1
0

uhttpd.init 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187
  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2010 Jo-Philipp Wich
  3. START=50
  4. USE_PROCD=1
  5. UHTTPD_BIN="/usr/sbin/uhttpd"
  6. PX5G_BIN="/usr/sbin/px5g"
  7. OPENSSL_BIN="/usr/bin/openssl"
  8. append_arg() {
  9. local cfg="$1"
  10. local var="$2"
  11. local opt="$3"
  12. local def="$4"
  13. local val
  14. config_get val "$cfg" "$var"
  15. [ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
  16. }
  17. append_bool() {
  18. local cfg="$1"
  19. local var="$2"
  20. local opt="$3"
  21. local def="$4"
  22. local val
  23. config_get_bool val "$cfg" "$var" "$def"
  24. [ "$val" = 1 ] && procd_append_param command "$opt"
  25. }
  26. generate_keys() {
  27. local cfg="$1"
  28. local key="$2"
  29. local crt="$3"
  30. local days bits country state location commonname
  31. config_get days "$cfg" days
  32. config_get bits "$cfg" bits
  33. config_get country "$cfg" country
  34. config_get state "$cfg" state
  35. config_get location "$cfg" location
  36. config_get commonname "$cfg" commonname
  37. # Prefer px5g for certificate generation (existence evaluated last)
  38. local GENKEY_CMD=""
  39. local UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"')
  40. [ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -sha256 -outform der -nodes"
  41. [ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned -der"
  42. [ -n "$GENKEY_CMD" ] && {
  43. $GENKEY_CMD \
  44. -days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
  45. -subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/O="${commonname:-Lede}$UNIQUEID"/CN="${commonname:-Lede}"
  46. sync
  47. mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"
  48. mv "${UHTTPD_CERT}.new" "${UHTTPD_CERT}"
  49. }
  50. }
  51. create_httpauth() {
  52. local cfg="$1"
  53. local prefix username password
  54. config_get prefix "$cfg" prefix
  55. config_get username "$cfg" username
  56. config_get password "$cfg" password
  57. if [ -z "$prefix" ] || [ -z "$username" ] || [ -z "$password" ]; then
  58. return
  59. fi
  60. echo "${prefix}:${username}:${password}" >>$httpdconf
  61. haveauth=1
  62. }
  63. start_instance()
  64. {
  65. UHTTPD_CERT=""
  66. UHTTPD_KEY=""
  67. local cfg="$1"
  68. local realm="$(uci_get system.@system[0].hostname)"
  69. local listen http https interpreter indexes path handler httpdconf haveauth
  70. procd_open_instance
  71. procd_set_param respawn
  72. procd_set_param stderr 1
  73. procd_set_param command "$UHTTPD_BIN" -f
  74. config_get config "$cfg" config
  75. if [ -z "$config" ]; then
  76. mkdir -p /var/etc/uhttpd
  77. httpdconf="/var/etc/uhttpd/httpd.${cfg}.conf"
  78. rm -f ${httpdconf}
  79. config_list_foreach "$cfg" httpauth create_httpauth
  80. if [ "$haveauth" = "1" ]; then
  81. procd_append_param command -c ${httpdconf}
  82. [ -r /etc/httpd.conf ] && cat /etc/httpd.conf >>/var/etc/uhttpd/httpd.${cfg}.conf
  83. fi
  84. fi
  85. append_arg "$cfg" home "-h"
  86. append_arg "$cfg" realm "-r" "${realm:-OpenWrt}"
  87. append_arg "$cfg" config "-c"
  88. append_arg "$cfg" cgi_prefix "-x"
  89. [ -f /usr/lib/uhttpd_lua.so ] && {
  90. config_get handler "$cfg" lua_handler
  91. [ -f "$handler" ] && append_arg "$cfg" lua_prefix "-l" && {
  92. procd_append_param command "-L" "$handler"
  93. }
  94. }
  95. [ -f /usr/lib/uhttpd_ubus.so ] && {
  96. append_arg "$cfg" ubus_prefix "-u"
  97. append_arg "$cfg" ubus_socket "-U"
  98. append_bool "$cfg" ubus_cors "-X" 0
  99. }
  100. append_arg "$cfg" script_timeout "-t"
  101. append_arg "$cfg" network_timeout "-T"
  102. append_arg "$cfg" http_keepalive "-k"
  103. append_arg "$cfg" tcp_keepalive "-A"
  104. append_arg "$cfg" error_page "-E"
  105. append_arg "$cfg" max_requests "-n" 3
  106. append_arg "$cfg" max_connections "-N"
  107. append_bool "$cfg" no_ubusauth "-a" 0
  108. append_bool "$cfg" no_symlinks "-S" 0
  109. append_bool "$cfg" no_dirlists "-D" 0
  110. append_bool "$cfg" rfc1918_filter "-R" 0
  111. config_get alias_list "$cfg" alias
  112. for alias in $alias_list; do
  113. procd_append_param command -y "$alias"
  114. done
  115. config_get http "$cfg" listen_http
  116. for listen in $http; do
  117. procd_append_param command -p "$listen"
  118. done
  119. config_get interpreter "$cfg" interpreter
  120. for path in $interpreter; do
  121. procd_append_param command -i "$path"
  122. done
  123. config_get indexes "$cfg" index_page
  124. for path in $indexes; do
  125. procd_append_param command -I "$path"
  126. done
  127. config_get https "$cfg" listen_https
  128. config_get UHTTPD_KEY "$cfg" key /etc/uhttpd.key
  129. config_get UHTTPD_CERT "$cfg" cert /etc/uhttpd.crt
  130. [ -f /lib/libustream-ssl.so ] && [ -n "$https" ] && {
  131. [ -s "$UHTTPD_CERT" -a -s "$UHTTPD_KEY" ] || {
  132. config_foreach generate_keys cert
  133. }
  134. [ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] && {
  135. append_arg "$cfg" cert "-C"
  136. append_arg "$cfg" key "-K"
  137. for listen in $https; do
  138. procd_append_param command -s "$listen"
  139. done
  140. }
  141. append_bool "$cfg" redirect_https "-q" 0
  142. }
  143. for file in /etc/uhttpd/*.json; do
  144. [ -s "$file" ] && procd_append_param command -H "$file"
  145. done
  146. procd_close_instance
  147. }
  148. service_triggers()
  149. {
  150. procd_add_reload_trigger "uhttpd"
  151. }
  152. start_service() {
  153. config_load uhttpd
  154. config_foreach start_instance uhttpd
  155. }