Commit 70c7b6ba authored by Cédric BRINER's avatar Cédric BRINER Committed by Cédric BRINER
Browse files

manage security.conf and ssl.conf; use a2query for apache_module and apache_conf

parent 54057730
......@@ -1259,7 +1259,7 @@ EOF
rsync -av /etc/ssl/private/idp{-lab,-test,}.* root@${h}:/etc/ssl/private/ | indent 5
echo -e " \e[34m-rsync cert\e[0m"
rsync -av /etc/ssl/certs/idp{-lab,-test,}.* root@${h}:/etc/ssl/certs/ | indent 5
# check that the key are present in the apache c
# check that the key are present in the apache config
something_todo="False"
t=$(mktemp --suffix .idp-sync)
if test "${is_on_same_group}" = "True"
......@@ -1314,15 +1314,20 @@ EOF
sscp " mods-enabled/_unige.conf" /etc/apache2/mods-enabled/_unige.conf ${h}:/etc/apache2/mods-enabled/_unige.conf
sscp " mods-enabled/status.conf" /etc/apache2/mods-available/status.conf ${h}:/etc/apache2/mods-available/
sscp " mods-enabled/info.conf" /etc/apache2/mods-available/info.conf ${h}:/etc/apache2/mods-available/
sscp " mods-enabled/ssl.conf" /etc/apache2/mods-available/ssl.conf ${h}:/etc/apache2/mods-available/
# enable modules
echo -e " \e[34m- enable module info\e[0m"
ssh root@${h} "apache2ctl -M | grep -wq info_module || a2enmod info" | indent 5
echo -e " \e[34m- enable module status\e[0m"
ssh root@${h} "apache2ctl -M | grep -wq status_module || a2enmod status" | indent 5
echo -e " \e[34m- enable module ssl\e[0m"
ssh root@${h} "apache2ctl -M | grep -wq ssl_module || a2enmod ssl" | indent 5
echo -e " \e[34m- apache enable vamodule proxy_ajp\e[0m"
ssh root@${h} "apache2ctl -M | grep -wq proxy_ajp_module || a2enmod proxy_ajp" | indent 5
for apache_module in info status ssl proxy_ajp; do
echo -e " \e[34m- enable module : ${apache_module}\e[0m"
ssh root@${h} "a2query -q -m ${apache_module} || a2enmod ${apache_module}" | indent 5
done
# configure conf (conf-available)
echo -e " \e[34m- configure conf (conf-available)\e[0m"
sscp " conf-available/security.conf" /etc/apache2/conf-available/security.conf ${h}:/etc/apache2/conf-available/
# enable conf (conf-available)
for apache_conf in security; do
echo -e " \e[34m- enable conf : ${apache_conf}\e[0m"
ssh root@${h} "a2query -c security || a2enconf security" | indent 5
done
# disable/enable site
echo -e " \e[34m- sites (disable/enable)\e[0m"
ssh root@${h} "ls -1 /etc/apache2/sites-enabled/*conf | xargs -I@ basename @ | xargs -I@ a2ensite @" | indent 5
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment