From dee987b263b021b990ea4c62cb15be47c6d61fb5 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 05 Jan 2015 08:30:12 -0500
Subject: [PATCH] Merge branch 'master' into 'master'
---
server/plugins-available/nginx_plugin.inc.php | 230 +++++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 173 insertions(+), 57 deletions(-)
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 6c8c0d8..c256ae1 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -102,7 +102,7 @@
$app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf', LOGLEVEL_ERROR);
//* Only vhosts can have a ssl cert
- if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;
+ if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") return;
// if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl');
if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl');
@@ -147,6 +147,7 @@
[ req ]
default_bits = 2048
+ default_md = sha256
default_keyfile = keyfile.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
@@ -170,30 +171,34 @@
$rand_file = escapeshellcmd($rand_file);
$key_file = escapeshellcmd($key_file);
+ $openssl_cmd_key_file = $key_file;
if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
$key_file2 = escapeshellcmd($key_file2);
+ $openssl_cmd_key_file2 = $key_file2;
if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
$ssl_days = 3650;
$csr_file = escapeshellcmd($csr_file);
+ $openssl_cmd_csr_file = $csr_file;
if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
$config_file = escapeshellcmd($ssl_cnf_file);
$crt_file = escapeshellcmd($crt_file);
+ $openssl_cmd_crt_file = $crt_file;
if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
- exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $key_file 2048");
- exec("openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -out $csr_file -days $ssl_days -config $config_file");
- exec("openssl rsa -passin pass:$ssl_password -in $key_file -out $key_file2");
+ exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file 2048");
+ exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
+ exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file -out $openssl_cmd_key_file2");
if(file_exists($web_config['CA_path'].'/openssl.cnf'))
{
- exec("openssl ca -batch -out $crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $csr_file");
+ exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file");
$app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
- if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $csr_file", LOGLEVEL_ERROR);
+ if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR);
};
if (@filesize($crt_file)==0 || !file_exists($crt_file)){
- exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file ");
+ exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file ");
$app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
};
@@ -274,7 +279,7 @@
//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf'))
{
- exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke $crt_file");
+ exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file));
$app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
};
$app->system->unlink($csr_file);
@@ -314,7 +319,7 @@
if($this->action != 'insert') $this->action = 'update';
- if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['parent_domain_id'] > 0) {
+ if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['type'] != 'vhostalias' && $data['new']['parent_domain_id'] > 0) {
$old_parent_domain_id = intval($data['old']['parent_domain_id']);
$new_parent_domain_id = intval($data['new']['parent_domain_id']);
@@ -348,13 +353,16 @@
}
if($data['new']['document_root'] == '') {
- if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') $app->log('document_root not set', LOGLEVEL_WARN);
+ if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') $app->log('document_root not set', LOGLEVEL_WARN);
return 0;
}
- if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
- $app->log('Websites cannot be owned by the root user or group.', LOGLEVEL_WARN);
+
+ if($app->system->is_allowed_user($data['new']['system_user'], $app->system->is_user($data['new']['system_user']), true) == false
+ || $app->system->is_allowed_group($data['new']['system_group'], $app->system->is_group($data['new']['system_group']), true) == false) {
+ $app->log('Websites cannot be owned by the root user or group. User: '.$data['new']['system_user'].' Group: '.$data['new']['system_group'], LOGLEVEL_WARN);
return 0;
}
+
if(trim($data['new']['domain']) == '') {
$app->log('domain is empty', LOGLEVEL_WARN);
return 0;
@@ -362,13 +370,26 @@
$web_folder = 'web';
$log_folder = 'log';
- if($data['new']['type'] == 'vhostsubdomain') {
+ $old_web_folder = 'web';
+ $old_log_folder = 'log';
+ if($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') {
+ // new one
$tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = '.intval($data['new']['parent_domain_id']));
$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['new']['domain']);
if($subdomain_host == '') $subdomain_host = 'web'.$data['new']['domain_id'];
$web_folder = $data['new']['web_folder'];
$log_folder .= '/' . $subdomain_host;
unset($tmp);
+
+ if(isset($data['old']['parent_domain_id'])) {
+ // old one
+ $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
+ $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
+ if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
+ $old_web_folder = $data['old']['web_folder'];
+ $old_log_folder .= '/' . $subdomain_host;
+ unset($tmp);
+ }
}
// Create group and user, if not exist
@@ -436,7 +457,7 @@
}
}
- if($data["new"]["type"] != "vhostsubdomain") {
+ if($data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") {
//* Move the site data
$tmp_docroot = explode('/', $data['new']['document_root']);
unset($tmp_docroot[count($tmp_docroot)-1]);
@@ -452,6 +473,9 @@
$app->system->rename($data['new']['document_root'], $data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
$app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'), LOGLEVEL_DEBUG);
}
+
+ //* Unmount the old log directory bfore we move the log dir
+ exec('umount '.escapeshellcmd($old_dir.'/log'));
//* Create new base directory, if it does not exist yet
if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
@@ -477,12 +501,26 @@
if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
//* Change the log mount
- $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
+ /*
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.' none bind';
$app->system->removeLine('/etc/fstab', $fstab_line);
- $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind,nobootwait';
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.' none bind,nobootwait';
$app->system->removeLine('/etc/fstab', $fstab_line);
- $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait,_netdev 0 0';
- $app->system->replaceLine('/etc/fstab', $fstab_line, $fstab_line, 1, 1);
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.' none bind,nobootwait';
+ $app->system->removeLine('/etc/fstab', $fstab_line);
+ */
+
+ $fstab_line_old = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.' none bind';
+
+ if($web_config['network_filesystem'] == 'y') {
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait,_netdev 0 0';
+ $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
+ } else {
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.' none bind,nobootwait 0 0';
+ $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
+ }
+
+ exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
}
@@ -511,14 +549,14 @@
// Remove the symlink for the site, if site is renamed
if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
- if(is_link($data['old']['document_root'].'/'.$log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$log_folder);
+ if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder);
//* remove old log mount
- $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.' none bind';
$app->system->removeLine('/etc/fstab', $fstab_line);
//* Unmount log directory
- exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
+ exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
}
//* Create the log dir if nescessary and mount it
@@ -594,7 +632,7 @@
// setting a local var here
// normally $conf['templates'] = "/usr/local/ispconfig/server/conf";
- if($this->action == 'insert' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain')) {
+ if($this->action == 'insert' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
// Copy the error pages
if($data['new']['errordocs']) {
@@ -622,9 +660,9 @@
if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
}
- if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) {
- exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
- }
+ //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) {
+ // exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
+ //}
}
else {
if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) {
@@ -634,13 +672,13 @@
exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
if(is_file($conf['rootpath'] . '/conf/index/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
- if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
+ //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
}
}
exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
//** Copy the error documents on update when the error document checkbox has been activated and was deactivated before
- } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
+ } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
$error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/';
if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) {
@@ -658,7 +696,7 @@
exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
} // end copy error docs
- // Set the quota for the user, but only for vhosts, not vhostsubdomains
+ // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias
if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
if($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
@@ -695,13 +733,13 @@
if($web_config['security_level'] == 20) {
$app->system->chmod($data['new']['document_root'], 0755);
- $app->system->chmod($data['new']['document_root'].'/web', 0711);
+ $app->system->chmod($data['new']['document_root'].'/web', 0751);
//$app->system->chmod($data['new']['document_root'].'/webdav',0710);
$app->system->chmod($data['new']['document_root'].'/private', 0710);
$app->system->chmod($data['new']['document_root'].'/ssl', 0755);
// make tmp directory writable for nginx and the website users
- $app->system->chmod($data['new']['document_root'].'/tmp', 0777);
+ $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
// Set Log directory to 755 to make the logs accessible by the FTP user
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
@@ -761,7 +799,7 @@
$app->system->chmod($data['new']['document_root'].'/cgi-bin', 0755);
// make temp directory writable for nginx and the website users
- $app->system->chmod($data['new']['document_root'].'/tmp', 0777);
+ $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
// Set Log directory to 755 to make the logs accessible by the FTP user
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
@@ -790,7 +828,9 @@
//$app->system->chown($data['new']['document_root'].'/webdav',$username);
//$app->system->chgrp($data['new']['document_root'].'/webdav',$groupname);
}
- } elseif(($this->action == 'insert' && $data['new']['type'] == 'vhostsubdomain') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhostsubdomain')) {
+ } elseif((($data['new']['type'] == 'vhostsubdomain') || ($data['new']['type'] == 'vhostalias')) &&
+ (($this->action == 'insert') || ($web_config['set_folder_permissions_on_update'] == 'y'))) {
+
if($web_config['security_level'] == 20) {
$app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0710);
$app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
@@ -986,6 +1026,18 @@
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
+ if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
+ $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
+ continue;
+ }
+ if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
+ $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
+ continue;
+ }
+ if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
+ $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
+ continue;
+ }
// if
if(preg_match('@^\s*if\s+\(\s*\$\S+(\s+(\!?(=|~|~\*))\s+(\S+|\".+\"))?\s*\)\s*\{\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
@@ -1037,7 +1089,16 @@
// Custom nginx directives
$final_nginx_directives = array();
- $nginx_directives = $data['new']['nginx_directives'];
+ if(intval($data['new']['directive_snippets_id']) > 0){
+ $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
+ if(isset($snippet['snippet'])){
+ $nginx_directives = $snippet['snippet'];
+ } else {
+ $nginx_directives = $data['new']['nginx_directives'];
+ }
+ } else {
+ $nginx_directives = $data['new']['nginx_directives'];
+ }
// Make sure we only have Unix linebreaks
$nginx_directives = str_replace("\r\n", "\n", $nginx_directives);
$nginx_directives = str_replace("\r", "\n", $nginx_directives);
@@ -1295,7 +1356,7 @@
}
// get alias domains (co-domains and subdomains)
- $aliases = $app->db->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = '.$data['new']['domain_id']." AND active = 'y' AND type != 'vhostsubdomain'");
+ $aliases = $app->db->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = '.$data['new']['domain_id']." AND active = 'y' AND (type != 'vhostsubdomain' AND type != 'vhostalias')");
$alias_seo_redirects = array();
if(is_array($aliases)) {
foreach($aliases as $alias) {
@@ -1612,11 +1673,12 @@
}
//* Create awstats configuration
- if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain')) {
+ if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
$this->awstats_update($data, $web_config);
}
$this->php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir);
+ $this->hhvm_update($data, $web_config);
if($web_config['check_apache_config'] == 'y') {
//* Test if nginx starts with the new configuration file
@@ -1730,7 +1792,7 @@
$app->uses('system');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
- if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') $app->system->web_folder_protection($data['old']['document_root'], false);
+ if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') $app->system->web_folder_protection($data['old']['document_root'], false);
//* Check if this is a chrooted setup
if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
@@ -1742,7 +1804,7 @@
//* Remove the mounts
$log_folder = 'log';
$web_folder = '';
- if($data['old']['type'] == 'vhostsubdomain') {
+ if($data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
$tmp = $app->db->queryOneRecord('SELECT `domain`,`document_root` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
if($tmp['domain'] != ''){
$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
@@ -1788,7 +1850,7 @@
unset($subdomain_hosts);
}
- if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain'){
+ if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){
if(is_array($log_folders) && !empty($log_folders)){
foreach($log_folders as $log_folder){
//if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
@@ -1812,7 +1874,7 @@
}
unset($log_folders);
- if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
+ if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['type'] != 'vhostalias' && $data['old']['parent_domain_id'] > 0) {
//* This is a alias domain or subdomain, so we have to update the website instead
$parent_domain_id = intval($data['old']['parent_domain_id']);
$tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$parent_domain_id." AND active = 'y'");
@@ -1846,7 +1908,7 @@
$app->system->unlink($vhost_file);
$app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
- if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') {
+ if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
$docroot = escapeshellcmd($data['old']['document_root']);
if($docroot != '' && !stristr($docroot, '..')) {
if($data['old']['type'] == 'vhost') {
@@ -1869,7 +1931,7 @@
} else {
// read all vhost subdomains with same parent domain
$used_paths = array();
- $tmp = $app->db->queryAllRecords("SELECT `web_folder` FROM web_domain WHERE type = 'vhostsubdomain' AND parent_domain_id = ".intval($data['old']['parent_domain_id'])." AND domain_id != ".intval($data['old']['domain_id']));
+ $tmp = $app->db->queryAllRecords("SELECT `web_folder` FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ".intval($data['old']['parent_domain_id'])." AND domain_id != ".intval($data['old']['domain_id']));
foreach($tmp as $tmprec) {
// we normalize the folder entries because we need to compare them
$tmp_folder = preg_replace('/[\/]{2,}/', '/', $tmprec['web_folder']); // replace / occuring multiple times
@@ -1927,6 +1989,8 @@
// remove PHP-FPM pool
if ($data['old']['php'] == 'php-fpm') {
$this->php_fpm_pool_delete($data, $web_config);
+ } elseif($data['old']['php'] == 'hhvm') {
+ $this->hhvm_update($data, $web_config);
}
//remove the php cgi starter script if available
@@ -1991,6 +2055,28 @@
$this->awstats_delete($data, $web_config);
}
+ //* Delete the web-backups
+ if($data['old']['type'] == 'vhost') {
+ $server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
+ $backup_dir = $server_config['backup_dir'];
+ $mount_backup = true;
+ if($server_config['backup_dir'] != '' && $server_config['backup_delete'] == 'y') {
+ //* mount backup directory, if necessary
+ if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $mount_backup = false;
+ if($mount_backup){
+ $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id'];
+ //** do not use rm -rf $web_backup_dir because database(s) may exits
+ exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*');
+ //* cleanup database
+ $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?";
+ $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%");
+ if($app->db->dbHost != $app->dbmaster->dbHost) $app->dbmaster->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%");
+
+ $app->log('Deleted the web backup files', LOGLEVEL_DEBUG);
+ }
+ }
+ }
+
$app->services->restartServiceDelayed('httpd', 'reload');
}
@@ -2025,7 +2111,7 @@
}
$web_folder = 'web';
- if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
+ if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
//* Get the folder path.
if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
@@ -2041,9 +2127,7 @@
//* Create the folder path, if it does not exist
if(!is_dir($folder_path)) {
- $app->system->mkdirpath($folder_path);
- $app->system->chown($folder_path, $website['system_user']);
- $app->system->chgrp($folder_path, $website['system_group']);
+ $app->system->mkdirpath($folder_path, 0755, $website['system_user'], $website['system_group']);
}
//* Create empty .htpasswd file, if it does not exist
@@ -2104,7 +2188,7 @@
}
$web_folder = 'web';
- if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
+ if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
//* Get the folder path.
if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
@@ -2141,7 +2225,7 @@
}
$web_folder = 'web';
- if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
+ if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
//* Get the folder path.
if(substr($data['old']['path'], 0, 1) == '/') $data['old']['path'] = substr($data['old']['path'], 1);
@@ -2212,7 +2296,7 @@
$website_auth_location['path'] .= '/';
}
$basic_auth_locations[] = array('htpasswd_location' => '/'.$website_auth_location['path'],
- 'htpasswd_path' => $website['document_root'].'/' . ($website['type'] == 'vhostsubdomain' ? $website['web_folder'] : 'web') . '/'.$website_auth_location['path']);
+ 'htpasswd_path' => $website['document_root'].'/' . (($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') ? $website['web_folder'] : 'web') . '/'.$website_auth_location['path']);
}
}
return $basic_auth_locations;
@@ -2238,13 +2322,22 @@
}
$content = '';
- $content .= "Include \"".$awstats_conf_dir."/awstats.conf\"\n";
+ if (is_file($awstats_conf_dir."/awstats.conf")) {
+ $include_file = $awstats_conf_dir."/awstats.conf";
+ } elseif (is_file($awstats_conf_dir."/awstats.model.conf")) {
+ $include_file = $awstats_conf_dir."/awstats.model.conf";
+ }
+ $content .= "Include \"".$include_file."\"\n";
$content .= "LogFile=\"/var/log/ispconfig/httpd/".$data['new']['domain']."/access.log\"\n";
$content .= "SiteDomain=\"".$data['new']['domain']."\"\n";
$content .= "HostAliases=\"www.".$data['new']['domain']." localhost 127.0.0.1\"\n";
- $app->system->file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', $content);
- $app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', LOGLEVEL_DEBUG);
+ if (isset($include_file)) {
+ $app->system->file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', $content);
+ $app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', LOGLEVEL_DEBUG);
+ } else {
+ $app->log("No awstats base config found. Either awstats.conf or awstats.model.conf must exist in ".$awstats_conf_dir.".", LOGLEVEL_WARN);
+ }
}
if(is_file($data['new']['document_root']."/" . $web_folder . "/stats/index.html")) $app->system->unlink($data['new']['document_root']."/" . $web_folder . "/stats/index.html");
@@ -2264,6 +2357,28 @@
if ( @is_file($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf') ) {
$app->system->unlink($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf');
$app->log('Removed AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf', LOGLEVEL_DEBUG);
+ }
+ }
+
+ private function hhvm_update($data, $web_config) {
+ global $app, $conf;
+
+ if(file_exists($conf['rootpath'] . '/conf-custom/hhvm_starter.master')) {
+ $content = file_get_contents($conf['rootpath'] . '/conf-custom/hhvm_starter.master');
+ } else {
+ $content = file_get_contents($conf['rootpath'] . '/conf/hhvm_starter.master');
+ }
+
+ if($data['new']['php'] == 'hhvm' && $data['old']['php'] != 'hhvm') {
+ $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content);
+ file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content);
+ exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1');
+ exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1');
+ exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' start >/dev/null 2>&1');
+ } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') {
+ exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1');
+ exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1');
+ unlink('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' >/dev/null 2>&1');
}
}
@@ -2332,6 +2447,7 @@
$fpm_socket = $socket_dir.$pool_name.'.sock';
$tpl->setVar('fpm_socket', $fpm_socket);
+ $tpl->setVar('fpm_listen_mode', '0660');
$tpl->setVar('fpm_pool', $pool_name);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
@@ -2370,8 +2486,8 @@
if(substr($ini_setting, 0, 1) == '#') continue;
if(substr($ini_setting, 0, 2) == '//') continue;
list($key, $value) = explode('=', $ini_setting, 2);
- if($value){
- $value = trim($value);
+ $value = trim($value);
+ if($value != ''){
$key = trim($key);
switch (strtolower($value)) {
case '0':
@@ -2716,7 +2832,7 @@
// web domain doesn't match hostname
if(substr($hostname, -strlen($web['domain'])) != $web['domain']) continue;
// own vhost and therefore server {} container of its own
- //if($web['type'] == 'vhostsubdomain') continue;
+ //if($web['type'] == 'vhostsubdomain' || $web['type'] == 'vhostalias') continue;
// alias domains/subdomains using rewrites and therefore a server {} container of their own
//if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') continue;
@@ -2727,7 +2843,7 @@
if($web['domain'] == $hostname){
if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
// own vhost and therefore server {} container of its own
- if($web['type'] == 'vhostsubdomain') return false;
+ if($web['type'] == 'vhostsubdomain' || $web['type'] == 'vhostalias') return false;
// alias domains/subdomains using rewrites and therefore a server {} container of their own
if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
return true;
@@ -2741,7 +2857,7 @@
if($web['domain'] == $hostname || $web['subdomain'].'.'.$web['domain'] == $hostname){
if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
// own vhost and therefore server {} container of its own
- if($web['type'] == 'vhostsubdomain') return false;
+ if($web['type'] == 'vhostsubdomain' || $web['type'] == 'vhostalias') return false;
// alias domains/subdomains using rewrites and therefore a server {} container of their own
if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
return true;
@@ -2754,7 +2870,7 @@
if(preg_match($pattern, $hostname)){
if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
// own vhost and therefore server {} container of its own
- if($web['type'] == 'vhostsubdomain') return false;
+ if($web['type'] == 'vhostsubdomain' || $web['type'] == 'vhostalias') return false;
// alias domains/subdomains using rewrites and therefore a server {} container of their own
if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
return true;
--
Gitblit v1.9.1