aboutsummaryrefslogtreecommitdiffstats
path: root/main/apache2/APKBUILD
blob: 7353d6b2a181f7beb5affad62a814b5e3c4a4bf8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
# Maintainer: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
pkgname=apache2
_pkgreal=httpd
pkgver=2.4.33
pkgrel=1
pkgdesc="A high performance Unix-based HTTP server"
url="http://httpd.apache.org/"
arch="all"
license="Apache-2.0"
depends=""
install="$pkgname.pre-install $pkgname.pre-upgrade"
pkgusers="apache"
pkggroups="apache"
makedepends="apr-dev apr-util-dev autoconf automake libxml2-dev lua-dev
             nghttp2-dev libressl-dev pcre-dev sed zlib-dev"
subpackages="$pkgname-ctl
             $pkgname-dev
             $pkgname-doc
             $pkgname-error:_error:noarch
             $pkgname-http2
             $pkgname-icons::noarch
             $pkgname-ldap
             $pkgname-lua:_lua
             $pkgname-proxy-html:proxy_html
             $pkgname-proxy
             $pkgname-ssl
             $pkgname-utils
             $pkgname-webdav"
source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2
	apache2.confd
	apache2.logrotate
	apache2.initd
	alpine.layout
	libressl-2.7.patch
	conf/0001-httpd.conf-ServerRoot.patch
	conf/0002-httpd.conf-ServerTokens.patch
	conf/0003-httpd.conf-ServerSignature.patch
	conf/0004-httpd.conf-User-Group.patch
	conf/0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch
	conf/0006-httpd-dav.conf-DavLockDB.patch
	conf/0007-httpd-ssl.conf-SSLSessionCache.patch
	conf/0008-httpd-ssl.conf-SSLRandomSeed.patch
	conf/0009-httpd-ssl.conf-SSL-File.patch
	conf/0010-httpd-ssl.conf-SSL-CipherSuite.patch
	conf/0011-httpd.conf-IncludeOptional.patch
	conf/0012-httpd.conf-MIMEMagicFile.patch
	conf/0013-httpd-.conf-IfModule.patch
	conf/0014-httpd-.conf-LoadModule.patch
	"
options="suid"
builddir="$srcdir"/$_pkgreal-$pkgver

# secfixes:
#   2.4.33-r0:
#     - CVE-2017-15710
#     - CVE-2017-15715
#     - CVE-2018-1283
#     - CVE-2018-1301
#     - CVE-2018-1302
#     - CVE-2018-1303
#     - CVE-2018-1312
#   2.4.27-r1:
#     - CVE-2017-9798
#   2.4.26-r0:
#     - CVE-2017-3167
#     - CVE-2017-3169
#     - CVE-2017-7659
#     - CVE-2017-7668
#     - CVE-2017-7679

prepare() {
	cd "$builddir"

	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$(basename $i) || return 1;;
		esac
	done

	cat "$srcdir/alpine.layout" >> config.layout
}

build() {
	cd "$builddir"
	./configure \
		--prefix=/usr \
		--enable-layout=Alpine \
		--enable-so \
		--enable-suexec \
		--with-suexec-caller=apache \
		--with-suexec-docroot=/var/www \
		--with-suexec-logfile=/var/log/apache2/suexec.log \
		--with-suexec-bin=/usr/sbin/suexec \
		--with-suexec-uidmin=99 \
		--with-suexec-gidmin=99 \
		--with-apr=/usr/bin/apr-1-config \
		--with-apr-util=/usr/bin/apu-1-config \
		--with-pcre=/usr \
		--enable-mods-shared=all \
		--enable-mpms-shared=all \
		--with-mpm=prefork \
		--enable-ssl \
		--with-ssl \
		--enable-proxy \
		--enable-cache \
		--enable-disk-cache \
		--enable-mem-cache \
		--enable-file-cache \
		--enable-ldap \
		--enable-authnz-ldap \
		--enable-cgid \
		--enable-cgi \
		--enable-authn-anon \
		--enable-authn-alias \
		--disable-imagemap \
		--enable-proxy-connect \
		--enable-proxy-http \
		--enable-proxy-ftp \
		--enable-deflate \
		--enable-dbd \
		--enable-exception-hook \
		--enable-dav \
		--enable-dav-fs \
		--enable-dav-lock \
		|| return 1
	make || return 1
}

package() {
	cd "$builddir"
	make -j1 DESTDIR="$pkgdir" install || return 1

	# config
	rm -r "$pkgdir"/etc/apache2/extra/httpd-vhosts.conf \
		"$pkgdir"/etc/apache2/original || return 1
	mv "$pkgdir"/etc/apache2/extra "$pkgdir"/etc/apache2/conf.d || return 1
	for file in "$pkgdir"/etc/apache2/conf.d/httpd-*; do
		mv "$file" \
			"$(dirname $file)/${file#$pkgdir/etc/apache2/conf.d/httpd-}" || \
			return 1
	done
	sed -Ei \
		's:^(\t?#?LoadModule .+ )lib/apache2/:\1modules/:;ta;b;:a;s/^#?LoadModule (dav.*|lbmethod_.+|.*ldap|lua|proxy.*|ssl|xml2enc)_module //;tb;b;:b;d' \
		"$pkgdir"/etc/apache2/httpd.conf

	# init scripts and logrotate
	install -D -m755 "$srcdir"/apache2.initd \
		"$pkgdir"/etc/init.d/apache2 || return 1
	install -D -m644 "$srcdir"/apache2.logrotate \
		"$pkgdir"/etc/logrotate.d/apache2 || return 1
	install -D -m644 "$srcdir"/apache2.confd \
		"$pkgdir"/etc/conf.d/apache2 || return 1

	install -d "$pkgdir"/var/www || return 1
	install -d -m 2750 -g wheel "$pkgdir"/var/log/apache2 || return 1
	ln -fs /var/log/apache2 "$pkgdir"/var/www/logs
	ln -fs /run/apache2 "$pkgdir"/var/www/run
	ln -fs /usr/lib/apache2 "$pkgdir"/var/www/modules
	rm -fr "$pkgdir"/run

	# verify all MPMs are built
	# ref #2866
	for i in prefork event worker; do
		if ! [ -e "$pkgdir"/usr/lib/apache2/mod_mpm_$i.so ]; then
			error "$i MPM was not built"
			return 1
		fi
	done
}

_make_conf_dir() {
	_conf_dir=$subpkgdir/etc/apache2/conf.d
	install -d "$_conf_dir"
}

_mv_conf() {
	_make_conf_dir && mv "$pkgdir"/etc/apache2/conf.d/$1.conf "$_conf_dir"
}

_load_mod() {
	_make_conf_dir
	echo "LoadModule $1_module modules/mod_$1.so" >> \
		"$_conf_dir"/${subpkgname#$pkgname-}.conf
}

_load_mods() {
	local path mod
	for path in "$subpkgdir"/usr/lib/apache2/mod_*.so; do
		mod=${path##/*mod_}
		_load_mod ${mod%.so}
	done
}

# include the builddir and apxs in -dev package
dev() {
	local _mpm
	local _file
	default_dev
	depends="$depends perl apr-util-dev"

	# install apxs utility
	install -d "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/apxs \
		"$subpkgdir"/usr/bin/apxs || return 1


	install -d "$subpkgdir"/usr/share/apache2
	mv "$pkgdir"/usr/share/apache2/build \
		"$subpkgdir"/usr/share/apache2/ || return 1
}

doc() {
	default_doc && _mv_conf manual
}

_error() {
	pkgdesc="Apache Multi Language Custom Error Documents"
	install -d "$subpkgdir"/usr/share/apache2
	mv "$pkgdir"/usr/share/apache2/error \
		"$subpkgdir"/usr/share/apache2/ || return 1
	_mv_conf multilang-errordoc
}

http2() {
	pkgdesc="HTTP/2 transport layer for the Apache HTTP Server"
	install -d "$subpkgdir"/usr/lib/apache2
	mv "$pkgdir"/usr/lib/apache2/mod_http2.so \
		"$subpkgdir"/usr/lib/apache2 || return 1
	_load_mods
}

icons() {
	pkgdesc="Apache Public Domain Icons"
	install -d "$subpkgdir"/usr/share/apache2
	mv "$pkgdir"/usr/share/apache2/icons \
		"$subpkgdir"/usr/share/apache2/ || return 1
	_mv_conf autoindex
}

utils() {
	pkgdesc="Apache utility programs for webservers"

	install -d "$subpkgdir"/usr/sbin
	mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
	for i in checkgid htcacheclean rotatelogs envvars*; do
		mv "$pkgdir"/usr/sbin/$i "$subpkgdir"/usr/sbin/
	done
}

ctl() {
	pkgdesc="Apache control script"
	depends=lynx

	install -d "$subpkgdir"/usr/sbin
	mv "$pkgdir"/usr/sbin/apachectl "$subpkgdir"/usr/sbin/
}

ssl() {
	pkgdesc="SSL/TLS module for the Apache HTTP Server"
	install="apache2-ssl.post-install"
	depends="apache2 libressl"

	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_ssl.so \
		"$subpkgdir"/usr/lib/apache2/mod_ssl.so || return 1
	_mv_conf ssl || return 1
	install -d "$subpkgdir"/etc/ssl/apache2 || return 1
}

ldap() {
	pkgdesc="LDAP authentication/authorization module for the Apache HTTP Server"
	url="http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html"
	depends="apache2 apr-util-ldap"

	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_*ldap.so \
		"$subpkgdir"/usr/lib/apache2/ || return 1
	_load_mods
}

webdav() {
	pkgdesc="WebDAV support for the Apache HTTP Server"
	depends="apache2"
	replaces="apache2"

	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_dav*.so \
		"$subpkgdir"/usr/lib/apache2/ || return 1
	_mv_conf dav
}

proxy_html() {
	pkgdesc="HTML and XML content filters for the Apache HTTP Server"
	depends="apache2"
	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_proxy_html.so \
		"$pkgdir"/usr/lib/apache2/mod_xml2enc.so \
		"$subpkgdir"/usr/lib/apache2/ || return 1
	_mv_conf proxy-html
}

proxy() {
	pkgdesc="Proxy modules for the Apache HTTP Server"
	depends="apache2"
	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_proxy*.so \
		"$pkgdir"/usr/lib/apache2/mod_lbmethod_*.so \
		"$subpkgdir"/usr/lib/apache2/ || return 1

	_load_mod watchdog
	_load_mods
}

_lua() {
	pkgdesc="Lua support for the Apache HTTP server"
	depends="apache2"
	install -d "$subpkgdir"/usr/lib/apache2 || return 1
	mv "$pkgdir"/usr/lib/apache2/mod_lua.so \
		"$subpkgdir"/usr/lib/apache2/ || return 1
	_load_mods
}
sha512sums="e74b2b3346d67be45a8bc8a7cbb8eabf5c403a5cfe5797a976f94a539529843fbcdf03b9ca0548816b2cf37f4ce0eb301f8d5af25b1270fdf8dd9f5bf0585269  httpd-2.4.33.tar.bz2
8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc  apache2.confd
18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b  apache2.logrotate
81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701  apache2.initd
177c58d049fc4476fd9b9b36b67725145777c84cf81948105c9314cb09312dff6c1931fe21aaa243597abaefded6c6dfd80d83839e45a23950b50de615d73b06  alpine.layout
166e123e149162b3140b96435927a985697b2507646f3d696578eae726e8c9d259469889527d7d4259791b130fe4b1b87f8be56574f3ea1272c27516beb06ae9  libressl-2.7.patch
361e0a74f6f8f5734f074dc2f2001ff64896ecc81f88ea384b6db7db33b7738eb92b4e16163b356259581a8e7dd86adeac971d36d2584abb781e8f9b8fae6356  0001-httpd.conf-ServerRoot.patch
40f3b7579c403952ba1efcb8dfd6ffd91c2695a06a2e5530ab5a583946558790fbfa16cad259d273ac1aa7a6335dd79636aa82fd844dc3a60a34c34d90db5e17  0002-httpd.conf-ServerTokens.patch
ad0c1711bc240f99cd0256d0984ad0142e03c384d30378ccca3e47cdd2596307e64bb19fbd810a56c0e4c0716577d3160bad2ae39783b1358412588bc729c113  0003-httpd.conf-ServerSignature.patch
49940950d5f71c671cd1257714a95f437899a694a26e8e8557868ba65b0888b218afe2eecfa676a0ded5ad0db67bdfb15c7e9cf85f536b4559007dc7461f4c07  0004-httpd.conf-User-Group.patch
165a016a2cb9969c25fa73fab90fba5662d916e4883abd223ac104579334424103c123009d41b6fe3fcd30070daa8c6bdbb2afbb2905d08e183ecb66018578a3  0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch
c27af4e0fa0b4d441534c452fd5f26e8ab28e737660c1eddf952f9a44d82c54abd1eb5e7c1b3da5191c5ecf0358fcd4e23b8fd241d805290a7c32a7fb3138a12  0006-httpd-dav.conf-DavLockDB.patch
90adca579c3c7dc69ce1f175b47acc9e9e33667d93bb33aead7cf286212f1bdb58062fcd4e01657a2bb8ea9a2ac90c7c95f4cb8f19a29f6366e28a7168240708  0007-httpd-ssl.conf-SSLSessionCache.patch
0bae3368dd64737ffc1b1aeaccbe21e597c5d497e45a5e9bc0e27c78091b9ead13690da37d28cdc5d285c58d82085720cdd627abc3b650d4f13a4cbf24021565  0008-httpd-ssl.conf-SSLRandomSeed.patch
a3b0827f86902ab05afb27ae7fef0a7b9984ef103cf3aea80651b5cfb239db99e477b077bee8d7f0e576471090055fe1a78238d746aae34bd397f3db1d0eac8f  0009-httpd-ssl.conf-SSL-File.patch
a3936713f8ffcbf2bb633035873249b94fa8ace9fdb758405264f075f755fbcfec4d08794f79e4699ab398fcd0049d1897b1fd5af62e1356780938ad08ac3a11  0010-httpd-ssl.conf-SSL-CipherSuite.patch
eb09b3bcbab70f6a48d5efe8fc4bd62cc2b3f46def97c09d8454b846a065c02d18bd846313c421897c8d13be728e4b2ca790e2a5c5c6add3821d9e572bacfab2  0011-httpd.conf-IncludeOptional.patch
695742f569720d7bad9306acc40456de3a12ff2ff3a108499afc3fed2e8b13883027c6e14a3fac3efe387a70386b958605b5bbfd0147ec06bb87fad30f3b66fa  0012-httpd.conf-MIMEMagicFile.patch
efbba3c3475bebe5c63ce8d6eaf153cf2c46188e282a65830571c8b7dbc1e657ab9ce160dc82e331097ac483fe632f5201fde6f3f5de32fe5c52dcc7dee66216  0013-httpd-.conf-IfModule.patch
56e7bb9743d153416b15c32bb5435e4cf85d84204a02f28767c8dcba08eec1ac302521d57ce74154d3e9f7a3644ab3f8a9318150e21f8559eb67e387087a0821  0014-httpd-.conf-LoadModule.patch"