[arch-commits] Commit in hiawatha/repos (6 files)

Kyle Keen kkeen at archlinux.org
Sun Aug 19 02:22:16 UTC 2018


    Date: Sunday, August 19, 2018 @ 02:22:16
  Author: kkeen
Revision: 372734

archrelease: copy trunk to community-staging-x86_64

Added:
  hiawatha/repos/community-staging-x86_64/
  hiawatha/repos/community-staging-x86_64/PKGBUILD
    (from rev 372733, hiawatha/trunk/PKGBUILD)
  hiawatha/repos/community-staging-x86_64/hiawatha.conf.sample
    (from rev 372733, hiawatha/trunk/hiawatha.conf.sample)
  hiawatha/repos/community-staging-x86_64/hiawatha.service
    (from rev 372733, hiawatha/trunk/hiawatha.service)
  hiawatha/repos/community-staging-x86_64/letsencrypt-renew.service
    (from rev 372733, hiawatha/trunk/letsencrypt-renew.service)
  hiawatha/repos/community-staging-x86_64/letsencrypt-renew.timer
    (from rev 372733, hiawatha/trunk/letsencrypt-renew.timer)

---------------------------+
 PKGBUILD                  |  103 +++++++++++++++++++++++++++++++++++++++
 hiawatha.conf.sample      |  114 ++++++++++++++++++++++++++++++++++++++++++++
 hiawatha.service          |   16 ++++++
 letsencrypt-renew.service |    8 +++
 letsencrypt-renew.timer   |   11 ++++
 5 files changed, 252 insertions(+)

Copied: hiawatha/repos/community-staging-x86_64/PKGBUILD (from rev 372733, hiawatha/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD	                        (rev 0)
+++ community-staging-x86_64/PKGBUILD	2018-08-19 02:22:16 UTC (rev 372734)
@@ -0,0 +1,103 @@
+# $Id$
+# Maintainer: Kyle Keen <keenerd at gmail.com>
+# Contributor: Kurt Marasco <celilo _at_ lavabit _dot_ com>
+# Contributor: Pascal Ernster <aur at hardfalcon dot net>
+
+pkgname=hiawatha
+pkgver=10.8.2
+pkgrel=1
+pkgdesc="Secure and advanced webserver"
+url="https://www.hiawatha-webserver.org/"
+arch=('x86_64')
+license=('GPL2')
+depends=('libxslt' 'mbedtls')
+optdepends=('php-fpm: PHP fastcgi'
+            'php: letsencrypt')
+makedepends=('cmake')
+backup=(
+        'etc/hiawatha/hiawatha.conf'
+        'etc/hiawatha/cgi-wrapper.conf'
+        'etc/hiawatha/mimetype.conf'
+)
+
+source=(
+        "https://www.hiawatha-webserver.org/files/$pkgname-$pkgver.tar.gz" 
+        'hiawatha.conf.sample'
+        'hiawatha.service'
+        'letsencrypt-renew.service'
+        'letsencrypt-renew.timer'
+)
+sha256sums=('282e586113a1ffaececfd093a3da83c9f6de67e8d76853f25c546fdca9f013c7'
+            '4671d2586cbe3cd6497b16ff422c6143cdab40641ef3c9c4988c478351a8f5e7'
+            'fb789b12bb6246237b15a9244f58317abdd53e5ca4eb55880e40a498b2237155'
+            '7f903aadf1e7e4bf449c9a647f160051358ef1e2db328afffc7f3a5c204f8ea5'
+            'a1d5371e886bdd697c9d040125aa5b117d6efe36bb6ee77b57004d893f2bc410')
+
+
+prepare() {
+  cd "$srcdir/$pkgname-$pkgver"
+  sed -i 's/www-data/http/g' extra/logrotate.in
+}
+
+build() {
+  cd "$srcdir/$pkgname-$pkgver"
+  mkdir -p build
+  cd build
+
+  cmake ../ -DCMAKE_INSTALL_PREFIX="/" \
+            -DCMAKE_INSTALL_BINDIR="/usr/bin" \
+            -DCMAKE_INSTALL_SBINDIR="/usr/bin" \
+            -DCMAKE_INSTALL_SYSCONFDIR="/etc/hiawatha" \
+            -DCMAKE_INSTALL_LIBDIR="/usr/lib" \
+            -DCMAKE_INSTALL_MANDIR="/usr/share/man" \
+            -DCONFIG_DIR="/etc/hiawatha" \
+            -DLOG_DIR="/var/log/hiawatha" \
+            -DPID_DIR="/run" \
+            -DENABLE_TLS=ON \
+            -DUSE_SYSTEM_MBEDTLS=ON \
+            -DENABLE_MONITOR=ON \
+            -DWEBROOT_DIR="/srv/http/hiawatha" \
+            -DWORK_DIR="/var/lib/hiawatha"
+
+  make
+
+  # Features enabled by default
+  # -DENABLE_CACHE
+  # -DENABLE_IPV6
+  # -DENABLE_RPROXY
+  # -DENABLE_TOOLKIT
+  # -DENABLE_XSLT
+
+  # Features disabled by default
+  # -DENABLE_DEBUG
+  # -DENABLE_TOMAHAWK	
+}
+
+package() {
+  cd "$srcdir/$pkgname-$pkgver/build"
+  make DESTDIR="$pkgdir/" install
+ 
+  rmdir "$pkgdir/run"
+  rm "$pkgdir/srv/http/hiawatha/index.html"
+  rmdir -p --ignore-fail-on-non-empty "$pkgdir/srv/http/hiawatha"
+ 
+  # Update stock hiawatha.conf
+  sed -e 's|#ServerId = www-data|ServerId = http|' \
+      -e 's|/var/www/|/srv/http/|g' \
+      -e 's|//|/|g' \
+      -e 's|#CGIextension = cgi|&\n#TriggerOnCGIstatus = no|g' \
+      -e 's|ConnectTo = 127.0.0.1:2005|ConnectTo = 127.0.0.1:9000|g' \
+      -e 's|#	Extension = php|&\n#       SessionTimeout = 30|g' \
+      -e 's|#ErrorHandler = 404:/error.cgi|&\n#UseGZfile = yes|g' \
+      -i "$pkgdir/etc/hiawatha/hiawatha.conf"
+  
+  install -Dm644 logrotate.d/hiawatha "$pkgdir/etc/logrotate.d/hiawatha"
+  install -Dm644 "$srcdir/hiawatha.service" "$pkgdir/usr/lib/systemd/system/hiawatha.service"
+  install -Dm644 "$srcdir/hiawatha.conf.sample" "$pkgdir/etc/hiawatha/"
+
+  mkdir -p "$pkgdir/usr/share/hiawatha/"
+  cd "$srcdir/$pkgname-$pkgver/extra/"
+  cp "$srcdir/letsencrypt-renew."* letsencrypt/
+  tar -caf "$pkgdir/usr/share/hiawatha/letsencrypt.tar.gz" letsencrypt/*
+}
+

Copied: hiawatha/repos/community-staging-x86_64/hiawatha.conf.sample (from rev 372733, hiawatha/trunk/hiawatha.conf.sample)
===================================================================
--- community-staging-x86_64/hiawatha.conf.sample	                        (rev 0)
+++ community-staging-x86_64/hiawatha.conf.sample	2018-08-19 02:22:16 UTC (rev 372734)
@@ -0,0 +1,114 @@
+# Hiawatha main configuration file
+# This is a basic sample configuration file that sets up a:
+#   1) Default web site at /srv/http/hiawatha (Note: fast CGI is not active on default site)
+#   2) Virtual host for phpmyadmin at /srv/http/phpMyAdmin
+#      note: you must install phpmyadmin, mysql, php-mcrypt, and php-cgi separately. Be sure that extensions 
+#      mcrypt.so and mysql.so are enabled in your php.ini.
+#      Also add phpmyadmin to your hosts file  
+#   3) FastCGI server
+
+
+# GENERAL SETTINGS
+ServerId = http
+ConnectionsTotal = 150
+ConnectionsPerIP = 10
+SystemLogfile = /var/log/hiawatha/system.log
+GarbageLogfile = /var/log/hiawatha/garbage.log
+
+
+# BINDING SETTINGS
+# A binding is where a client can connect to.
+#
+Binding {
+	Port = 80
+}
+
+
+
+### The following fast CGI daemons require php-fpm using a UNIX socket and TCP port, respectively.
+# ACTIVATE a FastCGI server for php  (using UNIX socket)
+FastCGIserver {
+    FastCGIid = PHP5
+    ConnectTo = /run/php-fpm/php-fpm.sock
+    Extension = php
+    SessionTimeout = 30
+}  
+
+# ACTIVATE a FastCGI server for php (using IP-address and TCP port)
+#FastCGIserver {
+#    FastCGIid = PHP5
+#    ConnectTo = 127.0.0.1:9000
+#    Extension = php
+#    SessionTimeout = 30
+#}  
+
+
+# DEFAULT WEBSITE
+# It is wise to use your IP address as the hostname of the default website
+# and give it a blank webpage. By doing so, automated webscanners won't find
+# your possible vulnerable website.
+#
+Hostname = 127.0.0.1
+WebsiteRoot =  /srv/http/hiawatha
+StartFile = index.html
+AccessLogfile = /var/log/hiawatha/access.log
+ErrorLogfile = /var/log/hiawatha/error.log
+#ErrorHandler = 404:/error.cgi
+UseXSLT = yes
+
+
+# VIRTUAL HOSTS
+VirtualHost {
+    
+    # If you set WebsiteRoot to /usr/share/webapps/phpMyAdmin you don't need followsymlinks
+    # I symlinked the phpMyAdmin folder to '/srv/http/phpMyAdmin' so that I can easily remember where it's located but
+    # still set 'WebsiteRoot' to the real source directory. You could point WebsiteRoot to the
+    # symlinked directory, but you will have to set 'FollowSymlinks = yes' for that to function properly
+    
+    #FollowSymlinks = yes
+    #WebsiteRoot = /srv/http/phpMyAdmin
+    WebsiteRoot = /usr/share/webapps/phpMyAdmin
+    Hostname = phpmyadmin
+    AccessLogfile = /var/log/hiawatha/phpmyadmin/access.log
+    ErrorLogfile = /var/log/hiawatha/phpmyadmin/error.log
+    StartFile = index.php
+    UseFastCGI = PHP5
+    
+}
+
+# Add some more
+
+#VirtualHost {
+#	Hostname = www.my-domain.com
+#	WebsiteRoot = /svr/http/my-domain/public
+#	StartFile = index.php
+#	AccessLogfile = /svr/http/my-domain/log/access.log
+#	ErrorLogfile = /svr/http/my-domain/log/error.log
+#	TimeForCGI = 5
+#	UseFastCGI = PHP5
+#	UseToolkit = banshee
+#}
+
+
+#Additional settings for monitoring
+
+UrlToolkit {
+	ToolkitID = banshee
+	RequestURI isfile Return
+	Match ^/(css|files|images|js)/ Return
+	Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
+	Match .*\?(.*) Rewrite /index.php?$1
+	Match .* Rewrite /index.php
+}
+
+VirtualHost {
+	Hostname = monitor.domain.com
+	WebsiteRoot = /svr/http/monitor/public
+	AccessLogfile = /svr/http/monitor/logfiles/access.log
+	ErrorLogfile = /svr/http/monitor/logfiles/error.log
+	StartFile = index.php
+#	ExecuteCGI = yes
+	UseFastCGI = PHP5 # Use if you use PHP as a FastCGI daemon
+	TimeForCGI = 15
+	UseToolkit = banshee
+}

Copied: hiawatha/repos/community-staging-x86_64/hiawatha.service (from rev 372733, hiawatha/trunk/hiawatha.service)
===================================================================
--- community-staging-x86_64/hiawatha.service	                        (rev 0)
+++ community-staging-x86_64/hiawatha.service	2018-08-19 02:22:16 UTC (rev 372734)
@@ -0,0 +1,16 @@
+[Unit]
+Description=Hiawatha Web Server
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+SyslogIdentifier=hiawatha
+ExecStartPre=/usr/bin/hiawatha -k ; /usr/bin/wigwam
+ExecStart= /usr/bin/hiawatha -d
+TimeoutSec=10
+#(doesn't like this setting. Can't find files) PrivateTmp=true
+LimitNOFILE=infinity
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FSETID CAP_SETGID CAP_SETUID 
+
+[Install]
+WantedBy=multi-user.target

Copied: hiawatha/repos/community-staging-x86_64/letsencrypt-renew.service (from rev 372733, hiawatha/trunk/letsencrypt-renew.service)
===================================================================
--- community-staging-x86_64/letsencrypt-renew.service	                        (rev 0)
+++ community-staging-x86_64/letsencrypt-renew.service	2018-08-19 02:22:16 UTC (rev 372734)
@@ -0,0 +1,8 @@
+[Unit]
+Description=Renew Let's Encrypt certificates
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/root/letsencrypt/letsencrypt renew restart

Copied: hiawatha/repos/community-staging-x86_64/letsencrypt-renew.timer (from rev 372733, hiawatha/trunk/letsencrypt-renew.timer)
===================================================================
--- community-staging-x86_64/letsencrypt-renew.timer	                        (rev 0)
+++ community-staging-x86_64/letsencrypt-renew.timer	2018-08-19 02:22:16 UTC (rev 372734)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Daily renewal of Let's Encrypt's certificates
+
+[Timer]
+OnCalendar=daily
+# Be kind to the Let's Encrypt servers: add a random delay of 0–3600 seconds
+RandomizedDelaySec=3600
+Persistent=true
+
+[Install]
+WantedBy=timers.target



More information about the arch-commits mailing list