gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -163,7 +163,7 @@
			}

			if(intval($web_data['directive_snippets_id']) > 0){
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", intval($web_data['directive_snippets_id']));
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($web_data['directive_snippets_id']));
			if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
			$required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
			if(is_array($required_php_snippets) && !empty($required_php_snippets)){
			@@ -275,15 +275,15 @@

			[ req_distinguished_name ]
			C = ".trim($data['new']['ssl_country'])."
			ST = ".trim($data['new']['ssl_state'])."
			L = ".trim($data['new']['ssl_locality'])."
			O = ".trim($data['new']['ssl_organisation'])."
			OU = ".trim($data['new']['ssl_organisation_unit'])."
			" . (trim($data['new']['ssl_state']) == '' ? '' : "ST = ".trim($data['new']['ssl_state'])) . "
			" . (trim($data['new']['ssl_locality']) == '' ? '' : "L = ".trim($data['new']['ssl_locality']))."
			" . (trim($data['new']['ssl_organisation']) == '' ? '' : "O = ".trim($data['new']['ssl_organisation']))."
			" . (trim($data['new']['ssl_organisation_unit']) == '' ? '' : "OU = ".trim($data['new']['ssl_organisation_unit']))."
			CN = $domain
			emailAddress = webmaster@".$data['new']['domain']."

			[ req_attributes ]
			challengePassword = A challenge password";
			";//challengePassword = A challenge password";

			$ssl_cnf_file = $ssl_dir.'/openssl.conf';
			$app->system->file_put_contents($ssl_cnf_file, $ssl_cnf);
			@@ -594,8 +594,8 @@
			}

			//* Unmount the old log directory bfore we move the log dir
			exec('fuser -km '.escapeshellcmd($old_dir.'/log'));
			exec('umount '.escapeshellcmd($old_dir.'/log'));
			//exec('fuser -km '.escapeshellcmd($old_dir.'/log'));
			exec('umount '.escapeshellcmd($data['old']['document_root'].'/log'));

			//* Create new base directory, if it does not exist yet
			if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
			@@ -677,7 +677,7 @@
			$app->system->removeLine('/etc/fstab', $fstab_line);

			//* Unmount log directory
			exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
			//exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
			}

			@@ -691,7 +691,8 @@
			$app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
			exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
			//* add mountpoint to fstab
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait,_netdev 0 0';
			$fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait';
			$fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev 0 0':' 0 0';
			$app->system->replaceLine('/etc/fstab', $fstab_line, $fstab_line, 1, 1);
			}

			@@ -1037,7 +1038,7 @@
			$php_ini_content .= str_replace("\r", '', trim($data['new']['custom_php_ini']));

			if(intval($data['new']['directive_snippets_id']) > 0){
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
			if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
			$required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
			if(is_array($required_php_snippets) && !empty($required_php_snippets)){
			@@ -1050,6 +1051,10 @@
			$php_ini_content .= "\n".$php_snippet['snippet'];
			}
			}
			}

			foreach($sub_prefixes as $s) {
			$temp_domains[] = $s . $aliasdomain['domain'];
			}
			}
			}
			@@ -1090,12 +1095,16 @@
			// Make sure we only have Unix linebreaks
			$vhost_data['apache_directives'] = str_replace("\r\n", "\n", $vhost_data['apache_directives']);
			$vhost_data['apache_directives'] = str_replace("\r", "\n", $vhost_data['apache_directives']);
			$trans = array('{DOCROOT}' => $vhost_data['web_document_root_www']);
			$trans = array(
			'{DOCROOT}' => $vhost_data['web_document_root_www'],
			'{DOCROOT_CLIENT}' => $vhost_data['web_document_root']
			);
			$vhost_data['apache_directives'] = strtr($vhost_data['apache_directives'], $trans);

			// Check if a SSL cert exists
			$ssl_dir = $data['new']['document_root'].'/ssl';
			$domain = $data['new']['ssl_domain'];
			if(!$domain) $domain = $data['new']['domain'];
			$key_file = $ssl_dir.'/'.$domain.'.key';
			$crt_file = $ssl_dir.'/'.$domain.'.crt';
			$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
			@@ -1109,6 +1118,130 @@
			$app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);
			}
			*/

			//* Generate Let's Encrypt SSL certificat
			if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
			($data['old']['ssl'] == 'n' \|\| $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
			\|\| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
			\|\| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
			\|\| ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
			\|\| ($data['old']['type'] == 'alias' \|\| $data['new']['type'] == 'alias') // we have new or update on aliasdomain
			)) {
			if(substr($domain, 0, 2) === '*.') {
			// wildcard domain not yet supported by letsencrypt!
			$app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
			$domain = substr($domain, 2);
			}

			$data['new']['ssl_domain'] = $domain;
			$vhost_data['ssl_domain'] = $domain;

			// default values
			$temp_domains = array();
			$lddomain = $domain;
			$subdomains = null;
			$aliasdomains = null;
			$sub_prefixes = array();

			//* be sure to have good domain
			if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
			$temp_domains[] = "www." . $domain;
			}

			//* then, add subdomain if we have
			$subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
			if(is_array($subdomains)) {
			foreach($subdomains as $subdomain) {
			$temp_domains[] = $subdomain['domain'];
			$sub_prefixes[] = str_replace($domain, "", $subdomain['domain']);
			}
			}

			//* then, add alias domain if we have
			$aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias'");
			if(is_array($aliasdomains)) {
			foreach($aliasdomains as $aliasdomain) {
			$temp_domains[] = $aliasdomain['domain'];
			if(isset($aliasdomain['subdomain']) && ! empty($aliasdomain['subdomain'])) {
			$temp_domains[] = $aliasdomain['subdomain'] . "." . $aliasdomain['domain'];
			}
			}
			}

			// prevent duplicate
			$temp_domains = array_unique($temp_domains);

			// generate cli format
			foreach($temp_domains as $temp_domain) {
			$lddomain .= (string) " --domains " . $temp_domain;
			}

			// useless data
			unset($subdomains);
			unset($temp_domains);

			$crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
			$key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
			$bundle_tmp_file = "/etc/letsencrypt/live/".$domain."/chain.pem";
			$webroot = $data['new']['document_root']."/web";

			//* check if we have already a Let's Encrypt cert
			if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
			$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);

			if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
			$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
			}
			};

			//* check is been correctly created
			if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {
			$date = date("YmdHis");
			if(is_file($key_file)) {
			$app->system->copy($key_file, $key_file.'.old'.$date);
			$app->system->chmod($key_file.'.old.'.$date, 0400);
			$app->system->unlink($key_file);
			}

			if ($web_config["website_symlinks_rel"] == 'y') {
			$this->create_relative_link(escapeshellcmd($key_tmp_file), escapeshellcmd($key_file));
			} else {
			exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file));
			}

			if(is_file($crt_file)) {
			$app->system->copy($crt_file, $crt_file.'.old.'.$date);
			$app->system->chmod($crt_file.'.old.'.$date, 0400);
			$app->system->unlink($crt_file);
			}

			if($web_config["website_symlinks_rel"] == 'y') {
			$this->create_relative_link(escapeshellcmd($crt_tmp_file), escapeshellcmd($crt_file));
			} else {
			exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file));
			}

			if(is_file($bundle_file)) {
			$app->system->copy($bundle_file, $bundle_file.'.old.'.$date);
			$app->system->chmod($bundle_file.'.old.'.$date, 0400);
			$app->system->unlink($bundle_file);
			}

			if($web_config["website_symlinks_rel"] == 'y') {
			$this->create_relative_link(escapeshellcmd($bundle_tmp_file), escapeshellcmd($bundle_file));
			} else {
			exec("ln -s ".escapeshellcmd($bundle_tmp_file)." ".escapeshellcmd($bundle_file));
			}

			/* we don't need to store it.
			/* Update the DB of the (local) Server */
			$app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
			$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
			/* Update also the master-DB of the Server-Farm */
			$app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
			$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
			}
			}

			if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;

			@@ -1134,6 +1267,7 @@

			// Rewrite rules
			$rewrite_rules = array();
			$rewrite_wildcard_rules = array();
			if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
			if(substr($data['new']['redirect_path'], -1) != '/' && !preg_match('/^(https?\|\[scheme\]):\/\//', $data['new']['redirect_path'])) $data['new']['redirect_path'] .= '/';
			if(substr($data['new']['redirect_path'], 0, 8) == '[scheme]'){
			@@ -1165,7 +1299,7 @@
			'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
			break;
			case '*':
			$rewrite_rules[] = array( 'rewrite_domain' => '(^\|\.)'.$this->_rewrite_quote($data['new']['domain']),
			$rewrite_wildcard_rules[] = array( 'rewrite_domain' => '(^\|\.)'.$this->_rewrite_quote($data['new']['domain']),
			'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
			'rewrite_target' => $rewrite_target,
			'rewrite_target_ssl' => $rewrite_target_ssl,
			@@ -1264,7 +1398,7 @@
			'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
			break;
			case '*':
			$rewrite_rules[] = array( 'rewrite_domain' => '(^\|\.)'.$this->_rewrite_quote($alias['domain']),
			$rewrite_wildcard_rules[] = array( 'rewrite_domain' => '(^\|\.)'.$this->_rewrite_quote($alias['domain']),
			'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
			'rewrite_target' => $rewrite_target,
			'rewrite_target_ssl' => $rewrite_target_ssl,
			@@ -1301,6 +1435,8 @@
			} else {
			$tpl->setVar('alias', '');
			}

			if (count($rewrite_wildcard_rules) > 0) $rewrite_rules = array_merge($rewrite_rules, $rewrite_wildcard_rules); // Append wildcard rules to the end of rules

			if(count($rewrite_rules) > 0 \|\| $vhost_data['seo_redirect_enabled'] > 0 \|\| count($alias_seo_redirects) > 0) {
			$tpl->setVar('rewrite_enabled', 1);
			@@ -1573,7 +1709,7 @@
			$data['new']['ipv6_address'] = implode(':', $explode_v6);
			}
			}

			if($data['new']['ipv6_address'] == '*') $data['new']['ipv6_address'] = '::';
			$tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);
			if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
			if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
			@@ -1902,12 +2038,12 @@
			if(is_array($log_folders) && !empty($log_folders)){
			foreach($log_folders as $log_folder){
			//if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			//exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			}
			} else {
			//if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
			exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			//exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
			}
			}
			@@ -2824,19 +2960,19 @@
			$monit_content = file_get_contents($conf['rootpath'] . '/conf/hhvm_monit.master');
			}

			if($data['new']['php'] == 'hhvm' && $data['old']['php'] != 'hhvm' \|\| $data['new']['custom_php_ini'] != $data['old']['custom_php_ini']) {
			if($data['new']['php'] == 'hhvm' && $data['old']['php'] != 'hhvm' \|\| (isset($data['old']['custom_php_ini']) && $data['new']['custom_php_ini'] != $data['old']['custom_php_ini'])) {

			// Custom php.ini settings
			$custom_php_ini_settings = trim($data['new']['custom_php_ini']);
			if(intval($data['new']['directive_snippets_id']) > 0){
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
			$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
			if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
			$required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
			if(is_array($required_php_snippets) && !empty($required_php_snippets)){
			foreach($required_php_snippets as $required_php_snippet){
			$required_php_snippet = intval($required_php_snippet);
			if($required_php_snippet > 0){
			$php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
			$php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE ".($snippet['master_directive_snippets_id'] > 0 ? 'master_' : '')."directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
			$php_snippet['snippet'] = trim($php_snippet['snippet']);
			if($php_snippet['snippet'] != ''){
			$custom_php_ini_settings .= "\n".$php_snippet['snippet'];
			@@ -2852,7 +2988,7 @@
			$custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
			file_put_contents('/etc/hhvm/'.$data['new']['system_user'].'.ini', $custom_php_ini_settings);
			} else {
			if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
			if($data['old']['system_user'] != '' && is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
			}

			$content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content);
			@@ -2869,10 +3005,12 @@
			}

			} elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') {
			exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1');
			exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1');
			unlink('/etc/init.d/hhvm_' . $data['old']['system_user']);
			if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
			if($data['old']['system_user'] != ''){
			exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1');
			exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1');
			unlink('/etc/init.d/hhvm_' . $data['old']['system_user']);
			if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
			}

			if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']) \|\| is_file('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'])){
			if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])){
			@@ -2987,7 +3125,7 @@
			foreach($required_php_snippets as $required_php_snippet){
			$required_php_snippet = intval($required_php_snippet);
			if($required_php_snippet > 0){
			$php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
			$php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE ".($snippet['master_directive_snippets_id'] > 0 ? 'master_' : '')."directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
			$php_snippet['snippet'] = trim($php_snippet['snippet']);
			if($php_snippet['snippet'] != ''){
			$custom_php_ini_settings .= "\n".$php_snippet['snippet'];