From 29fb134633b874134b72e339ba6e26ae9b5f1a33 Mon Sep 17 00:00:00 2001
From: "J. King" <jking@jkingweb.ca>
Date: Fri, 22 Dec 2023 13:27:02 -0500
Subject: [PATCH] First steps in supporting php-legacy in Arc

This sorts out HTTP servers, hopefully. Adaptation for systemd and documentation are still required
---
 dist/apache/arsse-fcgi.conf      |  5 +++++
 dist/apache/arsse-loc.conf       | 14 +++++++-------
 dist/apache/arsse.conf           |  5 -----
 dist/arch/PKGBUILD               | 12 ++++++++----
 dist/arch/apache-arsse-fcgi.conf |  6 ++++++
 dist/arch/arsse                  | 26 ++++++++++++++++++++++++++
 dist/arch/ngninx-arsse-fcgi.conf | 16 ++++++++++++++++
 dist/nginx/arsse-fcgi.conf       |  3 +++
 dist/nginx/arsse.conf            |  4 ----
 9 files changed, 71 insertions(+), 20 deletions(-)
 create mode 100644 dist/apache/arsse-fcgi.conf
 create mode 100644 dist/arch/apache-arsse-fcgi.conf
 create mode 100644 dist/arch/arsse
 create mode 100644 dist/arch/ngninx-arsse-fcgi.conf

diff --git a/dist/apache/arsse-fcgi.conf b/dist/apache/arsse-fcgi.conf
new file mode 100644
index 0000000..a7e3842
--- /dev/null
+++ b/dist/apache/arsse-fcgi.conf
@@ -0,0 +1,5 @@
+ProxyPreserveHost On
+ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/arsse/arsse.php"
+ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
+
+ProxyPass "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/"
\ No newline at end of file
diff --git a/dist/apache/arsse-loc.conf b/dist/apache/arsse-loc.conf
index 611c1fc..51c4247 100644
--- a/dist/apache/arsse-loc.conf
+++ b/dist/apache/arsse-loc.conf
@@ -1,34 +1,34 @@
 # Nextcloud News protocol
 <Location "/index.php/apps/news/api">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Tiny Tiny RSS protocol
 <Location "/tt-rss/api">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Tiny Tiny RSS feed icons
 <Location "/tt-rss/feed-icons">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Fever protocol
 <Location "/fever">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Miniflux protocol
 <Location "/v1">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Miniflux version number
 <Location "/version">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
 
 # Miniflux "health check"
 <Location "/healthcheck">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
diff --git a/dist/apache/arsse.conf b/dist/apache/arsse.conf
index b16c80e..7d4b47f 100644
--- a/dist/apache/arsse.conf
+++ b/dist/apache/arsse.conf
@@ -3,9 +3,4 @@ DocumentRoot "/usr/share/arsse/www"
     Require all granted
 </Directory>
 
-Define ARSSE_PROXY "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/"
-ProxyPreserveHost On
-ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/arsse/arsse.php"
-ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
-
 Include "/etc/arsse/apache/arsse-loc.conf"
diff --git a/dist/arch/PKGBUILD b/dist/arch/PKGBUILD
index 76afba7..e293295 100644
--- a/dist/arch/PKGBUILD
+++ b/dist/arch/PKGBUILD
@@ -14,7 +14,7 @@ optdepends=("nginx: HTTP server"
             "apache>=2.4: HTTP server"
             "percona-server: Alternate database"
             "postgresql>=10: Alternate database"
-            "php-pgsql>=7.3: PostgreSQL database support")
+            "php-pgsql-interpreter>=7.3: PostgreSQL database support")
 backup=("etc/webapps/arsse/config.php"
         "etc/php/php-fpm.d/arsse.conf"
         "etc/webapps/arsse/nginx/example.conf"
@@ -23,13 +23,14 @@ backup=("etc/webapps/arsse/config.php"
         "etc/webapps/arsse/nginx/arsse-fcgi.conf"
         "etc/webapps/arsse/apache/example.conf"
         "etc/webapps/arsse/apache/arsse.conf"
+        "etc/webapps/arsse/apache/arsse-fcgi.conf"
         "etc/webapps/arsse/apache/arsse-loc.conf")
 source=("arsse-0.10.4.tar.gz")
 md5sums=("SKIP")
 
 package() {
     # define runtime dependencies
-    depends=("php>=7.3" "php-intl>=7.3" "php-sqlite>=7.3" "php-fpm>=7.3")
+    depends=("php-interpreter>=7.3" "php-sqlite-interpreter>=7.3" "php-fpm-interpreter>=7.3")
     # create most directories necessary for the final package
     cd "$pkgdir"
     mkdir -p "usr/share/webapps/arsse" "usr/share/doc/arsse" "usr/share/licenses/arsse" "usr/lib/systemd/system" "usr/lib/sysusers.d" "usr/lib/tmpfiles.d" "etc/php/php-fpm.d" "etc/webapps/arsse"
@@ -47,11 +48,14 @@ package() {
     cd "$pkgdir"
     # copy files requiring special permissions
     cd "$srcdir/arsse"
-    install -Dm755 dist/arsse "$pkgdir/usr/bin/arsse"
     install -Dm640 dist/config.php "$pkgdir/etc/webapps/arsse"
     # patch generic configuration files to use Arch-specific paths and identifiers
-    sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"* "$pkgdir/usr/bin/"*
+    sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"*
     sed -i -se 's/\/var\/run\/php\//\/run\/php-fpm\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/etc/php/php-fpm.d/arsse.conf"
     sed -i -se 's/www-data/http/g' "$pkgdir/etc/php/php-fpm.d/arsse.conf"
     sed -i -e 's/^WorkingDirectory=.*$/WorkingDirectory=\/usr\/share\/webapps\/arsse/g' -e 's/^ConfigurationDirectory=.*$/ConfigurationDirectory=webapps\/arsse/g' "$pkgdir/usr/lib/systemd/system/arsse-fetch.service"
+    # copy Arch-specific versions of files
+    install -Dm755 dist/arch/arsse "$pkgdir/usr/bin/arsse"
+    cp dist/arch/nginx-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/nginx/arsse-fcgi.conf"
+    cp dist/arch/apache-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/apache/arsse-fcgi.conf"
 }
diff --git a/dist/arch/apache-arsse-fcgi.conf b/dist/arch/apache-arsse-fcgi.conf
new file mode 100644
index 0000000..7b3f60e
--- /dev/null
+++ b/dist/arch/apache-arsse-fcgi.conf
@@ -0,0 +1,6 @@
+ProxyPreserveHost On
+ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/webapps/arsse/arsse.php"
+ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
+
+# Modify the below line to begin with "unix:/run/php-fpm-legacy/" if using the php-legacy package
+ProxyPass "unix:/run/php/arsse.sock|fcgi://localhost/usr/share/webapps/arsse/"
\ No newline at end of file
diff --git a/dist/arch/arsse b/dist/arch/arsse
new file mode 100644
index 0000000..6f64ca6
--- /dev/null
+++ b/dist/arch/arsse
@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+readonly default_php="/usr/bin/php"
+php=""
+
+check_sudo() {
+  if ! command -v sudo > /dev/null; then
+    printf "The sudo command is not available.\n"
+    exit 1
+  fi
+}
+
+# allow overriding the php executable
+if [[ -n "${ARSSE_PHP}" ]] && command -v "${ARSSE_PHP}" > /dev/null; then
+  php="${ARSSE_PHP}"
+else
+  php="${default_php}"
+fi
+
+if [[ "${UID}" -eq 0 ]]; then
+  runuser -u "arsse" -- "$php" /usr/share/webapps/arsse/arsse.php "$@"
+else
+  check_sudo
+  sudo -u "arsse" "$php" /usr/share/webapps/arsse/arsse.php "$@"
+fi
+
diff --git a/dist/arch/ngninx-arsse-fcgi.conf b/dist/arch/ngninx-arsse-fcgi.conf
new file mode 100644
index 0000000..04b6941
--- /dev/null
+++ b/dist/arch/ngninx-arsse-fcgi.conf
@@ -0,0 +1,16 @@
+fastcgi_pass_header Authorization; # required if the Arsse is to perform its own HTTP authentication
+fastcgi_pass_request_body on;
+fastcgi_pass_request_headers on;
+fastcgi_intercept_errors off;
+fastcgi_buffering off;
+fastcgi_param REQUEST_METHOD  $request_method;
+fastcgi_param CONTENT_TYPE    $content_type;
+fastcgi_param CONTENT_LENGTH  $content_length;
+fastcgi_param REQUEST_URI     $uri;
+fastcgi_param QUERY_STRING    $query_string;
+fastcgi_param HTTPS           $https if_not_empty;
+fastcgi_param REMOTE_USER     $remote_user;
+fastcgi_param SCRIPT_FILENAME /usr/share/webapps/arsse/arsse.php;
+
+# Modify the below line to begin with "/run/php-fpm-legacy/" if using the php-legacy package
+fastcgi_pass unix:/run/php/arsse.sock;
diff --git a/dist/nginx/arsse-fcgi.conf b/dist/nginx/arsse-fcgi.conf
index eb83097..d7e39f5 100644
--- a/dist/nginx/arsse-fcgi.conf
+++ b/dist/nginx/arsse-fcgi.conf
@@ -10,3 +10,6 @@ fastcgi_param REQUEST_URI     $uri;
 fastcgi_param QUERY_STRING    $query_string;
 fastcgi_param HTTPS           $https if_not_empty;
 fastcgi_param REMOTE_USER     $remote_user;
+
+fastcgi_pass unix:/var/run/php/arsse.sock;
+fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
diff --git a/dist/nginx/arsse.conf b/dist/nginx/arsse.conf
index fe5721e..7949a66 100644
--- a/dist/nginx/arsse.conf
+++ b/dist/nginx/arsse.conf
@@ -2,15 +2,11 @@ root /usr/share/arsse/www;
 
 location @arsse {
     # HTTP authentication may be enabled for this location, though this may impact some features
-    fastcgi_pass unix:/var/run/php/arsse.sock;
-    fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
     include /etc/arsse/nginx/arsse-fcgi.conf;
 }
 
 location @arsse_public {
     # HTTP authentication should not be enabled for this location
-    fastcgi_pass unix:/var/run/php/arsse.sock;
-    fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
     include /etc/arsse/nginx/arsse-fcgi.conf;
 }