# HG changeset patch # User John "Elwin" Edwards # Date 1483579709 18000 # Node ID 7f25bb89b59c70c08721f21a15c670b7360e14d2 # Parent f3843245a35edfd0171f98752751ff45a04f7311 Move RLGWebD configuration options into a configuration file. On startup, rlgwebd now reads /etc/rlgwebd.conf. If the options for HTTPS are not found, it will only use HTTP. diff -r f3843245a35e -r 7f25bb89b59c Makefile --- a/Makefile Sun Jan 01 20:18:01 2017 -0500 +++ b/Makefile Wed Jan 04 20:28:29 2017 -0500 @@ -23,6 +23,7 @@ mkdir -p ${CHROOT}/var/www cp ${WEBASSETS} ${CHROOT}/var/www cp rlgwebd.service /usr/lib/systemd/system + if test ! -f /etc/rlgwebd.conf; cp rlgwebd.conf /etc; fi # Libraries are not removed. Something else might be using them. uninstall: diff -r f3843245a35e -r 7f25bb89b59c rlgwebd --- a/rlgwebd Sun Jan 01 20:18:01 2017 -0500 +++ b/rlgwebd Wed Jan 04 20:28:29 2017 -0500 @@ -13,18 +13,35 @@ var pty = require("pty.js"); var WebSocketServer = require("websocket").server; -/* Configuration variables */ -// These first files are NOT in the chroot. -var domain_name = "rlgallery.org"; -var ctlsocket = "/var/run/rlgwebd.sock"; -var keyfile = "/etc/letsencrypt/live/" + domain_name + "/privkey.pem"; -var certfile = "/etc/letsencrypt/live/" + domain_name + "/cert.pem"; -var cafile = "/etc/letsencrypt/live/" + domain_name + "/chain.pem"; -var httpPort = 8080; -var httpsPort = 8081; -var chrootDir = "/var/dgl/"; -var dropToUser = "rodney"; -var serveStaticRoot = "/var/www/"; // inside the chroot +/* Default options */ +var rlgwebd_options = { + control_socket: "/var/run/rlgwebd.sock", + http_port: 8080, + https_port: 8081, + chrootDir: "/var/dgl/", + username: "rodney", + static_root: "/var/www/" +}; + +/* Read configuration from a file */ +var config_file = "/etc/rlgwebd.conf"; +var config_lines = fs.readFileSync(config_file).toString().split('\n'); +for (var i = 0; i < config_lines.length; i++) { + if (config_lines[i].length > 0 && config_lines[i][0] != '#') { + var config_fields = config_lines[i].split('='); + if (config_fields.length < 2) + continue; + var option_name = config_fields[0].trim(); + // This can't handle values containing '=' or whitespace at the end + var option_value = config_fields[1].trim(); + rlgwebd_options[option_name] = option_value; + } +} + +/* Should HTTPS be enabled? */ +if ("domain_name" in rlgwebd_options && "keyfile" in rlgwebd_options && + "certfile" in rlgwebd_options) + rlgwebd_options["use_https"] = true; var clearbufs = [ new Buffer([27, 91, 72, 27, 91, 50, 74]), // xterm: CSI H CSI 2J @@ -800,7 +817,7 @@ nname = "index.html"; if (nname.match(/\/$/)) path.join(nname, "index.html"); /* it was a directory */ - var realname = path.join(serveStaticRoot, nname); + var realname = path.join(rlgwebd_options.static_root, nname); var extension = path.extname(realname); fs.exists(realname, function (exists) { var resheaders = {}; @@ -1206,37 +1223,38 @@ var pwent; try { - pwent = posix.getpwnam(dropToUser); + pwent = posix.getpwnam(rlgwebd_options.username); } catch (err) { - tslog("Could not drop to user %s: user does not exist", dropToUser); + tslog("Could not drop to user %s: user does not exist", rlgwebd_options.username); process.exit(1); } /* This could be nonblocking, but nothing else can start yet anyway. */ -if (fs.existsSync(ctlsocket)) { - fs.unlinkSync(ctlsocket); +if (fs.existsSync(rlgwebd_options.control_socket)) { + fs.unlinkSync(rlgwebd_options.control_socket); } -var tls_options = { - key: fs.readFileSync(keyfile), - cert: fs.readFileSync(certfile), - ca: fs.readFileSync(cafile) +var tls_options = {}; +if (rlgwebd_options.use_https) { + tls_options.key = fs.readFileSync(rlgwebd_options.keyfile), + tls_options.cert = fs.readFileSync(rlgwebd_options.certfile), + tls_options.ca = fs.readFileSync(rlgwebd_options.cafile) }; /* Open the control socket before chrooting where it can't be found */ var ctlServer = net.createServer(function (sock) { sock.on('data', consoleHandler); }); -ctlServer.listen(ctlsocket, function () { +ctlServer.listen(rlgwebd_options.control_socket, function () { /* rlgwebd.js now assumes that it has been started by the rlgwebd shell * script, or some other method that detaches it and sets up stdio. */ /* chroot and drop permissions. posix.chroot() does chdir() itself. */ try { - posix.chroot(chrootDir); + posix.chroot(rlgwebd_options.chrootDir); } catch (err) { - tslog("chroot to %s failed: %s", chrootDir, err); + tslog("chroot to %s failed: %s", rlgwebd_options.chrootDir, err); process.exit(1); } try { @@ -1249,17 +1267,19 @@ process.exit(1); } httpServer = http.createServer(webHandler); - httpServer.listen(httpPort); - tslog('rlgwebd running on port %d', httpPort); + httpServer.listen(rlgwebd_options.http_port); + tslog('rlgwebd running on port %d', rlgwebd_options.http_port); wsServer = new WebSocketServer({"httpServer": httpServer}); wsServer.on("request", wsHandler); tslog('WebSockets are online'); + if (rlgwebd_options.use_https) { var httpsServer = https.createServer(tls_options, webHandler); - httpsServer.listen(httpsPort); - tslog('TLS running on port %d', httpsPort); - wssServer = new WebSocketServer({"httpServer": httpsServer}); - wssServer.on("request", wsHandler); - tslog('Secure WebSockets are online'); + httpsServer.listen(rlgwebd_options.https_port); + tslog('TLS running on port %d', rlgwebd_options.https_port); + wssServer = new WebSocketServer({"httpServer": httpsServer}); + wssServer.on("request", wsHandler); + tslog('Secure WebSockets are online'); + } progressWatcher = startProgressWatcher(); setInterval(pushStatus, 40000); }); diff -r f3843245a35e -r 7f25bb89b59c rlgwebd.conf --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/rlgwebd.conf Wed Jan 04 20:28:29 2017 -0500 @@ -0,0 +1,24 @@ +# Configuration file for RLGWebD +# Install in /etc + +# These values are set by default: +# Location of the socket for start/stop commands +#control_socket = /var/run/rlgwebd.sock +# Port number to bind +#http_port = 8080 +# Port number for HTTPS +#https_port = 8081 +# Path to the dgamelaunch installation to chroot into +# If you change this, change the Makefile too +#chrootDir = /var/dgl/ +# User account to drop to +#username = rodney +# Path within the chroot where static Web files are located +#static_root = /var/www/ + +# Domain name +domain_name = rlgallery.org +# SSL key and certs +keyfile = /etc/letsencrypt/live/rlgallery.org/privkey.pem +certfile = /etc/letsencrypt/live/rlgallery.org/cert.pem +cafile = /etc/letsencrypt/live/rlgallery.org/chain.pem