diff options
author | RaNaN <Mast3rRaNaN@hotmail.de> | 2010-03-16 21:28:01 +0100 |
---|---|---|
committer | RaNaN <Mast3rRaNaN@hotmail.de> | 2010-03-16 21:28:01 +0100 |
commit | 7186f5cc9f502cbdaf1245a2820a7dfb434f4e49 (patch) | |
tree | 7fbf10131925cfe399063c8e923240d1afadd42a /module | |
parent | Fixed Hotfile (diff) | |
download | pyload-7186f5cc9f502cbdaf1245a2820a7dfb434f4e49.tar.xz |
core ssl fix, nginx support, https for lighttpd and nginx
Diffstat (limited to 'module')
-rw-r--r-- | module/config/core_default.xml | 7 | ||||
-rw-r--r-- | module/web/ServerThread.py | 122 | ||||
-rw-r--r-- | module/web/servers/lighttpd_default.conf (renamed from module/web/lighttpd/lighttpd_default.conf) | 2 | ||||
-rw-r--r-- | module/web/servers/nginx_default.conf | 87 | ||||
-rw-r--r-- | module/web/settings.py | 4 |
5 files changed, 204 insertions, 18 deletions
diff --git a/module/config/core_default.xml b/module/config/core_default.xml index 4142efd2f..e21576ead 100644 --- a/module/config/core_default.xml +++ b/module/config/core_default.xml @@ -8,12 +8,13 @@ </remote> <ssl name="SSL"> <activated type="bool" name="Activated">False</activated> - <cert type="str" name="Remote Port">ssl.srt</cert> - <key type="str" name="Remote Port">ssl.key</key> + <cert type="str" name="SSL Certificate">ssl.crt</cert> + <key type="str" name="SSL Key">ssl.key</key> </ssl> <webinterface name="Webinterface"> <activated type="bool" name="Activated">True</activated> - <lighttpd type="bool" name="Use Lighttpd">False</lighttpd> + <server type="builtin;lighttpd;nginx;fastcgi" name="Server">builtin</server> + <https type="bool" name="Use HTTPS">False</https> <host type="ip" name="IP">0.0.0.0</host> <port type="int" name="Port">8001</port> <template type="str" name="Template">default</template> diff --git a/module/web/ServerThread.py b/module/web/ServerThread.py index 49fd9b055..b05b3d0dc 100644 --- a/module/web/ServerThread.py +++ b/module/web/ServerThread.py @@ -6,6 +6,7 @@ from subprocess import PIPE from subprocess import Popen from subprocess import call from sys import version_info +from sys import stdout import threading class WebServer(threading.Thread): @@ -13,10 +14,12 @@ class WebServer(threading.Thread): threading.Thread.__init__(self) self.pycore = pycore self.running = True - self.lighttpd = False + self.server = pycore.config['webinterface']['server'] + self.https = pycore.config['webinterface']['https'] self.setDaemon(True) def run(self): + avail = ["builtin"] host = self.pycore.config['webinterface']['host'] port = self.pycore.config['webinterface']['port'] path = join(self.pycore.path, "module", "web") @@ -31,48 +34,131 @@ class WebServer(threading.Thread): return None try: + import flup + avail.append("fastcgi") + except: + pass + + try: call(["lighttpd", "-v"], stdout=PIPE, stderr=PIPE) import flup - self.lighttpd = True + avail.append("lighttpd") + + except: + pass + + try: + call(["nginx", "-v"], stdout=PIPE, stderr=PIPE) + import flup + avail.append("nginx") + except: + pass + + + try: + if exists(self.pycore.config["ssl"]["cert"]) and exists(self.pycore.config["ssl"]["key"]): + if not exists("ssl.pem"): + key = file(self.pycore.config["ssl"]["key"], "rb") + cert = file(self.pycore.config["ssl"]["cert"], "rb") + + pem = file("ssl.pem", "wb") + pem.writelines(key.readlines()) + pem.writelines(cert.readlines()) + + key.close() + cert.close() + pem.close() + + else: + self.https = False + except: + self.https = False + + + if not self.server in avail: + self.server = "builtin" + + + if self.server == "nginx": - except Exception: - self.lighttpd = False + self.pycore.logger.info("Starting nginx Webserver: %s:%s" % (host, port)) + config = file(join(path, "servers", "nginx_default.conf"), "rb") + content = config.readlines() + config.close() + content = "".join(content) + + content = content.replace("%(path)", join(path, "servers")) + content = content.replace("%(host)", host) + content = content.replace("%(port)", port) + content = content.replace("%(media)", join(path, "media")) + content = content.replace("%(version)", ".".join(map(str, version_info[0:2]))) + + if self.https: + content = content.replace("%(ssl)", """ + ssl on; + ssl_certificate %s; + ssl_certificate_key %s; + """ % (self.pycore.config["ssl"]["cert"], self.pycore.config["ssl"]["key"])) + else: + content = content.replace("%(ssl)", "") - if self.lighttpd: + new_config = file(join(path, "servers", "nginx.conf"), "wb") + new_config.write(content) + new_config.close() + + command = ['python', join(self.pycore.path, "module", "web", "manage.py"), "runfcgi", "daemonize=false", "method=threaded", "host=127.0.0.1", "port=9295"] + self.p = Popen(command, stderr=PIPE, stdin=PIPE, stdout=Output(stdout)) + + command2 = ['nginx', '-c', join(path, "servers", "nginx.conf"),] + self.p2 = Popen(command2, stderr=PIPE, stdin=PIPE, stdout=PIPE) + + + elif self.server == "lighttpd": self.pycore.logger.info("Starting lighttpd Webserver: %s:%s" % (host, port)) - config = file(join(path, "lighttpd", "lighttpd_default.conf"), "rb") + config = file(join(path, "servers", "lighttpd_default.conf"), "rb") content = config.readlines() config.close() content = "".join(content) - content = content.replace("%(path)", join(path, "lighttpd")) + content = content.replace("%(path)", join(path, "servers")) content = content.replace("%(host)", host) content = content.replace("%(port)", port) content = content.replace("%(media)", join(path, "media")) content = content.replace("%(version)", ".".join(map(str, version_info[0:2]))) - new_config = file(join(path, "lighttpd", "lighttpd.conf"), "wb") + if self.https: + content = content.replace("%(ssl)", """ + ssl.engine = "enable" + ssl.pemfile = "%s" + ssl.ca-file = "%s" + """ % (join(self.pycore.path, "ssl.pem"), self.pycore.config["ssl"]["cert"])) + else: + content = content.replace("%(ssl)", "") + new_config = file(join(path, "servers", "lighttpd.conf"), "wb") new_config.write(content) new_config.close() command = ['python', join(self.pycore.path, "module", "web", "manage.py"), "runfcgi", "daemonize=false", "method=threaded", "host=127.0.0.1", "port=9295"] - self.p = Popen(command, stderr=PIPE, stdin=PIPE, stdout=PIPE) + self.p = Popen(command, stderr=PIPE, stdin=PIPE, stdout=Output(stdout)) - command2 = ['lighttpd', '-D', '-f', join(path, "lighttpd", "lighttpd.conf")] + command2 = ['lighttpd', '-D', '-f', join(path, "servers", "lighttpd.conf")] self.p2 = Popen(command2, stderr=PIPE, stdin=PIPE, stdout=PIPE) - else: + elif self.server == "builtin": self.pycore.logger.info("Starting django builtin Webserver: %s:%s" % (host, port)) command = ['python', join(self.pycore.path, "module", "web", "run_server.py"), "%s:%s" % (host, port)] self.p = Popen(command, stderr=PIPE, stdin=PIPE, stdout=PIPE) - + else: + #run fastcgi on port + command = ['python', join(self.pycore.path, "module", "web", "manage.py"), "runfcgi", "daemonize=false", "method=threaded", "host=127.0.0.1", "port=%s" % port] + self.p = Popen(command, stderr=PIPE, stdin=PIPE, stdout=Output(stdout)) def quit(self): try: - if self.lighttpd: + if self.server == "lighttpd" or self.server == "nginx": self.p.kill() self.p2.kill() return True @@ -85,3 +171,13 @@ class WebServer(threading.Thread): self.running = False + +class Output: + def __init__(self, stream): + self.stream = stream + def write(self, data): # Do nothing + return None + #self.stream.write(data) + #self.stream.flush() + def __getattr__(self, attr): + return getattr(self.stream, attr)
\ No newline at end of file diff --git a/module/web/lighttpd/lighttpd_default.conf b/module/web/servers/lighttpd_default.conf index 55272ce0a..e56dda35f 100644 --- a/module/web/lighttpd/lighttpd_default.conf +++ b/module/web/servers/lighttpd_default.conf @@ -149,3 +149,5 @@ url.rewrite-once = ( "^(/pyload.fcgi.*)$" => "$1", "^(/.*)$" => "/pyload.fcgi$1", ) + +%(ssl)
\ No newline at end of file diff --git a/module/web/servers/nginx_default.conf b/module/web/servers/nginx_default.conf new file mode 100644 index 000000000..2741ad6ff --- /dev/null +++ b/module/web/servers/nginx_default.conf @@ -0,0 +1,87 @@ +daemon off; +pid %(path)/nginx.pid; +worker_processes 2; + +error_log %(path)/error.log info; + +events { + worker_connections 1024; + use epoll; +} + +http { + include /etc/nginx/conf/mime.types; + default_type application/octet-stream; + + %(ssl) + + log_format main + '$remote_addr - $remote_user [$time_local] ' + '"$request" $status $bytes_sent ' + '"$http_referer" "$http_user_agent" ' + '"$gzip_ratio"'; + + error_log %(path)/error.log info; + + client_header_timeout 10m; + client_body_timeout 10m; + send_timeout 10m; + + client_body_temp_path %(path)/client_body_temp; + proxy_temp_path %(path)/proxy_temp; + fastcgi_temp_path %(path)/fastcgi_temp; + + + connection_pool_size 256; + client_header_buffer_size 1k; + large_client_header_buffers 4 2k; + request_pool_size 4k; + + gzip on; + gzip_min_length 1100; + gzip_buffers 4 8k; + gzip_types text/plain; + + output_buffers 1 32k; + postpone_output 1460; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 75 20; + + ignore_invalid_headers on; + + server { + listen %(port); + server_name %(host); + # site_media - folder in uri for static files + location ^~ /media { + root %(path)/..; + } + location ^~ /admin/media { + root /usr/lib/python%(version)/site-packages/django/contrib; + } +location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mov) { + access_log off; + expires 30d; +} + location / { + # host and port to fastcgi server + fastcgi_pass 127.0.0.1:9295; + fastcgi_param PATH_INFO $fastcgi_script_name; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_param SERVER_NAME $server_name; + fastcgi_param SERVER_PORT $server_port; + fastcgi_param SERVER_PROTOCOL $server_protocol; + fastcgi_pass_header Authorization; + fastcgi_intercept_errors off; + } + access_log %(path)/access.log main; + error_log %(path)/error.log; + } + } diff --git a/module/web/settings.py b/module/web/settings.py index 0e67e3674..b66015db0 100644 --- a/module/web/settings.py +++ b/module/web/settings.py @@ -8,7 +8,7 @@ import os.path import sys
import xmlrpclib
-SERVER_VERSION = "0.3.1"
+SERVER_VERSION = "0.3.2"
PROJECT_DIR = os.path.dirname(__file__)
@@ -25,7 +25,7 @@ config = XMLConfigParser(os.path.join(PYLOAD_DIR,"module","config","core.xml")) ssl = ""
-if config.get("ssl", "activated") == "True":
+if config.get("ssl", "activated"):
ssl = "s"
server_url = "http%s://%s:%s@%s:%s/" % (
|