[arch-commits] Commit in hiawatha/repos (6 files)
Antonio Rojas
arojas at gemini.archlinux.org
Tue Dec 28 11:21:26 UTC 2021
Date: Tuesday, December 28, 2021 @ 11:21:26
Author: arojas
Revision: 1085538
archrelease: copy trunk to community-staging-x86_64
Added:
hiawatha/repos/community-staging-x86_64/
hiawatha/repos/community-staging-x86_64/PKGBUILD
(from rev 1085537, hiawatha/trunk/PKGBUILD)
hiawatha/repos/community-staging-x86_64/hiawatha.conf.sample
(from rev 1085537, hiawatha/trunk/hiawatha.conf.sample)
hiawatha/repos/community-staging-x86_64/hiawatha.service
(from rev 1085537, hiawatha/trunk/hiawatha.service)
hiawatha/repos/community-staging-x86_64/lefh-renew.service
(from rev 1085537, hiawatha/trunk/lefh-renew.service)
hiawatha/repos/community-staging-x86_64/lefh-renew.timer
(from rev 1085537, hiawatha/trunk/lefh-renew.timer)
----------------------+
PKGBUILD | 98 ++++++++++++++++++++++++++++++++++++++++++
hiawatha.conf.sample | 114 +++++++++++++++++++++++++++++++++++++++++++++++++
hiawatha.service | 16 ++++++
lefh-renew.service | 9 +++
lefh-renew.timer | 11 ++++
5 files changed, 248 insertions(+)
Copied: hiawatha/repos/community-staging-x86_64/PKGBUILD (from rev 1085537, hiawatha/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2021-12-28 11:21:26 UTC (rev 1085538)
@@ -0,0 +1,98 @@
+# Maintainer: Kyle Keen <keenerd at gmail.com>
+# Contributor: Kurt Marasco <celilo _at_ lavabit _dot_ com>
+# Contributor: Pascal Ernster <aur at hardfalcon dot net>
+# Contributor: Kewl <kewl at alto dot eu dot org>
+
+pkgname=hiawatha
+pkgver=10.12
+pkgrel=2
+pkgdesc="Secure and advanced webserver"
+url="https://www.hiawatha-webserver.org/"
+arch=('x86_64')
+license=('GPL2')
+depends=('libxslt' 'mbedtls' 'libxcrypt')
+optdepends=('php-fpm: PHP fastcgi'
+ 'php: letsencrypt/lefh')
+makedepends=('cmake')
+backup=('etc/hiawatha/hiawatha.conf'
+ 'etc/hiawatha/cgi-wrapper.conf'
+ 'etc/hiawatha/mimetype.conf')
+source=("https://www.hiawatha-webserver.org/files/$pkgname-$pkgver.tar.gz"
+ 'hiawatha.conf.sample'
+ 'hiawatha.service'
+ 'lefh-renew.service'
+ 'lefh-renew.timer')
+sha256sums=('61bf41146c51244769984135529fcffd0f6cb92be18dc12d460effc42f19f50d'
+ '4671d2586cbe3cd6497b16ff422c6143cdab40641ef3c9c4988c478351a8f5e7'
+ 'b5a2671703b52eec376cfc4697b86aafa4f7fdd9b2b9203798e2117770bafa53'
+ 'db1d647d86370583c24ae7a37feab78e3f0015d441ff5bc8f9b32e1a91ec4c8e'
+ 'd12c5a68c293f66d95ae4df704ea349adbad972fb25475ab1a0a24fb42bfc70b')
+
+prepare() {
+ cd "$srcdir/$pkgname-$pkgver"
+ sed -i 's/www-data/http/g' extra/logrotate.in
+
+ # Update stock hiawatha.conf
+ sed -e 's|#ServerId = www-data|ServerId = http|' \
+ -e 's|/var/www/|/srv/http/|g' \
+ -e 's|//|/|g' \
+ -e 's|#CGIextension = cgi|&\n#TriggerOnCGIstatus = no|g' \
+ -e 's|ConnectTo = 127.0.0.1:2005|ConnectTo = 127.0.0.1:9000|g' \
+ -e 's|# Extension = php|&\n# SessionTimeout = 30|g' \
+ -e 's|#ErrorHandler = 404:/error.cgi|&\n#UseGZfile = yes|g' \
+ -i config/hiawatha.conf.in
+
+ sed -e 's|/etc/init.d/hiawatha restart|systemctl restart hiawatha.service|' \
+ -i extra/letsencrypt/letsencrypt.conf.in
+}
+
+build() {
+ cd "$srcdir/$pkgname-$pkgver"
+ mkdir -p build
+ cd build
+
+ cmake ../ -DCMAKE_INSTALL_PREFIX="/" \
+ -DCMAKE_INSTALL_BINDIR="/usr/bin" \
+ -DCMAKE_INSTALL_SBINDIR="/usr/bin" \
+ -DCMAKE_INSTALL_SYSCONFDIR="/etc/hiawatha" \
+ -DCMAKE_INSTALL_LIBDIR="/usr/lib" \
+ -DCMAKE_INSTALL_MANDIR="/usr/share/man" \
+ -DCONFIG_DIR="/etc/hiawatha" \
+ -DLOG_DIR="/var/log/hiawatha" \
+ -DPID_DIR="/run" \
+ -DENABLE_TLS=ON \
+ -DUSE_SYSTEM_MBEDTLS=ON \
+ -DENABLE_MONITOR=ON \
+ -DWEBROOT_DIR="/srv/http/hiawatha" \
+ -DWORK_DIR="/var/lib/hiawatha"
+
+ make
+
+ # Features enabled by default
+ # -DENABLE_CACHE
+ # -DENABLE_IPV6
+ # -DENABLE_RPROXY
+ # -DENABLE_TOOLKIT
+ # -DENABLE_XSLT
+
+ # Features disabled by default
+ # -DENABLE_DEBUG
+ # -DENABLE_TOMAHAWK
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver/build"
+ make DESTDIR="$pkgdir/" install
+
+ rmdir "$pkgdir/run"
+ rm "$pkgdir/srv/http/hiawatha/index.html"
+ rmdir -p --ignore-fail-on-non-empty "$pkgdir/srv/http/hiawatha"
+
+ install -Dm644 logrotate.d/hiawatha "$pkgdir/etc/logrotate.d/hiawatha"
+ cd "$srcdir"
+ install -Dm644 hiawatha.service "$pkgdir/usr/lib/systemd/system/hiawatha.service"
+ install -Dm644 lefh-renew.service "$pkgdir/usr/lib/systemd/system/lefh-renew.service"
+ install -Dm644 lefh-renew.timer "$pkgdir/usr/lib/systemd/system/lefh-renew.timer"
+ install -Dm644 hiawatha.conf.sample "$pkgdir/etc/hiawatha/"
+}
+
Copied: hiawatha/repos/community-staging-x86_64/hiawatha.conf.sample (from rev 1085537, hiawatha/trunk/hiawatha.conf.sample)
===================================================================
--- community-staging-x86_64/hiawatha.conf.sample (rev 0)
+++ community-staging-x86_64/hiawatha.conf.sample 2021-12-28 11:21:26 UTC (rev 1085538)
@@ -0,0 +1,114 @@
+# Hiawatha main configuration file
+# This is a basic sample configuration file that sets up a:
+# 1) Default web site at /srv/http/hiawatha (Note: fast CGI is not active on default site)
+# 2) Virtual host for phpmyadmin at /srv/http/phpMyAdmin
+# note: you must install phpmyadmin, mysql, php-mcrypt, and php-cgi separately. Be sure that extensions
+# mcrypt.so and mysql.so are enabled in your php.ini.
+# Also add phpmyadmin to your hosts file
+# 3) FastCGI server
+
+
+# GENERAL SETTINGS
+ServerId = http
+ConnectionsTotal = 150
+ConnectionsPerIP = 10
+SystemLogfile = /var/log/hiawatha/system.log
+GarbageLogfile = /var/log/hiawatha/garbage.log
+
+
+# BINDING SETTINGS
+# A binding is where a client can connect to.
+#
+Binding {
+ Port = 80
+}
+
+
+
+### The following fast CGI daemons require php-fpm using a UNIX socket and TCP port, respectively.
+# ACTIVATE a FastCGI server for php (using UNIX socket)
+FastCGIserver {
+ FastCGIid = PHP5
+ ConnectTo = /run/php-fpm/php-fpm.sock
+ Extension = php
+ SessionTimeout = 30
+}
+
+# ACTIVATE a FastCGI server for php (using IP-address and TCP port)
+#FastCGIserver {
+# FastCGIid = PHP5
+# ConnectTo = 127.0.0.1:9000
+# Extension = php
+# SessionTimeout = 30
+#}
+
+
+# DEFAULT WEBSITE
+# It is wise to use your IP address as the hostname of the default website
+# and give it a blank webpage. By doing so, automated webscanners won't find
+# your possible vulnerable website.
+#
+Hostname = 127.0.0.1
+WebsiteRoot = /srv/http/hiawatha
+StartFile = index.html
+AccessLogfile = /var/log/hiawatha/access.log
+ErrorLogfile = /var/log/hiawatha/error.log
+#ErrorHandler = 404:/error.cgi
+UseXSLT = yes
+
+
+# VIRTUAL HOSTS
+VirtualHost {
+
+ # If you set WebsiteRoot to /usr/share/webapps/phpMyAdmin you don't need followsymlinks
+ # I symlinked the phpMyAdmin folder to '/srv/http/phpMyAdmin' so that I can easily remember where it's located but
+ # still set 'WebsiteRoot' to the real source directory. You could point WebsiteRoot to the
+ # symlinked directory, but you will have to set 'FollowSymlinks = yes' for that to function properly
+
+ #FollowSymlinks = yes
+ #WebsiteRoot = /srv/http/phpMyAdmin
+ WebsiteRoot = /usr/share/webapps/phpMyAdmin
+ Hostname = phpmyadmin
+ AccessLogfile = /var/log/hiawatha/phpmyadmin/access.log
+ ErrorLogfile = /var/log/hiawatha/phpmyadmin/error.log
+ StartFile = index.php
+ UseFastCGI = PHP5
+
+}
+
+# Add some more
+
+#VirtualHost {
+# Hostname = www.my-domain.com
+# WebsiteRoot = /svr/http/my-domain/public
+# StartFile = index.php
+# AccessLogfile = /svr/http/my-domain/log/access.log
+# ErrorLogfile = /svr/http/my-domain/log/error.log
+# TimeForCGI = 5
+# UseFastCGI = PHP5
+# UseToolkit = banshee
+#}
+
+
+#Additional settings for monitoring
+
+UrlToolkit {
+ ToolkitID = banshee
+ RequestURI isfile Return
+ Match ^/(css|files|images|js)/ Return
+ Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
+ Match .*\?(.*) Rewrite /index.php?$1
+ Match .* Rewrite /index.php
+}
+
+VirtualHost {
+ Hostname = monitor.domain.com
+ WebsiteRoot = /svr/http/monitor/public
+ AccessLogfile = /svr/http/monitor/logfiles/access.log
+ ErrorLogfile = /svr/http/monitor/logfiles/error.log
+ StartFile = index.php
+# ExecuteCGI = yes
+ UseFastCGI = PHP5 # Use if you use PHP as a FastCGI daemon
+ TimeForCGI = 15
+ UseToolkit = banshee
+}
Copied: hiawatha/repos/community-staging-x86_64/hiawatha.service (from rev 1085537, hiawatha/trunk/hiawatha.service)
===================================================================
--- community-staging-x86_64/hiawatha.service (rev 0)
+++ community-staging-x86_64/hiawatha.service 2021-12-28 11:21:26 UTC (rev 1085538)
@@ -0,0 +1,16 @@
+[Unit]
+Description=Hiawatha Web Server
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=simple
+SyslogIdentifier=hiawatha
+ExecStartPre=/usr/bin/wigwam
+ExecStart=/usr/bin/hiawatha -d
+TimeoutSec=10
+#(doesn't like this setting. Can't find files) PrivateTmp=true
+LimitNOFILE=infinity
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FSETID CAP_SETGID CAP_SETUID
+
+[Install]
+WantedBy=multi-user.target
Copied: hiawatha/repos/community-staging-x86_64/lefh-renew.service (from rev 1085537, hiawatha/trunk/lefh-renew.service)
===================================================================
--- community-staging-x86_64/lefh-renew.service (rev 0)
+++ community-staging-x86_64/lefh-renew.service 2021-12-28 11:21:26 UTC (rev 1085538)
@@ -0,0 +1,9 @@
+[Unit]
+Description=Renew Let's Encrypt certificates for Hiawatha
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Environment=HOME=%h
+Type=oneshot
+ExecStart=/usr/bin/lefh renew restart
Copied: hiawatha/repos/community-staging-x86_64/lefh-renew.timer (from rev 1085537, hiawatha/trunk/lefh-renew.timer)
===================================================================
--- community-staging-x86_64/lefh-renew.timer (rev 0)
+++ community-staging-x86_64/lefh-renew.timer 2021-12-28 11:21:26 UTC (rev 1085538)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Daily renewal of Let's Encrypt's certificates
+
+[Timer]
+OnCalendar=daily
+# Be kind to the Let's Encrypt servers: add a random delay of 12 hours
+RandomizedDelaySec=12h
+Persistent=true
+
+[Install]
+WantedBy=timers.target
More information about the arch-commits
mailing list