summaryrefslogtreecommitdiff
path: root/package/network/services/uhttpd/files/uhttpd.init
blob: 6b8be1c7e4a27aa8c91f6c801af0e8c01ba9214c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#!/bin/sh /etc/rc.common
# Copyright (C) 2010 Jo-Philipp Wich

START=50

USE_PROCD=1

UHTTPD_BIN="/usr/sbin/uhttpd"
PX5G_BIN="/usr/sbin/px5g"
OPENSSL_BIN="/usr/bin/openssl"

append_arg() {
	local cfg="$1"
	local var="$2"
	local opt="$3"
	local def="$4"
	local val

	config_get val "$cfg" "$var"
	[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
}

append_bool() {
	local cfg="$1"
	local var="$2"
	local opt="$3"
	local def="$4"
	local val

	config_get_bool val "$cfg" "$var" "$def"
	[ "$val" = 1 ] && procd_append_param command "$opt"
}

generate_keys() {
	local cfg="$1"
	local key="$2"
	local crt="$3"
	local days bits country state location commonname

	config_get days       "$cfg" days
	config_get bits       "$cfg" bits
	config_get country    "$cfg" country
	config_get state      "$cfg" state
	config_get location   "$cfg" location
	config_get commonname "$cfg" commonname

	# Prefer px5g for certificate generation (existence evaluated last)
	local GENKEY_CMD=""
	local UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"')
	[ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -sha256 -outform der -nodes"
	[ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned -der"
	[ -n "$GENKEY_CMD" ] && {
		$GENKEY_CMD \
			-days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
			-subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/O="${commonname:-Lede}$UNIQUEID"/CN="${commonname:-Lede}"
		sync
		mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"
		mv "${UHTTPD_CERT}.new" "${UHTTPD_CERT}"
	}
}

create_httpauth() {
	local cfg="$1"
	local prefix username password

	config_get prefix "$cfg" prefix
	config_get username "$cfg" username
	config_get password "$cfg" password

	if [ -z "$prefix" ] || [ -z "$username" ] || [ -z "$password" ]; then
		return
	fi
	echo "${prefix}:${username}:${password}" >>$httpdconf
	haveauth=1
}

start_instance()
{
	UHTTPD_CERT=""
	UHTTPD_KEY=""

	local cfg="$1"
	local realm="$(uci_get system.@system[0].hostname)"
	local listen http https interpreter indexes path handler httpdconf haveauth

	procd_open_instance
	procd_set_param respawn
	procd_set_param stderr 1
	procd_set_param command "$UHTTPD_BIN" -f

	config_get config "$cfg" config
	if [ -z "$config" ]; then
		mkdir -p /var/etc/uhttpd
		httpdconf="/var/etc/uhttpd/httpd.${cfg}.conf"
		rm -f ${httpdconf}
		config_list_foreach "$cfg" httpauth create_httpauth
		if [ "$haveauth" = "1" ]; then
			procd_append_param command -c ${httpdconf}
			[ -r /etc/httpd.conf ] && cat /etc/httpd.conf >>/var/etc/uhttpd/httpd.${cfg}.conf
		fi
	fi

	append_arg "$cfg" home "-h"
	append_arg "$cfg" realm "-r" "${realm:-OpenWrt}"
	append_arg "$cfg" config "-c"
	append_arg "$cfg" cgi_prefix "-x"
	[ -f /usr/lib/uhttpd_lua.so ] && {
		config_get handler "$cfg" lua_handler
		[ -f "$handler" ] && append_arg "$cfg" lua_prefix "-l" && {
			procd_append_param command "-L" "$handler"
		}
	}
	[ -f /usr/lib/uhttpd_ubus.so ] && {
		append_arg "$cfg" ubus_prefix "-u"
		append_arg "$cfg" ubus_socket "-U"
		append_bool "$cfg" ubus_cors "-X" 0
	}
	append_arg "$cfg" script_timeout "-t"
	append_arg "$cfg" network_timeout "-T"
	append_arg "$cfg" http_keepalive "-k"
	append_arg "$cfg" tcp_keepalive "-A"
	append_arg "$cfg" error_page "-E"
	append_arg "$cfg" max_requests "-n" 3
	append_arg "$cfg" max_connections "-N"

	append_bool "$cfg" no_ubusauth "-a" 0
	append_bool "$cfg" no_symlinks "-S" 0
	append_bool "$cfg" no_dirlists "-D" 0
	append_bool "$cfg" rfc1918_filter "-R" 0

	config_get alias_list "$cfg" alias
	for alias in $alias_list; do
		 procd_append_param command -y "$alias"
	done

	config_get http "$cfg" listen_http
	for listen in $http; do
		 procd_append_param command -p "$listen"
	done

	config_get interpreter "$cfg" interpreter
	for path in $interpreter; do
		procd_append_param command -i "$path"
	done

	config_get indexes "$cfg" index_page
	for path in $indexes; do
		procd_append_param command -I "$path"
	done

	config_get https "$cfg" listen_https
	config_get UHTTPD_KEY  "$cfg" key  /etc/uhttpd.key
	config_get UHTTPD_CERT "$cfg" cert /etc/uhttpd.crt

	[ -f /lib/libustream-ssl.so ] && [ -n "$https" ] && {
		[ -s "$UHTTPD_CERT" -a -s "$UHTTPD_KEY" ] || {
			config_foreach generate_keys cert
		}

		[ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] && {
			append_arg "$cfg" cert "-C"
			append_arg "$cfg" key  "-K"

			for listen in $https; do
				procd_append_param command -s "$listen"
			done
		}

		append_bool "$cfg" redirect_https "-q" 0
	}

	for file in /etc/uhttpd/*.json; do
		[ -s "$file" ] && procd_append_param command -H "$file"
	done

	procd_close_instance
}

service_triggers()
{
	procd_add_reload_trigger "uhttpd"
}

start_service() {
	config_load uhttpd
	config_foreach start_instance uhttpd
}