#!/bin/bash
-# needs:
+# script to update apache site configs
+#
+# this script is designed to be run under sudo by
+# the maintainers of our various apache2 vhosts.
+#
+# It checks the validity of the current apache config and
+# then updates one vhost config from the staging area that
+# is writeable by the user.
+#
+# This script ensures that the resulting apache config is then
+# still syntactically valid and reloads apache. If the new config
+# is not OK then the change is reverted.
+#
+# All config changes are tracked in RCS.
+#
+# needs something like this in sudoers:
# %apachectrl ALL=(root) /usr/sbin/restart-apache
-case $1 in
- restart)
- action="restart"
- ;;
- reload)
- action="reload"
- ;;
- *)
- echo "Usage: $0 [restart|reload]"
- ;;
-esac
-
-if [ -x /usr/sbin/apache2ctl ]; then
-
- /usr/sbin/apache2ctl configtest
-
- if [ "$?" != "0" ]; then
- env -i /etc/init.d/apache2 $action
- else
- echo "configtest returned errors, thus not restarting apache"
- exit 1
- fi
-else
- echo "Ehhh, there is no Apache2 on this machine"
- exit 2
+
+# Copyright (c) 2009 Peter Palfrader <peter@palfrader.org>
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+
+STATINGDIR="/etc/apache2/sites-staging"
+DESTINATION="/etc/apache2/sites-available"
+
+usage() {
+ bn="`basename "$0"`"
+ echo "Usage: $bn -r|--reload"
+ echo " $bn <site name>"
+ echo " $bn -h|--help"
+ echo
+ echo "-r ... only reload apache"
+ echo "-h .. print this text"
+ echo
+ echo "With no options copy site's config from etc/apache2/staging"
+ echo "to live config and reload."
+}
+
+if [ "$#" != 1 ]; then
+ usage >&2
+ exit 1
+fi
+if [ "$1" = "-h" ] || [ "$1" == "--help" ]; then
+ usage
+ exit 0
+fi
+
+if ! [ -x /usr/sbin/apache2ctl ]; then
+ echo "Ehhh, there is no Apache2 on this machine" >&2
+ exit 1
+fi
+
+# If the apache config is already broken, then don't do anything at all
+/usr/sbin/apache2ctl configtest
+if [ "$?" != "0" ]; then
+ echo "configtest returned errors already; not doing anything." >&2
+ exit 1
+fi
+
+if [ "$1" = "-r" ] || [ "$1" == "--reload" ]; then
+ env -i /etc/init.d/apache2 reload
+ exit 0
+fi
+
+
+site="$1"
+if echo "$site" | grep /; then
+ echo "Illegal site name" >&2
+ exit 1
+fi
+
+if ! [ -f "$STATINGDIR/$site" ]; then
+ echo "$STATINGDIR/$site does not exist or is not a file" >&2
+ exit 1
+fi
+
+rcsdiff -q "$DESTINATION/$site" > /dev/null
+if [ "$?" != "0" ]; then
+ echo "RCS reported uncommitted differences in live version; aborting." >&2
+ exit 1
+fi
+
+if diff "$STATINGDIR/$site" "$DESTINATION/$site" > /dev/null; then
+ echo "No differences, not doing anything." >&2
+ exit 1
+fi
+
+co -l "$DESTINATION/$site" < /dev/null
+if [ "$?" != "0" ]; then
+ echo "Could not get a lock/checkout $DESTINATION/$site." >&2
+ exit 1
+fi
+cp -f "$STATINGDIR/$site" "$DESTINATION/$site"
+
+/usr/sbin/apache2ctl configtest
+if [ "$?" != "0" ]; then
+ echo "configtest returned errors; reverting." >&2
+ rm -f "$DESTINATION/$site"
+ co "$DESTINATION/$site"
+ exit 1
+fi
+
+echo "update run by $USER($SUDO_USER) at `date -R -u` on `hostname -f`" | \
+ ci -u "$DESTINATION/$site"
+if [ "$?" != "0" ]; then
+ echo "Commit failed?" >&2
+ exit 1
fi
+env -i /etc/init.d/apache2 reload