CGI scripts on a OMV box?

Hello all,
I would like to be able to start and pass variables to a couple of customs scripts that I have on my OMV box from my laptop. Now, I am no "techie" but as far as I can tell the simplest way of doing this would be through cgi scripts.

So, first of all I am running 1.0.26 which I guess means that NGINX is installed by default. From what I have read running cgi scripts would be easiest if I had Apache2 installed, however running cgi scripts also seem possible on an NGINX system with the help of FastCGI or SimpleCGI. I tried checking whether any of these utilities were installed on my box (dpkg -s) but nothing turned up (maybe I was trying the wrong package name, fcgi and uwsgi). However considering all the things we can do through the OMV webw gui I guess there must be some cgi- thingy installed by deafult.

So, does anyone have any ideas or should I just go ahead follow some random tutorial for setting up FastCGI?

Also, are cgi scripts a good idea? I was thinkning of making it real simple for me and write the scripts in bash, however considering Shellshock I am not sure that it is such a good idea (obviously I have patched my S***, but you know...). My firewall is setup to only allow connections from my lan, and I have not forwarded any ports, so I guess i should be OK...

Hi davidh2k,

First of all, thanks for taking time to respond to my question. If you got the feeling that I did not really know what I was asking about you were totally correct :).

So, after you mentioned php5-cgi I started looking into php and realized that php enables me to do what I would like to do. So I started experimenting and came up with this script (called yle_dl.php) that I placed in the /var/www/openmediavault/ folder:

<?php
$url = "http://areena.yle.fi/tv/1407300"; //later I will use $_GET["url"] so that I can pass the address through a HTTP query string
$output = "filename"; //later I will use $_GET["output"] so that I can pass the output filename through a HTTP query string
exec("yle-dl $url -o /path/to/media/folder/video_temp.flv");
exec("ffmpeg -i /path/to/media/folder/video_temp.flv -vcodec copy -acodec copy /path/to/media/folder/$output.mp4);
exec("rm /path/to/media/folder/video_temp.flv");
echo "<pre>"script executed</pre>";
?>

Now, this works fine if I from the command line (as root) do php yle_dl.php, however if I from my laptop visit https://ip_to_my_omv_box/yle_dl.php nothing happens, except that the "script executed" line is shown (a videos should be downloaded to the media folder). I have setup permissions so that (the group called) openmediavault have rwx permission to the media folder and to yle-dl (which actually is a helper script located in /usr/local/bin/ (written in python) for rtmpdump). However, I think the problem is that openmediavault does not have permission to execute rtmpdump which I installed from the repos as root.

Does this sound like a possible explanation and how would I go about to give openmedivault needed permissions?
Also, does this sound like a good or bad idea in genereal?

Ok, so I ran

su www-data -c "php /var/www/openmediavault/yle_dl.php"

however the terminal became unresponsive and no output was printed. After a couple of minutes I noticed in the WebGui that my cpu and ram usage was sky rocketing so I killed the ssh session and rebooted my OMV box. Once it came back up I logged back in over ssh and had a look at my media folder, and it had indeed started donwloading the video however it was not finished although it had been running much longer than it usually takes to download a video.

I then started wondering, should it not be

su openmediavault -c "php /var/www/openmediavault/yle_dl.php"

(echoing whoami in the php script also gave openmediavault when executing from a web browser)? I tried that and the script executed nicely in a minute or so, video downloaded and converted. So two things. The correct user was openmediavault rather than www-data, right? And why did the cpu and ram usage sky rocket when trying to run the script as www-data?

Also since the

su openmediavault -c "php /var/www/openmediavault/yle_dl.php"

executed the script without errors I guess that this cannot be a permission issue. So, I changed the yle-dl command in the script to:

$test = shell_exec("yle-dl $url -o /path/to/my/media/folder/video_temp.flv 2>&1");
echo "<pre>$test</pre>";

After that I visited the yle_dl.php page in a web browser and got this output:
Traceback (most recent call last):
File "/usr/local/bin/yle-dl", line 1653, in
main()
File "/usr/local/bin/yle-dl", line 1622, in main
rtmpdump_binary = which('rtmpdump')
File "/usr/local/bin/yle-dl", line 227, in which
for path in os.environ["PATH"].split(os.pathsep):
File "/usr/lib/python2.7/UserDict.py", line 23, in __getitem__
raise KeyError(key)
KeyError: 'PATH'

So, it seems like "the script is run differently" depending on if it is execute remotely (visiting the ip_to_my_omv_box/yle_dl.php) or if it is run locally (su openmediavault)?

Ok, so I did some research and the troubles that I was having were caused by the fact that yle-dl (the python script) was trying to use enviroment variables in order to locate the rtmpdump folder on my system, and when the script was triggered remotely that failed for some reason. I read something about exporting a SECRET_KEY could fix it, however as I was not exactly sure if that could impact my system in some (for me) unknown way I just went ahead and hardcoded the path to the rtmpdump folder in my yle-dl script. Voila, that fixed the problem.

Zitat

This is nuts...

I guess you are reffering to this being a good/bad idea in general, and yeah... What I would like to do is to create my own custom Firefox extension that would trigger the script remotely and pass variables to it, so that when I was watching a video over at areena.yle.fi (video-on-demand site for Yle, Finland's national public service broadcasting company) I could just right click anywhere on the page and select "Download to media server". That would then execute the script remotely and pass the webpages url as a parameter to it, and in a couple of minutes I could watch the same video on my DLNA tv.

Regarding security, my OMV box blocks all traffic on that port from outside my LAN, and neither have I forwaded any ports to it. So, triggering the script outside my LAN should not be easy but... Something that I am not thinking of?