Browse Source

apache: add extra packages + apache user

This adds extra packages for certain modules (basically the ones that
incur further dependencies), support files etc. This is pretty much
follows Alpine's example.

This updates the httpd.conf patch to _not_ uncomment MIMEMagicFile
(because the module isn't loaded by default) and removes that changes
that aren't needed anymore (because of the added module support). The
patch now only changes the default user.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
lilik-openwrt-22.03
Sebastian Kemper 5 years ago
parent
commit
c8aba5113b
4 changed files with 232 additions and 100 deletions
  1. +0
    -11
      net/apache/Config.in
  2. +222
    -25
      net/apache/Makefile
  3. +5
    -55
      net/apache/patches/005-httpd_conf.patch
  4. +5
    -9
      net/apache/patches/010-reproducible-builds.patch

+ 0
- 11
net/apache/Config.in View File

@ -1,11 +0,0 @@
menu "Configuration"
depends on PACKAGE_apache
config APACHE_HTTP2
bool
prompt "Enable HTTP2"
help
Enable HTTPS2 support.
default n
endmenu

+ 222
- 25
net/apache/Makefile View File

@ -24,24 +24,30 @@ PKG_LICENSE_FILES:=LICENSE
PKG_CPE_ID:=cpe:/a:apache:http_server
PKG_BUILD_PARALLEL:=1
PKG_BUILD_DEPENDS:=openssl
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_CONFIG_DEPENDS:= \
CONFIG_APACHE_HTTP2
CONFIG_PACKAGE_apache-mod-deflate \
CONFIG_PACKAGE_apache-mod-http2 \
CONFIG_PACKAGE_apache-mod-ldap \
CONFIG_PACKAGE_apache-mod-lua \
CONFIG_PACKAGE_apache-mod-md \
CONFIG_PACKAGE_apache-mod-proxy \
CONFIG_PACKAGE_apache-mod-proxy-html \
CONFIG_PACKAGE_apache-mod-session-crypto \
CONFIG_PACKAGE_apache-mod-suexec \
CONFIG_PACKAGE_apache-mod-webdav \
CONFIG_PACKAGE_apache-suexec
PKG_FIXUP:=autoreconf
ADDITIONAL_MODULES:=
ifeq ($(CONFIG_APACHE_HTTP2),y)
ADDITIONAL_MODULES += --enable-http2
endif
ifneq ($(CONFIG_APACHE_HTTP2),y)
ADDITIONAL_MODULES += --enable-http2=no
endif
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
# without nls.mk mod_xml2enc might not find the iconv headers
include $(INCLUDE_DIR)/nls.mk
define Package/apache/Default
SECTION:=net
@ -63,7 +69,8 @@ endef
define Package/apache
$(call Package/apache/Default)
DEPENDS:=+libapr +libaprutil +libpcre +libopenssl +unixodbc +zlib +APACHE_HTTP2:libnghttp2
USERID:=apache=377:apache=377
DEPENDS:=+libapr +libaprutil +libpcre
endef
define Package/apache/description
@ -95,10 +102,37 @@ define Package/apache/conffiles
/etc/apache2/extra/httpd-ssl.conf
/etc/apache2/extra/httpd-userdir.conf
/etc/apache2/extra/httpd-vhosts.conf
/etc/apache2/extra/proxy-html.conf
/etc/apache2/magic
/etc/apache2/mime.types
endef
define Package/apache-ab
$(call Package/apache/Default)
TITLE:=Apache benchmark utility
DEPENDS:=apache +libopenssl
endef
define Package/apache-ab/description
$(call Package/apache/Default/description)
Apache server benchmarking utility.
endef
define Package/apache-error
$(call Package/apache/Default)
TITLE:=Error documents
DEPENDS:=apache
endef
define Package/apache-error/description
$(call Package/apache/Default/description)
Apache multi language custom error documents.
endef
define Package/apache-icons
$(call Package/apache/Default)
TITLE:=Icons from Apache
@ -111,11 +145,49 @@ $(call Package/apache/Default/description)
This package contains the icons from Apache.
endef
define Package/apache-suexec
$(call Package/apache/Default)
TITLE:=Apache suEXEC
DEPENDS:=apache
endef
define Package/apache-suexec/description
$(call Package/apache/Default/description)
This package contains the suEXEC utility from Apache.
endef
define Package/apache-utils
$(call Package/apache/Default)
TITLE:=Apache utilities
DEPENDS:=apache
endef
define Package/apache-utils/description
$(call Package/apache/Default/description)
Apache utility programs for webservers.
endef
define Package/apache/install/mod
$(INSTALL_DIR) $(1)/usr/lib/apache2
$(INSTALL_BIN) \
$(PKG_INSTALL_DIR)/usr/lib/apache2/mod_$(2).so \
$(1)/usr/lib/apache2
endef
CONFIGURE_ARGS+= \
--$(if $(CONFIG_PACKAGE_apache-mod-deflate),en,dis)able-deflate \
--$(if $(CONFIG_PACKAGE_apache-mod-http2),en,dis)able-http2 \
--$(if $(CONFIG_PACKAGE_apache-mod-lua),en,dis)able-lua \
--$(if $(CONFIG_PACKAGE_apache-mod-md),en,dis)able-md \
--$(if $(CONFIG_PACKAGE_apache-mod-proxy),en,dis)able-proxy \
--$(if $(CONFIG_PACKAGE_apache-mod-session-crypto),en,dis)able-session-crypto \
--$(if $(CONFIG_PACKAGE_apache-mod-ssl),en,dis)able-ssl \
--datadir=/usr/share/apache2 \
--disable-authnz-ldap \
--disable-imagemap \
--disable-ldap \
--disable-luajit \
--enable-authn-alias \
--enable-authn-anon \
@ -139,6 +211,62 @@ CONFIGURE_ARGS+= \
--with-pcre="$(STAGING_DIR)/usr/bin/pcre-config" \
--with-ssl
ifneq ($(CONFIG_PACKAGE_apache-mod-ldap),)
CONFIGURE_ARGS+= \
--enable-authnz-ldap \
--enable-ldap
else
CONFIGURE_ARGS+= \
--disable-authnz-ldap \
--disable-ldap
endif
ifneq ($(CONFIG_PACKAGE_apache-mod-proxy),)
CONFIGURE_ARGS+= \
--enable-proxy \
--enable-proxy-connect \
--enable-proxy-ftp \
--enable-proxy-http
else
CONFIGURE_ARGS+= \
--disable-proxy
endif
ifneq ($(CONFIG_PACKAGE_apache-mod-proxy-html),)
CONFIGURE_ARGS+= \
--enable-proxy-html \
--enable-xml2enc \
--with-libxml2="$(STAGING_DIR)/usr"
else
CONFIGURE_ARGS+= \
--disable-proxy-html \
--disable-xml2enc
endif
ifneq ($(CONFIG_PACKAGE_apache-mod-suexec)$(CONFIG_PACKAGE_apache-suexec),)
CONFIGURE_ARGS+= \
--enable-suexec \
--with-suexec-bin=/usr/sbin/suexec \
--with-suexec-caller=apache \
--with-suexec-docroot=/var/www \
--with-suexec-logfile=/var/log/apache2/suexec.log \
--with-suexec-uidmin=99 \
--with-suexec-gidmin=99
else
CONFIGURE_ARGS+= \
--disable-suexec
endif
ifneq ($(CONFIG_PACKAGE_apache-mod-webdav),)
CONFIGURE_ARGS+= \
--enable-dav \
--enable-dav-fs \
--enable-dav-lock
else
CONFIGURE_ARGS+= \
--disable-dav
endif
CONFIGURE_VARS += \
ap_cv_void_ptr_lt_long=no
@ -175,16 +303,31 @@ define Package/apache/preinst
endef
define Package/apache/install
$(INSTALL_DIR) $(1)/usr/sbin
# we don't need apxs on the router, it's just for building apache modules.
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{ab,dbmmanage,htdbm,htdigest,htpasswd,httxt2dbm,logresolve} $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{apachectl,checkgid,envvars,envvars-std,htcacheclean,httpd,rotatelogs} $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/httpd.exp $(1)/usr/lib/
$(INSTALL_DIR) $(1)/usr/share
$(CP) $(PKG_INSTALL_DIR)/usr/share/{error,htdocs,cgi-bin,build} $(1)/usr/share/
$(INSTALL_DIR) $(1)/etc/apache
$(CP) $(PKG_INSTALL_DIR)/etc/apache/{httpd.conf,magic,mime.types,extra} $(1)/etc/apache/
$(INSTALL_DIR) $(1)/etc/apache2/extra
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/apache2/extra/* \
$(1)/etc/apache2/extra
$(INSTALL_DATA) \
$(PKG_INSTALL_DIR)/etc/apache2/{httpd.conf,magic,mime.types} \
$(1)/etc/apache2
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/apache.init $(1)/etc/init.d/apache
$(INSTALL_DIR) $(1)/usr/lib/apache2
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/apache2/*.so \
$(1)/usr/lib/apache2
rm -f $(1)/usr/lib/apache2/mod_{*ldap,dav*,deflate,http2,lbmethod_*,lua,md,proxy*,proxy_html,session_crypto,ssl,suexec,xml2enc}.so
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/apache2/httpd.exp \
$(1)/usr/lib/apache2
$(INSTALL_DIR) $(1)/usr/share/apache2/{cgi-bin,htdocs}
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/apache2/cgi-bin/* \
$(1)/usr/share/apache2/cgi-bin
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/share/apache2/htdocs/* \
$(1)/usr/share/apache2/htdocs
$(INSTALL_DIR) $(1)/usr/{,s}bin
$(INSTALL_BIN) \
$(PKG_INSTALL_DIR)/usr/bin/{dbmmanage,htdbm,htdigest,htpasswd,httxt2dbm,logresolve} \
$(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{apachectl,httpd} \
$(1)/usr/sbin
endef
define Package/apache/postrm
@ -194,10 +337,64 @@ define Package/apache/postrm
with busybox's httpd."
endef
define Package/apache-ab/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ab $(1)/usr/bin
endef
define Package/apache-error/install
$(INSTALL_DIR) $(1)/usr/share/apache2/error
$(CP) $(PKG_INSTALL_DIR)/usr/share/apache2/error/* \
$(1)/usr/share/apache2/error
endef
define Package/apache-icons/install
$(INSTALL_DIR) $(1)/usr/share
$(CP) $(PKG_INSTALL_DIR)/usr/share/icons $(1)/usr/share/
$(INSTALL_DIR) $(1)/usr/share/apache2
$(CP) $(PKG_INSTALL_DIR)/usr/share/apache2/icons \
$(1)/usr/share/apache2
endef
define Package/apache-suexec/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/suexec $(1)/usr/sbin
endef
define Package/apache-utils/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) \
$(PKG_INSTALL_DIR)/usr/sbin/{checkgid,envvars*,htcacheclean,rotatelogs} \
$(1)/usr/sbin
endef
define Package/apache/Module
define Package/apache-mod-$(1)
$(call Package/apache/Default)
TITLE:=$(2) module
DEPENDS:=apache $(patsubst +%,+PACKAGE_apache-mod-$(1):%,$(4))
endef
define Package/apache-mod-$(1)/description
$(subst \n,$(newline),$(3))
endef
define Package/apache-mod-$(1)/install
$(foreach m,$(5),$(call Package/apache/install/mod,$$(1),$(m));)
endef
$$(eval $$(call BuildPackage,apache-mod-$(1)))
endef
$(eval $(call BuildPackage,apache))
$(eval $(call BuildPackage,apache-ab))
$(eval $(call BuildPackage,apache-error))
$(eval $(call BuildPackage,apache-icons))
$(eval $(call BuildPackage,apache-suexec))
$(eval $(call BuildPackage,apache-utils))
$(eval $(call Package/apache/Module,deflate,Deflate,Deflate support for the Apache HTTP server.,+zlib,deflate))
$(eval $(call Package/apache/Module,http2,HTTP2,HTTP/2 transport layer for the Apache HTTP Server.,+libnghttp2 +libopenssl,http2))
$(eval $(call Package/apache/Module,ldap,LDAP,LDAP authentication/authorization module for the Apache HTTP Server.,+libaprutil-ldap,authnz_ldap ldap))
$(eval $(call Package/apache/Module,lua,Lua,Lua support for the Apache HTTP server.,+liblua,lua))
$(eval $(call Package/apache/Module,md,Managed Domain handling,Managed Domain handling.,+libcurl +jansson +libopenssl,md))
$(eval $(call Package/apache/Module,proxy,Proxy,Proxy modules for the Apache HTTP Server.,,proxy proxy_ajp proxy_balancer proxy_connect proxy_express proxy_fcgi proxy_fdpass proxy_ftp proxy_hcheck proxy_http proxy_scgi proxy_uwsgi proxy_wstunnel lbmethod_byrequests lbmethod_heartbeat lbmethod_bytraffic lbmethod_bybusyness))
$(eval $(call Package/apache/Module,proxy-html,Proxy HTML,HTML and XML content filters for the Apache HTTP Server.,+apache-mod-proxy +libxml2,proxy_html xml2enc))
$(eval $(call Package/apache/Module,session-crypto,Session crypto,Session encryption support for the Apache HTTP Server.,+libaprutil-crypto-openssl,session_crypto))
$(eval $(call Package/apache/Module,ssl,SSL/TLS,SSL/TLS module for the Apache HTTP Server.,+libopenssl,ssl))
$(eval $(call Package/apache/Module,suexec,suEXEC,suEXEC module for the Apache HTTP Server.,+apache-suexec,suexec))
$(eval $(call Package/apache/Module,webdav,WebDAV,WebDAV support for the Apache HTTP Server.,,dav dav_fs dav_lock))

+ 5
- 55
net/apache/patches/005-httpd_conf.patch View File

@ -1,63 +1,13 @@
Index: httpd-2.4.25/docs/conf/httpd.conf.in
===================================================================
--- httpd-2.4.25.orig/docs/conf/httpd.conf.in
+++ httpd-2.4.25/docs/conf/httpd.conf.in
@@ -63,7 +63,6 @@ Listen @@Port@@
# Example:
# LoadModule foo_module modules/mod_foo.so
#
-@@LoadModule@@
<IfModule unixd_module>
#
@@ -74,8 +73,8 @@ Listen @@Port@@
--- a/docs/conf/httpd.conf.in
+++ b/docs/conf/httpd.conf.in
@@ -74,8 +74,8 @@ Listen @@Port@@
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
-User daemon
-Group daemon
+User nobody
+Group nogroup
+User apache
+Group apache
</IfModule>
@@ -188,7 +187,7 @@ ErrorLog "@rel_logfiledir@/error_log"
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
-LogLevel warn
+LogLevel debug
<IfModule log_config_module>
#
@@ -330,7 +329,7 @@ LogLevel warn
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
-#MIMEMagicFile @rel_sysconfdir@/magic
+MIMEMagicFile @rel_sysconfdir@/magic
#
# Customizable error responses come in three flavors:
@@ -360,7 +359,7 @@ LogLevel warn
# Defaults: EnableMMAP On, EnableSendfile Off
#
#EnableMMAP off
-#EnableSendfile on
+EnableSendfile off
# Supplemental configuration
#
@@ -411,8 +410,8 @@ Include @rel_sysconfdir@/extra/proxy-htm
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
#
-<IfModule ssl_module>
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-</IfModule>
+#<IfModule ssl_module>
+#SSLRandomSeed startup builtin
+#SSLRandomSeed connect builtin
+#</IfModule>

+ 5
- 9
net/apache/patches/010-reproducible-builds.patch View File

@ -5,10 +5,8 @@ Author: Jean-Michel Vourgère <nirgal@debian.org>
Forwarded: no
Last-Update: 2015-08-11
Index: apache2/server/buildmark.c
===================================================================
--- apache2.orig/server/buildmark.c
+++ apache2/server/buildmark.c
--- a/server/buildmark.c
+++ b/server/buildmark.c
@@ -17,11 +17,7 @@
#include "ap_config.h"
#include "httpd.h"
@ -22,16 +20,14 @@ Index: apache2/server/buildmark.c
AP_DECLARE(const char *) ap_get_server_built()
{
Index: apache2/server/Makefile.in
===================================================================
--- apache2.orig/server/Makefile.in
+++ apache2/server/Makefile.in
--- a/server/Makefile.in
+++ b/server/Makefile.in
@@ -1,3 +1,4 @@
+export LC_ALL = C
CLEAN_TARGETS = gen_test_char test_char.h \
ApacheCoreOS2.def httpd.exp export_files \
@@ -85,8 +86,8 @@ httpd.exp: exports.c export_vars.h
@@ -87,8 +88,8 @@ httpd.exp: exports.c export_vars.h
@echo "#! ." > $@
@echo "* This file was AUTOGENERATED at build time." >> $@
@echo "* Please do not edit by hand." >> $@


Loading…
Cancel
Save