ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
mcramer
2013-07-09 cea0c451275b606ca842d522624e658e3cff864e 
 server/plugins-available/nginx_plugin.inc.php


@@ -99,7 +99,7 @@


      $app->uses('getconf');


      $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');


      if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))


         $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.conf',LOGLEVEL_ERROR);	


         $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf',LOGLEVEL_ERROR);	


      


      //* Only vhosts can have a ssl cert


      if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;


@@ -243,6 +243,7 @@


         if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);


         //if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);


         if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);


         $app->system->chmod($key_file2,0400);


         


         // for nginx, bundle files have to be appended to the certificate file


         if(trim($data["new"]["ssl_bundle"]) != ''){            


@@ -466,7 +467,7 @@


            exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);




            //* Change the home directory and group of the website user


            $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' && usermod';


            $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod';


            $command .= ' --home '.escapeshellcmd($data['new']['document_root']);


            $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);


            $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';


@@ -655,8 +656,8 @@


         exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);


      }  // end copy error docs




      // Set the quota for the user


      if($username != '' && $app->system->is_user($username)) {


      // Set the quota for the user, but only for vhosts, not vhostsubdomains


      if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {


         if($data['new']['hd_quota'] > 0) {


            $blocks_soft = $data['new']['hd_quota'] * 1024;


            $blocks_hard = $blocks_soft + 1024;


@@ -678,6 +679,9 @@


         }


      }




      //* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update


      if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));


		


      //* If the security level is set to high


      if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {


      


@@ -716,13 +720,10 @@


               //* add the nginx user to the client group in the chroot environment


               $tmp_groupfile = $app->system->server_conf['group_datei'];


               $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';


               $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));


               $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));


               $app->system->server_conf['group_datei'] = $tmp_groupfile;


               unset($tmp_groupfile);


            }




            //* add the nginx user to the client group


            $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));


            


            //* Chown all default directories


            $app->system->chown($data['new']['document_root'],'root');


@@ -831,7 +832,7 @@


      if(!is_dir($web_config['website_basedir'].'/conf')) mkdir($web_config['website_basedir'].'/conf');


      if(trim($data['new']['custom_php_ini']) != '') {


         $has_custom_php_ini = true;


         if(!is_dir($custom_php_ini_dir)) $app->system->mkdir($custom_php_ini_dir);


         if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);


         $php_ini_content = '';


         if($data['new']['php'] == 'mod') {


            $master_php_ini_path = $web_config['php_ini_path_apache'];


@@ -1684,10 +1685,12 @@


      if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain'){


         if(is_array($log_folders) && !empty($log_folders)){


            foreach($log_folders as $log_folder){


               if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


               //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


               exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


            }


         } else {


            if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


            //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));


            exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');


         }


      }


      


@@ -1867,10 +1870,10 @@


            $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']);


            if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir,'..')) exec('rm -rf '.$vhost_logfile_dir);


            $app->log('Removing website logfile directory: '.$vhost_logfile_dir,LOGLEVEL_DEBUG);


            




            if($data['old']['type'] == 'vhost') {


                //delete the web user


                $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' && userdel';


                $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel';


                $command .= ' '.escapeshellcmd($data['old']['system_user']);


                exec($command);


                if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);


@@ -2398,6 +2401,12 @@


      if(is_array($lines) && !empty($lines)){


         $linecount = sizeof($lines);


         for($h=0;$h<$linecount;$h++){


            // remove comments


            if(substr(trim($lines[$h]),0,1) == '#'){


               unset($lines[$h]);


               continue;


            }


				


            $lines[$h] = rtrim($lines[$h]);


            /*


            if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], ';') !== false){


@@ -2524,8 +2533,10 @@


            $app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);


         }


         


         $this->_exec('groupdel client'.$client_id);


         $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);


         if($app->system->is_group('client'.$client_id)){


            $this->_exec('groupdel client'.$client_id);


            $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);


         }


      }


      


   }