From 29fb134633b874134b72e339ba6e26ae9b5f1a33 Mon Sep 17 00:00:00 2001 From: "J. King" Date: Fri, 22 Dec 2023 13:27:02 -0500 Subject: [PATCH] First steps in supporting php-legacy in Arc This sorts out HTTP servers, hopefully. Adaptation for systemd and documentation are still required --- dist/apache/arsse-fcgi.conf | 5 +++++ dist/apache/arsse-loc.conf | 14 +++++++------- dist/apache/arsse.conf | 5 ----- dist/arch/PKGBUILD | 12 ++++++++---- dist/arch/apache-arsse-fcgi.conf | 6 ++++++ dist/arch/arsse | 26 ++++++++++++++++++++++++++ dist/arch/ngninx-arsse-fcgi.conf | 16 ++++++++++++++++ dist/nginx/arsse-fcgi.conf | 3 +++ dist/nginx/arsse.conf | 4 ---- 9 files changed, 71 insertions(+), 20 deletions(-) create mode 100644 dist/apache/arsse-fcgi.conf create mode 100644 dist/arch/apache-arsse-fcgi.conf create mode 100644 dist/arch/arsse create mode 100644 dist/arch/ngninx-arsse-fcgi.conf diff --git a/dist/apache/arsse-fcgi.conf b/dist/apache/arsse-fcgi.conf new file mode 100644 index 00000000..a7e38421 --- /dev/null +++ b/dist/apache/arsse-fcgi.conf @@ -0,0 +1,5 @@ +ProxyPreserveHost On +ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "/usr/share/arsse/arsse.php" +ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}" + +ProxyPass "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/" \ No newline at end of file diff --git a/dist/apache/arsse-loc.conf b/dist/apache/arsse-loc.conf index 611c1fc6..51c4247a 100644 --- a/dist/apache/arsse-loc.conf +++ b/dist/apache/arsse-loc.conf @@ -1,34 +1,34 @@ # Nextcloud News protocol - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Tiny Tiny RSS protocol - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Tiny Tiny RSS feed icons - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Fever protocol - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Miniflux protocol - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Miniflux version number - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" # Miniflux "health check" - ProxyPass ${ARSSE_PROXY} + Include "/etc/arsse/apache/arsse-fcgi.conf" diff --git a/dist/apache/arsse.conf b/dist/apache/arsse.conf index b16c80e8..7d4b47f0 100644 --- a/dist/apache/arsse.conf +++ b/dist/apache/arsse.conf @@ -3,9 +3,4 @@ DocumentRoot "/usr/share/arsse/www" Require all granted -Define ARSSE_PROXY "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/" -ProxyPreserveHost On -ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "/usr/share/arsse/arsse.php" -ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}" - Include "/etc/arsse/apache/arsse-loc.conf" diff --git a/dist/arch/PKGBUILD b/dist/arch/PKGBUILD index 76afba7d..e293295a 100644 --- a/dist/arch/PKGBUILD +++ b/dist/arch/PKGBUILD @@ -14,7 +14,7 @@ optdepends=("nginx: HTTP server" "apache>=2.4: HTTP server" "percona-server: Alternate database" "postgresql>=10: Alternate database" - "php-pgsql>=7.3: PostgreSQL database support") + "php-pgsql-interpreter>=7.3: PostgreSQL database support") backup=("etc/webapps/arsse/config.php" "etc/php/php-fpm.d/arsse.conf" "etc/webapps/arsse/nginx/example.conf" @@ -23,13 +23,14 @@ backup=("etc/webapps/arsse/config.php" "etc/webapps/arsse/nginx/arsse-fcgi.conf" "etc/webapps/arsse/apache/example.conf" "etc/webapps/arsse/apache/arsse.conf" + "etc/webapps/arsse/apache/arsse-fcgi.conf" "etc/webapps/arsse/apache/arsse-loc.conf") source=("arsse-0.10.4.tar.gz") md5sums=("SKIP") package() { # define runtime dependencies - depends=("php>=7.3" "php-intl>=7.3" "php-sqlite>=7.3" "php-fpm>=7.3") + depends=("php-interpreter>=7.3" "php-sqlite-interpreter>=7.3" "php-fpm-interpreter>=7.3") # create most directories necessary for the final package cd "$pkgdir" mkdir -p "usr/share/webapps/arsse" "usr/share/doc/arsse" "usr/share/licenses/arsse" "usr/lib/systemd/system" "usr/lib/sysusers.d" "usr/lib/tmpfiles.d" "etc/php/php-fpm.d" "etc/webapps/arsse" @@ -47,11 +48,14 @@ package() { cd "$pkgdir" # copy files requiring special permissions cd "$srcdir/arsse" - install -Dm755 dist/arsse "$pkgdir/usr/bin/arsse" install -Dm640 dist/config.php "$pkgdir/etc/webapps/arsse" # patch generic configuration files to use Arch-specific paths and identifiers - sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"* "$pkgdir/usr/bin/"* + sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"* sed -i -se 's/\/var\/run\/php\//\/run\/php-fpm\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/etc/php/php-fpm.d/arsse.conf" sed -i -se 's/www-data/http/g' "$pkgdir/etc/php/php-fpm.d/arsse.conf" sed -i -e 's/^WorkingDirectory=.*$/WorkingDirectory=\/usr\/share\/webapps\/arsse/g' -e 's/^ConfigurationDirectory=.*$/ConfigurationDirectory=webapps\/arsse/g' "$pkgdir/usr/lib/systemd/system/arsse-fetch.service" + # copy Arch-specific versions of files + install -Dm755 dist/arch/arsse "$pkgdir/usr/bin/arsse" + cp dist/arch/nginx-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/nginx/arsse-fcgi.conf" + cp dist/arch/apache-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/apache/arsse-fcgi.conf" } diff --git a/dist/arch/apache-arsse-fcgi.conf b/dist/arch/apache-arsse-fcgi.conf new file mode 100644 index 00000000..7b3f60e2 --- /dev/null +++ b/dist/arch/apache-arsse-fcgi.conf @@ -0,0 +1,6 @@ +ProxyPreserveHost On +ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "/usr/share/webapps/arsse/arsse.php" +ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}" + +# Modify the below line to begin with "unix:/run/php-fpm-legacy/" if using the php-legacy package +ProxyPass "unix:/run/php/arsse.sock|fcgi://localhost/usr/share/webapps/arsse/" \ No newline at end of file diff --git a/dist/arch/arsse b/dist/arch/arsse new file mode 100644 index 00000000..6f64ca6f --- /dev/null +++ b/dist/arch/arsse @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +readonly default_php="/usr/bin/php" +php="" + +check_sudo() { + if ! command -v sudo > /dev/null; then + printf "The sudo command is not available.\n" + exit 1 + fi +} + +# allow overriding the php executable +if [[ -n "${ARSSE_PHP}" ]] && command -v "${ARSSE_PHP}" > /dev/null; then + php="${ARSSE_PHP}" +else + php="${default_php}" +fi + +if [[ "${UID}" -eq 0 ]]; then + runuser -u "arsse" -- "$php" /usr/share/webapps/arsse/arsse.php "$@" +else + check_sudo + sudo -u "arsse" "$php" /usr/share/webapps/arsse/arsse.php "$@" +fi + diff --git a/dist/arch/ngninx-arsse-fcgi.conf b/dist/arch/ngninx-arsse-fcgi.conf new file mode 100644 index 00000000..04b6941a --- /dev/null +++ b/dist/arch/ngninx-arsse-fcgi.conf @@ -0,0 +1,16 @@ +fastcgi_pass_header Authorization; # required if the Arsse is to perform its own HTTP authentication +fastcgi_pass_request_body on; +fastcgi_pass_request_headers on; +fastcgi_intercept_errors off; +fastcgi_buffering off; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; +fastcgi_param REQUEST_URI $uri; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param HTTPS $https if_not_empty; +fastcgi_param REMOTE_USER $remote_user; +fastcgi_param SCRIPT_FILENAME /usr/share/webapps/arsse/arsse.php; + +# Modify the below line to begin with "/run/php-fpm-legacy/" if using the php-legacy package +fastcgi_pass unix:/run/php/arsse.sock; diff --git a/dist/nginx/arsse-fcgi.conf b/dist/nginx/arsse-fcgi.conf index eb83097f..d7e39f5d 100644 --- a/dist/nginx/arsse-fcgi.conf +++ b/dist/nginx/arsse-fcgi.conf @@ -10,3 +10,6 @@ fastcgi_param REQUEST_URI $uri; fastcgi_param QUERY_STRING $query_string; fastcgi_param HTTPS $https if_not_empty; fastcgi_param REMOTE_USER $remote_user; + +fastcgi_pass unix:/var/run/php/arsse.sock; +fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php; diff --git a/dist/nginx/arsse.conf b/dist/nginx/arsse.conf index fe5721e8..7949a66c 100644 --- a/dist/nginx/arsse.conf +++ b/dist/nginx/arsse.conf @@ -2,15 +2,11 @@ root /usr/share/arsse/www; location @arsse { # HTTP authentication may be enabled for this location, though this may impact some features - fastcgi_pass unix:/var/run/php/arsse.sock; - fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php; include /etc/arsse/nginx/arsse-fcgi.conf; } location @arsse_public { # HTTP authentication should not be enabled for this location - fastcgi_pass unix:/var/run/php/arsse.sock; - fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php; include /etc/arsse/nginx/arsse-fcgi.conf; }