-top: 0.3em; }
input[type="submit"] { padding: 0.6em 1.2em; margin-top: 1em; }
.status { margin-top: 1em; padding: 1em; background: #eef; border-left: 4px solid #99f; }
.error { color: red; }
.logout { float: right; }
</style>
</head>
<body>
<div class="box">
<?php if (!isset($_SESSION['authenticated'])): ?>
<h1>Login zur OPCache-Verwaltung</h1>
<?php if (!empty($error)): ?><p class="error"><?= htmlspecialchars($error) ?></p><?php endif; ?>
<form method="post">
<label>Benutzername:<br><input type="text" name="username" required></label><br><br>
<label>Passwort:<br><input type="password" name="password" required></label><br>
<input type="submit" value="Anmelden">
</form>
<?php else: ?>
<div class="logout">
<a href="?logout=1">Abmelden</a>
</div>
<h1>OPCache-Verwaltung</h1>
<form method="post">
<input type="submit" name="clear" value="OPCache jetzt leeren">
</form>
<div class="status">
<?php
if (function_exists('opcache_get_status') && function_exists('opcache_reset')) {
$status = @opcache_get_status(false);
if (!$status || empty($status['opcache_enabled'])) {
echo " OPCache ist installiert, aber aktuell nicht aktiviert.";
} else {
echo "✅ OPCache ist aktiviert.<br>";
if (isset($_POST['clear'])) {
if (opcache_reset()) {
echo "✅ OPCache wurde erfolgreich geleert.";
} else {
echo "⚠️ Fehler beim Leeren des OPCache.";
}
}
}
} else {
echo "❌ OPCache ist auf diesem Server nicht verfügbar.";
}
?>
</div>
<?php endif; ?>
</div>
</body>
</html>

395
install_httpd-2.4.sh
View File

@ -10,9 +10,9 @@ _backup_date="$(date +%Y%m%d-%H%M)"
## - ## -
_VSERVER_GUEST=no _VSERVER_GUEST=no
_APACHE_VERSION=2.4.57 _APACHE_VERSION=2.4.63
_APR_VERSION=1.7.4 _APR_VERSION=1.7.5
_APR_UTIL_VERSION=1.6.3 _APR_UTIL_VERSION=1.6.3
_WITH_MOD_PROXY_FCGI=true _WITH_MOD_PROXY_FCGI=true
@ -22,7 +22,7 @@ _WITH_MOD_FCGID=true
_MOD_FCGID_VERSION=2.3.9 _MOD_FCGID_VERSION=2.3.9
_WITH_MOD_PERL=true _WITH_MOD_PERL=true
_MOD_PERL_VERSION=2.0.12 _MOD_PERL_VERSION=2.0.13
_SEPARATE_LISTEN_DIRECTIVES=false _SEPARATE_LISTEN_DIRECTIVES=false
@ -94,6 +94,18 @@ _HTTPD_SSL_PORT=443
_SERVER_NAME=`hostname -f` _SERVER_NAME=`hostname -f`
_SERVER_ADMIN="admin@oopen.de" _SERVER_ADMIN="admin@oopen.de"
_HTTPD_OLD_CONF_FILE="$(realpath "/usr/local/apache2/conf/httpd.conf")"
if [[ -f "${_HTTPD_OLD_CONF_FILE}" ]] && $(grep -q -i -E "^\s*timeout\s+" "${_HTTPD_OLD_CONF_FILE}") ; then
_TIMEOUT="$(grep -i -E "^\s*timeout\s+" "${_HTTPD_OLD_CONF_FILE}"| awk '{print$2}' | head -1)"
else
_TIMEOUT=360
fi
if [[ -f "${_HTTPD_OLD_CONF_FILE}" ]] && $(grep -q -i -E "^\s*ProxyTimeout\s+" "${_HTTPD_OLD_CONF_FILE}") ; then
_PROXY_TIMEOUT="$(grep -i -E "^\s*ProxyTimeout\s+" "${_HTTPD_OLD_CONF_FILE}"| awk '{print$2}' | head -1)"
else
_PROXY_TIMEOUT=${_TIMEOUT}
fi
_srcdir=$(dirname $(realpath $0)) _srcdir=$(dirname $(realpath $0))
_START_AT_BOOTTIME=yes _START_AT_BOOTTIME=yes
@ -137,9 +149,17 @@ fi
## - Determin httpd binary ## - Determin httpd binary
## - ## -
_httpd_binary="$(which httpd)" _httpd_binary="$(ps -axu | grep httpd \
| grep -e "^root" \
| grep -v grep \
| grep -v vim \
| grep -v bash \
| awk '{print$11}' | head -1)"
if [ -z "$_httpd_binary" ]; then if [ -z "$_httpd_binary" ]; then
_httpd_binary="$(ps -axu | grep httpd | grep -e "^root" | grep -v grep | awk '{print$11}')"
_httpd_binary="$(which httpd)"
if [ -z "$_httpd_binary" ]; then if [ -z "$_httpd_binary" ]; then
if [ -x "/usr/local/apache2/bin/httpd" ]; then if [ -x "/usr/local/apache2/bin/httpd" ]; then
_httpd_binary="/usr/local/apache2/bin/httpd" _httpd_binary="/usr/local/apache2/bin/httpd"
@ -226,6 +246,18 @@ fatal(){
clean_up 1 clean_up 1
} }
info (){
echo ""
echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
echo ""
}
error (){
echo ""
echo -e "\t[ \033[31m\033[1mError\033[m ]: $*"
echo ""
}
warn (){ warn (){
echo "" echo ""
echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*" echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
@ -248,6 +280,30 @@ echo_skipped() {
echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
} }
get_openssl_version() {
OPENSSL_VERSION="$(openssl version|awk '{print $2}' | grep -o -E "[0-9]+\.[0-9]+\.[0-9]+[a-zA-Z]?")"
OPENSSL_MAIN_VERSION=`echo $OPENSSL_VERSION | cut -d '.' -f1,2`
OPENSSL_MAJOR_VERSION=`echo $OPENSSL_VERSION | cut -d '.' -f1`
OPENSSL_MINOR_VERSION=`echo $OPENSSL_VERSION | cut -d '.' -f2`
OPENSSL_PATCH_LEVEL=`echo $OPENSSL_VERSION | cut -d '.' -f3`
if [[ -n "${OPENSSL_VERSION}" ]] ; then
return 0
else
return 1
fi
}
trim() {
local var="$*"
var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters
var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters
echo -n "$var"
}
detect_os_1 () { detect_os_1 () {
if $(which lsb_release > /dev/null 2>&1) ; then if $(which lsb_release > /dev/null 2>&1) ; then
@ -289,13 +345,52 @@ trap clean_up SIGHUP SIGINT SIGTERM
# - # -
detect_os_1 detect_os_1
#clear
# Detect OpenSSL version
#
get_openssl_version
if [[ $? -ne 0 ]] ; then
clear error "Cannot detect OpenSSL Version."
echo
fi
echo ""
echo -e "\033[21G\033[32mInstallation script apache webserver \033[m" echo -e "\033[21G\033[32mInstallation script apache webserver \033[m"
echo echo ""
echo
echo if [[ -n "${_httpd_binary}" ]]; then
echo -e " \033[1mCurrent Settings\033[m"
echo -e ""
echo -e " _httpd_binary: $_httpd_binary"
echo -e " _httpd_current_version: $_httpd_current_version"
echo -e ""
echo -e " _HTTPD_USER: $_HTTPD_USER"
echo -e " _HTTPD_GROUP: $_HTTPD_GROUP"
echo -e ""
echo -e " APACHE_WEBSERVICE_RUNNING: $APACHE_WEBSERVICE_RUNNING"
echo -e " START_APACHE_WEBSERVICE: $START_APACHE_WEBSERVICE"
echo -e ""
else
echo -e ""
echo -e " \033[1mNo current installation of apache2 webservice found!\033[m"
echo -e ""
fi
echononl "continue [yes]: "
read OK
[[ -z "$(trim "${OK}")" ]] && OK="yes"
OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')"
while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/no]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
@ -434,6 +529,43 @@ do
fi fi
done done
echo ""
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Insert default Timeout / ProxyTimeout"
echo ""
echo " Time : The length of time Apache httpd will wait for I/O "
echo " in various circumstances."
echo ""
echo " ProxyTimeout: Network timeout for proxied requests"
echo ""
echo ""
TIMEOUT=
while [ "X$TIMEOUT" = "X" ]
do
echononl "default Timeout [${_TIMEOUT}]: "
read TIMEOUT
if [ "X$TIMEOUT" = "X" ]; then
TIMEOUT=$_TIMEOUT
fi
done
echo ""
PROXY_TIMEOUT=
while [ "X$PROXY_TIMEOUT" = "X" ]
do
echononl "default ProxyTimeout [${_PROXY_TIMEOUT}]: "
read PROXY_TIMEOUT
if [ "X$PROXY_TIMEOUT" = "X" ]; then
PROXY_TIMEOUT=$_PROXY_TIMEOUT
fi
done
echo "" echo ""
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
@ -786,7 +918,7 @@ do
__WITH_MOD_PHP=$_WITH_MOD_PHP __WITH_MOD_PHP=$_WITH_MOD_PHP
fi fi
done done
if [ "$__WITH_MOD_PHP" = "true" ] ; then if [[ "${__WITH_MOD_PHP,,}" = "true" ]] || [[ "${__WITH_MOD_PHP,,}" = 'yes' ]]; then
WITH_MOD_PHP=true WITH_MOD_PHP=true
PHP_VERSION= PHP_VERSION=
while [ "X$PHP_VERSION" = "X" ] while [ "X$PHP_VERSION" = "X" ]
@ -843,7 +975,7 @@ fi
clear #clear
echo "" echo ""
echo -e "\033[21G\033[32mStart Apache Webserver Installation with the following Parameters \033[m" echo -e "\033[21G\033[32mStart Apache Webserver Installation with the following Parameters \033[m"
echo "" echo ""
@ -867,6 +999,9 @@ echo ""
echo "default ServerName............: $SERVER_NAME" echo "default ServerName............: $SERVER_NAME"
echo "default ServerAdmin...........: $SERVER_ADMIN" echo "default ServerAdmin...........: $SERVER_ADMIN"
echo "" echo ""
echo "default timeout...............: $TIMEOUT"
echo "default ProxyTimeout..........: $PROXY_TIMEOUT"
echo ""
echo "IPv4 addresses................: $IPv4_ADDRESSES" echo "IPv4 addresses................: $IPv4_ADDRESSES"
echo "IPv6 addresses................: $IPv6_ADDRESSES" echo "IPv6 addresses................: $IPv6_ADDRESSES"
echo "" echo ""
@ -970,6 +1105,9 @@ echo "## -" >> ${_logdir}/main.log
echo "## - default ServerName............: $SERVER_NAME" >> ${_logdir}/main.log echo "## - default ServerName............: $SERVER_NAME" >> ${_logdir}/main.log
echo "## - default ServerAdmin...........: $SERVER_ADMIN" >> ${_logdir}/main.log echo "## - default ServerAdmin...........: $SERVER_ADMIN" >> ${_logdir}/main.log
echo "## - " >> ${_logdir}/main.log echo "## - " >> ${_logdir}/main.log
echo "## - default timeout...............: $TIMEOUT" >> ${_logdir}/main.log
echo "## - default ProxyTimeout..........: $PROXY_TIMEOUT" >> ${_logdir}/main.log
echo "## - " >> ${_logdir}/main.log
echo "## - IPv4 addresses................: $IPv4_ADDRESSES" >> ${_logdir}/main.log echo "## - IPv4 addresses................: $IPv4_ADDRESSES" >> ${_logdir}/main.log
echo "## - IPv6 addresses................: $IPv6_ADDRESSES" >> ${_logdir}/main.log echo "## - IPv6 addresses................: $IPv6_ADDRESSES" >> ${_logdir}/main.log
echo "## - " >> ${_logdir}/main.log echo "## - " >> ${_logdir}/main.log
@ -1028,6 +1166,8 @@ echo "BASE_WEBSPACE_DIR=$BASE_WEBSPACE_DIR" >> ${_logdir}/main.log
echo "GLOBAL_DOC_ROOT=$GLOBAL_DOC_ROOT" >> ${_logdir}/main.log echo "GLOBAL_DOC_ROOT=$GLOBAL_DOC_ROOT" >> ${_logdir}/main.log
echo "SERVER_NAME=$SERVER_NAME" >> ${_logdir}/main.log echo "SERVER_NAME=$SERVER_NAME" >> ${_logdir}/main.log
echo "SERVER_ADMIN=$SERVER_ADMIN" >> ${_logdir}/main.log echo "SERVER_ADMIN=$SERVER_ADMIN" >> ${_logdir}/main.log
echo "TIMEOUT=$TIMEOUT" >> ${_logdir}/main.log
echo "PROXY_TIMEOUT=$PROXY_TIMEOUT" >> ${_logdir}/main.log
echo "SUEXEC_DOC_ROOT=$BASE_WEBSPACE_DIR" >> ${_logdir}/main.log echo "SUEXEC_DOC_ROOT=$BASE_WEBSPACE_DIR" >> ${_logdir}/main.log
echo "IPv4_ADDRESSES=\"$IPv4_ADDRESSES\"" >> ${_logdir}/main.log echo "IPv4_ADDRESSES=\"$IPv4_ADDRESSES\"" >> ${_logdir}/main.log
echo "IPv6_ADDRESSES=\"$IPv6_ADDRESSES\"" >> ${_logdir}/main.log echo "IPv6_ADDRESSES=\"$IPv6_ADDRESSES\"" >> ${_logdir}/main.log
@ -2089,6 +2229,42 @@ if [ -f $_httpdconf ];then
echo_failed echo_failed
fi fi
## - Set TimeOut
## -
echo "" >> ${_logdir}/main.log
echo "## - httpd.conf: Set Timeout to \"$TIMEOUT\".." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log
echo "sed -i$_backup_suffix -r -e \"s&^([ ^t]*ServerName .*)$&\1\n\nTimeout ${TIMEOUT}&g\" $_httpdconf" >> ${_logdir}/main.log
echononl "\thttpd.conf: Set Timeout to \"$TIMEOUT\".."
sed -i$_backup_suffix -r \
-e "s&^([ ^t]*ServerName .*)$&\1\n\nTimeout ${TIMEOUT}&g" \
$_httpdconf
if [ "0" = $? ]; then
echo_ok
rm -f $_httpdconf$_backup_suffix
echo "" >> ${_logdir}/main.log
echo "## - httpd.conf: Set ProxyTimeout to \"$PROXY_TIMEOUT\".." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log
echo "sed -i$_backup_suffix -r -e \"s&^([ ^t]*Timeout .*)$&\1\nProxyTimeout ${PROXY_TIMEOUT}&g\" $_httpdconf" >> ${_logdir}/main.log
echononl "\thttpd.conf: Set ProxyTimeout to \"$PROXY_TIMEOUT\".."
sed -i$_backup_suffix -r \
-e "s&^([ ^t]*Timeout .*)$&\1\nProxyTimeout ${PROXY_TIMEOUT}&g" \
$_httpdconf
if [ "0" = $? ]; then
echo_ok
rm -f $_httpdconf$_backup_suffix
else
echo_failed
fi
else
echo_failed
fi
## - Set DocumentRoot ## - Set DocumentRoot
## - ## -
echo "" >> ${_logdir}/main.log echo "" >> ${_logdir}/main.log
@ -2310,13 +2486,15 @@ else
fi fi
echo "" >> ${_logdir}/main.log echo "" >> ${_logdir}/main.log
if [[ "$os_dist" = "debian" ]] && [[ $os_version -gt 11 ]]; then
if [[ -f "${_builddir}/dhparam-openssl-3.0-4096.pem" ]] ; then if [[ ${OPENSSL_MAJOR_VERSION} -gt 1 ]]; then
if [[ -f "${_srcdir}/dhparam-openssl-3.0-4096.pem" ]] ; then
echo "## - Copy dhparam.pem to '$PREFIX/conf/ssl/dhparam.pem'.." >> ${_logdir}/main.log echo "## - Copy dhparam.pem to '$PREFIX/conf/ssl/dhparam.pem'.." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log echo "## -" >> ${_logdir}/main.log
echo "cp \"${_builddir}/dhparam-openssl-3.0-4096.pem\" \"$PREFIX/conf/ssl/dhparam.pem\"" echo -e "\tcp \"${_srcdir}/dhparam-openssl-3.0-4096.pem\".."
cp "${_builddir}/dhparam-openssl-3.0-4096.pem" "$PREFIX/conf/ssl/dhparam.pem" >> ${_logdir}/main.log echononl "\t to \"$PREFIX/conf/ssl/dhparam.pem\""
cp "${_srcdir}/dhparam-openssl-3.0-4096.pem" "$PREFIX/conf/ssl/dhparam.pem" >> ${_logdir}/main.log
if [[ $? -eq 0 ]];then if [[ $? -eq 0 ]];then
echo_ok echo_ok
else else
@ -2328,7 +2506,7 @@ if [[ "$os_dist" = "debian" ]] && [[ $os_version -gt 11 ]]; then
echo "## - Generate a dhparam.pem file .." >> ${_logdir}/main.log echo "## - Generate a dhparam.pem file .." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log echo "## -" >> ${_logdir}/main.log
echo "openssl dhparam -out $PREFIX/conf/ssl/dhparam.pem 4096" >> ${_logdir}/main.log echo "openssl dhparam -out $PREFIX/conf/ssl/dhparam.pem 4096" >> ${_logdir}/main.log
echononl "\tGenerate a dhparam.pem file.." echononl "\tGenerate a dhparam.pem file - \033[5m\033[1mmay take a lon time\033[m.."
openssl dhparam -out $PREFIX/conf/ssl/dhparam.pem 4096 >> ${_logdir}/main.log 2>&1 openssl dhparam -out $PREFIX/conf/ssl/dhparam.pem 4096 >> ${_logdir}/main.log 2>&1
if [[ $? -eq 0 ]];then if [[ $? -eq 0 ]];then
echo_ok echo_ok
@ -3090,23 +3268,10 @@ if [ -f ${PREFIX}/${_rel_confextra_path}/${_file} ];then
fi fi
_file=httpd-mpm.conf _file=httpd-mpm.conf
if [ -f ${PREFIX}/${_rel_confextra_path}/${_file} ];then if [ -f ${PREFIX}/${_rel_confextra_path}/${_file} ];then
echo "" >> ${_logdir}/main.log
echo "## - httpd.conf: Include $_file.." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log
echo "sed -i$_backup_suffix -r -e \"s&[ ^t]*#([ ^t]*#*[ ^t]*)*(Include $_rel_confextra_path/$_file).*$&\2&g\" $_httpdconf" >> ${_logdir}/main.log
echononl "\thttpd.conf: Include $_file.."
sed -i$_backup_suffix -r \
-e "s&[ ^t]*#([ ^t]*#*[ ^t]*)*(Include $_rel_confextra_path/$_file).*$&\2&g" \
$_httpdconf >> ${_logdir}/main.log 2>&1
if [ "0" = "$?" ];then
rm $_httpdconf$_backup_suffix
echo_ok
else
echo_failed
warn "Including file \"${_file}\" failed.."
fi
echo "" >> ${_logdir}/main.log echo "" >> ${_logdir}/main.log
echo "## - Backup file '${PREFIX}/${_rel_confextra_path}/${_file}'.." >> ${_logdir}/main.log echo "## - Backup file '${PREFIX}/${_rel_confextra_path}/${_file}'.." >> ${_logdir}/main.log
@ -3119,30 +3284,164 @@ if [ -f ${PREFIX}/${_rel_confextra_path}/${_file} ];then
echo_failed echo_failed
fi fi
## - Set MaxConnectionsPerChild
## -
echononl "\t${_file}: Set MaxConnectionsPerChild"
echo "" >> ${_logdir}/main.log echo "" >> ${_logdir}/main.log
echo "## - Move '${_file}' to '/tmp' directory.." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log echo "## -" >> ${_logdir}/main.log
echo "## - ${_file}: Set MaxConnectionsPerChild" >> ${_logdir}/main.log echo "mv \"${PREFIX}/${_rel_confextra_path}/${_file}\" \"/tmp/${_file}\"" >> ${_logdir}/main.log
echononl "\tMove '${_file}' to '/tmp' directory.."
mv "${PREFIX}/${_rel_confextra_path}/${_file}" "/tmp/${_file}" >> ${_logdir}/main.log
if [[ $? -gt 0 ]]; then
echo_failed
echononl "continue anyway [yes/no]: "
read OK
OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')"
while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/no]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
echononl "\tWrite new file $\033[1m{PREFIX}/${_rel_confextra_path}/${_file}\033[m"
> "${PREFIX}/${_rel_confextra_path}/${_file}"
_found=false
regex_match_mpm_event_module_start="[[:space:]]*<IfModule[[:space:]]+mpm_event_module"
regex_match_mpm_event_module_end="[[:space:]]*</IfModule>"
regex_match_mpm_start_servers="[[:space:]]*StartServers[[:space:]]+"
while IFS= read -r line || [[ -n "$line" ]]; do
if [[ $line =~ $regex_match_mpm_event_module_start ]] ; then
echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
echo "" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
_found=true
continue
fi
if $_found && [[ $line =~ $regex_match_mpm_event_module_end ]] ; then
echo "" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
_found=false
continue
fi
if $_found && [[ $line =~ MaxConnectionsPerChild ]]; then
_key="MaxConnectionsPerChild" _key="MaxConnectionsPerChild"
_val="5000" _val="5000"
echo "sed -i -r -e \"s/^(\s*)($_key)(.*)$/\1\2 $_val/g\" ${PREFIX}/${_rel_confextra_path}/${_file}" >> ${_logdir}/main.log line="$(sed "s/^\(\s*\)\($_key\)\(\s*\)\(.*\)$/\1\2 ${_val}/g" <<< "${line}")"
sed -i -r -e "s/^(\s*)($_key)(.*)$/\1\2 $_val/g" ${PREFIX}/${_rel_confextra_path}/${_file} echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
if [ "$?" != "0" ]; then
_failed=true elif $_found && [[ $line =~ MaxRequestWorkers ]]; then
fi
if ! $_failed ; then _key="MaxRequestWorkers"
echo_ok _val="400"
line="$(sed "s/^\(\s*\)\($_key\)\(\s*\)\(.*\)$/\1\2\3${_val}/g" <<< "${line}")"
echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
elif $_found && [[ $line =~ StartServers ]] ; then
echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
cat <<EOF >> "${PREFIX}/${_rel_confextra_path}/${_file}"
# ServerLimit
#
# Upper limit on configurable number of processes
ServerLimit 16
EOF
elif $_found && [[ $line =~ ThreadsPerChild ]] ; then
_key="ThreadsPerChild"
_val="25"
line="$(sed "s/^\(\s*\)\($_key\)\(\s*\)\(.*\)$/\1\2\3${_val}/g" <<< "${line}")"
echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
cat <<EOF >> "${PREFIX}/${_rel_confextra_path}/${_file}"
# ThreadLimit
#
# Sets the upper limit on the configurable number of threads per child process
ThreadLimit 25
EOF
else else
echo_failed
warn "Setting MaxConnectionsPerChild in file \"${_file}\" failed.." echo "${line}" >> "${PREFIX}/${_rel_confextra_path}/${_file}"
fi fi
done <"/tmp/${_file}"
echo_ok
fi fi
#_file=httpd-mpm.conf
#if [ -f ${PREFIX}/${_rel_confextra_path}/${_file} ];then
# echo "" >> ${_logdir}/main.log
# echo "## - httpd.conf: Include $_file.." >> ${_logdir}/main.log
# echo "## -" >> ${_logdir}/main.log
# echo "sed -i$_backup_suffix -r -e \"s&[ ^t]*#([ ^t]*#*[ ^t]*)*(Include $_rel_confextra_path/$_file).*$&\2&g\" $_httpdconf" >> ${_logdir}/main.log
# echononl "\thttpd.conf: Include $_file.."
# sed -i$_backup_suffix -r \
# -e "s&[ ^t]*#([ ^t]*#*[ ^t]*)*(Include $_rel_confextra_path/$_file).*$&\2&g" \
# $_httpdconf >> ${_logdir}/main.log 2>&1
# if [ "0" = "$?" ];then
# rm $_httpdconf$_backup_suffix
# echo_ok
# else
# echo_failed
# warn "Including file \"${_file}\" failed.."
# fi
#
# echo "" >> ${_logdir}/main.log
# echo "## - Backup file '${PREFIX}/${_rel_confextra_path}/${_file}'.." >> ${_logdir}/main.log
# echo "## -" >> ${_logdir}/main.log
# echononl "\tBackup file '${PREFIX}/${_rel_confextra_path}/${_file}'.."
# cp -a "${PREFIX}/${_rel_confextra_path}/${_file}" "${PREFIX}/${_rel_confextra_path}/${_file}.ORIG" >> ${_logdir}/main.log 2>&1
# if [ "0" = "$?" ];then
# echo_ok
# else
# echo_failed
# fi
#
#
# ## - Set MaxConnectionsPerChild
# ## -
# echononl "\t${_file}: Set MaxConnectionsPerChild"
# echo "" >> ${_logdir}/main.log
# echo "## -" >> ${_logdir}/main.log
# echo "## - ${_file}: Set MaxConnectionsPerChild" >> ${_logdir}/main.log
#
# _key="MaxConnectionsPerChild"
# _val="5000"
#
# echo "sed -i -r -e \"s/^(\s*)($_key)(.*)$/\1\2 $_val/g\" ${PREFIX}/${_rel_confextra_path}/${_file}" >> ${_logdir}/main.log
# sed -i -r -e "s/^(\s*)($_key)(.*)$/\1\2 $_val/g" ${PREFIX}/${_rel_confextra_path}/${_file}
# if [ "$?" != "0" ]; then
# _failed=true
# fi
# if ! $_failed ; then
# echo_ok
# else
# echo_failed
# warn "Setting MaxConnectionsPerChild in file \"${_file}\" failed.."
# fi
#fi
## - Enable Module mod_expires ## - Enable Module mod_expires
## - ## -
@ -3403,10 +3702,10 @@ if $WITH_MOD_FCGID ; then
echo "## - httpd.conf: Adjust mod_fcgid module.." >> ${_logdir}/main.log echo "## - httpd.conf: Adjust mod_fcgid module.." >> ${_logdir}/main.log
echo "## -" >> ${_logdir}/main.log echo "## -" >> ${_logdir}/main.log
cat <<EOF >> ${_logdir}/main.log cat <<EOF >> ${_logdir}/main.log
perl -i.bak -n -p -e "s#^(\s*LoadModule\s+fcgid_module.+)#\1\n<IfModule mod_fcgid.c>\n\n \# in Abstimmung mit PHP variablen\n \# upload_max_filesize = 128M\n \# post_max_size = 512M\n FcgidMaxRequestLen 536870912\n\n \# By default, PHP FastCGI processes exit after handling 500 requests,\n \# and they may exit after this module has already connected to the\n \# application and sent the next request. When that occurs, an error\n \# will be logged and 500 Internal Server Error will be returned to\n \# the client. This PHP behavior can be disabled by setting\n \# PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP\n \# application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS\n \# can be set to a much higher value than the default to reduce the\n \# frequency of this problem. FcgidMaxRequestsPerProcess can be set to\n \# a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the\n \# roblem.\n FcgidMaxRequestsPerProcess 500\n\n \# in Abstimmung mit PHP Variablen\n \# max_execution_time = 180\n \#\n \# Default: 40\n \#\n \#FcgidIOTimeout 181\n FcgidIOTimeout 600\n FcgidIdleTimeout 600\n FcgidProcessLifeTime 600\n FcgidConnectTimeout 600\n\n</IfModule>#" \$_httpdconf perl -i.bak -n -p -e "s#^(\s*LoadModule\s+fcgid_module.+)#\1\n<IfModule mod_fcgid.c>\n\n \# in Abstimmung mit PHP variablen\n \# upload_max_filesize = 128M\n \# post_max_size = 512M\n FcgidMaxRequestLen 536870912\n\n \# By default, PHP FastCGI processes exit after handling 500 requests,\n \# and they may exit after this module has already connected to the\n \# application and sent the next request. When that occurs, an error\n \# will be logged and 500 Internal Server Error will be returned to\n \# the client. This PHP behavior can be disabled by setting\n \# PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP\n \# application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS\n \# can be set to a much higher value than the default to reduce the\n \# frequency of this problem. FcgidMaxRequestsPerProcess can be set to\n \# a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the\n \# roblem.\n FcgidMaxRequestsPerProcess 499\n\n \# in Abstimmung mit PHP Variablen\n \# max_execution_time = 180\n \#\n \# Default: 40\n \#\n \#FcgidIOTimeout 181\n FcgidIOTimeout 600\n FcgidIdleTimeout 600\n FcgidProcessLifeTime 600\n FcgidConnectTimeout 600\n\n</IfModule>#" \$_httpdconf
EOF EOF
echononl "\thttpd.conf: Adjust mod_fcgid module.." echononl "\thttpd.conf: Adjust mod_fcgid module.."
perl -i.bak -n -p -e "s#^(\s*LoadModule\s+fcgid_module.+)#\1\n<IfModule mod_fcgid.c>\n\n \# in Abstimmung mit PHP variablen\n \# upload_max_filesize = 128M\n \# post_max_size = 512M\n FcgidMaxRequestLen 536870912\n\n \# By default, PHP FastCGI processes exit after handling 500 requests,\n \# and they may exit after this module has already connected to the\n \# application and sent the next request. When that occurs, an error\n \# will be logged and 500 Internal Server Error will be returned to\n \# the client. This PHP behavior can be disabled by setting\n \# PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP\n \# application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS\n \# can be set to a much higher value than the default to reduce the\n \# frequency of this problem. FcgidMaxRequestsPerProcess can be set to\n \# a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the\n \# roblem.\n FcgidMaxRequestsPerProcess 500\n\n \# in Abstimmung mit PHP Variablen\n \# max_execution_time = 180\n \#\n \# Default: 40\n \#\n \#FcgidIOTimeout 181\n FcgidIOTimeout 600\n FcgidIdleTimeout 600\n FcgidProcessLifeTime 600\n FcgidConnectTimeout 600\n\n</IfModule>#" $_httpdconf perl -i.bak -n -p -e "s#^(\s*LoadModule\s+fcgid_module.+)#\1\n<IfModule mod_fcgid.c>\n\n \# in Abstimmung mit PHP variablen\n \# upload_max_filesize = 128M\n \# post_max_size = 512M\n FcgidMaxRequestLen 536870912\n\n \# By default, PHP FastCGI processes exit after handling 500 requests,\n \# and they may exit after this module has already connected to the\n \# application and sent the next request. When that occurs, an error\n \# will be logged and 500 Internal Server Error will be returned to\n \# the client. This PHP behavior can be disabled by setting\n \# PHP_FCGI_MAX_REQUESTS to 0, but that can be a problem if the PHP\n \# application leaks resources. Alternatively, PHP_FCGI_MAX_REQUESTS\n \# can be set to a much higher value than the default to reduce the\n \# frequency of this problem. FcgidMaxRequestsPerProcess can be set to\n \# a value less than or equal to PHP_FCGI_MAX_REQUESTS to resolve the\n \# roblem.\n FcgidMaxRequestsPerProcess 499\n\n \# in Abstimmung mit PHP Variablen\n \# max_execution_time = 180\n \#\n \# Default: 40\n \#\n \#FcgidIOTimeout 181\n FcgidIOTimeout 600\n FcgidIdleTimeout 600\n FcgidProcessLifeTime 600\n FcgidConnectTimeout 600\n\n</IfModule>#" $_httpdconf
if [ "$?" = "0" ]; then if [ "$?" = "0" ]; then
echo_ok echo_ok
else else