#!/bin/bash
# Copyright (C) 2004 Networks Associates Technology Inc.  All rights reserved.
# $Header: /cvs/WebShield/wsrc/ui/uiconf/config_ui,v 1.21 2004/06/21 14:57:08 bwhittak Exp $
# Configure webserver for WebShield administration GUI

if [ -f $NETAWSS/.profile.vars ]; then 
 . $NETAWSS/.profile.vars 
else 
 . /var/NAIENV/.profile.vars 
fi 
PATH=$wsPATH:$PATH
shopt -s extglob
exec </dev/null		# whatever stdin is we don't want it

# change to the directory where our files live
if [[ -d $NETAWSS/ui/uiconf ]]; then
    cd $NETAWSS/ui/uiconf
else
    echo "$0: $NETAWSS/ui/uiconf: not a directory!" >&2
    exit 1
fi

files='
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key
/etc/httpd/conf.d/ssl.conf
/usr/share/ssl/openssl.cnf
'

# save any existing files and install ours
for f in $files; do
    lf=${f##*/};
    [[ -f $f && ! -f $lf.rpmsave ]] && mv $f $lf.rpmsave
    rm -f $f
    [[ -f $lf ]] && cp $lf $f
done
/bin/sed --expression="s/WEBSHIELD_ALLOW_HOSTS/all/" ${NETAWSS}/ui/uiconf/httpd.conf > /etc/httpd/conf/httpd.conf
/bin/sed --expression="s/WEBSHIELD_ALLOW_HOSTS/all/" ${NETAWSS}/ui/uiconf/ssl.conf > /etc/httpd/conf.d/ssl.conf


# make link for downloading NAI-MIB.txt
ln -sf /var/NAIENV/NAI-MIB.txt "$UISTATIC/www/."

# make link for strings.js
ln -sf $XMLCONFDIR/strings.js "$UISTATIC/www/."

#############
# wsadmin
#############
DEST_HTTP_MOD_DIR=/usr/lib/httpd/modules
DEST_HTTP_CONF_DIR=/etc/httpd/conf.d
DEST_WSA_DIR=${NETAWSS}/ui/wsadmin
DEST_WSA_XMLDIR=${XMLCONFDIR}/wsadmin
proto_wsadmin=$NETAWSS/proto/xmlconfdir/wsadmin

SED_DEST_WSA_DIR=$(echo ${DEST_WSA_DIR} | sed -e 's/\//\\\//g')
SED_DEST_WSA_XMLDIR=$(echo ${DEST_WSA_XMLDIR} | sed -e 's/\//\\\//g')

# set the path to the module configuration file
sed \
	-e "s/PATH_TO_CFG_FILE/${SED_DEST_WSA_XMLDIR}\/wsadmin.xml/" \
	${DEST_WSA_DIR}/apache/wsadmin.conf >${DEST_HTTP_CONF_DIR}/wsadmin.conf
# install the module itself
(cd ${DEST_HTTP_MOD_DIR}; rm -f mod_wsadmin.so; ln -s ${DEST_WSA_DIR}/apache/mod_wsadmin.so .)
# set the config dir
/bin/rm -rf ${proto_wsadmin}
/bin/mkdir -p ${proto_wsadmin}
/bin/cp ${DEST_WSA_DIR}/config/* ${proto_wsadmin}
# set the path to the script directory
sed \
	-e "s/PATH_TO_SCRIPT_DIR/${SED_DEST_WSA_DIR}\/scripts/" \
	${DEST_WSA_DIR}/config/wsadmin.xml >${proto_wsadmin}/wsadmin.xml
chown -R root:apache ${DEST_WSA_DIR}
chown -R root:apache ${proto_wsadmin}
chmod -R o-xw ${DEST_WSA_DIR}
chmod ug+w ${proto_wsadmin}/users.xml
chmod ug+w ${proto_wsadmin}/access.xml
chmod ug+x ${DEST_WSA_DIR}/scripts/*
chmod u+s ${DEST_WSA_DIR}/scripts/surun


# generate SSL data
make_ssl_cert

