ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Marius Cramer
2015-12-08 46230badbe21f7c4337fef7369defd6f2372a5cf 
 server/plugins-available/apache2_plugin.inc.php


@@ -283,7 +283,7 @@


        emailAddress           = webmaster@".$data['new']['domain']."




        [ req_attributes ]


        challengePassword              = A challenge password";


        ";//challengePassword              = A challenge password";




         $ssl_cnf_file = $ssl_dir.'/openssl.conf';


         $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf);


@@ -594,7 +594,8 @@


            }


            


            //* Unmount the old log directory bfore we move the log dir


            exec('umount '.escapeshellcmd($old_dir.'/log'));


            //exec('fuser -km '.escapeshellcmd($old_dir.'/log'));


            exec('umount '.escapeshellcmd($data['old']['document_root'].'/log'));




            //* Create new base directory, if it does not exist yet


            if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);


@@ -676,6 +677,7 @@


         $app->system->removeLine('/etc/fstab', $fstab_line);




         //* Unmount log directory


         //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));


         exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));


      }




@@ -689,7 +691,8 @@


         $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);


         exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));


         //* add mountpoint to fstab


         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait,_netdev    0 0';


         $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait';


         $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev    0 0':'    0 0';


         $app->system->replaceLine('/etc/fstab', $fstab_line, $fstab_line, 1, 1);


      }




@@ -1108,6 +1111,100 @@


      }


      */




      //* Generate Let's Encrypt SSL certificat


      if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {


         if(substr($domain, 0, 2) === '*.') {


            // wildcard domain not yet supported by letsencrypt!


            $app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);


            $domain = substr($domain, 2);


         }


			


         $data['new']['ssl_domain'] = $domain;


         $vhost_data['ssl_domain'] = $domain;




         //* be sure to have good domain


         $lddomain = (string) "$domain";


         if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {


            $lddomain .= (string) " --domains www." . $domain;


         }




            $crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";


            $key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";


            $bundle_tmp_file = "/etc/letsencrypt/live/".$domain."/chain.pem";


            $webroot = $data['new']['document_root']."/web";




            //* check if we have already a Let's Encrypt cert


            if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {


               $app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);




               if(is_dir($webroot . "/.well-known/")) {


                  $app->log("Remove old challenge directory", LOGLEVEL_DEBUG);


                  $this->_exec("rm -rf " . $webroot . "/.well-known/");


               }




               $app->log("Create challenge directory", LOGLEVEL_DEBUG);


               $app->system->mkdirpath($webroot . "/.well-known/");


               $app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);


               $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);


               $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");


               $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);


               $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);


               $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");


					


               if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {


                  $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));


               }


            };




            //* check is been correctly created


            if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {


               $date = date("YmdHis");


               if(is_file($key_file)) {


                  $app->system->copy($key_file, $key_file.'.old'.$date);


                  $app->system->chmod($key_file.'.old.'.$date, 0400);


                  $app->system->unlink($key_file);


               }




               if ($web_config["website_symlinks_rel"] == 'y') {


                  $this->create_relative_link(escapeshellcmd($key_tmp_file), escapeshellcmd($key_file));


               } else {


                  exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file));


               }




               if(is_file($crt_file)) {


                  $app->system->copy($crt_file, $crt_file.'.old.'.$date);


                  $app->system->chmod($crt_file.'.old.'.$date, 0400);


                  $app->system->unlink($crt_file);


               }




               if($web_config["website_symlinks_rel"] == 'y') {


                  $this->create_relative_link(escapeshellcmd($crt_tmp_file), escapeshellcmd($crt_file));


               } else {


                  exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file));


               }




               if(is_file($bundle_file)) {


                  $app->system->copy($bundle_file, $bundle_file.'.old.'.$date);


                  $app->system->chmod($bundle_file.'.old.'.$date, 0400);


                  $app->system->unlink($bundle_file);


               }




               if($web_config["website_symlinks_rel"] == 'y') {


                  $this->create_relative_link(escapeshellcmd($bundle_tmp_file), escapeshellcmd($bundle_file));


               } else {


                  exec("ln -s ".escapeshellcmd($bundle_tmp_file)." ".escapeshellcmd($bundle_file));


               }




               /* we don't need to store it.


               /* Update the DB of the (local) Server */


               $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");


               $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");


               /* Update also the master-DB of the Server-Farm */


               $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");


               $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");


            }


         };




      if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;




      //$vhost_data['document_root'] = $data['new']['document_root'].'/' . $web_folder;


@@ -1405,7 +1502,7 @@


       * PHP-FPM


       */


      // Support for multiple PHP versions


      if($data['new']['php'] == 'php-fpm' || $data['new']['php'] == 'hhvm'){


      if($data['new']['php'] == 'php-fpm'){


         if(trim($data['new']['fastcgi_php_version']) != ''){


            $default_php_fpm = false;


            list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));


@@ -1900,10 +1997,12 @@


         if(is_array($log_folders) && !empty($log_folders)){


            foreach($log_folders as $log_folder){


               //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


               //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


               exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


            }


         } else {


            //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


            //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


            exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


         }


      }


@@ -2855,11 +2954,14 @@


         file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content);


         exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1');


         exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1');


         exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' start >/dev/null 2>&1');


         exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1');


         


         $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content);


         file_put_contents('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'], $monit_content);


         exec('/etc/init.d/monit restart >/dev/null 2>&1');


         if(is_dir('/etc/monit/conf.d')){


            $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content);


            file_put_contents('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'], $monit_content);


            if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])) unlink('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']);


            exec('/etc/init.d/monit restart >/dev/null 2>&1');


         }


         


       } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') {


         exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1');


@@ -2867,8 +2969,13 @@


         unlink('/etc/init.d/hhvm_' . $data['old']['system_user']);


         if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');


         


         if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])){


            unlink('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']);


         if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']) || is_file('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'])){


            if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])){


               unlink('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']);


            }


            if(is_file('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'])){


               unlink('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user']);


            }


            exec('/etc/init.d/monit restart >/dev/null 2>&1');


         }


      }