certbot/certbot-ci/certbot_integration_tests/apache_tests/apache_config.py

import shutil
import subprocess
import os

import pkg_resources
import getpass


def construct_apache_config_dir(apache_root, http_port, https_port, key_path=None,
                                cert_path=None, wtf_prefix='le'):
    config_path = os.path.join(apache_root, 'config')
    shutil.copytree('/etc/apache2', config_path, symlinks=True)

    webroot_path = os.path.join(apache_root, 'www')
    os.mkdir(webroot_path)
    with open(os.path.join(webroot_path, 'index.html'), 'w') as file_h:
        file_h.write('Hello World!')

    main_config_path = os.path.join(config_path, 'apache2.conf')
    with open(main_config_path, 'w') as file_h:
        file_h.write('''\
ServerRoot "{config}"
DefaultRuntimeDir ${{APACHE_RUN_DIR}}
PidFile ${{APACHE_PID_FILE}}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${{APACHE_RUN_USER}}
Group ${{APACHE_RUN_GROUP}}
HostnameLookups Off
ErrorLog ${{APACHE_LOG_DIR}}/error.log
LogLevel warn

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

Include ports.conf

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Require all denied
</Directory>

<Directory /usr/share>
    AllowOverride None
    Require all granted
</Directory>

<Directory {webroot}/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

AccessFileName .htaccess

<FilesMatch "^\.ht">
    Require all denied
</FilesMatch>

LogFormat "%v:%p %h %l %u %t \\"%r\\" %>s %O \\"%{{Referer}}i\\" \\"%{{User-Agent}}i\\"" vhost_combined
LogFormat "%h %l %u %t \\"%r\\" %>s %O \\"%{{Referer}}i\\" \\"%{{User-Agent}}i\\"" combined
LogFormat "%h %l %u %t \\"%r\\" %>s %O" common
LogFormat "%{{Referer}}i -> %U" referer
LogFormat "%{{User-agent}}i" agent

IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
'''.format(config=config_path, webroot=webroot_path))

    with open(os.path.join(config_path, 'ports.conf'), 'w') as file_h:
        file_h.write('''\
Listen {http}
<IfModule ssl_module>
    Listen {https}
</IfModule>
<IfModule mod_gnutls.c>
    Listen {https}
</IfModule>
'''.format(http=http_port, https=https_port))

    new_environ = os.environ.copy()
    new_environ['APACHE_CONFDIR'] = config_path

    run_path = os.path.join(apache_root, 'run')
    lock_path = os.path.join(apache_root, 'lock')
    logs_path = os.path.join(apache_root, 'logs')
    os.mkdir(run_path)
    os.mkdir(lock_path)
    os.mkdir(logs_path)

    user = getpass.getuser()
    user = user if user != 'root' else 'www-data'
    group = user

    pid_file = os.path.join(run_path, 'apache.pid')

    with open(os.path.join(config_path, 'envvars'), 'w') as file_h:
        file_h.write('''\
unset HOME
export APACHE_RUN_USER={user}
export APACHE_RUN_GROUP={group}
export APACHE_PID_FILE={pid_file}
export APACHE_RUN_DIR={run_path}
export APACHE_LOCK_DIR={lock_path}
export APACHE_LOG_DIR={logs_path}
export LANG=C
'''.format(user=user, group=group, pid_file=pid_file,
           run_path=run_path, lock_path=lock_path, logs_path=logs_path))

    new_environ['APACHE_RUN_USER'] = user
    new_environ['APACHE_RUN_GROUP'] = group
    new_environ['APACHE_PID_FILE'] = pid_file
    new_environ['APACHE_RUN_DIR'] = run_path
    new_environ['APACHE_LOCK_DIR'] = lock_path
    new_environ['APACHE_LOG_DIR'] = logs_path

    le_host = 'apache.{0}.wtf'.format(wtf_prefix)

    with open(os.path.join(config_path, 'sites-available', '000-default.conf'), 'w') as file_h:
        file_h.write('''\
<VirtualHost *:{http}>
    ServerAdmin webmaster@localhost
    ServerName {le_host}
    DocumentRoot {webroot}
    
    ErrorLog ${{APACHE_LOG_DIR}}/error.log
    CustomLog ${{APACHE_LOG_DIR}}/access.log combined
</VirtualHost>
'''.format(http=http_port, le_host=le_host, webroot=webroot_path))

    key_path = key_path if key_path \
        else pkg_resources.resource_filename('certbot_integration_tests', 'assets/key.pem')
    cert_path = cert_path if cert_path \
        else pkg_resources.resource_filename('certbot_integration_tests', 'assets/cert.pem')

    with open(os.path.join(config_path, 'sites-available', 'default-ssl.conf'), 'w') as file_h:
        file_h.write('''\
<IfModule mod_ssl.c>
    <VirtualHost _default_:{https}>
        ServerAdmin webmaster@localhost
        ServerName {le_host}
        DocumentRoot {webroot}
        
        ErrorLog ${{APACHE_LOG_DIR}}/error.log
        CustomLog ${{APACHE_LOG_DIR}}/access.log combined
        
        SSLEngine on
        SSLCertificateFile {cert_path}
        SSLCertificateKeyFile {key_path}
        
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        
        <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
        </Directory>
    </VirtualHost>
</IfModule>
'''.format(https=https_port, le_host=le_host, webroot=webroot_path,
           cert_path=cert_path, key_path=key_path))

    return new_environ, config_path, pid_file


def test():
    env = construct_apache_config_dir('/tmp/test1', 5001, 5002)
    subprocess.call(['apache2ctl', '-DFOREGROUND'], env=env)
Add logic 2019-08-28 06:23:24 -04:00			`import shutil`
Continue logic 2019-08-28 06:46:18 -04:00			`import subprocess`
Add logic 2019-08-28 06:23:24 -04:00			`import os`

			`import pkg_resources`
Continue logic 2019-08-28 06:46:18 -04:00			`import getpass`
Add logic 2019-08-28 06:23:24 -04:00

			`def construct_apache_config_dir(apache_root, http_port, https_port, key_path=None,`
			`cert_path=None, wtf_prefix='le'):`
			`config_path = os.path.join(apache_root, 'config')`
Real path 2019-08-28 11:46:04 -04:00			`shutil.copytree('/etc/apache2', config_path, symlinks=True)`
Add logic 2019-08-28 06:23:24 -04:00
			`webroot_path = os.path.join(apache_root, 'www')`
			`os.mkdir(webroot_path)`
Working implementation 2019-08-28 10:05:34 -04:00			`with open(os.path.join(webroot_path, 'index.html'), 'w') as file_h:`
			`file_h.write('Hello World!')`
Add logic 2019-08-28 06:23:24 -04:00
			`main_config_path = os.path.join(config_path, 'apache2.conf')`
			`with open(main_config_path, 'w') as file_h:`
Setup apache2.conf 2019-08-28 06:53:10 -04:00			`file_h.write('''\`
			`ServerRoot "{config}"`
			`DefaultRuntimeDir ${{APACHE_RUN_DIR}}`
			`PidFile ${{APACHE_PID_FILE}}`
			`Timeout 300`
			`KeepAlive On`
			`MaxKeepAliveRequests 100`
			`KeepAliveTimeout 5`
			`User ${{APACHE_RUN_USER}}`
			`Group ${{APACHE_RUN_GROUP}}`
			`HostnameLookups Off`
			`ErrorLog ${{APACHE_LOG_DIR}}/error.log`
			`LogLevel warn`

Copy symlinks 2019-08-28 08:13:12 -04:00			`IncludeOptional mods-enabled/*.load`
			`IncludeOptional mods-enabled/*.conf`
Setup apache2.conf 2019-08-28 06:53:10 -04:00
			`Include ports.conf`

			`<Directory />`
			`Options FollowSymLinks`
			`AllowOverride None`
			`Require all denied`
			`</Directory>`

			`<Directory /usr/share>`
			`AllowOverride None`
			`Require all granted`
			`</Directory>`

			`<Directory {webroot}/>`
			`Options Indexes FollowSymLinks`
			`AllowOverride None`
			`Require all granted`
			`</Directory>`

			`AccessFileName .htaccess`

			`<FilesMatch "^\.ht">`
			`Require all denied`
			`</FilesMatch>`

Fix escape characters 2019-08-28 06:56:06 -04:00			`LogFormat "%v:%p %h %l %u %t \\"%r\\" %>s %O \\"%{{Referer}}i\\" \\"%{{User-Agent}}i\\"" vhost_combined`
			`LogFormat "%h %l %u %t \\"%r\\" %>s %O \\"%{{Referer}}i\\" \\"%{{User-Agent}}i\\"" combined`
			`LogFormat "%h %l %u %t \\"%r\\" %>s %O" common`
Setup apache2.conf 2019-08-28 06:53:10 -04:00			`LogFormat "%{{Referer}}i -> %U" referer`
			`LogFormat "%{{User-agent}}i" agent`

Copy symlinks 2019-08-28 08:13:12 -04:00			`IncludeOptional conf-enabled/*.conf`
			`IncludeOptional sites-enabled/*.conf`
Setup apache2.conf 2019-08-28 06:53:10 -04:00			`'''.format(config=config_path, webroot=webroot_path))`
Add logic 2019-08-28 06:23:24 -04:00
			`with open(os.path.join(config_path, 'ports.conf'), 'w') as file_h:`
			`file_h.write('''\`
			`Listen {http}`
			`<IfModule ssl_module>`
			`Listen {https}`
			`</IfModule>`
			`<IfModule mod_gnutls.c>`
			`Listen {https}`
			`</IfModule>`
			`'''.format(http=http_port, https=https_port))`

			`new_environ = os.environ.copy()`
			`new_environ['APACHE_CONFDIR'] = config_path`

Fix various paths 2019-08-28 07:03:54 -04:00			`run_path = os.path.join(apache_root, 'run')`
			`lock_path = os.path.join(apache_root, 'lock')`
			`logs_path = os.path.join(apache_root, 'logs')`
Add logic 2019-08-28 06:23:24 -04:00			`os.mkdir(run_path)`
			`os.mkdir(lock_path)`
			`os.mkdir(logs_path)`

Continue logic 2019-08-28 06:46:18 -04:00			`user = getpass.getuser()`
			`user = user if user != 'root' else 'www-data'`
			`group = user`

Working implementation 2019-08-28 10:05:34 -04:00			`pid_file = os.path.join(run_path, 'apache.pid')`

Add logic 2019-08-28 06:23:24 -04:00			`with open(os.path.join(config_path, 'envvars'), 'w') as file_h:`
			`file_h.write('''\`
			`unset HOME`
Continue logic 2019-08-28 06:46:18 -04:00			`export APACHE_RUN_USER={user}`
			`export APACHE_RUN_GROUP={group}`
Working implementation 2019-08-28 10:05:34 -04:00			`export APACHE_PID_FILE={pid_file}`
Add logic 2019-08-28 06:23:24 -04:00			`export APACHE_RUN_DIR={run_path}`
			`export APACHE_LOCK_DIR={lock_path}`
			`export APACHE_LOG_DIR={logs_path}`
			`export LANG=C`
Working implementation 2019-08-28 10:05:34 -04:00			`'''.format(user=user, group=group, pid_file=pid_file,`
			`run_path=run_path, lock_path=lock_path, logs_path=logs_path))`
Continue logic 2019-08-28 06:46:18 -04:00
			`new_environ['APACHE_RUN_USER'] = user`
			`new_environ['APACHE_RUN_GROUP'] = group`
Working implementation 2019-08-28 10:05:34 -04:00			`new_environ['APACHE_PID_FILE'] = pid_file`
Continue logic 2019-08-28 06:46:18 -04:00			`new_environ['APACHE_RUN_DIR'] = run_path`
			`new_environ['APACHE_LOCK_DIR'] = lock_path`
			`new_environ['APACHE_LOG_DIR'] = logs_path`
Add logic 2019-08-28 06:23:24 -04:00
			`le_host = 'apache.{0}.wtf'.format(wtf_prefix)`

Continue logic 2019-08-28 06:46:18 -04:00			`with open(os.path.join(config_path, 'sites-available', '000-default.conf'), 'w') as file_h:`
Add logic 2019-08-28 06:23:24 -04:00			`file_h.write('''\`
			`<VirtualHost *:{http}>`
			`ServerAdmin webmaster@localhost`
			`ServerName {le_host}`
			`DocumentRoot {webroot}`

			`ErrorLog ${{APACHE_LOG_DIR}}/error.log`
			`CustomLog ${{APACHE_LOG_DIR}}/access.log combined`
			`</VirtualHost>`
			`'''.format(http=http_port, le_host=le_host, webroot=webroot_path))`

			`key_path = key_path if key_path \`
			`else pkg_resources.resource_filename('certbot_integration_tests', 'assets/key.pem')`
			`cert_path = cert_path if cert_path \`
			`else pkg_resources.resource_filename('certbot_integration_tests', 'assets/cert.pem')`

			`with open(os.path.join(config_path, 'sites-available', 'default-ssl.conf'), 'w') as file_h:`
			`file_h.write('''\`
			`<IfModule mod_ssl.c>`
			`<VirtualHost _default_:{https}>`
			`ServerAdmin webmaster@localhost`
			`ServerName {le_host}`
			`DocumentRoot {webroot}`

			`ErrorLog ${{APACHE_LOG_DIR}}/error.log`
			`CustomLog ${{APACHE_LOG_DIR}}/access.log combined`

			`SSLEngine on`
			`SSLCertificateFile {cert_path}`
			`SSLCertificateKeyFile {key_path}`

			`<FilesMatch "\.(cgi\|shtml\|phtml\|php)$">`
			`SSLOptions +StdEnvVars`
			`</FilesMatch>`

			`<Directory /usr/lib/cgi-bin>`
			`SSLOptions +StdEnvVars`
			`</Directory>`
			`</VirtualHost>`
			`</IfModule>`
			`'''.format(https=https_port, le_host=le_host, webroot=webroot_path,`
			`cert_path=cert_path, key_path=key_path))`

Finish isolation and toxenv 2019-08-28 11:16:58 -04:00			`return new_environ, config_path, pid_file`
Continue logic 2019-08-28 06:46:18 -04:00

			`def test():`
			`env = construct_apache_config_dir('/tmp/test1', 5001, 5002)`
Working implementation 2019-08-28 10:05:34 -04:00			`subprocess.call(['apache2ctl', '-DFOREGROUND'], env=env)`