Aegir and altering the apache conf file

Aegir and altering the apache conf file

Tue, 06/26/2012 - 12:24am

I got to dig a bit deeper that I would have liked recently into the bowels of aegir. I needed to alter the apache site .conf file. This is a file that is controlled by aegir, so if you modify it directly. It will surely change at the next verify.

The reality was that I needed to add basic authentication to a website prior to it's 'go live' date. I tried adding a '.htaccess' file into the sites/domain.com first. But this had no effect. So, that meant I needed to get those directives directly into the conf file that apache uses at startup. I could have reduced security by allowing the .htaccess file to work, but that seemed like the wrong approach.

This is done by creating a hook_provision_apache_vhost_config() function and storing it in the /var/aegir/.drush folder.

Below is a (slightly) edited version of what I used. I spent quit a bit of time documenting the second parameter ($data) that is passed into this function. I was looking for the base folder for the aegir platform that a 'site' was in. As I did not want to hard code this value and have it change in a few weeks/months due to an upgrade.

Notes:

#1) The filename and the function were originally defined for adding in an SSL directive for 'intermediate' CA key(s).

#2) Yes, I know I should not put the key files in the site directory. I will change that next. But I wanted to document a working system that I have found useful.

---------------------

<?php

/*
* Implementation of hook_provision_apache_vhost_config()
    $data layout - (partial)
        0: server
        1: application_name
        2: http_pred_path
        3: http_postd_path
        4: http_platformd_path
        5: http_vhostd_path
        6: http_port
        7: ip_address
        8: redirect_url
        9: db_type
        10: db_host
        11: db_port
        12: db_passwd
        13: db_name
        14: db_user
        15: packages
            0: platforms
                0: drupal
                    0: short_name
                    1: version
                    2: description
            1: profiles
                0: worxco
                    0: name
                    1: filename
                    2: project
                    3: info
                        0: name
                        1: description
                        2: version
                        3: core
                        4: dependencies
                        5: files
                        6: php
                        7: languages
                    4: version
                    5: status
            2: modules
            3: themes   
        16: site_ip_addresses
            0: @server_master
        17: installed
        18: config-file
        19: context_path
        20: extra_config
*/
function worx_ssl_provision_apache_vhost_config($uri, $data) {
  if ($uri == 'domain.com') {
    $d15_1_0_1 = $data['packages']['profiles']['worxco']['filename'];
    $filebase = explode('/profile', $d15_1_0_1);
    $rval[] = " ";
    // $rval[] = "  # Uri (p1): $uri";
    // $rval[] = "  # Data (p2): ". implode(",", $data);
    // $rval[] = " ";
    $rval[] = "  # -begin- provided by worx_ssl.drush.inc";
    $rval[] = "  <Directory \"" . $filebase[0] ."\">";
    $rval[] = '    AuthName "Private Domain"';
    $rval[] = "    AuthType Basic";
    $rval[] = "    AuthUserFile " . $filebase[0] . "/sites/" . $uri ."/.secret.passwd";
    $rval[] = "    require valid-user";
    $rval[] = "  </Directory>";
    $rval[] = "  # -end- provided by worx_ssl.drush.inc";
    $rval[] = " ";
    return $rval;
  }
}

Share this

We would love to help you in your business.

855.243.2035

Phone Icon

Contact Us

email icon