summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdrian Rossouw2010-04-12 22:12:37 +0200
committerAdrian Rossouw2010-04-12 22:12:37 +0200
commit915cbd856efa3e06ef1fc0f72fcbb7011e81b1a4 (patch)
treefd9c0136973dd5b73628c365275fe1bc1c4bc2cc
parent02fd313fd2f8e6326fad734c7c05744fb0242709 (diff)
parentb0d9013969005de9defa0f2d3d31c859d41e6687 (diff)
Merge branch 'master' into dev_server_verifydev_server_verify
Conflicts: install.sh.txt web_server/provision_apache.drush.inc
-rw-r--r--HINTS_CentOS.txt4
-rw-r--r--HINTS_Solaris.txt2
-rw-r--r--INSTALL.txt8
-rw-r--r--UPGRADE.txt27
-rw-r--r--db_server/backup.provision.inc2
-rw-r--r--db_server/provision_mysql.drush.inc14
-rw-r--r--install.sh.txt35
-rw-r--r--platform/backup.provision.inc11
-rw-r--r--platform/backupmigrate/README.txt3
-rw-r--r--platform/backupmigrate/provision_backupmigrate.drush.inc0
-rw-r--r--platform/backupmigrate/provision_backupmigrate.info6
-rw-r--r--platform/backupmigrate/verify.provision.inc11
-rw-r--r--platform/drupal/deploy.inc4
-rw-r--r--platform/provision_drupal.drush.inc22
-rw-r--r--platform/provision_drupal_htaccess.tpl.php91
-rw-r--r--platform/provision_drupal_settings.tpl.php10
-rw-r--r--platform/verify.provision.inc7
-rw-r--r--provision.drush.inc12
-rw-r--r--ssl/provision_ssl.drush.inc8
-rw-r--r--web_server/provision_apache.drush.inc12
-rw-r--r--web_server/provision_apache_platform.tpl.php3
-rw-r--r--web_server/provision_apache_server.tpl.php10
22 files changed, 160 insertions, 142 deletions
diff --git a/HINTS_CentOS.txt b/HINTS_CentOS.txt
index 487f1c3..337385d 100644
--- a/HINTS_CentOS.txt
+++ b/HINTS_CentOS.txt
@@ -49,8 +49,8 @@ Shell commands::
useradd --home-dir /var/aegir aegir
gpasswd -a aegir www-data
chmod -R 755 /var/aegir
- # Include the Aegir config
- echo "Include /var/aegir/config/vhost.d/" > /etc/httpd/conf.d/aegir.conf
+ # Include the Aegir configs
+ ln -s /var/aegir/config/apache.conf /etc/httpd/conf.d/aegir.conf
service mysqld start
# Optional: set the mysql root password
mysqladmin password $password
diff --git a/HINTS_Solaris.txt b/HINTS_Solaris.txt
index 4b6af0e..9c1661b 100644
--- a/HINTS_Solaris.txt
+++ b/HINTS_Solaris.txt
@@ -58,7 +58,7 @@ Shell commands::
groupadd aegir
useradd -g aegir -G webservd -d /var/aegir -s /bin/bash -c "Aegir sandbox" aegir
chown aegir:aegir /var/aegir
- echo "Include /var/aegir/config/vhost.d/" >> /etc/apache2/httpd.conf
+ echo "Include /var/aegir/config/apache.conf" >> /etc/apache2/httpd.conf
MySQL commands::
# Replace 'aegir_password' with the chosen password for 'aegir' mysql account
diff --git a/INSTALL.txt b/INSTALL.txt
index 6bd141b..c0fa29a 100644
--- a/INSTALL.txt
+++ b/INSTALL.txt
@@ -156,8 +156,12 @@ you can place include that file in your apache.conf/httpd.conf. We
prefer the former. In other systems there are similar ways to accomplish
this. Consult your OS's documentation if unsure.
+If you are on a Debian-based system, you will also need to enable the
+mod_rewrite module manually.
+
Shell commands as root::
+ a2enmod rewrite
ln -s /var/aegir/config/apache.conf /etc/apache2/conf.d/aegir.conf
@@ -212,9 +216,9 @@ the official release.). You can modify which version to install by editing the
AEGIR_VERSION variable in the script.
The install script is shipped with other default settings that you will likely
-need to change (such as the URL of the Aegir site) prior to running it.
+need to change, especially the value of AEGIR_DOMAIN to match the URL of your site.
-You can change which release to install or other parameters such as these
+You can also change which release to install or other parameters such as these
through options passed to the script. Run "sh install.sh.txt -h" for more
information on the available options.
diff --git a/UPGRADE.txt b/UPGRADE.txt
index 025d75d..05c3092 100644
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@@ -36,9 +36,9 @@ you are reading this document.
Shell commands::
export AEGIR_VERSION=HEAD
- export DRUPAL_DIR=/var/aegir/hostmaster-$AEGIR_TAG
+ export DRUPAL_DIR=/var/aegir/hostmaster-$AEGIR_VERSION
export OLD_DRUPAL_DIR=/var/aegir/drupal-6.14
- export DRUSH_VERSION=6.x-3.0-alpha1.tar.gz
+ export DRUSH_VERSION=All-versions-3.0-beta1
export DRUSH_MAKE_VERSION=6.x-2.0-beta6
This document also assumes drush is installed properly and we use an
@@ -159,13 +159,22 @@ and a single apache.conf. The vhost.d directory is for virtual hosts,
platform.d is for platform-specific configuration and apache.conf is the
server-wide configuration file.
-You will need to move all platform_* configuration file to the
-platform.d directory for Aegir to operate properly. Failure to do so
-will yield unpredictable results as multiple definitions will be loaded
-by Apache for the same platform. This can be fixed by doing:
+After you have completed the migration process as outlined above,
+you will need to change the line you added to either the httpd.conf file
+or /etc/apache2/conf.d/aegir file during installation.
+Open your httpd.conf file and modify :
-Shell commands::
+ Include /var/aegir/config/vhost.d
+
+To read :
+
+ Include /var/aegir/config/apache.conf
+
+You will also need to create the following directories :
+
+ /var/aegir/config/platform.d
+ /var/aegir/config/apache.d
- mkdir /var/aegir/config/platform.d/
- mv /var/aegir/config/vhost.d/platform_*.conf /var/aegir/config/platform.d/
+Now log into Aegir, and verify the hostmaster platform. This will generate
+the correct apache.conf file and restart apache.
diff --git a/db_server/backup.provision.inc b/db_server/backup.provision.inc
index e3e6f75..5782219 100644
--- a/db_server/backup.provision.inc
+++ b/db_server/backup.provision.inc
@@ -21,7 +21,7 @@ function drush_provision_mysql_pre_provision_backup($url = NULL) {
host=%s
user=%s
password=%s
-', drush_get_option('db_host'), drush_get_option('db_user'), drush_get_option('db_passwd'));
+', drush_get_option('db_host'), urldecode(drush_get_option('db_user')), urldecode(drush_get_option('db_passwd')));
$descriptorspec = array(
// 0 => array("pipe", "r"), // this would be stdin, but we don't need to input into mysqldump
diff --git a/db_server/provision_mysql.drush.inc b/db_server/provision_mysql.drush.inc
index 396fae6..983a882 100644
--- a/db_server/provision_mysql.drush.inc
+++ b/db_server/provision_mysql.drush.inc
@@ -277,15 +277,7 @@ function _provision_mysql_suggest_db_name($url) {
*
*/
function _provision_mysql_grant_host($db_host, $web_ip, $web_host) {
- // The database hostname is localhost, not defined or on the same ip/host as the webserver.
- if (in_array($db_host, array('127.0.0.1', 'localhost', '', $web_ip, $web_host))) {
- $grant = 'localhost';
- }
- // if we have the web ip, use that first.
- elseif ($web_ip) {
- $grant = $web_ip;
- } else {
- $grant = $web_host;
- }
- return $grant;
+ $result = provision_db_result(provision_db_query("select current_user()"));
+ preg_match('/^.*@(.*)$/', $result, $matches);
+ return $matches[1];
}
diff --git a/install.sh.txt b/install.sh.txt
index 51f84ac..949175b 100644
--- a/install.sh.txt
+++ b/install.sh.txt
@@ -35,8 +35,7 @@ AEGIR_VERSION=HEAD
AEGIR_HOME=$HOME
WEB_GROUP=www-data
# doesn't exist yet, but we need drush_prompt in HEAD
-DRUSH_VERSION=6.x-3.0-beta2
-DRUSH_MAKE_VERSION=6.x-2.0-beta6
+DRUSH_VERSION=All-versions-3.0-rc3
# when adding a variable here, add it to the display below
@@ -140,6 +139,7 @@ fi
msg "Creating basic directory structure"
mkdir -p $AEGIR_HOME/config/vhost.d
mkdir -p $AEGIR_HOME/config/platform.d
+mkdir -p $AEGIR_HOME/config/apache.d
mkdir -p $AEGIR_HOME/backups
chmod 0711 $AEGIR_HOME/config
chmod 0700 $AEGIR_HOME/backups
@@ -175,7 +175,7 @@ else
$DRUSH dl drush_make-$DRUSH_MAKE_VERSION --destination=$AEGIR_HOME/.drush
fi
-if $DRUSH help | grep "^ provision install" > /dev/null ; then
+if $DRUSH help | grep "^ provision-install" > /dev/null ; then
msg "Provision already seems to be installed"
else
msg "Installing provision backend in $AEGIR_HOME/.drush"
@@ -190,8 +190,37 @@ else
fi
fi
+<<<<<<< HEAD
# this will prompt the user for the database password if not provided through stdin in JSON
$DRUSH provision-server --parent_path=$AEGIR_HOME --web_group=$WEB_GROUP --drush_path=$DRUSH
+=======
+# this should be handled by provision server verification, as it is a
+# duplicate of web_server/provision_apache_server.tpl.php
+# http://drupal.org/node/586000
+if [ ! -f $AEGIR_HOME/config/apache.conf ]; then
+ cat > $AEGIR_HOME/config/apache.conf <<EOF
+NameVirtualHost *:80
+<IfModule ssl_module>
+ NameVirtualHost *:443
+</IfModule>
+
+<IfModule !env_module>
+ LoadModule env_module modules/mod_env.so
+</IfModule>
+
+<IfModule !rewrite_module>
+ LoadModule rewrite_module modules/mod_rewrite.so
+</IfModule>
+
+# virtual hosts
+Include $AEGIR_HOME/config/vhost.d/
+# platforms
+Include $AEGIR_HOME/config/platform.d/
+# other configuration, not touched by aegir
+Include $AEGIR_HOME/config/apache.d/
+EOF
+fi
+>>>>>>> master
msg "Aegir provision backend installed successfully"
diff --git a/platform/backup.provision.inc b/platform/backup.provision.inc
index df75f76..58d39c8 100644
--- a/platform/backup.provision.inc
+++ b/platform/backup.provision.inc
@@ -70,3 +70,14 @@ function drush_provision_drupal_provision_backup($url) {
drush_set_error('PROVISION_BACKUP_FAILED', dt("Could not back up sites directory for drupal"));
}
}
+
+/**
+ * Remove the backup file if something went wrong
+ */
+function drush_provision_drupal_provision_backup_rollback() {
+ $backup_file = drush_get_option('backup_file');
+ if (file_exists($backup_file)) {
+ provision_path('unlink', $backup_file, TRUE,
+ dt("Removed stale backup file $backup_file"), dt("Failed deleting backup file $backup_file"));
+ }
+}
diff --git a/platform/backupmigrate/README.txt b/platform/backupmigrate/README.txt
new file mode 100644
index 0000000..4c15176
--- /dev/null
+++ b/platform/backupmigrate/README.txt
@@ -0,0 +1,3 @@
+This provision extension is designed to enforce privacy of backups in the backup_migrate module.
+
+http://drupal.org/node/642948
diff --git a/platform/backupmigrate/provision_backupmigrate.drush.inc b/platform/backupmigrate/provision_backupmigrate.drush.inc
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/platform/backupmigrate/provision_backupmigrate.drush.inc
diff --git a/platform/backupmigrate/provision_backupmigrate.info b/platform/backupmigrate/provision_backupmigrate.info
new file mode 100644
index 0000000..9c10c1f
--- /dev/null
+++ b/platform/backupmigrate/provision_backupmigrate.info
@@ -0,0 +1,6 @@
+name = Provision: backup_migrate
+description = Backup migrate specific configuration
+package = Provision
+dependencies[] = provision
+
+core = 6.x
diff --git a/platform/backupmigrate/verify.provision.inc b/platform/backupmigrate/verify.provision.inc
new file mode 100644
index 0000000..eea950b
--- /dev/null
+++ b/platform/backupmigrate/verify.provision.inc
@@ -0,0 +1,11 @@
+<?php
+
+/**
+ * Inject the relevant .htacces configuration into the global apache configuration
+ */
+function provision_backupmigrate_provision_apache_dir_config($data = null) {
+ return <<<EOF
+ RewriteRule sites/%{SERVER_NAME}/files/backup_migrate - [F]
+ RewriteRule files/backup_migrate - [F]
+EOF;
+}
diff --git a/platform/drupal/deploy.inc b/platform/drupal/deploy.inc
index ea9a9e3..185fed0 100644
--- a/platform/drupal/deploy.inc
+++ b/platform/drupal/deploy.inc
@@ -2,7 +2,7 @@
// $Id$
$new_url = drush_get_option('site_url');
-$old_url = drush_get_option('site_url', 'site');
+$old_url = drush_get_option('site_url', '', 'site');
/**
* @file
@@ -15,7 +15,7 @@ drush_log(
dt('Changed paths from sites/@old_url to sites/@new_url',
array('@old_url' => $old_url, '@new_url' => $new_url)));
-db_query("UPDATE {files} SET filepath=replace(filepath, 'sites/%', 'sites/%')", $old_url, $new_url);
+db_query("UPDATE {files} SET filepath=replace(filepath, 'sites/%s', 'sites/%s')", $old_url, $new_url);
db_query("UPDATE {users} SET picture = replace(picture, 'sites/%s', 'sites/%s')", $old_url, $new_url);
variable_set('file_directory_path', "sites/$new_url/files");
variable_set('file_directory_temp', "sites/$new_url/files/tmp");
diff --git a/platform/provision_drupal.drush.inc b/platform/provision_drupal.drush.inc
index 9d37cf8..c15328f 100644
--- a/platform/provision_drupal.drush.inc
+++ b/platform/provision_drupal.drush.inc
@@ -445,10 +445,6 @@ function provision_find_packages() {
$packages['profiles'][$profile] = _provision_find_packages('profiles', $profile);
}
- // Iterate through the sites, finding site specific packages
- foreach (drush_get_option('sites', array()) as $site) {
- $packages['sites'][$site] = _provision_find_packages('sites', $site);
- }
return $packages;
}
@@ -501,6 +497,11 @@ function provision_drupal_system_map() {
$packages['profiles'][$profile]->status = 1;
foreach (_provision_system_query("module") as $module) {
+ $frags = explode("/", $module->filename);
+ // ignore site-specific modules
+ if ($frags[0] == 'sites' && $frags[1] != 'all') {
+ continue;
+ }
$info_file = sprintf("%s/%s.info", dirname($module->filename), $module->name);
$module->info = provision_parse_info_file($info_file);
@@ -514,7 +515,13 @@ function provision_drupal_system_map() {
drush_log(dt("Found !count modules", array('!count' => sizeof($packages['modules']))));
+ // XXX: mostly a copy-paste from above
foreach (_provision_system_query("theme") as $theme) {
+ $frags = explode("/", $theme->filename);
+ // ignore site-specific themes
+ if ($frags[0] == 'sites' && $frags[1] != 'all') {
+ continue;
+ }
$info_file = sprintf("%s/%s.info", dirname($theme->filename), $theme->name);
$theme->info = provision_parse_info_file($info_file);
_provision_cvs_deploy($theme);
@@ -571,7 +578,7 @@ function _provision_drupal_find_modules($scope, $key = '') {
$source = str_replace("\r\n", "\n", $source);
$source = str_replace("\r", "\n", $source);
$function_matches = array();
- preg_match_all('!function\s*&?([a-zA-Z0-9_]+)_update_([0-9]+)\(.*?\s*\{!', $source, $function_matches);
+ preg_match_all('!function\s*&?([a-zA-Z0-9_]+)_update_([0-9]+)\s*\(.*?\s*\{!', $source, $function_matches);
if (sizeof($function_matches[0])) {
$schema_version = max($function_matches[2]);
@@ -604,7 +611,10 @@ function provision_parse_info_file($filename) {
}
/**
- * Set up the $_SERVER environment variable so that drupal can correctly parse the settings.php file
+ * Set up the $_SERVER environment variable so that drupal can correctly parse the settings.php file.
+ * The real credentials are stored in the Apache vhost of the relevant site, to prevent leaking of
+ * sensitive data to site administrators with PHP access who might otherwise access such credentials
+ * potentially of other sites' settings.php in a multisite set-up.
*/
function provision_prepare_environment() {
$fields = array('db_type', 'db_host', 'db_user', 'db_passwd', 'db_name');
diff --git a/platform/provision_drupal_htaccess.tpl.php b/platform/provision_drupal_htaccess.tpl.php
deleted file mode 100644
index baa0062..0000000
--- a/platform/provision_drupal_htaccess.tpl.php
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# Apache/PHP/Drupal settings:
-#
-
-# Protect files and directories from prying eyes.
-<FilesMatch "\.(engine|inc|info|install|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl|svn-base)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template|all-wcprops|entries|format)$">
- Order allow,deny
-</FilesMatch>
-
-# Don't show directory listings for URLs which map to a directory.
-Options -Indexes
-
-# Follow symbolic links in this directory.
-Options +FollowSymLinks
-
-# Make Drupal handle any 404 errors.
-ErrorDocument 404 /index.php
-
-# Force simple error message for requests for non-existent favicon.ico.
-<Files favicon.ico>
- # There is no end quote below, for compatibility with Apache 1.3.
- ErrorDocument 404 "The requested file favicon.ico was not found.
-</Files>
-
-# Set the default handler.
-DirectoryIndex index.php
-
-# Override PHP settings. More in sites/default/settings.php
-# but the following cannot be changed at runtime.
-
-# PHP 4, Apache 1.
-<IfModule mod_php4.c>
- php_value magic_quotes_gpc 0
- php_value register_globals 0
- php_value session.auto_start 0
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_value mbstring.encoding_translation 0
-</IfModule>
-
-# PHP 4, Apache 2.
-<IfModule sapi_apache2.c>
- php_value magic_quotes_gpc 0
- php_value register_globals 0
- php_value session.auto_start 0
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_value mbstring.encoding_translation 0
-</IfModule>
-
-# PHP 5, Apache 1 and 2.
-<IfModule mod_php5.c>
- php_value magic_quotes_gpc 0
- php_value register_globals 0
- php_value session.auto_start 0
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_value mbstring.encoding_translation 0
-</IfModule>
-
-# Requires mod_expires to be enabled.
-<IfModule mod_expires.c>
- # Enable expirations.
- ExpiresActive On
-
- # Cache all files for 2 weeks after access (A).
- ExpiresDefault A1209600
-
- <FilesMatch \.php$>
- # Do not allow PHP scripts to be cached unless they explicitly send cache
- # headers themselves. Otherwise all scripts would have to overwrite the
- # headers set by mod_expires if they want another caching behavior. This may
- # fail if an error occurs early in the bootstrap process, and it may cause
- # problems if a non-Drupal PHP file is installed in a subdirectory.
- ExpiresActive Off
- </FilesMatch>
-</IfModule>
-
-# Various rewrite rules.
-<IfModule mod_rewrite.c>
- RewriteEngine on
-
- # allow files to be accessed without /sites/fqdn/
- RewriteRule ^files/(.*)$ /sites/%{HTTP_HOST}/files/$1 [L]
-
- # Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_URI} !=/favicon.ico
- RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
-</IfModule>
diff --git a/platform/provision_drupal_settings.tpl.php b/platform/provision_drupal_settings.tpl.php
index b90296c..ff1b449 100644
--- a/platform/provision_drupal_settings.tpl.php
+++ b/platform/provision_drupal_settings.tpl.php
@@ -1,4 +1,12 @@
-
+ /**
+ * The database credentials are stored in the Apache vhost config
+ * of the associated site with SetEnv parameters.
+ * They are called here with $_SERVER environment variables to
+ * prevent sensitive data from leaking to site administrators
+ * with PHP access, that potentially might be of other sites in
+ * Drupal's multisite set-up.
+ * This is a security measure implemented by the Aegir project.
+ */
$databases['default']['default'] = array(
'driver' => urldecode($_SERVER['db_type']),
'database' => urldecode($_SERVER['db_name']),
diff --git a/platform/verify.provision.inc b/platform/verify.provision.inc
index 7c313c3..8f13e13 100644
--- a/platform/verify.provision.inc
+++ b/platform/verify.provision.inc
@@ -67,9 +67,14 @@ function drush_provision_drupal_post_provision_verify($url = NULL) {
* @see hook_provision_apache_dir_config()
*/
function provision_drupal_provision_apache_dir_config($data = null) {
- $htaccess = file_get_contents(dirname(__FILE__) . "/provision_drupal_htaccess.tpl.php");
+ $htaccess = file_get_contents(drush_get_option('publish_path') . '/.htaccess');
$htaccess .= <<<EOF
+<IfModule mod_rewrite.c>
+ # allow files to be accessed without /sites/fqdn/
+ RewriteRule ^files/(.*)$ /sites/%{HTTP_HOST}/files/$1 [L]
+</IfModule>
+
# Do not read the platform's .htaccess
AllowOverride none
diff --git a/provision.drush.inc b/provision.drush.inc
index 90fe49f..1fa8061 100644
--- a/provision.drush.inc
+++ b/provision.drush.inc
@@ -300,11 +300,13 @@ function _provision_default_web_group() {
*/
function provision_count_cpus() {
$ncpus = FALSE;
- # this should work on Linux with a /proc filesystem
- $cpuinfo = file_get_contents("/proc/cpuinfo");
- if ($cpuinfo !== FALSE) {
- if (preg_match_all("/^processor.*:.*[0-9]+$/m", $cpuinfo, $matches)) {
- $ncpus = count(array_pop($matches));
+ if (file_exists("/proc/cpuinfo")) {
+ # this should work on Linux with a /proc filesystem
+ $cpuinfo = file_get_contents("/proc/cpuinfo");
+ if ($cpuinfo !== FALSE) {
+ if (preg_match_all("/^processor.*:.*[0-9]+$/m", $cpuinfo, $matches)) {
+ $ncpus = count(array_pop($matches));
+ }
}
}
return $ncpus;
diff --git a/ssl/provision_ssl.drush.inc b/ssl/provision_ssl.drush.inc
index e0431ec..01846e5 100644
--- a/ssl/provision_ssl.drush.inc
+++ b/ssl/provision_ssl.drush.inc
@@ -31,10 +31,12 @@ function provision_ssl_provision_apache_vhost_config($url, $options) {
$newoptions['site_port'] = 80;
provision_write_config(drush_get_option('vhost_path') . '/' . $url . '_80', _provision_apache_redirect_template(), $newoptions);
}
- return array("php_value session.cookie_secure 1", "SSLEngine On");
- } else {
- return NULL;
+ $newoptions = $options;
+ $newoptions['site_port'] = 443;
+ $newoptions['extra_config'] = "php_value session.cookie_secure 1\nSSLEngine On\n";
+ provision_write_config(drush_get_option('vhost_path') . '/' . $url . '_443', _provision_apache_default_template(), $newoptions);
}
+ return NULL;
}
/**
diff --git a/web_server/provision_apache.drush.inc b/web_server/provision_apache.drush.inc
index 40eaeb6..4270bb7 100644
--- a/web_server/provision_apache.drush.inc
+++ b/web_server/provision_apache.drush.inc
@@ -188,6 +188,11 @@ function _provision_apache_create_platform_config($url) {
$writable = provision_path("writable", drush_get_option('platform_conf_path'), TRUE , NULL, dt("Platform configuration path @path is not writable."), 'PROVISION_VHOST_PATH_NOT_WRITABLE');
if ($writable) {
+ // remove the old path first.
+ $oldfile = drush_get_option('vhost_path') . '/' . $file;
+ if (file_exists($oldfile) && is_writable($oldfile)) {
+ unlink($oldfile);
+ }
return provision_write_config(drush_get_option('platform_conf_path') . '/' . $file, _provision_apache_platform_template(), $data);
} else {
return $writable;
@@ -219,7 +224,12 @@ function _provision_apache_create_server_config() {
'PROVISION_VHOST_PATH_NOT_WRITABLE');
if ($writable) {
- return provision_write_config($file, $template, $options);
+ // remove the old path first.
+ $oldfile = drush_get_option('vhost_path') . '/' . drush_get_option('web_host') . '.server';
+ if (file_exists($oldfile) && is_writable($oldfile)) {
+ unlink($oldfile);
+ }
+ return provision_write_config(drush_get_option('config_path') .'/apache.conf', $template, $options);
} else {
return $writable;
}
diff --git a/web_server/provision_apache_platform.tpl.php b/web_server/provision_apache_platform.tpl.php
index b1982d8..a9515c0 100644
--- a/web_server/provision_apache_platform.tpl.php
+++ b/web_server/provision_apache_platform.tpl.php
@@ -1,7 +1,4 @@
<Directory <?php print $publish_path; ?>>
-
- Options Indexes FollowSymLinks MultiViews
- AllowOverride All
Order allow,deny
Allow from all
<?php print $extra_config; ?>
diff --git a/web_server/provision_apache_server.tpl.php b/web_server/provision_apache_server.tpl.php
index 3c643c2..fbd81b8 100644
--- a/web_server/provision_apache_server.tpl.php
+++ b/web_server/provision_apache_server.tpl.php
@@ -3,6 +3,11 @@
<?php if (is_array($web_ports)) :
foreach ($web_ports as $web_port) :?>
NameVirtualHost *:<?php print $web_port; ?>
+
+ <VirtualHost *:<?php print $web_port; ?>>
+ ServerName default
+ Redirect 404 /
+ </VirtualHost>
<?php
endforeach;
@@ -17,7 +22,12 @@ endif;
LoadModule rewrite_module modules/mod_rewrite.so
</IfModule>
+# virtual hosts
Include <?php print $config_path ?>/vhost.d/
+# platforms
Include <?php print $config_path ?>/platform.d/
+# other configuration, not touched by aegir
+Include <?php print $config_path ?>/apache.d/
+
<?php print $extra_config; ?>