Manage apache2 configuration from maintainer scripts

Setup passenger configuration from the puppetmaster-passenger
postinst script. Unconfigure and purge relevant files in
puppetmaster-passenger postrm script.

All files and directories related to running
puppeptmaster under passenger have also been moved to the
puppetmaster-passenger package.

7 files changed, 80 insertions, 34 deletions

diff --git a/debian/puppetmaster-passenger.dirs b/debian/puppetmaster-passenger.dirs
new file mode 100644
index 000000000..7b33835ae
--- /dev/null
+++ b/debian/puppetmaster-passenger.dirs
@@ -0,0 +1,4 @@
+usr/share/puppet/rack/puppetmasterd
+usr/share/puppet/rack/puppetmasterd/public
+usr/share/puppet/rack/puppetmasterd/tmp
+usr/share/puppetmaster-passenger/
diff --git a/debian/puppetmaster-passenger.postinst b/debian/puppetmaster-passenger.postinst
new file mode 100644
index 000000000..cbfec3036
--- /dev/null
+++ b/debian/puppetmaster-passenger.postinst
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "configure" ]; then
+    
+    # Change the owner of the rack config.ru to be the puppet user
+    # because passenger will suid to that user, see #577366
+    if ! dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
+    then
+	dpkg-statoverride --update --add puppet puppet 0644 /usr/share/puppet/rack/puppetmasterd/config.ru
+    fi
+    # Setup passenger configuration
+    if [ "$2" = "" ]; then
+        # Initialize puppetmaster CA and generate the master certificate.
+        # The ssl key and cert need to be available (eg generated) before
+        # apache2 is configured and started since apache2 ssl configuration 
+        # uses the puppetmaster ssl files.
+        puppetca --generate $(puppetca --configprint certname)
+        # Setup apache2 configuration files
+        APACHE2_SITE_FILE="/etc/apache2/sites-available/puppetmaster" 
+        if  [ ! -e "${APACHE2_SITE_FILE}" ]; then
+            cp /usr/share/puppetmaster-passenger/apache2.site.conf.tmpl "${APACHE2_SITE_FILE}"
+            # Fix path to SSL files
+            sed -r -i "s|(SSLCertificateFile\s+).+$|\1$(puppetca --configprint hostcert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCertificateKeyFile\s+).+$|\1$(puppetca --configprint hostprivkey)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCACertificateFile\s+).+$|\1$(puppetca --configprint cacert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCertificateChainFile\s+).+$|\1$(puppetca --configprint cacert)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCARevocationFile\s+).+$|\1$(puppetca --configprint cacrl)|" "${APACHE2_SITE_FILE}"
+        fi
+        a2enmod ssl
+        a2ensite puppetmaster
+        if [ -x "/etc/init.d/apache2" ]; then
+            if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                invoke-rc.d apache2 force-reload || exit $?
+            else
+                /etc/init.d/apache2 force-reload || exit $?
+            fi
+        fi
+    fi
+fi
+
+#DEBHELPER#
diff --git a/debian/puppetmaster-passenger.postrm b/debian/puppetmaster-passenger.postrm
new file mode 100644
index 000000000..6b57dc63f
--- /dev/null
+++ b/debian/puppetmaster-passenger.postrm
@@ -0,0 +1,33 @@
+#!/bin/sh -e
+
+case "$1" in
+    purge)
+	if dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
+	then
+	    dpkg-statoverride --remove /usr/share/puppet/rack/puppetmasterd/config.ru
+	fi
+	# Remove the puppetmaster site configuration on purge
+	rm /etc/apache2/sites-available/puppetmaster
+	;;
+    remove)
+        # Disable the puppetmaster apache2 site configuration on package removal
+        a2dissite puppetmaster
+        if [ -x "/etc/init.d/apache2" ]; then
+            if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                invoke-rc.d apache2 force-reload || exit $?
+            else
+                /etc/init.d/apache2 force-reload || exit $?
+            fi
+        fi
+	;;
+    upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+        ;;
+    *)
+        echo "postrm called with unknown argument \`$1'" >&2
+        exit 1
+
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/puppetmaster.dirs b/debian/puppetmaster.dirs
index 6655cc9cf..236670a2d 100644
--- a/debian/puppetmaster.dirs
+++ b/debian/puppetmaster.dirs
@@ -1,5 +1 @@
 usr/sbin
-usr/share/puppet/rack/puppetmasterd
-usr/share/puppet/rack/puppetmasterd/public
-usr/share/puppet/rack/puppetmasterd/tmp
-
diff --git a/debian/puppetmaster.examples b/debian/puppetmaster.examples
deleted file mode 100644
index d931afed0..000000000
--- a/debian/puppetmaster.examples
+++ /dev/null
@@ -1 +0,0 @@
-ext/rack/files/apache2.conf
diff --git a/debian/puppetmaster.postinst b/debian/puppetmaster.postinst
index faf3ce039..c1fc8b91f 100644
--- a/debian/puppetmaster.postinst
+++ b/debian/puppetmaster.postinst
@@ -2,14 +2,4 @@
 
 set -e
 
-if [ "$1" = "configure" ]; then
-    
-    # Change the owner of the rack config.ru to be the puppet user
-    # because passenger will suid to that user, see #577366
-    if ! dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
-    then
-	dpkg-statoverride --update --add puppet puppet 0644 /usr/share/puppet/rack/puppetmasterd/config.ru
-    fi
-fi
-
 #DEBHELPER#
diff --git a/debian/puppetmaster.postrm b/debian/puppetmaster.postrm
index 26d23e167..0c6b28527 100644
--- a/debian/puppetmaster.postrm
+++ b/debian/puppetmaster.postrm
@@ -1,24 +1,5 @@
 #!/bin/sh -e
 
-case "$1" in
-    purge)
-	rm -rf /var/log/puppet
-	rm -f /etc/puppet/puppetmasterd.conf
-	rm -rf /etc/puppet/ssl
-	if dpkg-statoverride --list /usr/share/puppet/rack/puppetmasterd/config.ru >/dev/null 2>&1
-	then
-	    dpkg-statoverride --remove /usr/share/puppet/rack/puppetmasterd/config.ru
-	fi
-	;;
-    remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
-        ;;
-
-    *)
-        echo "postrm called with unknown argument \`$1'" >&2
-        exit 1
-
-esac
-
 #DEBHELPER#
 
 exit 0