maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge pull request #355 from Froxlor/dns-editor

Browse Source 
Add full dns editor + powerdns to froxlor; fixes #53, fixes #731, fixes #1196,
This commit is contained in:
Michael Kaufmann
2016-05-30 09:09:15 +02:00
parent 1b0649d0cf 151d8f8c5c
commit 08d505b308
35 changed files with 3417 additions and 873 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
actions/admin/settings/160.nameserver.php
View File

@@ -31,6 +31,24 @@ return array(
'save_method' => 'storeSettingField',
'overview_option' => true
),
'system_dnsenabled' => array(
'label' => $lng['serversettings']['dnseditorenable'],
'settinggroup' => 'system',
'varname' => 'dnsenabled',
'type' => 'bool',
'default' => false,
'save_method' => 'storeSettingField'
),
'system_dns_server' => array(
'label' => $lng['serversettings']['dns_server'],
'settinggroup' => 'system',
'varname' => 'dns_server',
'type' => 'option',
'default' => 'bind',
'option_mode' => 'one',
'option_options' => array('bind' => 'Bind9', 'pdns' => 'PowerDNS'),
'save_method' => 'storeSettingField'
),
'system_bindconf_directory' => array(
'label' => $lng['serversettings']['bindconf_directory'],
'settinggroup' => 'system',

2
actions/admin/settings/185.spf.php
View File

@@ -34,7 +34,7 @@ return array(
'settinggroup' => 'spf',
'varname' => 'spf_entry',
'type' => 'string',
'default' => '@ IN TXT "v=spf1 a mx -all"',
'default' => '"v=spf1 a mx -all"',
'save_method' => 'storeSettingField'
)
)

26
admin_customers.php
View File

@@ -278,12 +278,14 @@ if ($page == 'customers'
Database::pexecute($stmt, array('id' => $id));
$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :id");
Database::pexecute($stmt, array('id' => $id));
// first gather all domain-id's to clean up panel_domaintoip accordingly
// first gather all domain-id's to clean up panel_domaintoip and dns-entries accordingly
$did_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_DOMAINS."` WHERE `customerid` = :id");
Database::pexecute($did_stmt, array('id' => $id));
while ($row = $did_stmt->fetch(PDO::FETCH_ASSOC)) {
$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :did");
Database::pexecute($stmt, array('did' => $row['id']));
$stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAIN_DNS . "` WHERE `domain_id` = :did");
Database::pexecute($stmt, array('did' => $row['id']));
}
$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :id");
Database::pexecute($stmt, array('id' => $id));
@@ -526,6 +528,11 @@ if ($page == 'customers'
$perlenabled = intval($_POST['perlenabled']);
}
$dnsenabled = 0;
if (isset($_POST['dnsenabled'])) {
$dnsenabled = intval($_POST['dnsenabled']);
}
$store_defaultindex = 0;
if (isset($_POST['store_defaultindex'])) {
$store_defaultindex = intval($_POST['store_defaultindex']);
@@ -638,6 +645,10 @@ if ($page == 'customers'
$perlenabled = '1';
}
if ($dnsenabled != '0') {
$dnsenabled = '1';
}
if ($password == '') {
$password = generatePassword();
}
@@ -676,6 +687,7 @@ if ($page == 'customers'
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
'dnsenabled' => $dnsenabled,
'theme' => $_theme,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show
@@ -715,6 +727,7 @@ if ($page == 'customers'
`imap` = :imap,
`pop3` = :pop3,
`perlenabled` = :perlenabled,
`dnsenabled` = :dnsenabled,
`theme` = :theme,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show"
@@ -1186,6 +1199,11 @@ if ($page == 'customers'
$perlenabled = intval($_POST['perlenabled']);
}
$dnsenabled = 0;
if (isset($_POST['dnsenabled'])) {
$dnsenabled = intval($_POST['dnsenabled']);
}
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
@@ -1317,6 +1335,10 @@ if ($page == 'customers'
$perlenabled = '1';
}
if ($dnsenabled != '0') {
$dnsenabled = '1';
}
if ($phpenabled != $result['phpenabled']
|| $perlenabled != $result['perlenabled']
) {
@@ -1427,6 +1449,7 @@ if ($page == 'customers'
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
'dnsenabled' => $dnsenabled,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show
);
@@ -1460,6 +1483,7 @@ if ($page == 'customers'
`imap` = :imap,
`pop3` = :pop3,
`perlenabled` = :perlenabled,
`dnsenabled` = :dnsenabled,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show
WHERE `customerid` = :customerid"

12
admin_domains.php
View File

@@ -245,6 +245,15 @@ if ($page == 'domains' || $page == 'overview') {
'domainid' => $id
));
// remove possible existing DNS entries
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_DOMAIN_DNS . "`
WHERE `domain_id` = :domainid
");
Database::pexecute($del_stmt, array(
'domainid' => $id
));
triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $log);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")");
@@ -2074,6 +2083,9 @@ if ($page == 'domains' || $page == 'overview') {
eval("echo \"" . getTemplate("domains/domains_import") . "\";");
}
}
} elseif ($page == 'domaindnseditor' && Settings::Get('system.dnsenabled') == '1') {
require_once __DIR__.'/dns_editor.php';
}
function formatDomainEntry(&$row, &$idna_convert)

12
customer_domains.php
View File

@@ -232,6 +232,13 @@ if ($page == 'overview') {
);
Database::pexecute($del_stmt, array('domainid' => $id));
// remove possible existing DNS entries
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_DOMAIN_DNS . "`
WHERE `domain_id` = :domainid
");
Database::pexecute($del_stmt, array('domainid' => $id));
inserttask('1');
// Using nameserver, insert a task which rebuilds the server config
@@ -508,7 +515,7 @@ if ($page == 'overview') {
}
} elseif ($action == 'edit' && $id != 0) {
$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`isbinddomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `d`.`letsencrypt`, `pd`.`subcanemaildomain`
FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd`
WHERE `d`.`customerid` = :customerid
@@ -913,4 +920,7 @@ if ($page == 'overview') {
eval("echo \"" . getTemplate("domains/domain_ssleditor") . "\";");
}
} elseif ($page == 'domaindnseditor' && $userinfo['dnsenabled'] == '1' && Settings::Get('system.dnsenabled') == '1') {
require_once __DIR__.'/dns_editor.php';
}

306
dns_editor.php Normal file
View File

@@ -0,0 +1,306 @@
<?php
if (! defined('AREA'))
die('You cannot access this file directly!');
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Panel
*
*/
// This file is being included in admin_domains and customer_domains
// and therefore does not need to require lib/init.php
$domain_id = isset($_GET['domain_id']) ? (int) $_GET['domain_id'] : null;
$record = isset($_POST['record']['record']) ? trim($_POST['record']['record']) : null;
$type = isset($_POST['record']['type']) ? $_POST['record']['type'] : 'A';
$prio = isset($_POST['record']['prio']) ? (int) $_POST['record']['prio'] : null;
$content = isset($_POST['record']['content']) ? trim($_POST['record']['content']) : null;
$ttl = isset($_POST['record']['ttl']) ? (int) $_POST['record']['ttl'] : 18000;
// get domain-name
$domain = getAllowedDomainEntry($domain_id, AREA, $userinfo, $idna_convert);
// select all entries
$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE domain_id = :did");
Database::pexecute($sel_stmt, array(
'did' => $domain_id
));
$dom_entries = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
$errors = array();
$success_message = "";
// action for adding a new entry
if ($action == 'add_record' && ! empty($_POST)) {
// validation
if (empty($record)) {
$record = "@";
}
$record = strtolower($record);
if ($record != '@' && $record != '*') {
// validate record
if (strpos($record, '--') !== false) {
$errors[] = $lng['error']['domain_nopunycode'];
} else {
$record = $idna_convert->encode($record);
if ($type != 'SRV' && $type != 'TXT') {
$check_dom = $record . '.example.com';
if (! validateDomain($check_dom)) {
$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
}
}
if (strlen($record) > 63) {
$errors[] = $lng['error']['dns_record_toolong'];
}
}
}
// TODO regex validate content for invalid characters
if ($ttl <= 0) {
$ttl = 18000;
}
if (empty($content)) {
$errors[] = $lng['error']['dns_content_empty'];
}
// types
if ($type == 'A' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false) {
$errors[] = $lng['error']['dns_arec_noipv4'];
} elseif ($type == 'AAAA' && filter_var($content, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
$errors[] = $lng['error']['dns_aaaarec_noipv6'];
} elseif ($type == 'MX') {
if ($prio === null || $prio < 0) {
$errors[] = $lng['error']['dns_mx_prioempty'];
}
// check for trailing dot
if (substr($content, - 1) == '.') {
// remove it for checks
$content = substr($content, 0, - 1);
}
if (! validateDomain($content)) {
$errors[] = $lng['error']['dns_mx_needdom'];
} else {
// check whether there is a CNAME-record for the same resource
foreach ($dom_entries as $existing_entries) {
$fqdn = $existing_entries['record'] . '.' . $domain;
if ($existing_entries['type'] == 'CNAME' && $fqdn == $content) {
$errors[] = $lng['error']['dns_mx_noalias'];
break;
}
}
}
// append trailing dot (again)
$content .= '.';
} elseif ($type == 'CNAME') {
// check for trailing dot
if (substr($content, - 1) == '.') {
// remove it for checks
$content = substr($content, 0, - 1);
}
if (! validateDomain($content)) {
$errors[] = $lng['error']['dns_cname_invaliddom'];
} else {
// check whether there are RR-records for the same resource
foreach ($dom_entries as $existing_entries) {
if (($existing_entries['type'] == 'A' || $existing_entries['type'] == 'AAAA' || $existing_entries['type'] == 'MX' || $existing_entries['type'] == 'NS') && $existing_entries['record'] == $record) {
$errors[] = $lng['error']['dns_cname_nomorerr'];
break;
}
}
}
// append trailing dot (again)
$content .= '.';
} elseif ($type == 'NS') {
// check for trailing dot
if (substr($content, - 1) == '.') {
// remove it for checks
$content = substr($content, 0, - 1);
}
if (! validateDomain($content)) {
$errors[] = $lng['error']['dns_ns_invaliddom'];
}
// append trailing dot (again)
$content .= '.';
} elseif ($type == 'TXT' && ! empty($content)) {
// check that TXT content is enclosed in " "
$content = encloseTXTContent($content);
} elseif ($type == 'SRV') {
if ($prio === null || $prio < 0) {
$errors[] = $lng['error']['dns_srv_prioempty'];
}
// check only last part of content, as it can look like:
// _service._proto.name. TTL class SRV priority weight port target.
$_split_content = explode(" ", $content);
// SRV content must be [weight] [port] [target]
if (count($_split_content) != 3) {
$errors[] = $lng['error']['dns_srv_invalidcontent'];
}
$target = trim($_split_content[count($_split_content) - 1]);
if ($target != '.') {
// check for trailing dot
if (substr($target, - 1) == '.') {
// remove it for checks
$target = substr($target, 0, - 1);
}
}
if ($target != '.' && ! validateDomain($target)) {
$errors[] = $lng['error']['dns_srv_needdom'];
} else {
// check whether there is a CNAME-record for the same resource
foreach ($dom_entries as $existing_entries) {
$fqdn = $existing_entries['record'] . '.' . $domain;
if ($existing_entries['type'] == 'CNAME' && $fqdn == $target) {
$errors[] = $lng['error']['dns_srv_noalias'];
break;
}
}
}
// append trailing dot (again)
if ($target != '.') {
$content .= '.';
}
}
$new_entry = array(
'record' => $record,
'type' => $type,
'prio' => $prio,
'content' => $content,
'ttl' => $ttl,
'domain_id' => $domain_id
);
ksort($new_entry);
// check for duplicate
foreach ($dom_entries as $existing_entry) {
// compare serialized string of array
$check_entry = $existing_entry;
// new entry has no ID yet
unset($check_entry['id']);
// sort by key
ksort($check_entry);
// format integer fields to real integer (as they are read as string from the DB)
$check_entry['prio'] = (int) $check_entry['prio'];
$check_entry['ttl'] = (int) $check_entry['ttl'];
$check_entry['domain_id'] = (int) $check_entry['domain_id'];
// serialize both
$check_entry = serialize($check_entry);
$new = serialize($new_entry);
// compare
if ($check_entry === $new) {
$errors[] = $lng['error']['dns_duplicate_entry'];
unset($check_entry);
break;
}
}
if (empty($errors)) {
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_DOMAIN_DNS . "` SET
`record` = :record,
`type` = :type,
`prio` = :prio,
`content` = :content,
`ttl` = :ttl,
`domain_id` = :domain_id
");
Database::pexecute($ins_stmt, $new_entry);
$new_entry_id = Database::lastInsertId();
// add temporary to the entries-array (no reread of DB necessary)
$new_entry['id'] = $new_entry_id;
$dom_entries[] = $new_entry;
// success message (inline)
$success_message = $lng['success']['dns_record_added'];
$record = "";
$type = 'A';
$prio = "";
$content = "";
$ttl = "";
// re-generate bind configs
inserttask('4');
} else {
// show $errors
$errors = implode("<br>", $errors);
}
} elseif ($action == 'delete') {
// remove entry
$entry_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if ($entry_id > 0) {
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_DOMAIN_DNS . "` WHERE `id` = :id");
Database::pexecute($del_stmt, array(
'id' => $entry_id
));
// remove deleted entry from internal data array (no reread of DB necessary)
$_t = $dom_entries;
foreach ($_t as $idx => $entry) {
if ($entry['id'] == $entry_id) {
unset($dom_entries[$idx]);
break;
}
}
unset($_t);
// success message (inline)
$success_message = $lng['success']['dns_record_deleted'];
// re-generate bind configs
inserttask('4');
}
}
// show editor
$record_list = "";
$existing_entries = "";
$type_select = "";
$entriescount = 0;
if (! empty($dom_entries)) {
$entriescount = count($dom_entries);
foreach ($dom_entries as $entry) {
$entry['content'] = wordwrap($entry['content'], 100, '<br>', true);
eval("\$existing_entries.=\"" . getTemplate("dns_editor/entry_bit", true) . "\";");
}
}
// available types
$type_select_values = array(
'A',
'AAAA',
'NS',
'MX',
'SRV',
'TXT',
'CNAME'
);
asort($type_select_values);
foreach ($type_select_values as $_type) {
$type_select .= makeoption($_type, $_type, $type);
}
eval("\$record_list=\"" . getTemplate("dns_editor/list", true) . "\";");
$zone = createDomainZone($domain_id);
$zonefile = (string) $zone;
eval("echo \"" . getTemplate("dns_editor/index", true) . "\";");

20
install/froxlor.sql
View File

@@ -191,6 +191,7 @@ CREATE TABLE `panel_customers` (
`pop3` tinyint(1) NOT NULL default '1',
`imap` tinyint(1) NOT NULL default '1',
`perlenabled` tinyint(1) NOT NULL default '0',
`dnsenabled` tinyint(1) NOT NULL default '0'
`theme` varchar(255) NOT NULL default 'Sparkle',
`custom_notes` text,
`custom_notes_show` tinyint(1) NOT NULL default '0',
@@ -376,7 +377,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('admin', 'show_version_login', '0'),
('admin', 'show_version_footer', '0'),
('spf', 'use_spf', '0'),
('spf', 'spf_entry', '@ IN TXT "v=spf1 a mx -all"'),
('spf', 'spf_entry', '"v=spf1 a mx -all"'),
('dkim', 'dkim_algorithm', 'all'),
('dkim', 'dkim_add_adsp', '1'),
('dkim', 'dkim_keylength', '1024'),
@@ -526,6 +527,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'letsencryptreuseold', 0),
('system', 'leenabled', '0'),
('system', 'backupenabled', '0'),
('system', 'dnsenabled', '0'),
('system', 'dns_server', 'bind'),
('panel', 'decimal_places', '4'),
('panel', 'adminmail', 'admin@SERVERNAME'),
('panel', 'phpmyadmin_url', ''),
@@ -557,7 +560,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('panel', 'password_special_char_required', '0'),
('panel', 'password_special_char', '!?<>§$%+#=@'),
('panel', 'version', '0.9.36'),
('panel', 'db_version', '201604270');
('panel', 'db_version', '201605180');
DROP TABLE IF EXISTS `panel_tasks`;
@@ -855,3 +858,16 @@ CREATE TABLE IF NOT EXISTS `panel_domaintoip` (
PRIMARY KEY (`id_domain`,`id_ipandports`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
DROP TABLE IF EXISTS `domain_dns_entries`;
CREATE TABLE `domain_dns_entries` (
`id` int(20) NOT NULL auto_increment,
`domain_id` int(15) NOT NULL,
`record` varchar(255) NOT NULL,
`type` varchar(10) NOT NULL DEFAULT 'A',
`content` text NOT NULL,
`ttl` int(11) NOT NULL DEFAULT '18000',
`prio` int(11) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

54
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -3320,3 +3320,57 @@ if (isFroxlorVersion('0.9.35.1')) {
updateToVersion('0.9.36');
}
if (isDatabaseVersion('201604270')) {
showUpdateStep("Adding new dns related tables and settings");
$enable_dns = isset($_POST['enable_dns']) ? (int) $_POST['enable_dns'] : "0";
Settings::AddNew("system.dnsenabled", $enable_dns);
Database::query("DROP TABLE IF EXISTS `domain_dns_entries`;");
$sql = "CREATE TABLE `domain_dns_entries` (
`id` int(20) NOT NULL auto_increment,
`domain_id` int(15) NOT NULL,
`record` varchar(255) NOT NULL,
`type` varchar(10) NOT NULL DEFAULT 'A',
`content` text NOT NULL,
`ttl` int(11) NOT NULL DEFAULT '18000',
`prio` int(11) DEFAULT NULL,
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;";
Database::query($sql);
lastStepStatus(0);
updateToDbVersion('201605090');
}
if (isDatabaseVersion('201605090')) {
showUpdateStep("Adjusting SPF record setting");
$current_spf = Settings::Get('spf.spf_entry');
// @ IN TXT "v=spf1 a mx -all"
$new_spf = substr($current_spf, strpos($current_spf, '"'));
Settings::Set('spf.spf_entry', $new_spf, true);
lastStepStatus(0);
updateToDbVersion('201605120');
}
if (isDatabaseVersion('201605120')) {
showUpdateStep("Adding new dns-server setting");
$new_dns_daemon = isset($_POST['new_dns_daemon']) ? $_POST['new_dns_daemon'] : "bind";
Settings::AddNew("system.dns_server", $new_dns_daemon);
lastStepStatus(0);
updateToDbVersion('201605170');
}
if (isDatabaseVersion('201605170')) {
showUpdateStep("Adding new dns-editor setting for customers");
Database::query("ALTER TABLE `panel_customers` ADD `dnsenabled` tinyint(1) NOT NULL default '0' AFTER `perlenabled`;");
lastStepStatus(0);
updateToDbVersion('201605180');
}

519
install/updates/preconfig/0.9/preconfig_0.9.inc.php
View File

@@ -18,47 +18,45 @@
/**
* checks if the new-version has some updating to do
*
* @param boolean $has_preconfig pointer to check if any preconfig has to be output
* @param string $return pointer to output string
* @param string $current_version current froxlor version
* @param boolean $has_preconfig
* pointer to check if any preconfig has to be output
* @param string $return
* pointer to output string
* @param string $current_version
* current froxlor version
*
* @return null
*/
function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $current_db_version) {
function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $current_db_version)
{
global $lng;
if(versionInUpdate($current_version, '0.9.4-svn2'))
{
if (versionInUpdate($current_version, '0.9.4-svn2')) {
$has_preconfig = true;
$description = 'Froxlor now enables the usage of a domain-wildcard entry and subdomains for this domain at the same time (subdomains are parsed before the main-domain vhost container).';
$description.= 'This makes it possible to catch all non-existing subdomains with the main vhost but also have the ability to use subdomains for that domain.<br />';
$description.= 'If you would like Froxlor to do so with your domains, the update script can set the correct values for existing domains for you. Note: future domains will have wildcard-entries enabled by default no matter how you decide here.';
$description .= 'This makes it possible to catch all non-existing subdomains with the main vhost but also have the ability to use subdomains for that domain.<br />';
$description .= 'If you would like Froxlor to do so with your domains, the update script can set the correct values for existing domains for you. Note: future domains will have wildcard-entries enabled by default no matter how you decide here.';
$question = '<strong>Do you want to use wildcard-entries for existing domains?:</strong>&nbsp;';
$question.= makeyesno('update_domainwildcardentry', '1', '0', '1');
$question .= makeyesno('update_domainwildcardentry', '1', '0', '1');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.6-svn2'))
{
if(!PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')))
{
if (versionInUpdate($current_version, '0.9.6-svn2')) {
if (! PHPMailer::ValidateAddress(Settings::Get('panel.adminmail'))) {
$has_preconfig = true;
$description = 'Froxlor uses a newer version of the phpMailerClass and determined that your current admin-mail address is invalid.';
$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="'.Settings::Get('panel.adminmail').'" />';
$question = '<strong>Please specify a new admin-email address:</strong>&nbsp;<input type="text" class="text" name="update_adminmail" value="' . Settings::Get('panel.adminmail') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.6-svn3'))
{
if (versionInUpdate($current_version, '0.9.6-svn3')) {
$has_preconfig = true;
$description = 'You now have the possibility to define default error-documents for your webserver which replace the default webserver error-messages.';
$question = '<strong>Do you want to enable default error-documents?:</strong>&nbsp;';
$question .= makeyesno('update_deferr_enable', '1', '0', '0').'<br /><br />';
if(Settings::Get('system.webserver') == 'apache2')
{
$question .= makeyesno('update_deferr_enable', '1', '0', '0') . '<br /><br />';
if (Settings::Get('system.webserver') == 'apache2') {
$question .= 'Path/URL for error 500:&nbsp;<input type="text" class="text" name="update_deferr_500" /><br /><br />';
$question .= 'Path/URL for error 401:&nbsp;<input type="text" class="text" name="update_deferr_401" /><br /><br />';
$question .= 'Path/URL for error 403:&nbsp;<input type="text" class="text" name="update_deferr_403" /><br /><br />';
@@ -67,37 +65,33 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.6-svn4'))
{
if (versionInUpdate($current_version, '0.9.6-svn4')) {
$has_preconfig = true;
$description = 'You can define a default support-ticket priority level which is pre-selected for new support-tickets.';
$question = '<strong>Which should be the default ticket-priority?:</strong>&nbsp;';
$question .= '<select name="update_deftic_priority">';
$priorities = makeoption($lng['ticket']['high'], '1', '2');
$priorities.= makeoption($lng['ticket']['normal'], '2', '2');
$priorities.= makeoption($lng['ticket']['low'], '3', '2');
$question .= $priorities.'</select>';
$priorities .= makeoption($lng['ticket']['normal'], '2', '2');
$priorities .= makeoption($lng['ticket']['low'], '3', '2');
$question .= $priorities . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.6-svn5'))
{
if (versionInUpdate($current_version, '0.9.6-svn5')) {
$has_preconfig = true;
$description = 'If you have more than one PHP configurations defined in Froxlor you can now set a default one which will be used for every domain.';
$question = '<strong>Select default PHP configuration:</strong>&nbsp;';
$question .= '<select name="update_defsys_phpconfig">';
$configs_array = getPhpConfigs();
$configs = '';
foreach($configs_array as $idx => $desc)
{
foreach ($configs_array as $idx => $desc) {
$configs .= makeoption($desc, $idx, '1');
}
$question .= $configs.'</select>';
$question .= $configs . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.6-svn6'))
{
if (versionInUpdate($current_version, '0.9.6-svn6')) {
$has_preconfig = true;
$description = 'For the new FTP-quota feature, you can now chose the currently used ftpd-software.';
$question = '<strong>Used FTPd-software:</strong>&nbsp;';
@@ -108,72 +102,63 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.7-svn1'))
{
if (versionInUpdate($current_version, '0.9.7-svn1')) {
$has_preconfig = true;
$description = 'You can now choose whether customers can select the http-redirect code and which of them acts as default.';
$question = '<strong>Allow customer chosen redirects?:</strong>&nbsp;';
$question.= makeyesno('update_customredirect_enable', '1', '0', '1').'<br /><br />';
$question.= '<strong>Select default redirect code (default: empty):</strong>&nbsp;';
$question.= '<select name="update_customredirect_default">';
$redirects = makeoption('--- ('.$lng['redirect_desc']['rc_default'].')', 1, '1');
$redirects.= makeoption('301 ('.$lng['redirect_desc']['rc_movedperm'].')', 2, '1');
$redirects.= makeoption('302 ('.$lng['redirect_desc']['rc_found'].')', 3, '1');
$redirects.= makeoption('303 ('.$lng['redirect_desc']['rc_seeother'].')', 4, '1');
$redirects.= makeoption('307 ('.$lng['redirect_desc']['rc_tempred'].')', 5, '1');
$question .= $redirects.'</select>';
$question .= makeyesno('update_customredirect_enable', '1', '0', '1') . '<br /><br />';
$question .= '<strong>Select default redirect code (default: empty):</strong>&nbsp;';
$question .= '<select name="update_customredirect_default">';
$redirects = makeoption('--- (' . $lng['redirect_desc']['rc_default'] . ')', 1, '1');
$redirects .= makeoption('301 (' . $lng['redirect_desc']['rc_movedperm'] . ')', 2, '1');
$redirects .= makeoption('302 (' . $lng['redirect_desc']['rc_found'] . ')', 3, '1');
$redirects .= makeoption('303 (' . $lng['redirect_desc']['rc_seeother'] . ')', 4, '1');
$redirects .= makeoption('307 (' . $lng['redirect_desc']['rc_tempred'] . ')', 5, '1');
$question .= $redirects . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.7-svn2'))
{
if (versionInUpdate($current_version, '0.9.7-svn2')) {
$result = Database::query("SELECT `domain` FROM " . TABLE_PANEL_DOMAINS . " WHERE `documentroot` LIKE '%:%' AND `documentroot` NOT LIKE 'http://%' AND `openbasedir_path` = '0' AND `openbasedir` = '1'");
$wrongOpenBasedirDomain = array();
while($row = $result->fetch(PDO::FETCH_ASSOC)) {
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$wrongOpenBasedirDomain[] = $row['domain'];
}
if(count($wrongOpenBasedirDomain) > 0)
{
if (count($wrongOpenBasedirDomain) > 0) {
$has_preconfig = true;
$description = 'Resetting the open_basedir to customer - root';
$question = '<strong>Due to a security - issue regarding open_basedir, Froxlor will set the open_basedir for the following domains to the customers root instead of the chosen documentroot:</strong><br />&nbsp;';
$question.= '<ul>';
$question .= '<ul>';
$idna_convert = new idna_convert_wrapper();
foreach($wrongOpenBasedirDomain as $domain)
{
$question.= '<li>' . $idna_convert->decode($domain) . '</li>';
foreach ($wrongOpenBasedirDomain as $domain) {
$question .= '<li>' . $idna_convert->decode($domain) . '</li>';
}
$question.= '</ul>';
$question .= '</ul>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.9-svn1'))
{
if (versionInUpdate($current_version, '0.9.9-svn1')) {
$has_preconfig = true;
$description = 'When entering MX servers to Froxlor there was no mail-, imap-, pop3- and smtp-"A record" created. You can now chose whether this should be done or not.';
$question = '<strong>Do you want these A-records to be created even with MX servers given?:</strong>&nbsp;';
$question.= makeyesno('update_defdns_mailentry', '1', '0', '0');
$question .= makeyesno('update_defdns_mailentry', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.10-svn1'))
{
if (versionInUpdate($current_version, '0.9.10-svn1')) {
$has_nouser = false;
$has_nogroup = false;
$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(!isset($result) || !isset($result['value']))
{
if (! isset($result) || ! isset($result['value'])) {
$has_preconfig = true;
$has_nouser = true;
$guessed_user = 'www-data';
if(function_exists('posix_getuid')
&& function_exists('posix_getpwuid')
) {
if (function_exists('posix_getuid') && function_exists('posix_getpwuid')) {
$_httpuser = posix_getpwuid(posix_getuid());
$guessed_user = $_httpuser['name'];
}
@@ -182,31 +167,24 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(!isset($result) || !isset($result['value']))
{
if (! isset($result) || ! isset($result['value'])) {
$has_preconfig = true;
$has_nogroup = true;
$guessed_group = 'www-data';
if(function_exists('posix_getgid')
&& function_exists('posix_getgrgid')
) {
if (function_exists('posix_getgid') && function_exists('posix_getgrgid')) {
$_httpgroup = posix_getgrgid(posix_getgid());
$guessed_group = $_httpgroup['name'];
}
}
if($has_nouser || $has_nogroup)
{
if ($has_nouser || $has_nogroup) {
$description = 'Please enter the correct username/groupname of the webserver on your system We\'re guessing the user but it might not be correct, so please check.';
if($has_nouser)
{
$question = '<strong>Please enter the webservers username:</strong>&nbsp;<input type="text" class="text" name="update_httpuser" value="'.$guessed_user.'" />';
}
elseif($has_nogroup)
{
$question2 = '<strong>Please enter the webservers groupname:</strong>&nbsp;<input type="text" class="text" name="update_httpgroup" value="'.$guessed_group.'" />';
if($has_nouser) {
$question .= '<br /><br />'.$question2;
if ($has_nouser) {
$question = '<strong>Please enter the webservers username:</strong>&nbsp;<input type="text" class="text" name="update_httpuser" value="' . $guessed_user . '" />';
} elseif ($has_nogroup) {
$question2 = '<strong>Please enter the webservers groupname:</strong>&nbsp;<input type="text" class="text" name="update_httpgroup" value="' . $guessed_group . '" />';
if ($has_nouser) {
$question .= '<br /><br />' . $question2;
} else {
$question = $question2;
}
@@ -215,227 +193,202 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
}
}
if(versionInUpdate($current_version, '0.9.10'))
{
if (versionInUpdate($current_version, '0.9.10')) {
$has_preconfig = true;
$description = 'you can now decide whether Froxlor should be reached via hostname/froxlor or directly via the hostname.';
$question = '<strong>Do you want Froxlor to be reached directly via the hostname?:</strong>&nbsp;';
$question.= makeyesno('update_directlyviahostname', '1', '0', '0');
$question .= makeyesno('update_directlyviahostname', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.11-svn1'))
{
if (versionInUpdate($current_version, '0.9.11-svn1')) {
$has_preconfig = true;
$description = 'It is possible to enhance security with setting a regular expression to force your customers to enter more complex passwords.';
$question = '<strong>Enter a regular expression to force a higher password complexity (leave empty for none):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_pwdregex" value="" />';
$question .= '<input type="text" class="text" name="update_pwdregex" value="" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.11-svn3'))
{
if (versionInUpdate($current_version, '0.9.11-svn3')) {
$has_preconfig = true;
$description = 'As Froxlor can now handle perl, you have to specify where the perl executable is (only if you\'re running lighttpd, else just leave empty).';
$question = '<strong>Path to perl (default \'/usr/bin/perl\'):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_perlpath" value="/usr/bin/perl" />';
$question .= '<input type="text" class="text" name="update_perlpath" value="/usr/bin/perl" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.12-svn1'))
{
if(Settings::Get('system.mod_fcgid') == 1)
{
if (versionInUpdate($current_version, '0.9.12-svn1')) {
if (Settings::Get('system.mod_fcgid') == 1) {
$has_preconfig = true;
$description = 'You can chose whether you want Froxlor to use FCGID itself too now.';
$question = '<strong>Use FCGID for the Froxlor Panel?:</strong>&nbsp;';
$question.= makeyesno('update_fcgid_ownvhost', '1', '0', '0').'<br /><br />';
$question.= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question.= 'Local user:&nbsp;';
$question.= '<input type="text" class="text" name="update_fcgid_httpuser" value="froxlorlocal" /><br /><br />';
$question.= 'Local group:&nbsp;';
$question.= '<input type="text" class="text" name="update_fcgid_httpgroup" value="froxlorlocal" /><br />';
$question .= makeyesno('update_fcgid_ownvhost', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question .= 'Local user:&nbsp;';
$question .= '<input type="text" class="text" name="update_fcgid_httpuser" value="froxlorlocal" /><br /><br />';
$question .= 'Local group:&nbsp;';
$question .= '<input type="text" class="text" name="update_fcgid_httpgroup" value="froxlorlocal" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.12-svn2'))
{
if (versionInUpdate($current_version, '0.9.12-svn2')) {
$has_preconfig = true;
$description = 'Many apache user will have problems using perl/CGI as the customer docroots are not within the suexec path. Froxlor provides a simple workaround for that.';
$question = '<strong>Enable Apache/SuExec/Perl workaround?:</strong>&nbsp;';
$question.= makeyesno('update_perl_suexecworkaround', '1', '0', '0').'<br /><br />';
$question.= '<strong>If \'yes\', please specify a path within the suexec path where Froxlor will create symlinks to customer perl-enabled paths:</strong><br /><br />';
$question.= 'Path for symlinks (must be within suexec path):&nbsp;';
$question.= '<input type="text" class="text" name="update_perl_suexecpath" value="/var/www/cgi-bin/" /><br />';
$question .= makeyesno('update_perl_suexecworkaround', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify a path within the suexec path where Froxlor will create symlinks to customer perl-enabled paths:</strong><br /><br />';
$question .= 'Path for symlinks (must be within suexec path):&nbsp;';
$question .= '<input type="text" class="text" name="update_perl_suexecpath" value="/var/www/cgi-bin/" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.12-svn4'))
{
if((int)Settings::Get('system.awstats_enabled') == 1)
{
if (versionInUpdate($current_version, '0.9.12-svn4')) {
if ((int) Settings::Get('system.awstats_enabled') == 1) {
$has_preconfig = true;
$description = 'Due to different paths of awstats_buildstaticpages.pl and awstats.pl you can set a different path for awstats.pl now.';
$question = '<strong>Path to \'awstats.pl\'?:</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_awstats_awstatspath" value="'.Settings::Get('system.awstats_path').'" /><br />';
$question .= '<input type="text" class="text" name="update_awstats_awstatspath" value="' . Settings::Get('system.awstats_path') . '" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.13-svn1'))
{
if((int)Settings::Get('autoresponder.autoresponder_active') == 1)
{
if (versionInUpdate($current_version, '0.9.13-svn1')) {
if ((int) Settings::Get('autoresponder.autoresponder_active') == 1) {
$has_preconfig = true;
$description = 'Froxlor can now limit the number of autoresponder-entries for each user. Here you can set the value which will be available for each customer (Of course you can change the value for each customer separately after the update).';
$question = '<strong>How many autoresponders should your customers be able to add?:</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_autoresponder_default" value="0" />&nbsp;'.makecheckbox('update_autoresponder_default', $lng['customer']['unlimited'], '-1', false, 0, true, true).'<br />';
$question .= '<input type="text" class="text" name="update_autoresponder_default" value="0" />&nbsp;' . makecheckbox('update_autoresponder_default', $lng['customer']['unlimited'], '-1', false, 0, true, true) . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.13.1'))
{
if((int)Settings::Get('system.mod_fcgid_ownvhost') == 1)
{
if (versionInUpdate($current_version, '0.9.13.1')) {
if ((int) Settings::Get('system.mod_fcgid_ownvhost') == 1) {
$has_preconfig = true;
$description = 'You have FCGID for Froxlor itself activated. You can now specify a PHP-configuration for this.';
$question = '<strong>Select Froxlor-vhost PHP configuration:</strong>&nbsp;';
$question .= '<select name="update_defaultini_ownvhost">';
$configs_array = getPhpConfigs();
$configs = '';
foreach($configs_array as $idx => $desc)
{
foreach ($configs_array as $idx => $desc) {
$configs .= makeoption($desc, $idx, '1');
}
$question .= $configs.'</select>';
$question .= $configs . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.14-svn3'))
{
if((int)Settings::Get('system.awstats_enabled') == 1)
{
if (versionInUpdate($current_version, '0.9.14-svn3')) {
if ((int) Settings::Get('system.awstats_enabled') == 1) {
$has_preconfig = true;
$description = 'To have icons in AWStats statistic-pages please enter the path to AWStats icons folder.';
$question = '<strong>Path to AWSTats icons folder:</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_awstats_icons" value="'.Settings::Get('system.awstats_icons').'" />';
$question .= '<input type="text" class="text" name="update_awstats_icons" value="' . Settings::Get('system.awstats_icons') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.14-svn4'))
{
if((int)Settings::Get('system.use_ssl') == 1)
{
if (versionInUpdate($current_version, '0.9.14-svn4')) {
if ((int) Settings::Get('system.use_ssl') == 1) {
$has_preconfig = true;
$description = 'Froxlor now has the possibility to set \'SSLCertificateChainFile\' for the apache webserver.';
$question = '<strong>Enter filename (leave empty for none):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="'.Settings::Get('system.ssl_cert_chainfile').'" />';
$question .= '<input type="text" class="text" name="update_ssl_cert_chainfile" value="' . Settings::Get('system.ssl_cert_chainfile') . '" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.14-svn6'))
{
if (versionInUpdate($current_version, '0.9.14-svn6')) {
$has_preconfig = true;
$description = 'You can now allow customers to use any of their domains as username for the login.';
$question = '<strong>Do you want to enable domain-login for all customers?:</strong>&nbsp;';
$question.= makeyesno('update_allow_domain_login', '1', '0', '0');
$question .= makeyesno('update_allow_domain_login', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.14-svn10'))
{
if (versionInUpdate($current_version, '0.9.14-svn10')) {
$has_preconfig = true;
$description = '<strong>This update removes the unsupported real-time option. Additionally the deprecated tables for navigation and cronscripts are removed, any modules using these tables need to be updated to the new structure!</strong>';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.16-svn1'))
{
if (versionInUpdate($current_version, '0.9.16-svn1')) {
$has_preconfig = true;
$description = 'Froxlor now features support for php-fpm.';
$question = '<strong>Do you want to enable php-fpm?:</strong>&nbsp;';
$question.= makeyesno('update_phpfpm_enabled', '1', '0', '0').'<br /><br />';
$question.= 'If \'yes\', please specify the configuration directory:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_configdir" value="/etc/php-fpm.d/" /><br /><br />';
$question.= 'Please specify the temporary files directory:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_tmpdir" value="/var/customers/tmp/" /><br /><br />';
$question.= 'Please specify the PEAR directory:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_peardir" value="/usr/share/php/:/usr/share/php5/" /><br /><br />';
$question.= 'Please specify the php-fpm restart-command:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_reload" value="/etc/init.d/php-fpm restart" /><br /><br />';
$question.= 'Please specify the php-fpm rocess manager control:&nbsp;';
$question.= '<select name="update_phpfpm_pm">';
$question .= makeyesno('update_phpfpm_enabled', '1', '0', '0') . '<br /><br />';
$question .= 'If \'yes\', please specify the configuration directory:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_configdir" value="/etc/php-fpm.d/" /><br /><br />';
$question .= 'Please specify the temporary files directory:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_tmpdir" value="/var/customers/tmp/" /><br /><br />';
$question .= 'Please specify the PEAR directory:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_peardir" value="/usr/share/php/:/usr/share/php5/" /><br /><br />';
$question .= 'Please specify the php-fpm restart-command:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_reload" value="/etc/init.d/php-fpm restart" /><br /><br />';
$question .= 'Please specify the php-fpm rocess manager control:&nbsp;';
$question .= '<select name="update_phpfpm_pm">';
$redirects = makeoption('static', 'static', 'static');
$redirects.= makeoption('dynamic', 'dynamic', 'static');
$question .= $redirects.'</select><br /><br />';
$question.= 'Please specify the number of child processes:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_max_children" value="1" /><br /><br />';
$question.= 'Please specify the number of requests per child before respawning:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_max_requests" value="0" /><br /><br />';
$question.= '<em>The following settings are only required if you chose process manager = dynamic</em><br /><br />';
$question.= 'Please specify the number of child processes created on startup:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_start_servers" value="20" /><br /><br />';
$question.= 'Please specify the desired minimum number of idle server processes:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_min_spare_servers" value="5" /><br /><br />';
$question.= 'Please specify the desired maximum number of idle server processes:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_max_spare_servers" value="35" /><br />';
$redirects .= makeoption('dynamic', 'dynamic', 'static');
$question .= $redirects . '</select><br /><br />';
$question .= 'Please specify the number of child processes:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_max_children" value="1" /><br /><br />';
$question .= 'Please specify the number of requests per child before respawning:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_max_requests" value="0" /><br /><br />';
$question .= '<em>The following settings are only required if you chose process manager = dynamic</em><br /><br />';
$question .= 'Please specify the number of child processes created on startup:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_start_servers" value="20" /><br /><br />';
$question .= 'Please specify the desired minimum number of idle server processes:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_min_spare_servers" value="5" /><br /><br />';
$question .= 'Please specify the desired maximum number of idle server processes:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_max_spare_servers" value="35" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.16-svn2'))
{
if((int)Settings::Get('phpfpm.enabled') == 1)
{
if (versionInUpdate($current_version, '0.9.16-svn2')) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$has_preconfig = true;
$description = 'You can chose whether you want Froxlor to use PHP-FPM itself too now.';
$question = '<strong>Use PHP-FPM for the Froxlor Panel?:</strong>&nbsp;';
$question.= makeyesno('update_phpfpm_enabled_ownvhost', '1', '0', '0').'<br /><br />';
$question.= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question.= 'Local user:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_httpuser" value="'.Settings::Get('system.mod_fcgid_httpuser').'" /><br /><br />';
$question.= 'Local group:&nbsp;';
$question.= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="'.Settings::Get('system.mod_fcgid_httpgroup').'" /><br />';
$question .= makeyesno('update_phpfpm_enabled_ownvhost', '1', '0', '0') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify local user/group (have to exist, Froxlor does not add them automatically):</strong><br /><br />';
$question .= 'Local user:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_httpuser" value="' . Settings::Get('system.mod_fcgid_httpuser') . '" /><br /><br />';
$question .= 'Local group:&nbsp;';
$question .= '<input type="text" class="text" name="update_phpfpm_httpgroup" value="' . Settings::Get('system.mod_fcgid_httpgroup') . '" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if(versionInUpdate($current_version, '0.9.17-svn1'))
{
if (versionInUpdate($current_version, '0.9.17-svn1')) {
$has_preconfig = true;
$description = 'Select if you want to enable the web- and traffic-reports';
$question = '<strong>Enable?:</strong>&nbsp;';
$question.= makeyesno('update_system_report_enable', '1', '0', '1').'<br /><br />';
$question.= '<strong>If \'yes\', please specify a percentage value for web- and traffic when reports are to be sent:</strong><br /><br />';
$question.= 'Webusage warning level:&nbsp;';
$question.= '<input type="text" class="text" name="update_system_report_webmax" value="90" /><br /><br />';
$question.= 'Traffic warning level:&nbsp;';
$question.= '<input type="text" class="text" name="update_system_report_trafficmax" value="90" /><br />';
$question .= makeyesno('update_system_report_enable', '1', '0', '1') . '<br /><br />';
$question .= '<strong>If \'yes\', please specify a percentage value for web- and traffic when reports are to be sent:</strong><br /><br />';
$question .= 'Webusage warning level:&nbsp;';
$question .= '<input type="text" class="text" name="update_system_report_webmax" value="90" /><br /><br />';
$question .= 'Traffic warning level:&nbsp;';
$question .= '<input type="text" class="text" name="update_system_report_trafficmax" value="90" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.18-svn2'))
{
if (versionInUpdate($current_version, '0.9.18-svn2')) {
$has_preconfig = true;
$description = 'As you can (obviously) see, Froxlor now comes with a new theme. You also have the possibility to switch back to "Classic" if you want to.';
$question = '<strong>Select default panel theme:</strong>&nbsp;';
$question.= '<select name="update_default_theme">';
$question .= '<select name="update_default_theme">';
$themes = getThemes();
foreach($themes as $cur_theme) // $theme is already in use
{
$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
foreach ($themes as $cur_theme) // $theme is already in use
{
$question .= makeoption($cur_theme, $cur_theme, 'Froxlor');
}
$question.= '</select>';
$question .= '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if(versionInUpdate($current_version, '0.9.28-svn4'))
{
if (versionInUpdate($current_version, '0.9.28-svn4')) {
$has_preconfig = true;
$description = 'This version introduces a lot of profound changes:';
$description .= '<br /><ul><li>Improving the whole template system</li><li>Full UTF-8 support</li><li><strong>Removing support for the former default theme \'Classic\'</strong></li></ul>';
@@ -444,13 +397,12 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$description .= 'test this update in a testing environment using your existing data.<br /><br />';
$question = '<strong>Select your preferred Classic Theme replacement:</strong>&nbsp;';
$question.= '<select name="classic_theme_replacement">';
$question .= '<select name="classic_theme_replacement">';
$themes = getThemes();
foreach($themes as $cur_theme)
{
$question.= makeoption($cur_theme, $cur_theme, 'Froxlor');
foreach ($themes as $cur_theme) {
$question .= makeoption($cur_theme, $cur_theme, 'Froxlor');
}
$question.= '</select>';
$question .= '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -460,16 +412,16 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
if (Settings::Get('system.webserver') == 'apache2') {
$has_preconfig = true;
$description = 'Froxlor now supports the new Apache 2.4. Please be aware that you need to load additional apache-modules in ordner to use it.<br />';
$description.= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
$description .= '<pre>LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so</pre><br />';
$question = '<strong>Do you want to enable the Apache-2.4 modification?:</strong>&nbsp;';
$question.= makeyesno('update_system_apache24', '1', '0', '0');
$question .= makeyesno('update_system_apache24', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
} elseif (Settings::Get('system.webserver') == 'nginx') {
$has_preconfig = true;
$description = 'The path to nginx\'s fastcgi_params file is now customizable.<br /><br />';
$question = '<strong>Please enter full path to you nginx/fastcgi_params file (including filename):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="nginx_fastcgi_params" value="/etc/nginx/fastcgi_params" />';
$question .= '<input type="text" class="text" name="nginx_fastcgi_params" value="/etc/nginx/fastcgi_params" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
@@ -478,11 +430,11 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$has_preconfig = true;
$description = 'This version adds an option to append the domain-name to the document-root for domains and subdomains.<br />';
$description = 'This version adds an option to append the domain-name to the document-root for domains and subdomains.<br />';
$description .= 'You can enable or disable this feature anytime from settings -> system settings.<br />';
$question = '<strong>Do you want to automatically append the domain-name to the documentroot of newly created domains?:</strong>&nbsp;';
$question.= makeyesno('update_system_documentroot_use_default_value', '1', '0', '0');
$question .= makeyesno('update_system_documentroot_use_default_value', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -491,12 +443,10 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$has_preconfig = true;
// just an information about the new sendmail parameter (#1134)
$description = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
$description = 'Froxlor changed the default parameter-set of sendmail (php.ini)<br />';
$description .= 'sendmail_path = "/usr/sbin/sendmail -t <strong>-i</strong> -f {CUSTOMER_EMAIL}"<br /><br />';
$description .= 'If you don\'t have any problems with sending mails, you don\'t need to change this';
if (Settings::Get('system.mod_fcgid') == '1'
|| Settings::Get('phpfpm.enabled') == '1'
) {
if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
// information about removal of php's safe_mode
$description .= '<br /><br />The php safe_mode flag has been removed as current versions of PHP<br />';
$description .= 'do not support it anymore.<br /><br />';
@@ -509,45 +459,43 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
if (versionInUpdate($current_version, '0.9.29-dev1')) {
// we only need to ask if fcgid|php-fpm is enabled
if (Settings::Get('system.mod_fcgid') == '1'
|| Settings::Get('phpfpm.enabled') == '1'
) {
if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
$description = 'Standard-subdomains can now be hidden from the php-configuration overview.<br />';
$question = '<strong>Do you want to hide the standard-subdomains (this can be changed in the settings any time)?:</strong>&nbsp;';
$question.= makeyesno('hide_stdsubdomains', '1', '0', '0');
$question .= makeyesno('hide_stdsubdomains', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.29-dev2')) {
$has_preconfig = true;
$description = 'You can now decide whether admins/customers are able to change the theme<br />';
$description = 'You can now decide whether admins/customers are able to change the theme<br />';
$question = '<strong>If you want to disallow theme-changing, select "no" from the dropdowns:</strong>&nbsp;';
$question.= "Admins: ". makeyesno('allow_themechange_a', '1', '0', '1').'&nbsp;&nbsp;';
$question.= "Customers: ".makeyesno('allow_themechange_c', '1', '0', '1');
$question .= "Admins: " . makeyesno('allow_themechange_a', '1', '0', '1') . '&nbsp;&nbsp;';
$question .= "Customers: " . makeyesno('allow_themechange_c', '1', '0', '1');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29-dev3')) {
$has_preconfig = true;
$description = 'There is now a possibility to specify AXFR servers for your bind zone-configuration<br />';
$description = 'There is now a possibility to specify AXFR servers for your bind zone-configuration<br />';
$question = '<strong>Enter a comma-separated list of AXFR servers or leave empty (default):</strong>&nbsp;';
$question.= '<input type="text" class="text" name="system_afxrservers" value="" />';
$question .= '<input type="text" class="text" name="system_afxrservers" value="" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29-dev4')) {
$has_preconfig = true;
$description = 'As customers can now specify ssl-certificate data for their domains, you need to specify where the generated files are stored<br />';
$description = 'As customers can now specify ssl-certificate data for their domains, you need to specify where the generated files are stored<br />';
$question = '<strong>Specify the directory for customer ssl-certificates:</strong>&nbsp;';
$question.= '<input type="text" class="text" name="system_customersslpath" value="/etc/ssl/froxlor-custom/" />';
$question .= '<input type="text" class="text" name="system_customersslpath" value="/etc/ssl/froxlor-custom/" />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.29.1-dev3')) {
$has_preconfig = true;
$description = 'The build in logrotation-feature has been removed. Please follow the configuration-instructions for your system to enable logrotating again.';
$description = 'The build in logrotation-feature has been removed. Please follow the configuration-instructions for your system to enable logrotating again.';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -555,11 +503,9 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
// let the apache+fpm users know that they MUST change their config
// for the domains / webserver to work after the update
if (versionInUpdate($current_version, '0.9.30-dev1')) {
if (Settings::Get('system.webserver') == 'apache2'
&& Settings::Get('phpfpm.enabled') == '1'
) {
if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
$description = 'The PHP-FPM implementation for apache2 has changed. Please look for the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) within /etc/apache2/ and change it as shown below:<br /><br />';
$description .= '<pre class="code-block">&lt;IfModule mod_fastcgi.c&gt;
FastCgiIpcDir /var/lib/apache2/fastcgi/
&lt;Location "/fastcgiphp"&gt;
@@ -575,11 +521,9 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
}
if (versionInUpdate($current_version, '0.9.31-dev2')) {
if (Settings::Get('system.webserver') == 'apache2'
&& Settings::Get('phpfpm.enabled') == '1'
) {
if (Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled') == '1') {
$has_preconfig = true;
$description = 'The FPM socket directory is now a setting in froxlor. Its default is <b>/var/lib/apache2/fastcgi/</b>.<br/>If you are using <b>/var/run/apache2</b> in the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) please correct this path accordingly<br />';
$description = 'The FPM socket directory is now a setting in froxlor. Its default is <b>/var/lib/apache2/fastcgi/</b>.<br/>If you are using <b>/var/run/apache2</b> in the "<b>fastcgi.conf</b>" (Debian/Ubuntu) or "<b>70_fastcgi.conf</b>" (Gentoo) please correct this path accordingly<br />';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -587,50 +531,50 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
if (versionInUpdate($current_version, '0.9.31-dev4')) {
$has_preconfig = true;
$description = 'The template-variable {PASSWORD} has been replaced with {LINK}. Please update your password reset templates!<br />';
$description = 'The template-variable {PASSWORD} has been replaced with {LINK}. Please update your password reset templates!<br />';
$question = '';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.31-dev5')) {
$has_preconfig = true;
$description = 'You can enable/disable error-reporting for admins and customers!<br /><br />';
$description = 'You can enable/disable error-reporting for admins and customers!<br /><br />';
$question = '<strong>Do you want to enable error-reporting for admins? (default: yes):</strong>&nbsp;';
$question.= makeyesno('update_error_report_admin', '1', '0', '1').'<br />';
$question.= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong>&nbsp;';
$question.= makeyesno('update_error_report_customer', '1', '0', '0');
$question .= makeyesno('update_error_report_admin', '1', '0', '1') . '<br />';
$question .= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong>&nbsp;';
$question .= makeyesno('update_error_report_customer', '1', '0', '0');
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.31-rc2')) {
$has_preconfig = true;
$description = 'You can enable/disable the display/usage of the news-feed for admins<br /><br />';
$description = 'You can enable/disable the display/usage of the news-feed for admins<br /><br />';
$question = '<strong>Do you want to enable the news-feed for admins? (default: yes):</strong>&nbsp;';
$question.= makeyesno('update_admin_news_feed', '1', '0', '1').'<br />';
$question .= makeyesno('update_admin_news_feed', '1', '0', '1') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.32-dev2')) {
$has_preconfig = true;
$description = 'To enable logging of the mail-traffic, you need to set the following settings accordingly<br /><br />';
$description = 'To enable logging of the mail-traffic, you need to set the following settings accordingly<br /><br />';
$question = '<strong>Do you want to enable the traffic collection for mail? (default: yes):</strong>&nbsp;';
$question.= makeyesno('mailtraffic_enabled', '1', '0', '1').'<br />';
$question.= '<strong>Mail Transfer Agent</strong><br />';
$question.= 'Type of your MTA:&nbsp;';
$question.= '<select name="mtaserver">';
$question.= makeoption('Postfix', 'postfix', 'postfix');
$question.= makeoption('Exim4', 'exim4', 'postfix');
$question.= '</select><br />';
$question.= 'Logfile for your MTA:&nbsp;';
$question.= '<input type="text" class="text" name="mtalog" value="/var/log/mail.log" /><br />';
$question.= '<strong>Mail Delivery Agent</strong><br />';
$question.= 'Type of your MDA:&nbsp;';
$question.= '<select name="mdaserver">';
$question.= makeoption('Dovecot', 'dovecot', 'dovecot');
$question.= makeoption('Courier', 'courier', 'dovecot');
$question.= '</select><br /><br />';
$question.= 'Logfile for your MDA:&nbsp;';
$question.= '<input type="text" class="text" name="mdalog" value="/var/log/mail.log" /><br />';
$question .= makeyesno('mailtraffic_enabled', '1', '0', '1') . '<br />';
$question .= '<strong>Mail Transfer Agent</strong><br />';
$question .= 'Type of your MTA:&nbsp;';
$question .= '<select name="mtaserver">';
$question .= makeoption('Postfix', 'postfix', 'postfix');
$question .= makeoption('Exim4', 'exim4', 'postfix');
$question .= '</select><br />';
$question .= 'Logfile for your MTA:&nbsp;';
$question .= '<input type="text" class="text" name="mtalog" value="/var/log/mail.log" /><br />';
$question .= '<strong>Mail Delivery Agent</strong><br />';
$question .= 'Type of your MDA:&nbsp;';
$question .= '<select name="mdaserver">';
$question .= makeoption('Dovecot', 'dovecot', 'dovecot');
$question .= makeoption('Courier', 'courier', 'dovecot');
$question .= '</select><br /><br />';
$question .= 'Logfile for your MDA:&nbsp;';
$question .= '<input type="text" class="text" name="mdalog" value="/var/log/mail.log" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -638,7 +582,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$has_preconfig = true;
$description = 'Froxlor now generates a cron-configuration file for the cron-daemon. Please set a filename which will be included automatically by your crond (e.g. files in /etc/cron.d/)<br /><br />';
$question = '<strong>Path to the cron-service configuration-file.</strong> This file will be updated regularly and automatically by froxlor.<br />Note: please <b>be sure</b> to use the same filename as for the main froxlor cronjob (default: /etc/cron.d/froxlor)!<br />';
$question.= '<input type="text" class="text" name="crondfile" value="/etc/cron.d/froxlor" /><br />';
$question .= '<input type="text" class="text" name="crondfile" value="/etc/cron.d/froxlor" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -646,7 +590,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$has_preconfig = true;
$description = 'In order for the new cron.d file to work properly, we need to know about the cron-service reload command.<br /><br />';
$question = '<strong>Please specify the reload-command of your cron-daemon</strong> (default: /etc/init.d/cron reload)<br />';
$question.= '<input type="text" class="text" name="crondreload" value="/etc/init.d/cron reload" /><br />';
$question .= '<input type="text" class="text" name="crondreload" value="/etc/init.d/cron reload" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -654,17 +598,17 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
$has_preconfig = true;
$description = 'To customize the command which executes the cronjob (php - basically) change the path below according to your system.<br /><br />';
$question = '<strong>Please specify the command to execute cronscripts</strong> (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")<br />';
$question.= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
$question .= '<input type="text" class="text" name="croncmdline" value="/usr/bin/nice -n 5 /usr/bin/php5 -q" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.33-dev1')) {
$has_preconfig = true;
$description = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
$description = 'You can enable/disable the display/usage of the custom newsfeed for customers.<br /><br />';
$question = '<strong>Do you want to enable the custom newsfeed for customer? (default: no):</strong>&nbsp;';
$question.= makeyesno('customer_show_news_feed', '1', '0', '0').'<br />';
$question.= '<strong>You have to set the URL for your RSS-feed here, if you have chosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
$question.= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
$question .= makeyesno('customer_show_news_feed', '1', '0', '0') . '<br />';
$question .= '<strong>You have to set the URL for your RSS-feed here, if you have chosen to enable the custom newsfeed on the customer-dashboard:</strong>&nbsp;';
$question .= '<input type="text" class="text" name="customer_news_feed_url" value="" /><br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
@@ -672,48 +616,67 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
// only if bind is used - if not the default will be set, which is '0' (off)
if (Settings::get('system.bind_enable') == 1) {
$has_preconfig = true;
$description = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
$description = 'You can enable/disable the generation of the bind-zone / config for the system hostname.<br /><br />';
$question = '<strong>Do you want to generate a bind-zone for the system-hostname? (default: no):</strong>&nbsp;';
$question.= makeyesno('dns_createhostnameentry', '1', '0', '0').'<br />';
$question .= makeyesno('dns_createhostnameentry', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}
if (versionInUpdate($current_version, '0.9.33-rc2')) {
$has_preconfig = true;
$description = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
$description = 'You can chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes.<br /><br />';
$question = '<strong>Do you want to receive cron-errors via mail? (default: no):</strong>&nbsp;';
$question.= makeyesno('system_send_cron_errors', '1', '0', '0').'<br />';
$question .= makeyesno('system_send_cron_errors', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_version, '0.9.34-dev3')) {
$has_preconfig = true;
$description = 'Froxlor now requires the PHP mbstring-extension as we need to be multibyte-character safe in some cases';
$question = '<strong>PHP mbstring</strong> is currently: ';
if (!extension_loaded('mbstring')) {
$question .= '<span class="red">not installed/loaded</span>';
$question .= '<br>Please install the PHP mbstring extension in order to finish the update';
} else {
$question .= '<span class="green">installed/loaded</span>';
}
$question .= '<br>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
$has_preconfig = true;
$description = 'Froxlor now requires the PHP mbstring-extension as we need to be multibyte-character safe in some cases';
$question = '<strong>PHP mbstring</strong> is currently: ';
if (! extension_loaded('mbstring')) {
$question .= '<span class="red">not installed/loaded</span>';
$question .= '<br>Please install the PHP mbstring extension in order to finish the update';
} else {
$question .= '<span class="green">installed/loaded</span>';
}
$question .= '<br>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_db_version, '201603070')) {
$has_preconfig = true;
$description = 'You can chose whether you want to enable or disable our Let\'s Encrypt implementation.<br />Please remember that you need to go through the webserver-configuration when enabled because this feature needs a special configuration.<br /><br />';
$question = '<strong>Do you want to enable Let\'s Encrypt? (default: yes):</strong>&nbsp;';
$question.= makeyesno('enable_letsencrypt', '1', '0', '1').'<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
$has_preconfig = true;
$description = 'You can chose whether you want to enable or disable our Let\'s Encrypt implementation.<br />Please remember that you need to go through the webserver-configuration when enabled because this feature needs a special configuration.<br /><br />';
$question = '<strong>Do you want to enable Let\'s Encrypt? (default: yes):</strong>&nbsp;';
$question .= makeyesno('enable_letsencrypt', '1', '0', '1') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_db_version, '201604270')) {
$has_preconfig = true;
$description = 'You can chose whether you want to enable or disable our backup function.<br /><br />';
$description = 'You can chose whether you want to enable or disable our backup function.<br /><br />';
$question = '<strong>Do you want to enable Backup? (default: no):</strong>&nbsp;';
$question.= makeyesno('enable_backup', '1', '0', '0').'<br />';
$question .= makeyesno('enable_backup', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_db_version, '201605090')) {
$has_preconfig = true;
$description = 'You can chose whether you want to enable or disable our DNS editor<br /><br />';
$question = '<strong>Do you want to enable the DNS editor? (default: no):</strong>&nbsp;';
$question .= makeyesno('enable_dns', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
if (versionInUpdate($current_db_version, '201605170')) {
$has_preconfig = true;
$description = 'Froxlor now supports the dns-daemon Power-DNS, you can chose between bind and powerdns now.';
$question = '<strong>Select dns-daemon you want to use:</strong>&nbsp;';
$question .= '<select name="new_dns_daemon">';
$dnsdaemons = makeoption('Bind9', 'bind', 'bind');
$dnsdaemons .= makeoption('PowerDNS', 'pdns', 'bind');
$question .= $dnsdaemons . '</select>';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
}
}

47
lib/classes/dns/class.DnsEntry.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Classes
*
*/
class DnsEntry
{
public $record;
public $ttl;
public $class = 'IN';
public $type;
public $priority;
public $content;
public function __construct($record = '', $type = 'A', $content = null, $prio = 0, $ttl = 18000, $class = 'IN')
{
$this->record = $record;
$this->type = $type;
$this->content = $content;
$this->priority = $prio;
$this->ttl = $ttl;
$this->class = $class;
}
public function __toString()
{
$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $this->content . PHP_EOL;
return $result;
}
}

47
lib/classes/dns/class.DnsZone.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Classes
*
*/
class DnsZone
{
public $ttl;
public $origin;
public $serial;
public $records;
public function __construct($ttl = 18000, $origin = '', $serial = '', $records = null)
{
$this->ttl = $ttl;
$this->origin = $origin;
$this->serial = $serial;
$this->records = $records;
}
public function __toString()
{
$_zonefile = "\$TTL " . $this->ttl . PHP_EOL;
$_zonefile .= "\$ORIGIN " . $this->origin . "." . PHP_EOL;
if (! empty($this->records)) {
foreach ($this->records as $record) {
$_zonefile .= (string) $record;
}
}
return $_zonefile;
}
}

551
lib/configfiles/gentoo.xml
View File

@@ -388,7 +388,7 @@ mail IN A <SERVERIP>
<command><![CDATA[rc-update add named default]]></command>
<command><![CDATA[/etc/init.d/named restart]]></command>
</daemon>
<daemon name="powerdns" title="PowerDNS via bind-backend">
<daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[emerge net-dns/pdns]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
@@ -396,7 +396,549 @@ mail IN A <SERVERIP>
#################################
# allow-axfr-ips Allow zonetransfers only to these subnets
#
allow-axfr-ips=<NAMESERVERS>
# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
#################################
# allow-dnsupdate-from A global setting to allow DNS updates from these IP ranges.
#
# allow-dnsupdate-from=127.0.0.0/8,::1
#################################
# allow-recursion List of subnets that are allowed to recurse
#
allow-recursion=127.0.0.1
#################################
# also-notify When notifying a domain, also notify these nameservers
#
# also-notify=
#################################
# any-to-tcp Answer ANY queries with tc=1, shunting to TCP
#
# any-to-tcp=no
#################################
# cache-ttl Seconds to store packets in the PacketCache
#
# cache-ttl=20
#################################
# carbon-interval Number of seconds between carbon (graphite) updates
#
# carbon-interval=30
#################################
# carbon-ourname If set, overrides our reported hostname for carbon stats
#
# carbon-ourname=
#################################
# carbon-server If set, send metrics in carbon (graphite) format to this server
#
# carbon-server=
#################################
# chroot If set, chroot to this directory for more security
#
# chroot=
#################################
# config-dir Location of configuration directory (pdns.conf)
#
config-dir=/etc/powerdns
#################################
# config-name Name of this virtual configuration - will rename the binary image
#
# config-name=
#################################
# control-console Debugging switch - don't use
#
# control-console=no
#################################
# daemon Operate as a daemon
#
daemon=yes
#################################
# default-ksk-algorithms Default KSK algorithms
#
# default-ksk-algorithms=rsasha256
#################################
# default-ksk-size Default KSK size (0 means default)
#
# default-ksk-size=0
#################################
# default-soa-mail mail address to insert in the SOA record if none set in the backend
#
# default-soa-mail=
#################################
# default-soa-name name to insert in the SOA record if none set in the backend
#
# default-soa-name=a.misconfigured.powerdns.server
#################################
# default-ttl Seconds a result is valid if not set otherwise
#
# default-ttl=3600
#################################
# default-zsk-algorithms Default ZSK algorithms
#
# default-zsk-algorithms=rsasha256
#################################
# default-zsk-size Default ZSK size (0 means default)
#
# default-zsk-size=0
#################################
# direct-dnskey Fetch DNSKEY RRs from backend during DNSKEY synthesis
#
# direct-dnskey=no
#################################
# disable-axfr Disable zonetransfers but do allow TCP queries
#
# disable-axfr=no
#################################
# disable-axfr-rectify Disable the rectify step during an outgoing AXFR. Only required for regression testing.
#
# disable-axfr-rectify=no
#################################
# disable-tcp Do not listen to TCP queries
#
# disable-tcp=no
#################################
# distributor-threads Default number of Distributor (backend) threads to start
#
# distributor-threads=3
#################################
# do-ipv6-additional-processing Do AAAA additional processing
#
# do-ipv6-additional-processing=yes
#################################
# edns-subnet-processing If we should act on EDNS Subnet options
#
# edns-subnet-processing=no
#################################
# entropy-source If set, read entropy from this file
#
# entropy-source=/dev/urandom
#################################
# experimental-api-key REST API Static authentication key (required for API use)
#
# experimental-api-key=
#################################
# experimental-api-readonly If the JSON API should disallow data modification
#
# experimental-api-readonly=no
#################################
# experimental-dname-processing If we should support DNAME records
#
# experimental-dname-processing=no
#################################
# experimental-dnsupdate Enable/Disable DNS update (RFC2136) support. Default is no.
#
# experimental-dnsupdate=no
#################################
# experimental-json-interface If the webserver should serve JSON data
#
# experimental-json-interface=no
#################################
# experimental-logfile Filename of the log file for JSON parser
#
# experimental-logfile=/var/log/pdns.log
#################################
# forward-dnsupdate A global setting to allow DNS update packages that are for a Slave domain, to be forwarded to the master.
#
# forward-dnsupdate=yes
#################################
# guardian Run within a guardian process
#
guardian=yes
#################################
# include-dir Include *.conf files from this directory
#
# include-dir=
#################################
# launch Which backends to launch and order to query them in
#
# launch=
#################################
# load-modules Load this module - supply absolute or relative path
#
# load-modules=
#################################
# local-address Local IP addresses to which we bind
#
local-address=<SERVERIP>,127.0.0.1
#################################
# local-address-nonexist-fail Fail to start if one or more of the local-address's do not exist on this server
#
# local-address-nonexist-fail=yes
#################################
# local-ipv6 Local IP address to which we bind
#
# local-ipv6=
#################################
# local-ipv6-nonexist-fail Fail to start if one or more of the local-ipv6 addresses do not exist on this server
#
# local-ipv6-nonexist-fail=yes
#################################
# local-port The port on which we listen
#
local-port=53
#################################
# log-dns-details If PDNS should log DNS non-erroneous details
#
log-dns-details=yes
#################################
# log-dns-queries If PDNS should log all incoming DNS queries
#
# log-dns-queries=no
#################################
# logging-facility Log under a specific facility
#
# logging-facility=
#################################
# loglevel Amount of logging. Higher is more. Do not set below 3
#
# loglevel=4
#################################
# lua-prequery-script Lua script with prequery handler
#
# lua-prequery-script=
#################################
# master Act as a master
#
master=yes
#################################
# max-cache-entries Maximum number of cache entries
#
# max-cache-entries=1000000
#################################
# max-ent-entries Maximum number of empty non-terminals in a zone
#
# max-ent-entries=100000
#################################
# max-nsec3-iterations Limit the number of NSEC3 hash iterations
#
# max-nsec3-iterations=500
#################################
# max-queue-length Maximum queuelength before considering situation lost
#
# max-queue-length=5000
#################################
# max-signature-cache-entries Maximum number of signatures cache entries
#
# max-signature-cache-entries=
#################################
# max-tcp-connections Maximum number of TCP connections
#
# max-tcp-connections=10
#################################
# module-dir Default directory for modules
#
module-dir=/usr/lib/powerdns/pdns/
#################################
# negquery-cache-ttl Seconds to store negative query results in the QueryCache
#
# negquery-cache-ttl=60
#################################
# no-shuffle Set this to prevent random shuffling of answers - for regression testing
#
# no-shuffle=off
#################################
# only-notify Only send AXFR NOTIFY to these IP addresses or netmasks
#
# only-notify=0.0.0.0/0,::/0
#################################
# out-of-zone-additional-processing Do out of zone additional processing
#
# out-of-zone-additional-processing=yes
#################################
# overload-queue-length Maximum queuelength moving to packetcache only
#
# overload-queue-length=0
#################################
# pipebackend-abi-version Version of the pipe backend ABI
#
# pipebackend-abi-version=1
#################################
# prevent-self-notification Don't send notifications to what we think is ourself
#
# prevent-self-notification=yes
#################################
# query-cache-ttl Seconds to store query results in the QueryCache
#
# query-cache-ttl=20
#################################
# query-local-address Source IP address for sending queries
#
# query-local-address=0.0.0.0
#################################
# query-local-address6 Source IPv6 address for sending queries
#
# query-local-address6=::
#################################
# query-logging Hint backends that queries should be logged
#
# query-logging=no
#################################
# queue-limit Maximum number of milliseconds to queue a query
#
# queue-limit=1500
#################################
# receiver-threads Default number of receiver threads to start
#
# receiver-threads=1
#################################
# recursive-cache-ttl Seconds to store packets for recursive queries in the PacketCache
#
# recursive-cache-ttl=10
#################################
# recursor If recursion is desired, IP address of a recursing nameserver
#
# recursor=no
#################################
# retrieval-threads Number of AXFR-retrieval threads for slave operation
#
# retrieval-threads=2
#################################
# reuseport Enable higher performance on compliant kernels by using SO_REUSEPORT allowing each receiver thread to open its own socket
#
# reuseport=no
#################################
# security-poll-suffix Domain name from which to query security update notifications
#
# security-poll-suffix=secpoll.powerdns.com.
#################################
# send-root-referral Send out old-fashioned root-referral instead of ServFail in case of no authority
#
# send-root-referral=no
#################################
# server-id Returned when queried for 'server.id' TXT or NSID, defaults to hostname - disabled or custom
#
# server-id=
#################################
# setgid If set, change group id to this gid for more security
#
setgid=pdns
#################################
# setuid If set, change user id to this uid for more security
#
setuid=pdns
#################################
# signing-threads Default number of signer threads to start
#
# signing-threads=3
#################################
# slave Act as a slave
#
# slave=no
#################################
# slave-cycle-interval Reschedule failed SOA serial checks once every .. seconds
#
# slave-cycle-interval=60
#################################
# slave-renotify If we should send out notifications for slaved updates
#
# slave-renotify=no
#################################
# soa-expire-default Default SOA expire
#
# soa-expire-default=604800
#################################
# soa-minimum-ttl Default SOA minimum ttl
#
# soa-minimum-ttl=3600
#################################
# soa-refresh-default Default SOA refresh
#
# soa-refresh-default=10800
#################################
# soa-retry-default Default SOA retry
#
# soa-retry-default=3600
#################################
# socket-dir Where the controlsocket will live
#
socket-dir=/var/run
#################################
# tcp-control-address If set, PowerDNS can be controlled over TCP on this address
#
# tcp-control-address=
#################################
# tcp-control-port If set, PowerDNS can be controlled over TCP on this address
#
# tcp-control-port=53000
#################################
# tcp-control-range If set, remote control of PowerDNS is possible over these networks only
#
# tcp-control-range=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10
#################################
# tcp-control-secret If set, PowerDNS can be controlled over TCP after passing this secret
#
# tcp-control-secret=
#################################
# traceback-handler Enable the traceback handler (Linux only)
#
# traceback-handler=yes
#################################
# trusted-notification-proxy IP address of incoming notification proxy
#
# trusted-notification-proxy=
#################################
# udp-truncation-threshold Maximum UDP response size before we truncate
#
# udp-truncation-threshold=1680
#################################
# version-string PowerDNS version in packets - full, anonymous, powerdns or custom
#
version-string=powerdns
#################################
# webserver Start a webserver for monitoring
#
# webserver=no
#################################
# webserver-address IP Address of webserver to listen on
#
# webserver-address=127.0.0.1
#################################
# webserver-allow-from Webserver access is only allowed from these subnets
#
# webserver-allow-from=0.0.0.0/0,::/0
#################################
# webserver-password Password required for accessing the webserver
#
# webserver-password=
#################################
# webserver-port Port of webserver to listen on
#
# webserver-port=8081
#################################
# webserver-print-arguments If the webserver should print arguments
#
# webserver-print-arguments=no
# include froxlor-specific config
include-dir=/etc/powerdns/froxlor/
]]>
</content>
</file>
<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
# mysql-settings / you need to create the power-dns database for yourself!
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=powerdns
gmysql-group=client
gmysql-password=
]]>
</content>
</file>
<command><![CDATA[/etc/init.d/pdns restart]]></command>
</daemon>
<daemon name="powerdns_bind" title="PowerDNS via bind-backend">
<install><![CDATA[emerge net-dns/pdns]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
# Autogenerated configuration file template
#################################
# allow-axfr-ips Allow zonetransfers only to these subnets
#
# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
#################################
# allow-dnsupdate-from A global setting to allow DNS updates from these IP ranges.
@@ -909,11 +1451,12 @@ version-string=powerdns
# webserver-print-arguments=no
# include froxlor-bind-specific config
include=/etc/powerdns/pdns_froxlor.conf
include-dir=/etc/powerdns/froxlor/
]]>
</content>
</file>
<file name="/etc/powerdns/pdns_froxlor.conf" chown="root:0"
<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
#local-ipv6=YOUR_IPv6_(if_any)

547
lib/configfiles/jessie.xml
View File

@@ -373,7 +373,548 @@ exit "$RETVAL"
<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[/etc/init.d/bind9 restart]]></command>
</daemon>
<daemon name="powerdns" title="PowerDNS via bind-backend">
<daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
#################################
# allow-axfr-ips Allow zonetransfers only to these subnets
#
# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
#################################
# allow-dnsupdate-from A global setting to allow DNS updates from these IP ranges.
#
# allow-dnsupdate-from=127.0.0.0/8,::1
#################################
# allow-recursion List of subnets that are allowed to recurse
#
allow-recursion=127.0.0.1
#################################
# also-notify When notifying a domain, also notify these nameservers
#
# also-notify=
#################################
# any-to-tcp Answer ANY queries with tc=1, shunting to TCP
#
# any-to-tcp=no
#################################
# cache-ttl Seconds to store packets in the PacketCache
#
# cache-ttl=20
#################################
# carbon-interval Number of seconds between carbon (graphite) updates
#
# carbon-interval=30
#################################
# carbon-ourname If set, overrides our reported hostname for carbon stats
#
# carbon-ourname=
#################################
# carbon-server If set, send metrics in carbon (graphite) format to this server
#
# carbon-server=
#################################
# chroot If set, chroot to this directory for more security
#
# chroot=
#################################
# config-dir Location of configuration directory (pdns.conf)
#
config-dir=/etc/powerdns
#################################
# config-name Name of this virtual configuration - will rename the binary image
#
# config-name=
#################################
# control-console Debugging switch - don't use
#
# control-console=no
#################################
# daemon Operate as a daemon
#
daemon=yes
#################################
# default-ksk-algorithms Default KSK algorithms
#
# default-ksk-algorithms=rsasha256
#################################
# default-ksk-size Default KSK size (0 means default)
#
# default-ksk-size=0
#################################
# default-soa-mail mail address to insert in the SOA record if none set in the backend
#
# default-soa-mail=
#################################
# default-soa-name name to insert in the SOA record if none set in the backend
#
# default-soa-name=a.misconfigured.powerdns.server
#################################
# default-ttl Seconds a result is valid if not set otherwise
#
# default-ttl=3600
#################################
# default-zsk-algorithms Default ZSK algorithms
#
# default-zsk-algorithms=rsasha256
#################################
# default-zsk-size Default ZSK size (0 means default)
#
# default-zsk-size=0
#################################
# direct-dnskey Fetch DNSKEY RRs from backend during DNSKEY synthesis
#
# direct-dnskey=no
#################################
# disable-axfr Disable zonetransfers but do allow TCP queries
#
# disable-axfr=no
#################################
# disable-axfr-rectify Disable the rectify step during an outgoing AXFR. Only required for regression testing.
#
# disable-axfr-rectify=no
#################################
# disable-tcp Do not listen to TCP queries
#
# disable-tcp=no
#################################
# distributor-threads Default number of Distributor (backend) threads to start
#
# distributor-threads=3
#################################
# do-ipv6-additional-processing Do AAAA additional processing
#
# do-ipv6-additional-processing=yes
#################################
# edns-subnet-processing If we should act on EDNS Subnet options
#
# edns-subnet-processing=no
#################################
# entropy-source If set, read entropy from this file
#
# entropy-source=/dev/urandom
#################################
# experimental-api-key REST API Static authentication key (required for API use)
#
# experimental-api-key=
#################################
# experimental-api-readonly If the JSON API should disallow data modification
#
# experimental-api-readonly=no
#################################
# experimental-dname-processing If we should support DNAME records
#
# experimental-dname-processing=no
#################################
# experimental-dnsupdate Enable/Disable DNS update (RFC2136) support. Default is no.
#
# experimental-dnsupdate=no
#################################
# experimental-json-interface If the webserver should serve JSON data
#
# experimental-json-interface=no
#################################
# experimental-logfile Filename of the log file for JSON parser
#
# experimental-logfile=/var/log/pdns.log
#################################
# forward-dnsupdate A global setting to allow DNS update packages that are for a Slave domain, to be forwarded to the master.
#
# forward-dnsupdate=yes
#################################
# guardian Run within a guardian process
#
guardian=yes
#################################
# include-dir Include *.conf files from this directory
#
# include-dir=
include-dir=/etc/powerdns/pdns.d
#################################
# launch Which backends to launch and order to query them in
#
# launch=
#################################
# load-modules Load this module - supply absolute or relative path
#
# load-modules=
#################################
# local-address Local IP addresses to which we bind
#
local-address=<SERVERIP>,127.0.0.1
#################################
# local-address-nonexist-fail Fail to start if one or more of the local-address's do not exist on this server
#
# local-address-nonexist-fail=yes
#################################
# local-ipv6 Local IP address to which we bind
#
# local-ipv6=
#################################
# local-ipv6-nonexist-fail Fail to start if one or more of the local-ipv6 addresses do not exist on this server
#
# local-ipv6-nonexist-fail=yes
#################################
# local-port The port on which we listen
#
# local-port=53
#################################
# log-dns-details If PDNS should log DNS non-erroneous details
#
# log-dns-details=no
#################################
# log-dns-queries If PDNS should log all incoming DNS queries
#
# log-dns-queries=no
#################################
# logging-facility Log under a specific facility
#
# logging-facility=
#################################
# loglevel Amount of logging. Higher is more. Do not set below 3
#
# loglevel=4
#################################
# lua-prequery-script Lua script with prequery handler
#
# lua-prequery-script=
#################################
# master Act as a master
#
master=yes
#################################
# max-cache-entries Maximum number of cache entries
#
# max-cache-entries=1000000
#################################
# max-ent-entries Maximum number of empty non-terminals in a zone
#
# max-ent-entries=100000
#################################
# max-nsec3-iterations Limit the number of NSEC3 hash iterations
#
# max-nsec3-iterations=500
#################################
# max-queue-length Maximum queuelength before considering situation lost
#
# max-queue-length=5000
#################################
# max-signature-cache-entries Maximum number of signatures cache entries
#
# max-signature-cache-entries=
#################################
# max-tcp-connections Maximum number of TCP connections
#
# max-tcp-connections=10
#################################
# module-dir Default directory for modules
#
# module-dir=/usr/lib/TRIPLET/pdns
#################################
# negquery-cache-ttl Seconds to store negative query results in the QueryCache
#
# negquery-cache-ttl=60
#################################
# no-shuffle Set this to prevent random shuffling of answers - for regression testing
#
# no-shuffle=off
#################################
# only-notify Only send AXFR NOTIFY to these IP addresses or netmasks
#
# only-notify=0.0.0.0/0,::/0
#################################
# out-of-zone-additional-processing Do out of zone additional processing
#
# out-of-zone-additional-processing=yes
#################################
# overload-queue-length Maximum queuelength moving to packetcache only
#
# overload-queue-length=0
#################################
# pipebackend-abi-version Version of the pipe backend ABI
#
# pipebackend-abi-version=1
#################################
# prevent-self-notification Don't send notifications to what we think is ourself
#
# prevent-self-notification=yes
#################################
# query-cache-ttl Seconds to store query results in the QueryCache
#
# query-cache-ttl=20
#################################
# query-local-address Source IP address for sending queries
#
# query-local-address=0.0.0.0
#################################
# query-local-address6 Source IPv6 address for sending queries
#
# query-local-address6=::
#################################
# query-logging Hint backends that queries should be logged
#
# query-logging=no
#################################
# queue-limit Maximum number of milliseconds to queue a query
#
# queue-limit=1500
#################################
# receiver-threads Default number of receiver threads to start
#
# receiver-threads=1
#################################
# recursive-cache-ttl Seconds to store packets for recursive queries in the PacketCache
#
# recursive-cache-ttl=10
#################################
# recursor If recursion is desired, IP address of a recursing nameserver
#
# recursor=no
#################################
# retrieval-threads Number of AXFR-retrieval threads for slave operation
#
# retrieval-threads=2
#################################
# reuseport Enable higher performance on compliant kernels by using SO_REUSEPORT allowing each receiver thread to open its own socket
#
# reuseport=no
#################################
# security-poll-suffix Domain name from which to query security update notifications
#
# security-poll-suffix=secpoll.powerdns.com.
#################################
# send-root-referral Send out old-fashioned root-referral instead of ServFail in case of no authority
#
# send-root-referral=no
#################################
# server-id Returned when queried for 'server.id' TXT or NSID, defaults to hostname - disabled or custom
#
# server-id=
#################################
# setgid If set, change group id to this gid for more security
#
setgid=pdns
#################################
# setuid If set, change user id to this uid for more security
#
setuid=pdns
#################################
# signing-threads Default number of signer threads to start
#
# signing-threads=3
#################################
# slave Act as a slave
#
# slave=no
#################################
# slave-cycle-interval Reschedule failed SOA serial checks once every .. seconds
#
# slave-cycle-interval=60
#################################
# slave-renotify If we should send out notifications for slaved updates
#
# slave-renotify=no
#################################
# soa-expire-default Default SOA expire
#
# soa-expire-default=604800
#################################
# soa-minimum-ttl Default SOA minimum ttl
#
# soa-minimum-ttl=3600
#################################
# soa-refresh-default Default SOA refresh
#
# soa-refresh-default=10800
#################################
# soa-retry-default Default SOA retry
#
# soa-retry-default=3600
#################################
# socket-dir Where the controlsocket will live
#
# socket-dir=/var/run
#################################
# tcp-control-address If set, PowerDNS can be controlled over TCP on this address
#
# tcp-control-address=
#################################
# tcp-control-port If set, PowerDNS can be controlled over TCP on this address
#
# tcp-control-port=53000
#################################
# tcp-control-range If set, remote control of PowerDNS is possible over these networks only
#
# tcp-control-range=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, ::1/128, fe80::/10
#################################
# tcp-control-secret If set, PowerDNS can be controlled over TCP after passing this secret
#
# tcp-control-secret=
#################################
# traceback-handler Enable the traceback handler (Linux only)
#
# traceback-handler=yes
#################################
# trusted-notification-proxy IP address of incoming notification proxy
#
# trusted-notification-proxy=
#################################
# udp-truncation-threshold Maximum UDP response size before we truncate
#
# udp-truncation-threshold=1680
#################################
# version-string PowerDNS version in packets - full, anonymous, powerdns or custom
#
version-string=powerdns
#################################
# webserver Start a webserver for monitoring
#
# webserver=no
#################################
# webserver-address IP Address of webserver to listen on
#
# webserver-address=127.0.0.1
#################################
# webserver-allow-from Webserver access is only allowed from these subnets
#
# webserver-allow-from=0.0.0.0/0,::/0
#################################
# webserver-password Password required for accessing the webserver
#
# webserver-password=
#################################
# webserver-port Port of webserver to listen on
#
# webserver-port=8081
#################################
# webserver-print-arguments If the webserver should print arguments
#
# webserver-print-arguments=no
include-dir=/etc/powerdns/froxlor
]]>
</content>
</file>
<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
# mysql-settings / you need to create the power-dns database for yourself!
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=powerdns
gmysql-group=client
gmysql-password=
]]>
</content>
</file>
<command><![CDATA[/etc/init.d/pdns restart]]></command>
</daemon>
<daemon name="powerdns_bind" title="PowerDNS via bind-backend">
<install><![CDATA[apt-get install pdns-server]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
@@ -893,12 +1434,10 @@ version-string=powerdns
# webserver-print-arguments If the webserver should print arguments
#
# webserver-print-arguments=no
include=/etc/powerdns/pdns.d
]]>
</content>
</file>
<file name="/etc/powerdns/bindbackend.conf" backup="true">
<file name="/etc/powerdns/pdns.d/bindbackend.conf" backup="true">
<content><![CDATA[
# Bind backend configuration

38
lib/configfiles/precise.xml
View File

@@ -342,7 +342,43 @@ exit "$RETVAL"
<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[/etc/init.d/bind9 restart]]></command>
</daemon>
<daemon name="powerdns" title="PowerDNS via bind-backend">
<daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
guardian=yes
lazy-recursion=yes
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
include-dir=/etc/powerdns/froxlor/
]]>
</content>
</file>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
# mysql-settings / you need to create the power-dns database for yourself!
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=powerdns
gmysql-group=client
gmysql-password=
]]>
</content>
</file>
<command><![CDATA[/etc/init.d/pdns restart]]></command>
</daemon>
<daemon name="powerdns_bind" title="PowerDNS via bind-backend">
<install><![CDATA[apt-get install pdns-server]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[

39
lib/configfiles/trusty.xml
View File

@@ -375,7 +375,44 @@ exit "$RETVAL"
<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[service bind9 restart]]></command>
</daemon>
<daemon name="powerdns" title="PowerDNS via bind-backend">
<daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
guardian=yes
lazy-recursion=yes
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
include-dir=/etc/powerdns/froxlor/
]]>
</content>
</file>
<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
# mysql-settings / you need to create the power-dns database for yourself!
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=powerdns
gmysql-group=client
gmysql-password=
]]>
</content>
</file>
<command><![CDATA[service pdns restart]]></command>
</daemon>
<daemon name="powerdns_bind" title="PowerDNS via bind-backend">
<install><![CDATA[apt-get install pdns-server]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[

340
lib/configfiles/wheezy.xml
View File

@@ -415,7 +415,345 @@ exit "$RETVAL"
<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[/etc/init.d/bind9 restart]]></command>
</daemon>
<daemon name="powerdns" title="PowerDNS via bind-backend">
<daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[
# Autogenerated configuration file template
#################################
# allow-axfr-ips If enabled, restrict zonetransfers to originate from these
# IP addresses
#
# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
#################################
# allow-recursion List of netmasks that are allowed to recurse
#
allow-recursion=127.0.0.1
#################################
# allow-recursion-override Local data even about hosts that don't exist will
# override the internet. (on/off)
#
# allow-recursion-override=
#################################
# cache-ttl Seconds to store packets in the PacketCache
#
# cache-ttl=20
#################################
# chroot If set, chroot to this directory for more security
#
# chroot=/var/spool/powerdns
#################################
# config-dir Location of configuration directory (pdns.conf)
#
config-dir=/etc/powerdns
#################################
# config-name Name of this virtual configuration - will rename the binary image
#
# config-name=
#################################
# control-console Debugging switch - don't use
#
# control-console=no
#################################
# daemon Operate as a daemon
#
daemon=yes
#################################
# default-soa-name name to insert in the SOA record if none set in the backend
#
# default-soa-name=a.misconfigured.powerdns.server
#################################
# disable-axfr Disable zonetransfers but do allow TCP queries
#
disable-axfr=yes
#################################
# disable-tcp Do not listen to TCP queries
#
# disable-tcp=no
#################################
# distributor-threads Default number of Distributor (backend) threads to start
#
# distributor-threads=3
#################################
# fancy-records Process URL and MBOXFW records
#
# fancy-records=no
#################################
# guardian Run within a guardian process
#
guardian=yes
#################################
# launch Which backends to launch and order to query them in
#
# launch=
#################################
# lazy-recursion Only recurse if question cannot be answered locally
#
lazy-recursion=yes
#################################
# load-modules Load this module - supply absolute or relative path
#
# load-modules=
#################################
# local-address Local IP address to which we bind
#
local-address=<SERVERIP>,127.0.0.1
#################################
# local-ipv6 Local IP address to which we bind
#
# local-ipv6=
#################################
# local-port The port on which we listen
#
local-port=53
#################################
# log-dns-details If PDNS should log failed update requests
#
log-dns-details=yes
#################################
# log-failed-updates If PDNS should log failed update requests
#
# log-failed-updates=
#################################
# logfile Logfile to use
#
# logfile=/var/log/pdns.log
#################################
# logging-facility Log under a specific facility
#
# logging-facility=
#################################
# loglevel Amount of logging. Higher is more. Do not set below 3
#
# loglevel=4
#################################
# master Act as a master
#
master=yes
#################################
# max-queue-length Maximum queuelength before considering situation lost
#
# max-queue-length=5000
#################################
# max-tcp-connections Maximum number of TCP connections
#
# max-tcp-connections=10
#################################
# module-dir Default directory for modules
#
module-dir=/usr/lib/powerdns
#################################
# negquery-cache-ttl Seconds to store packets in the PacketCache
#
# negquery-cache-ttl=60
#################################
# out-of-zone-additional-processing Do out of zone additional processing
#
# out-of-zone-additional-processing=no
#################################
# query-cache-ttl Seconds to store packets in the PacketCache
#
# query-cache-ttl=20
#################################
# query-logging Hint backends that queries should be logged
#
# query-logging=no
#################################
# queue-limit Maximum number of milliseconds to queue a query
#
# queue-limit=1500
#################################
# query-local-address The IP address to use as a source address for sending
# queries.
# query-local-address=
#################################
# receiver-threads Number of receiver threads to launch
#
# receiver-threads=1
#################################
# recursive-cache-ttl Seconds to store packets in the PacketCache
#
# recursive-cache-ttl=10
#################################
# recursor If recursion is desired, IP address of a recursing nameserver
#
# recursor=
#################################
# setgid If set, change group id to this gid for more security
#
setgid=pdns
#################################
# setuid If set, change user id to this uid for more security
#
setuid=pdns
#################################
# skip-cname Do not perform CNAME indirection for each query
#
# skip-cname=no
#################################
# slave Act as a slave
#
# slave=no
#################################
# slave-cycle-interval Reschedule failed SOA serial checks once every .. seconds
#
# slave-cycle-interval=60
#################################
# smtpredirector Our smtpredir MX host
#
# smtpredirector=a.misconfigured.powerdns.smtp.server
#################################
# soa-minimum-ttl Default SOA mininum ttl
#
# soa-minimum-ttl=3600
#################################
# soa-refresh-default Default SOA refresh
#
# soa-refresh-default=10800
#################################
# soa-retry-default Default SOA retry
#
# soa-retry-default=3600
#################################
# soa-expire-default Default SOA expire
#
# soa-expire-default=604800
#################################
# soa-serial-offset Make sure that no SOA serial is less than this number
#
# soa-serial-offset=0
#################################
# socket-dir Where the controlsocket will live
#
socket-dir=/var/run
#################################
# strict-rfc-axfrs Perform strictly rfc compliant axfrs (very slow)
#
# strict-rfc-axfrs=no
#################################
# urlredirector Where we send hosts to that need to be url redirected
#
# urlredirector=127.0.0.1
#################################
# use-logfile Use a log file
#
# use-logfile=yes
#################################
# webserver Start a webserver for monitoring
#
# webserver=no
#################################
# webserver-address IP Address of webserver to listen on
#
# webserver-address=127.0.0.1
#################################
# webserver-password Password required for accessing the webserver
#
# webserver-password=
#################################
# webserver-port Port of webserver to listen on
#
# webserver-port=8081
#################################
# webserver-print-arguments If the webserver should print arguments
#
# webserver-print-arguments=no
#################################
# wildcard-url Process URL and MBOXFW records
#
# wildcard-url=no
#################################
# wildcards Honor wildcards in the database
#
# wildcards=
#################################
# version-string What should PowerDNS return for version
# allowed methods are anonymous / powerdns / full / custom
version-string=powerdns
include-dir=/etc/powerdns/froxlor
]]>
</content>
</file>
<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:0"
chmod="644">
<content><![CDATA[
# mysql-settings / you need to create the power-dns database for yourself!
launch=gmysql
gmysql-host=127.0.0.1
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=powerdns
gmysql-group=client
gmysql-password=
]]>
</content>
</file>
<command><![CDATA[/etc/init.d/pdns restart]]></command>
</daemon>
<daemon name="powerdns_bind" title="PowerDNS via bind-backend">
<install><![CDATA[apt-get install pdns-server]]></install>
<file name="/etc/powerdns/pdns.conf" backup="true">
<content><![CDATA[

10
lib/formfields/admin/customer/formfield.customer_add.php
View File

@@ -257,7 +257,15 @@ return array(
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
)
)
),
'dnsenabled' => array(
'label' => $lng['admin']['dnsenabled'].'?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'visible' => (Settings::Get('system.dnsenabled') == '1' ? true : false)
),
)
)
)

11
lib/formfields/admin/customer/formfield.customer_edit.php
View File

@@ -267,7 +267,16 @@ return array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array($result['perlenabled'])
)
),
'dnsenabled' => array(
'label' => $lng['admin']['dnsenabled'].'?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array($result['dnsenabled']),
'visible' => (Settings::Get('system.dnsenabled') == '1' ? true : false)
),
)
),
'section_d' => array(

320
lib/functions/dns/function.createDomainZone.php Normal file
View File

@@ -0,0 +1,320 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function createDomainZone($domain_id, $froxlorhostname = false)
{
if (!$froxlorhostname)
{
// get domain-name
$dom_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE id = :did");
$domain = Database::pexecute_first($dom_stmt, array(
'did' => $domain_id
));
}
else
{
$domain = $domain_id;
}
if ($domain['isbinddomain'] != '1') {
return;
}
$dom_entries = array();
if (!$froxlorhostname)
{
// select all entries
$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_DOMAIN_DNS . "` WHERE domain_id = :did ORDER BY id ASC");
Database::pexecute($sel_stmt, array(
'did' => $domain_id
));
$dom_entries = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
}
// check for required records
$required_entries = array();
addRequiredEntry('@', 'A', $required_entries);
addRequiredEntry('@', 'AAAA', $required_entries);
addRequiredEntry('@', 'NS', $required_entries);
if ($domain['isemaildomain'] === '1') {
addRequiredEntry('@', 'MX', $required_entries);
}
// additional required records by setting
if ($domain['iswildcarddomain'] == '1') {
addRequiredEntry('*', 'A', $required_entries);
addRequiredEntry('*', 'AAAA', $required_entries);
} elseif ($domain['wwwserveralias'] == '1') {
addRequiredEntry('www', 'A', $required_entries);
addRequiredEntry('www', 'AAAA', $required_entries);
}
if (!$froxlorhostname)
{
// additional required records for subdomains
$subdomains_stmt = Database::prepare("
SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `parentdomainid` = :domainid
");
Database::pexecute($subdomains_stmt, array(
'domainid' => $domain_id
));
while ($subdomain = $subdomains_stmt->fetch(PDO::FETCH_ASSOC)) {
// Listing domains is enough as there currently is no support for choosing
// different ips for a subdomain => use same IPs as toplevel
addRequiredEntry(str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'A', $required_entries);
addRequiredEntry(str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'AAAA', $required_entries);
// Check whether to add a www.-prefix
if ($domain['iswildcarddomain'] == '1') {
addRequiredEntry('*.' . str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'A', $required_entries);
addRequiredEntry('*.' . str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'AAAA', $required_entries);
} elseif ($domain['wwwserveralias'] == '1') {
addRequiredEntry('www.' . str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'A', $required_entries);
addRequiredEntry('www.' . str_replace('.' . $domain['domain'], '', $subdomain['domain']), 'AAAA', $required_entries);
}
}
// additional required records for main-but-subdomain-to
$mainbutsub_stmt = Database::prepare("
SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `ismainbutsubto` = :domainid
");
Database::pexecute($mainbutsub_stmt, array(
'domainid' => $domain_id
));
while ($mainbutsubtodomain = $mainbutsub_stmt->fetch(PDO::FETCH_ASSOC)) {
// Add NS entry for subdomain-records of "main-but-subdomain-to"-domains, they get their own Zone
addRequiredEntry(str_replace('.' . $domain['domain'], '', $mainbutsubtodomain['domain']), 'NS', $required_entries);
}
}
// additional required records for SPF and DKIM if activated
if ($domain['isemaildomain'] == '1') {
if (Settings::Get('spf.use_spf') == '1') {
// check for SPF content later
addRequiredEntry('@SPF@', 'TXT', $required_entries);
}
if (Settings::Get('dkim.use_dkim') == '1') {
// check for DKIM content later
addRequiredEntry('dkim_' . $domain['dkim_id'] . '._domainkey', 'TXT', $required_entries);
// check for ASDP
if (Settings::Get('dkim.dkim_add_adsp') == "1") {
addRequiredEntry('_adsp._domainkey', 'TXT', $required_entries);
}
}
}
$primary_ns = null;
$zonerecords = array();
// now generate all records and unset the required entries we have
foreach ($dom_entries as $entry) {
if (array_key_exists($entry['type'], $required_entries) && array_key_exists(md5($entry['record']), $required_entries[$entry['type']])) {
unset($required_entries[$entry['type']][md5($entry['record'])]);
}
if (Settings::Get('spf.use_spf') == '1' && $entry['type'] == 'TXT' && $entry['record'] == '@' && strtolower(substr($entry['content'], 0, 7)) == '"v=spf1') {
// unset special spf required-entry
unset($required_entries[$entry['type']][md5("@SPF@")]);
}
if (empty($primary_ns) && $entry['type'] == 'NS') {
// use the first NS entry as primary ns
$primary_ns = $entry['content'];
}
$zonerecords[] = new DnsEntry($entry['record'], $entry['type'], $entry['content'], $entry['prio'], $entry['ttl']);
}
// add missing required entries
if (! empty($required_entries)) {
// A / AAAA records
if (array_key_exists("A", $required_entries) || array_key_exists("AAAA", $required_entries)) {
if ($froxlorhostname) {
// use all available IP's for the froxlor-hostname
$result_ip_stmt = Database::prepare("
SELECT `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip`
");
Database::pexecute($result_ip_stmt);
} else {
$result_ip_stmt = Database::prepare("
SELECT `p`.`ip` AS `ip`
FROM `" . TABLE_PANEL_IPSANDPORTS . "` `p`, `" . TABLE_DOMAINTOIP . "` `di`
WHERE `di`.`id_domain` = :domainid AND `p`.`id` = `di`.`id_ipandports`
GROUP BY `p`.`ip`;
");
Database::pexecute($result_ip_stmt, array(
'domainid' => $domain_id
));
}
$all_ips = $result_ip_stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($all_ips as $ip) {
foreach ($required_entries as $type => $records) {
foreach ($records as $record) {
if ($type == 'A' && filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false) {
$zonerecords[] = new DnsEntry($record, 'A', $ip['ip']);
} elseif ($type == 'AAAA' && filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false) {
$zonerecords[] = new DnsEntry($record, 'AAAA', $ip['ip']);
}
}
}
}
unset($required_entries['A']);
unset($required_entries['AAAA']);
}
// NS records
if (array_key_exists("NS", $required_entries)) {
if (Settings::Get('system.nameservers') != '') {
$nameservers = explode(',', Settings::Get('system.nameservers'));
foreach ($nameservers as $nameserver) {
$nameserver = trim($nameserver);
// append dot to hostname
if (substr($nameserver, - 1, 1) != '.') {
$nameserver .= '.';
}
foreach ($required_entries as $type => $records) {
if ($type == 'NS') {
foreach ($records as $record) {
if (empty($primary_ns)) {
// use the first NS entry as primary ns
$primary_ns = $nameserver;
}
$zonerecords[] = new DnsEntry($record, 'NS', $nameserver);
}
}
}
}
unset($required_entries['NS']);
}
}
// MX records
if (array_key_exists("MX", $required_entries)) {
if (Settings::Get('system.mxservers') != '') {
$mxservers = explode(',', Settings::Get('system.mxservers'));
foreach ($mxservers as $mxserver) {
if (substr($mxserver, - 1, 1) != '.') {
$mxserver .= '.';
}
// split in prio and server
$mx_details = explode(" ", $mxserver);
if (count($mx_details) == 1) {
$mx_details[1] = $mx_details[0];
$mx_details[0] = 10;
}
foreach ($required_entries as $type => $records) {
if ($type == 'MX') {
foreach ($records as $record) {
$zonerecords[] = new DnsEntry($record, 'MX', $mx_details[1], $mx_details[0]);
}
}
}
}
unset($required_entries['MX']);
}
}
// TXT (SPF and DKIM)
if (array_key_exists("TXT", $required_entries)) {
if (Settings::Get('dkim.use_dkim') == '1') {
$dkim_entries = generateDkimEntries($domain);
}
foreach ($required_entries as $type => $records) {
if ($type == 'TXT') {
foreach ($records as $record) {
if ($record == '@SPF@') {
$txt_content = Settings::Get('spf.spf_entry');
$zonerecords[] = new DnsEntry('@', 'TXT', encloseTXTContent($txt_content));
} elseif ($record == 'dkim_' . $domain['dkim_id'] . '._domainkey' && ! empty($dkim_entries)) {
// check for multiline entry
$multiline = false;
if (substr($dkim_entries[0], 0, 1) == '(') {
$multiline = true;
}
$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[0], $multiline));
} elseif ($record == '_adsp._domainkey' && ! empty($dkim_entries) && isset($dkim_entries[1])) {
$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[1]));
}
}
}
}
}
}
if (empty($primary_ns)) {
// TODO log error: no NS given, use system-hostname
$primary_ns = Settings::Get('system.hostname');
}
// TODO for now, dummy time-periods
$soa_content = $primary_ns . " " . escapeSoaAdminMail(Settings::Get('panel.adminmail')) . " (" . PHP_EOL;
$soa_content .= $domain['bindserial'] . "\t; serial" . PHP_EOL;
$soa_content .= "1800\t; refresh (30 mins)" . PHP_EOL;
$soa_content .= "900\t; retry (15 mins)" . PHP_EOL;
$soa_content .= "604800\t; expire (7 days)" . PHP_EOL;
$soa_content .= "1200\t)\t; minimum (20 mins)";
$soa_record = new DnsEntry('@', 'SOA', $soa_content);
array_unshift($zonerecords, $soa_record);
$zone = new DnsZone((int) Settings::Get('system.defaultttl'), $domain['domain'], $domain['bindserial'], $zonerecords);
return $zone;
}
function addRequiredEntry($record = '@', $type = 'A', &$required)
{
if (! isset($required[$type])) {
$required[$type] = array();
}
$required[$type][md5($record)] = $record;
}
function encloseTXTContent($txt_content, $isMultiLine = false)
{
// check that TXT content is enclosed in " "
if ($isMultiLine == false && Settings::Get('system.dns_server') != 'pdns') {
if (substr($txt_content, 0, 1) != '"') {
$txt_content = '"' . $txt_content;
}
if (substr($txt_content, - 1) != '"') {
$txt_content .= '"';
}
}
if (Settings::Get('system.dns_server') == 'pdns') {
// no quotation for PowerDNS
if (substr($txt_content, 0, 1) == '"') {
$txt_content = substr($txt_content, 1);
}
if (substr($txt_content, - 1) == '"') {
$txt_content = substr($txt_content, 0, -1);
}
}
return $txt_content;
}
function escapeSoaAdminMail($email)
{
$mail_parts = explode("@", $email);
$escpd_mail = str_replace(".", "\.", $mail_parts[0]).".".$mail_parts[1].".";
return $escpd_mail;
}

91
lib/functions/dns/function.generateDkimEntries.php Normal file
View File

@@ -0,0 +1,91 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function generateDkimEntries($domain)
{
$zone_dkim = array();
if (Settings::Get('dkim.use_dkim') == '1' && $domain['dkim'] == '1' && $domain['dkim_pubkey'] != '') {
// start
$dkim_txt = 'v=DKIM1;';
// algorithm
$algorithm = explode(',', Settings::Get('dkim.dkim_algorithm'));
$alg = '';
foreach ($algorithm as $a) {
if ($a == 'all') {
break;
} else {
$alg .= $a . ':';
}
}
if ($alg != '') {
$alg = substr($alg, 0, - 1);
$dkim_txt .= 'h=' . $alg . ';';
}
// notes
if (trim(Settings::Get('dkim.dkim_notes') != '')) {
$dkim_txt .= 'n=' . trim(Settings::Get('dkim.dkim_notes')) . ';';
}
// key
$dkim_txt .= 'k=rsa;p=' . trim(preg_replace('/-----BEGIN PUBLIC KEY-----(.+)-----END PUBLIC KEY-----/s', '$1', str_replace("\n", '', $domain['dkim_pubkey']))) . ';';
// service-type
if (Settings::Get('dkim.dkim_servicetype') == '1') {
$dkim_txt .= 's=email;';
}
// end-part
$dkim_txt .= 't=s';
if (Settings::Get('system.dns_server') == 'pdns') {
// PowerDNS does not need/want splitted content
$txt_record_split = $dkim_txt;
} else {
// split if necessary
$txt_record_split = '';
$lbr = 50;
for ($pos = 0; $pos <= strlen($dkim_txt) - 1; $pos += $lbr) {
$txt_record_split .= (($pos == 0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos >= strlen($dkim_txt) - $lbr) ? '")' : '"') . "\n";
}
}
// dkim-entry
$zone_dkim[] = $txt_record_split;
// adsp-entry
if (Settings::Get('dkim.dkim_add_adsp') == "1") {
$adsp = '"dkim=';
switch ((int) Settings::Get('dkim.dkim_add_adsppolicy')) {
case 0:
$adsp .= 'unknown"';
break;
case 1:
$adsp .= 'all"';
break;
case 2:
$adsp .= 'discardable"';
break;
}
$zone_dkim[] = $adsp;
}
}
return $zone_dkim;
}

49
lib/functions/dns/function.getAllowedDomainEntry.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getAllowedDomainEntry($domain_id, $area = 'customer', $userinfo, &$idna_convert)
{
$dom_data = array(
'did' => $domain_id
);
$where_clause = '';
if ($area == 'admin') {
if ($userinfo['domains_see_all'] != '1') {
$where_clause = '`adminid` = :uid AND ';
$dom_data['uid'] = $userinfo['userid'];
}
} else {
$where_clause = '`customerid` = :uid AND ';
$dom_data['uid'] = $userinfo['userid'];
}
$dom_stmt = Database::prepare("
SELECT domain, isbinddomain
FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE " . $where_clause . " id = :did
");
$domain = Database::pexecute_first($dom_stmt, $dom_data);
if ($domain) {
if ($domain['isbinddomain'] != '1') {
standard_error('dns_domain_nodns');
}
return $idna_convert->decode($domain['domain']);
}
standard_error('dns_notfoundorallowed');
}

1
lib/tables.inc.php
View File

@@ -50,5 +50,6 @@ define('TABLE_PANEL_REDIRECTCODES', 'redirect_codes');
define('TABLE_PANEL_DOMAINREDIRECTS', 'domain_redirect_codes');
define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings');
define('TABLE_DOMAINTOIP', 'panel_domaintoip');
define('TABLE_DOMAIN_DNS', 'domain_dns_entries');
require dirname(__FILE__).'/version.inc.php';

2
lib/version.inc.php
View File

@@ -19,7 +19,7 @@
$version = '0.9.36';
// Database version (YYYYMMDDC where C is a daily counter)
$dbversion = '201604270';
$dbversion = '201605180';
// Distribution branding-tag (used for Debian etc.)
$branding = '';

36
lng/english.lng.php
View File

@@ -344,10 +344,10 @@ $lng['serversettings']['apachereload_command']['title'] = 'Webserver reload comm
$lng['serversettings']['apachereload_command']['description'] = 'What\'s the webserver command to reload configfiles?';
$lng['serversettings']['bindenable']['title'] = 'Enable Nameserver';
$lng['serversettings']['bindenable']['description'] = 'Here the Nameserver can be enabled and disabled globaly.';
$lng['serversettings']['bindconf_directory']['title'] = 'Bind config directory';
$lng['serversettings']['bindconf_directory']['description'] = 'Where should bind configfiles be saved?';
$lng['serversettings']['bindreload_command']['title'] = 'Bind reload command';
$lng['serversettings']['bindreload_command']['description'] = 'What\'s the bind command to reload bind configfiles?';
$lng['serversettings']['bindconf_directory']['title'] = 'Dns server config directory';
$lng['serversettings']['bindconf_directory']['description'] = 'Where should dns-server configfiles be saved?';
$lng['serversettings']['bindreload_command']['title'] = 'DNS server reload command';
$lng['serversettings']['bindreload_command']['description'] = 'What\'s the command to reload the dns server daemon?';
$lng['serversettings']['vmail_uid']['title'] = 'Mails-UID';
$lng['serversettings']['vmail_uid']['description'] = 'Which UserID should mails have?';
$lng['serversettings']['vmail_gid']['title'] = 'Mails-GID';
@@ -1990,4 +1990,32 @@ $lng['extras']['path_protection_label'] = '<strong class="red">Important</strong
$lng['extras']['path_protection_info'] = '<strong class="red">We strongly recommend protecting the given path, see "Extras" -> "Directory protection"</strong>';
$lng['tasks']['backup_customerfiles'] = 'Backup job for customer %loginname%';
$lng['error']['dns_domain_nodns'] = 'DNS is not enabled for this domain';
$lng['error']['dns_content_empty'] = 'No content given';
$lng['error']['dns_arec_noipv4'] = 'No valid IP address for A-record given';
$lng['error']['dns_aaaarec_noipv6'] = 'No valid IP address for AAAA-record given';
$lng['error']['dns_mx_prioempty'] = 'Invalid MX priority given';
$lng['error']['dns_mx_needdom'] = 'The MX content value must be a valid domain-name';
$lng['error']['dns_mx_noalias'] = 'The MX-content value cannot be an CNAME entry.';
$lng['error']['dns_cname_invaliddom'] = 'Invalid domain-name for CNAME record';
$lng['error']['dns_cname_nomorerr'] = 'There already exists a resource-record with the same record-name. It cannot be used as CNAME.';
$lng['error']['dns_ns_invaliddom'] = 'Invalid domain-name for NS record';
$lng['error']['dns_srv_prioempty'] = 'Invalid SRV priority given';
$lng['error']['dns_srv_invalidcontent'] = 'Invalid SRV content, must contain of fields weight, port and target, e.g.: 5 5060 sipserver.example.com.';
$lng['error']['dns_srv_needdom'] = 'The SRV target value must be a valid domain-name';
$lng['error']['dns_srv_noalias'] = 'The SRV-target value cannot be an CNAME entry.';
$lng['error']['dns_duplicate_entry'] = 'Record already exists';
$lng['success']['dns_record_added'] = 'Record added successfully';
$lng['success']['dns_record_deleted'] = 'Record deleted successfully';
$lng['dnseditor']['edit'] = 'edit DNS';
$lng['dnseditor']['records'] = 'records';
$lng['error']['dns_notfoundorallowed'] = 'Domain not found or no permission';
$lng['serversettings']['dnseditorenable']['title'] = 'Enable DNS editor';
$lng['serversettings']['dnseditorenable']['description'] = 'Allows admins and customer to manage domain dns entries';
$lng['dns']['howitworks'] = 'Here you can manage DNS entries for your domain. Note that froxlor will automatically generate NS/MX/A/AAAA records for you. The custom entries are prefered, only missing entries will be automatically generated.';
$lng['serversettings']['dns_server']['title'] = 'DNS server daemon';
$lng['serversettings']['dns_server']['description'] = 'Remember that daemons have to be configured using froxlors configuration templates';
$lng['error']['domain_nopunycode'] = 'You must not specify punycode (IDNA). The domain will automatically be converted';
$lng['admin']['dnsenabled'] = 'Enable DNS editor';
$lng['error']['dns_record_toolong'] = 'Records/labels can only be up to 63 characters';

36
lng/german.lng.php
View File

@@ -341,10 +341,10 @@ $lng['serversettings']['apachereload_command']['title'] = 'Webserver-Reload-Comm
$lng['serversettings']['apachereload_command']['description'] = 'Wie heißt das Skript zum Neuladen der Webserver-Konfigurationsdateien?';
$lng['serversettings']['bindenable']['title'] = 'Nameserver aktivieren';
$lng['serversettings']['bindenable']['description'] = 'Hier können Sie den Nameserver global aktivieren bzw. deaktivieren.';
$lng['serversettings']['bindconf_directory']['title'] = 'Bind-Config-Directory';
$lng['serversettings']['bindconf_directory']['description'] = 'Wo liegen die Bind-Konfigurationsdateien?';
$lng['serversettings']['bindreload_command']['title'] = 'Bind-Reload-Command';
$lng['serversettings']['bindreload_command']['description'] = 'Wie heißt das Skript zum Neuladen der Bind-Konfigurationsdateien?';
$lng['serversettings']['bindconf_directory']['title'] = 'DNS-Server Konfigurationsordner';
$lng['serversettings']['bindconf_directory']['description'] = 'Wo liegen die DNS-Server Konfigurationsdateien?';
$lng['serversettings']['bindreload_command']['title'] = 'DNS-Server Reload-Befehl';
$lng['serversettings']['bindreload_command']['description'] = 'Wie heißt das Skript zum Neuladen der DNS-Server Konfigurationsdateien?';
$lng['serversettings']['vmail_uid']['title'] = 'Mail-UID';
$lng['serversettings']['vmail_uid']['description'] = 'Welche UID sollen die E-Mails haben?';
$lng['serversettings']['vmail_gid']['title'] = 'Mail-GID';
@@ -1643,4 +1643,32 @@ $lng['extras']['path_protection_label'] = '<strong class="red">Wichtig</strong>'
$lng['extras']['path_protection_info'] = '<strong class="red">Wir raten dringend dazu den angegebenen Pfad zu schützen, siehe "Extras" -> "Verzeichnisschutz"</strong>';
$lng['tasks']['backup_customerfiles'] = 'Datensicherung für Kunde %loginname%';
$lng['error']['dns_domain_nodns'] = 'DNS ist für diese Domain nicht aktiviert';
$lng['error']['dns_content_empty'] = 'Keinen Inhalt angegeben';
$lng['error']['dns_arec_noipv4'] = 'Kein gültige IP Adresse für A-Eintrag angegeben';
$lng['error']['dns_aaaarec_noipv6'] = 'Kein gültige IP Adresse für AAAA-Eintrag angegeben';
$lng['error']['dns_mx_prioempty'] = 'Ungültige MX Priorität angegeben';
$lng['error']['dns_mx_needdom'] = 'Der Wert des MX Eintrags muss ein gültiger Domainname sein';
$lng['error']['dns_mx_noalias'] = 'Der MX Eintrag darf kein CNAME Eintrag sein.';
$lng['error']['dns_cname_invaliddom'] = 'Ungültiger Domain-Name für CNAME Eintrag';
$lng['error']['dns_cname_nomorerr'] = 'Es existiert bereits ein Eintrag mit dem gleichen Namen. Dieser Eintrag kann daher nicht für CNAME genutzt werden.';
$lng['error']['dns_ns_invaliddom'] = 'Ungültiger Domain-Name für NS Eintrag';
$lng['error']['dns_srv_prioempty'] = 'Ungültige SRV Priorität angegeben';
$lng['error']['dns_srv_invalidcontent'] = 'Ungültiger Wert des SRV Eintrags, dieser muss aus den Feldern: weight, port und target, bestehen. Bsp.: 5 5060 sipserver.example.com.';
$lng['error']['dns_srv_needdom'] = 'Der Wert des SRV Eintrags muss ein gültiger Domainname sein';
$lng['error']['dns_srv_noalias'] = 'Der SRV Eintrag darf kein CNAME Eintrag sein..';
$lng['error']['dns_duplicate_entry'] = 'Eintrag existiert bereits';
$lng['success']['dns_record_added'] = 'Eintrag erfolgreich hinzugefügt';
$lng['success']['dns_record_deleted'] = 'Eintrag erfolgreich entfernt';
$lng['dnseditor']['edit'] = 'DNS editieren';
$lng['dnseditor']['records'] = 'Einträge';
$lng['error']['dns_notfoundorallowed'] = 'Domain nicht gefunden oder keine Berechtigung';
$lng['serversettings']['dnseditorenable']['title'] = 'DNS Editor aktivieren';
$lng['serversettings']['dnseditorenable']['description'] = 'Erlaubt es Admins und Kunden die DNS Einträge Ihrer Domains zu verwalten';
$lng['dns']['howitworks'] = 'Hier können DNS Einträge für die Domain verwaltet werden. Beachte das Froxlor automatisch NS/MX/A/AAAA Einträge generiert. Die benutzerdefinierten Einträge werden bevorzugt, nur fehlende Einträge werden automatisch generiert.';
$lng['serversettings']['dns_server']['title'] = 'DNS Server Dienst';
$lng['serversettings']['dns_server']['description'] = 'Dienste müssen mit den froxlor Konfigurationstemplates konfiguriert werden';
$lng['error']['domain_nopunycode'] = 'Die Eingabe von Punycode (IDNA) ist nicht notwendig. Die Domain wird automatisch konvertiert.';
$lng['admin']['dnsenabled'] = 'Zugriff auf DNS Editor';
$lng['error']['dns_record_toolong'] = 'Records/Labels können maximal 63 Zeichen lang sein';

187
scripts/classes/class.DnsBase.php Normal file
View File

@@ -0,0 +1,187 @@
<?php
/***
* Class DnsBase
*
* Base class for all DNS server configs
*
*/
abstract class DnsBase
{
protected $_logger = false;
protected $_ns = array();
protected $_mx = array();
protected $_axfr = array();
abstract public function writeConfigs();
public function __construct($logger)
{
$this->_logger = $logger;
if (Settings::Get('system.nameservers') != '') {
$nameservers = explode(',', Settings::Get('system.nameservers'));
foreach ($nameservers as $nameserver) {
$nameserver = trim($nameserver);
// DNS servers might be multi homed; allow transfer from all ip
// addresses of the DNS server
$nameserver_ips = gethostbynamel($nameserver);
// append dot to hostname
if (substr($nameserver, - 1, 1) != '.') {
$nameserver .= '.';
}
// ignore invalid responses
if (! is_array($nameserver_ips)) {
// act like gethostbyname() and return unmodified hostname on error
$nameserver_ips = array(
$nameserver
);
}
$this->_ns[] = array(
'hostname' => $nameserver,
'ips' => $nameserver_ips
);
}
}
if (Settings::Get('system.mxservers') != '') {
$mxservers = explode(',', Settings::Get('system.mxservers'));
foreach ($mxservers as $mxserver) {
if (substr($mxserver, - 1, 1) != '.') {
$mxserver .= '.';
}
$this->_mx[] = $mxserver;
}
}
// AXFR server #100
if (Settings::Get('system.axfrservers') != '') {
$axfrservers = explode(',', Settings::Get('system.axfrservers'));
foreach ($axfrservers as $axfrserver) {
$this->_axfr[] = trim($axfrserver);
}
}
}
protected function getDomainList()
{
// get all Domains
$result_domains_stmt = Database::query("
SELECT `d`.`id`, `d`.`domain`, `d`.`customerid`, `d`.`zonefile`, `c`.`loginname`, `c`.`guid`
FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
WHERE `d`.`isbinddomain` = '1' ORDER BY `d`.`domain` ASC
");
$domains = $result_domains_stmt->fetchAll(PDO::FETCH_ASSOC);
// frolxor-hostname (#1090)
if (Settings::get('system.dns_createhostnameentry') == 1) {
$hostname_arr = array(
'id' => 'none',
'domain' => Settings::Get('system.hostname'),
'isbinddomain' => '1',
'isemaildomain' => Settings::Get('system.dns_createmailentry'),
'customerid' => 'none',
'loginname' => 'froxlor.panel',
'bindserial' => date('Ymd') . '00',
'dkim' => '0',
'iswildcarddomain' => '1',
'ismainbutsubto' => '0',
'zonefile' => '',
'froxlorhost' => '1'
);
$domains['none'] = $hostname_arr;
}
if (empty($domains)) {
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, skipping...');
return null;
}
return $domains;
}
public function writeDKIMconfigs()
{
if (Settings::Get('dkim.use_dkim') == '1') {
if (! file_exists(makeCorrectDir(Settings::Get('dkim.dkim_prefix')))) {
$this->_logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('dkim.dkim_prefix'))));
safe_exec('mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('dkim.dkim_prefix'))));
}
$dkimdomains = '';
$dkimkeys = '';
$result_domains_stmt = Database::query("
SELECT `id`, `domain`, `dkim`, `dkim_id`, `dkim_pubkey`, `dkim_privkey`
FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `dkim` = '1' ORDER BY `id` ASC
");
while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$privkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
$pubkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
if ($domain['dkim_privkey'] == '' || $domain['dkim_pubkey'] == '') {
$max_dkim_id_stmt = Database::query("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
$max_dkim_id = $max_dkim_id_stmt->fetch(PDO::FETCH_ASSOC);
$domain['dkim_id'] = (int) $max_dkim_id['max_dkim_id'] + 1;
$privkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . Settings::Get('dkim.dkim_keylength'));
$domain['dkim_privkey'] = file_get_contents($privkey_filename);
safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
$pubkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
safe_exec('openssl rsa -in ' . escapeshellarg($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellarg($pubkey_filename));
$domain['dkim_pubkey'] = file_get_contents($pubkey_filename);
safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`dkim_id` = :dkimid,
`dkim_privkey` = :privkey,
`dkim_pubkey` = :pubkey
WHERE `id` = :id
");
$upd_data = array(
'dkimid' => $domain['dkim_id'],
'privkey' => $domain['dkim_privkey'],
'pubkey' => $domain['dkim_pubkey'],
'id' => $domain['id']
);
Database::pexecute($upd_stmt, $upd_data);
}
if (! file_exists($privkey_filename) && $domain['dkim_privkey'] != '') {
$privkey_file_handler = fopen($privkey_filename, "w");
fwrite($privkey_file_handler, $domain['dkim_privkey']);
fclose($privkey_file_handler);
safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
}
if (! file_exists($pubkey_filename) && $domain['dkim_pubkey'] != '') {
$pubkey_file_handler = fopen($pubkey_filename, "w");
fwrite($pubkey_file_handler, $domain['dkim_pubkey']);
fclose($pubkey_file_handler);
safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
}
$dkimdomains .= $domain['domain'] . "\n";
$dkimkeys .= "*@" . $domain['domain'] . ":" . $domain['domain'] . ":" . $privkey_filename . "\n";
}
$dkimdomains_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/' . Settings::Get('dkim.dkim_domains'));
$dkimdomains_file_handler = fopen($dkimdomains_filename, "w");
fwrite($dkimdomains_file_handler, $dkimdomains);
fclose($dkimdomains_file_handler);
$dkimkeys_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/' . Settings::Get('dkim.dkim_dkimkeys'));
$dkimkeys_file_handler = fopen($dkimkeys_filename, "w");
fwrite($dkimkeys_file_handler, $dkimkeys);
fclose($dkimkeys_file_handler);
safe_exec(escapeshellcmd(Settings::Get('dkim.dkimrestart_command')));
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Dkim-milter reloaded');
}
}
}

648
scripts/jobs/cron_tasks.inc.dns.10.bind.php
View File

@@ -1,620 +1,134 @@
<?php if (!defined('MASTER_CRONJOB')) die('You cannot access this file directly!');
<?php
if (! defined('MASTER_CRONJOB'))
die('You cannot access this file directly!');
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
*/
class bind extends DnsBase
{
class bind {
public $logger = false;
public $nameservers = array();
public $mxservers = array();
public $axfrservers = array();
public function writeConfigs()
{
// tell the world what we are doing
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 started - Rebuilding froxlor_bind.conf');
private $_known_filenames = array();
private $_bindconf_file = '';
// clean up
$this->_cleanZonefiles();
public function __construct($logger) {
// check for subfolder in bind-config-directory
if (! file_exists(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/'))) {
$this->_logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
safe_exec('mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
}
$this->logger = $logger;
$domains = $this->getDomainList();
if (Settings::Get('system.nameservers') != '') {
$nameservers = explode(',', Settings::Get('system.nameservers'));
foreach ($nameservers as $nameserver) {
$nameserver = trim($nameserver);
// DNS servers might be multi homed; allow transfer from all ip
// addresses of the DNS server
$nameserver_ips = gethostbynamel($nameserver);
// append dot to hostname
if (substr($nameserver, -1, 1) != '.') {
$nameserver.= '.';
if (! empty($domains)) {
$bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n";
foreach ($domains as $domain) {
// check for system-hostname
$isFroxlorHostname = false;
if (isset($domain['froxlorhost']) && $domain['froxlorhost'] == 1) {
$isFroxlorHostname = true;
}
// ignore invalid responses
if (!is_array($nameserver_ips)) {
// act like gethostbyname() and return unmodified hostname on error
$nameserver_ips = array($nameserver);
}
$this->nameservers[] = array(
'hostname' => $nameserver,
'ips' => $nameserver_ips
);
}
}
if (Settings::Get('system.mxservers') != '') {
$mxservers = explode(',', Settings::Get('system.mxservers'));
foreach ($mxservers as $mxserver) {
if (substr($mxserver, -1, 1) != '.') {
$mxserver.= '.';
}
$this->mxservers[] = $mxserver;
}
}
// AXFR server #100
if (Settings::Get('system.axfrservers') != '') {
$axfrservers = explode(',', Settings::Get('system.axfrservers'));
foreach ($axfrservers as $axfrserver) {
$this->axfrservers[] = trim($axfrserver);
}
}
}
public function writeConfigs() {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 started - Rebuilding froxlor_bind.conf');
if (!file_exists(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/'))) {
$this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
safe_exec('mkdir ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
}
$this->_known_filenames = array();
$this->_bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" .
'# Created ' . date('d.m.Y H:i') . "\n" .
'# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n" . "\n";
$result_domains_stmt = Database::query("
SELECT `d`.`id`, `d`.`domain`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`wwwserveralias`, `d`.`customerid`,
`d`.`zonefile`, `d`.`bindserial`, `d`.`dkim`, `d`.`dkim_id`, `d`.`dkim_pubkey`, `d`.`ismainbutsubto`,
`c`.`loginname`, `c`.`guid`
FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
WHERE `d`.`isbinddomain` = '1' ORDER BY `d`.`domain` ASC
");
$domains = array();
// don't use fetchall() to be able to set the first column to the domain id and use it later on to set the rows'
// array of direct children without having to search the outer array
while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$domains[$domain["id"]] = $domain;
}
// frolxor-hostname (#1090)
if (Settings::get('system.dns_createhostnameentry') == 1) {
$hostname_arr = array(
'id' => 'none',
'domain' => Settings::Get('system.hostname'),
'isemaildomain' => Settings::Get('system.dns_createmailentry'),
'customerid' => 'none',
'loginname' => 'froxlor.panel',
'bindserial' => date('Ymd').'00',
'dkim' => '0',
'iswildcarddomain' => '1',
'ismainbutsubto' => '0',
'zonefile' => '',
'froxlorhost' => '1'
);
$domains['none'] = $hostname_arr;
}
if (empty($domains)) {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, skipping...');
return;
}
// collect domain IDs of direct child domains as arrays in ['children'] column
foreach (array_keys($domains) as $key) {
if (!isset($domains[$key]['children'])) {
$domains[$key]['children'] = array();
}
if ($domains[$key]['ismainbutsubto'] > 0) {
if (isset($domains[ $domains[$key]['ismainbutsubto'] ])) {
$domains[ $domains[$key]['ismainbutsubto'] ]['children'][] = $domains[$key]['id'];
} else {
$this->logger->logAction(CRON_ACTION, LOG_ERR,
'Database inconsistency: domain ' . $domain['domain'] . ' (ID #' . $key .
') is set to to be subdomain to non-existent domain ID #' .
$domains[$key]['ismainbutsubto'] .
'. No DNS record(s) will be created for this domain.');
}
}
}
$this->logger->logAction(CRON_ACTION, LOG_DEBUG,
str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') .
'ismainbutsubto ' . str_pad('parent domain', 40, ' ') .
"list of child domain ids");
foreach ($domains as $domain) {
$logLine =
str_pad($domain['id'], 9, ' ') .
str_pad($domain['domain'], 40, ' ') .
str_pad($domain['ismainbutsubto'], 15, ' ') .
str_pad(((isset($domains[ $domain['ismainbutsubto'] ])) ?
$domains[ $domain['ismainbutsubto'] ]['domain'] :
'-'), 40, ' ') .
join(', ', $domain['children']);
$this->logger->logAction(CRON_ACTION, LOG_DEBUG, $logLine);
}
foreach ($domains as $domain) {
if ($domain['ismainbutsubto'] > 0) {
// domains with ismainbutsubto>0 are handled by recursion within walkDomainList()
continue;
}
$this->walkDomainList($domain, $domains);
}
$bindconf_file_handler = fopen(makeCorrectFile(Settings::Get('system.bindconf_directory') . '/froxlor_bind.conf'), 'w');
fwrite($bindconf_file_handler, $this->_bindconf_file);
fclose($bindconf_file_handler);
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'froxlor_bind.conf written');
safe_exec(escapeshellcmd(Settings::Get('system.bindreload_command')));
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'Bind9 reloaded');
$domains_dir = makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/');
if (file_exists($domains_dir)
&& is_dir($domains_dir)) {
$domain_file_dirhandle = opendir($domains_dir);
while (false !== ($domain_filename = readdir($domain_file_dirhandle))) {
$full_filename = makeCorrectFile($domains_dir . '/' . $domain_filename);
if ($domain_filename != '.'
&& $domain_filename != '..'
&& !in_array($domain_filename, $this->_known_filenames)
&& is_file($full_filename)
&& file_exists($full_filename)) {
$this->logger->logAction(CRON_ACTION, LOG_WARNING, 'Deleting ' . $domain_filename);
unlink(makeCorrectFile($domains_dir . '/' . $domain_filename));
}
}
}
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 finished');
}
private function walkDomainList($domain, $domains) {
$zonefile = '';
$subzones = '';
foreach($domain['children'] as $child_domain_id) {
$subzones.= $this->walkDomainList($domains[$child_domain_id], $domains);
}
if ($domain['zonefile'] == '') {
if ($domain['ismainbutsubto'] == 0) {
$zonefile = $this->generateZone($domain);
// create zone-file
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, 'Generating dns zone for ' . $domain['domain']);
$zone = createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname);
$zonefile = (string)$zone;
$domain['zonefile'] = 'domains/' . $domain['domain'] . '.zone';
$zonefile_name = makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']);
$this->_known_filenames[] = basename($zonefile_name);
$zonefile_handler = fopen($zonefile_name, 'w');
fwrite($zonefile_handler, $zonefile.$subzones);
fwrite($zonefile_handler, $zonefile);
fclose($zonefile_handler);
$this->logger->logAction(CRON_ACTION, LOG_INFO, '`' . $zonefile_name . '` zone written');
$this->_bindconf_file .= $this->_generateDomainConfig($domain);
} else {
return $this->generateZone($domain);
$this->_logger->logAction(CRON_ACTION, LOG_INFO, '`' . $zonefile_name . '` zone written');
// generate config
$bindconf_file .= $this->_generateDomainConfig($domain);
}
} else {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'Added zonefile ' . $domain['zonefile'] . ' for domain ' . $domain['domain'] .
' - Note that you will also have to handle ALL records for ALL subdomains.');
$this->_bindconf_file .= $this->_generateDomainConfig($domain);
// write config
$bindconf_file_handler = fopen(makeCorrectFile(Settings::Get('system.bindconf_directory') . '/froxlor_bind.conf'), 'w');
fwrite($bindconf_file_handler, $bindconf_file);
fclose($bindconf_file_handler);
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'froxlor_bind.conf written');
// reload Bind
safe_exec(escapeshellcmd(Settings::Get('system.bindreload_command')));
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Bind9 reloaded');
}
}
private function _generateDomainConfig($domain = array()) {
if (isset($domain['froxlorhost']) && $domain['froxlorhost'] === '1') {
$froxlorhost = true;
} else {
$froxlorhost = false;
}
private function _generateDomainConfig($domain = array())
{
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, 'Generating dns config for ' . $domain['domain']);
$bindconf_file = '# Domain ID: ' . $domain['id'] . ' - CustomerID: ' . $domain['customerid'] . ' - CustomerLogin: ' . $domain['loginname'] . "\n";
$bindconf_file.= 'zone "' . $domain['domain'] . '" in {' . "\n";
$bindconf_file.= ' type master;' . "\n";
$bindconf_file.= ' file "' . makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']) . '";' . "\n";
$bindconf_file.= ' allow-query { any; };' . "\n";
$bindconf_file .= 'zone "' . $domain['domain'] . '" in {' . "\n";
$bindconf_file .= ' type master;' . "\n";
$bindconf_file .= ' file "' . makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']) . '";' . "\n";
$bindconf_file .= ' allow-query { any; };' . "\n";
if (count($this->nameservers) > 0
|| count($this->axfrservers) > 0
) {
if (count($this->_ns) > 0 || count($this->_axfr) > 0) {
// open allow-transfer
$bindconf_file.= ' allow-transfer {' . "\n";
$bindconf_file .= ' allow-transfer {' . "\n";
// put nameservers in allow-transfer
if (count($this->nameservers) > 0) {
foreach ($this->nameservers as $ns) {
foreach($ns["ips"] as $ip) {
$bindconf_file.= ' ' . $ip . ";\n";
if (count($this->_ns) > 0) {
foreach ($this->_ns as $ns) {
foreach ($ns["ips"] as $ip) {
$bindconf_file .= ' ' . $ip . ";\n";
}
}
}
// AXFR server #100
if (count($this->axfrservers) > 0) {
foreach ($this->axfrservers as $axfrserver) {
if (count($this->_axfr) > 0) {
foreach ($this->_axfr as $axfrserver) {
if (validate_ip($axfrserver, true) !== false) {
$bindconf_file.= ' ' . $axfrserver . ';' . "\n";
$bindconf_file .= ' ' . $axfrserver . ';' . "\n";
}
}
}
// close allow-transfer
$bindconf_file.= ' };' . "\n";
$bindconf_file .= ' };' . "\n";
}
$bindconf_file.= '};' . "\n";
$bindconf_file.= "\n";
$bindconf_file .= '};' . "\n";
$bindconf_file .= "\n";
return $bindconf_file;
}
/**
* generate bind zone content.
*
* @param array $domain
*
* @return string
*/
protected function generateZone($domain) {
if (isset($domain['froxlorhost']) && $domain['froxlorhost'] === '1') {
$froxlorhost = true;
} else {
$froxlorhost = false;
}
private function _cleanZonefiles()
{
$config_dir = makeCorrectFile(Settings::Get('system.bindconf_directory') . '/domains/');
// Array to save all ips needed in the records (already including IN A/AAAA)
$ip_a_records = array();
// Array to save DNS records
$records = array();
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Cleaning dns zone files from ' . $config_dir);
$domainidquery = '';
$query_params = array();
if (!$froxlorhost) {
// check directory
if (@is_dir($config_dir)) {
$domainidquery = "`di`.`id_domain` = :domainid AND ";
$query_params['domainid'] = $domain['id'];
// create directory iterator
$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($config_dir));
$result_ip_stmt = Database::prepare("
SELECT `p`.`ip` AS `ip`
FROM `".TABLE_PANEL_IPSANDPORTS."` `p`, `".TABLE_DOMAINTOIP."` `di`
WHERE ".$domainidquery."`p`.`id` = `di`.`id_ipandports`
GROUP BY `p`.`ip`;
");
} else {
// use all available IP's for the froxlor-hostname
$result_ip_stmt = Database::prepare("
SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` GROUP BY `ip`
");
}
Database::pexecute($result_ip_stmt, $query_params);
while ($ip = $result_ip_stmt->fetch(PDO::FETCH_ASSOC)) {
if (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$ip_a_records[] = "A\t\t" . $ip['ip'];
}
elseif (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$ip_a_records[] = "AAAA\t\t" . $ip['ip'];
}
else {
return ";Error in at least one IP Address (".$ip['ip']."), could not create zonefile!";
}
}
if ($domain['ismainbutsubto'] == 0) {
$date = date('Ymd');
$bindserial = (preg_match('/^' . $date . '/', $domain['bindserial']) ? $domain['bindserial'] + 1 : $date . '00');
if (!$froxlorhost) {
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`bindserial` = :serial
WHERE `id` = :id
");
Database::pexecute($upd_stmt, array('serial' => $bindserial, 'id' => $domain['id']));
}
$zonefile = '$TTL ' . (int)Settings::Get('system.defaultttl') . "\n";
if (count($this->nameservers) == 0) {
$zonefile.= '@ IN SOA ns ' . str_replace('@', '.', Settings::Get('panel.adminmail')) . '. (' . "\n";
} else {
$zonefile.= '@ IN SOA ' . $this->nameservers[0]['hostname'] . ' ' . str_replace('@', '.', Settings::Get('panel.adminmail')) . '. (' . "\n";
}
$zonefile.= ' ' . $bindserial . ' ; serial' . "\n" . ' 8H ; refresh' . "\n" . ' 2H ; retry' . "\n" . ' 1W ; expiry' . "\n" . ' 11h) ; minimum' . "\n";
// no nameservers given, use all of the A/AAAA entries
if (count($this->nameservers) == 0) {
$zonefile .= '@ IN NS ns' . "\n";
foreach ($ip_a_records as $ip_a_record) {
$zonefile .= 'ns IN ' . $ip_a_record . "\n";
}
} else {
foreach ($this->nameservers as $nameserver) {
$zonefile.= '@ IN NS ' . trim($nameserver['hostname']) . "\n";
// iterate through all subdirs, look for zone files and delete them
foreach ($its as $it) {
if ($it->isFile()) {
// remove file
safe_exec('rm -f ' . escapeshellarg(makeCorrectFile($its->getPathname())));
}
}
} else {
$zonefile = '$ORIGIN ' . $domain["domain"] . ".\n";
}
if ($domain['isemaildomain'] === '1') {
if (count($this->mxservers) == 0) {
$zonefile.= '@ IN MX 10 mail' . "\n";
$records[] = 'mail';
if ($domain['iswildcarddomain'] != '1') {
$records[] = 'imap';
$records[] = 'smtp';
$records[] = 'pop3';
}
} else {
foreach ($this->mxservers as $mxserver) {
$zonefile.= '@ IN MX ' . trim($mxserver) . "\n";
}
if (Settings::Get('system.dns_createmailentry') == '1') {
$records[] = 'mail';
if ($domain['iswildcarddomain'] != '1') {
$records[] = 'imap';
$records[] = 'smtp';
$records[] = 'pop3';
}
}
}
/*
* @TODO domain-based spf-settings
*/
if (Settings::Get('spf.use_spf') == '1'
/*&& $domain['spf'] == '1' */
) {
$zonefile.= Settings::Get('spf.spf_entry') . "\n";
if (in_array('mail', $records)) {
$zonefile.= str_replace('@', 'mail', Settings::Get('spf.spf_entry')) . "\n";
}
}
}
/**
* generate dkim-zone-entries
*/
$zonefile.= $this->generateDkim($domain);
if (!$froxlorhost) {
$nssubdomains_stmt = Database::prepare("
SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `isbinddomain` = '1' AND `ismainbutsubto` = '0' AND `domain` LIKE :domain
");
Database::pexecute($nssubdomains_stmt, array('domain' => '%.' . $domain['domain']));
while ($nssubdomain = $nssubdomains_stmt->fetch(PDO::FETCH_ASSOC)) {
if (preg_match('/^[^\.]+\.' . preg_quote($domain['domain'], '/') . '/', $nssubdomain['domain'])) {
$nssubdomain = str_replace('.' . $domain['domain'], '', $nssubdomain['domain']);
if (count($this->nameservers) == 0) {
$zonefile.= $nssubdomain . ' IN NS ns.' . $nssubdomain . "\n";
} else {
foreach ($this->nameservers as $nameserver) {
$zonefile.= $nssubdomain . ' IN NS ' . trim($nameserver['hostname']) . "\n";
}
}
}
}
}
$records[] = '@';
if ($domain['iswildcarddomain'] == '1') {
$records[] = '*';
} else if ($domain['wwwserveralias'] == '1') {
$records[] = 'www';
}
if (!$froxlorhost) {
$subdomains_stmt = Database::prepare("
SELECT `domain` FROM `".TABLE_PANEL_DOMAINS."`
WHERE `parentdomainid` = :domainid
");
Database::pexecute($subdomains_stmt, array('domainid' => $domain['id']));
while ($subdomain = $subdomains_stmt->fetch(PDO::FETCH_ASSOC)) {
// Listing domains is enough as there currently is no support for choosing
// different ips for a subdomain => use same IPs as toplevel
$records[] = str_replace('.' . $domain['domain'], '', $subdomain['domain']);
// Check whether to add a www.-prefix
if ($domain['wwwserveralias'] == '1') {
$records[] = 'www.'.str_replace('.' . $domain['domain'], '', $subdomain['domain']);
}
}
}
// Create DNS-Records for every name we have saved
foreach ($records as $record) {
// we create an entry for every ip we have saved
foreach ($ip_a_records as $ip_a_record) {
$zonefile.= $record . "\tIN\t" . $ip_a_record . "\n";
}
}
return $zonefile;
}
private function generateDkim($domain) {
$zone_dkim = '';
if (Settings::Get('dkim.use_dkim') == '1'
&& $domain['dkim'] == '1'
&& $domain['dkim_pubkey'] != '') {
// start
$dkim_txt = 'v=DKIM1;';
// algorithm
$algorithm = explode(',', Settings::Get('dkim.dkim_algorithm'));
$alg = '';
foreach ($algorithm as $a) {
if ($a == 'all') {
break;
} else {
$alg.=$a.':';
}
}
if ($alg != '') {
$alg = substr($alg, 0, -1);
$dkim_txt.= 'h='.$alg.';';
}
// notes
if (trim(Settings::Get('dkim.dkim_notes') != '')) {
$dkim_txt.= 'n='.trim(Settings::Get('dkim.dkim_notes')).';';
}
// key
$dkim_txt.= 'k=rsa;p='.trim(preg_replace('/-----BEGIN PUBLIC KEY-----(.+)-----END PUBLIC KEY-----/s', '$1', str_replace("\n", '', $domain['dkim_pubkey']))).';';
// service-type
if (Settings::Get('dkim.dkim_servicetype') == '1') {
$dkim_txt.= 's=email;';
}
// end-part
$dkim_txt.='t=s';
// split if necessary
$txt_record_split='';
$lbr=50;
for ($pos=0; $pos<=strlen($dkim_txt)-1; $pos+=$lbr) {
$txt_record_split.= (($pos==0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos>=strlen($dkim_txt)-$lbr) ? '")' : '"' ) ."\n";
}
// dkim-entry
$zone_dkim .= 'dkim_' . $domain['dkim_id'] . '._domainkey IN TXT ' . $txt_record_split;
// adsp-entry
if (Settings::Get('dkim.dkim_add_adsp') == "1") {
$zone_dkim .= '_adsp._domainkey IN TXT "dkim=';
switch ((int)Settings::Get('dkim.dkim_add_adsppolicy')) {
case 0:
$zone_dkim .= 'unknown"'. "\n";
break;
case 1:
$zone_dkim .= 'all"'. "\n";
break;
case 2:
$zone_dkim .= 'discardable"'. "\n";
break;
}
}
}
return $zone_dkim;
}
public function writeDKIMconfigs() {
if (Settings::Get('dkim.use_dkim') == '1') {
if (!file_exists(makeCorrectDir(Settings::Get('dkim.dkim_prefix')))) {
$this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('dkim.dkim_prefix'))));
safe_exec('mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('dkim.dkim_prefix'))));
}
$dkimdomains = '';
$dkimkeys = '';
$result_domains_stmt = Database::query("
SELECT `id`, `domain`, `dkim`, `dkim_id`, `dkim_pubkey`, `dkim_privkey`
FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `dkim` = '1' ORDER BY `id` ASC
");
while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$privkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
$pubkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
if ($domain['dkim_privkey'] == ''
|| $domain['dkim_pubkey'] == '') {
$max_dkim_id_stmt = Database::query("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
$max_dkim_id = $max_dkim_id_stmt->fetch(PDO::FETCH_ASSOC);
$domain['dkim_id'] = (int)$max_dkim_id['max_dkim_id'] + 1;
$privkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id']);
safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . Settings::Get('dkim.dkim_keylength'));
$domain['dkim_privkey'] = file_get_contents($privkey_filename);
safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
$pubkey_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim_' . $domain['dkim_id'] . '.public');
safe_exec('openssl rsa -in ' . escapeshellarg($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellarg($pubkey_filename));
$domain['dkim_pubkey'] = file_get_contents($pubkey_filename);
safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`dkim_id` = :dkimid,
`dkim_privkey` = :privkey,
`dkim_pubkey` = :pubkey
WHERE `id` = :id
");
$upd_data = array(
'dkimid' => $domain['dkim_id'],
'privkey' => $domain['dkim_privkey'],
'pubkey' => $domain['dkim_pubkey'],
'id' => $domain['id']
);
Database::pexecute($upd_stmt, $upd_data);
}
if (!file_exists($privkey_filename)
&& $domain['dkim_privkey'] != '') {
$privkey_file_handler = fopen($privkey_filename, "w");
fwrite($privkey_file_handler, $domain['dkim_privkey']);
fclose($privkey_file_handler);
safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
}
if (!file_exists($pubkey_filename)
&& $domain['dkim_pubkey'] != '') {
$pubkey_file_handler = fopen($pubkey_filename, "w");
fwrite($pubkey_file_handler, $domain['dkim_pubkey']);
fclose($pubkey_file_handler);
safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
}
$dkimdomains.= $domain['domain'] . "\n";
$dkimkeys.= "*@" . $domain['domain'] . ":" . $domain['domain'] . ":" . $privkey_filename . "\n";
}
$dkimdomains_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/' . Settings::Get('dkim.dkim_domains'));
$dkimdomains_file_handler = fopen($dkimdomains_filename, "w");
fwrite($dkimdomains_file_handler, $dkimdomains);
fclose($dkimdomains_file_handler);
$dkimkeys_filename = makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/' . Settings::Get('dkim.dkim_dkimkeys'));
$dkimkeys_file_handler = fopen($dkimkeys_filename, "w");
fwrite($dkimkeys_file_handler, $dkimkeys);
fclose($dkimkeys_file_handler);
safe_exec(escapeshellcmd(Settings::Get('dkim.dkimrestart_command')));
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'Dkim-milter reloaded');
}
}
}

213
scripts/jobs/cron_tasks.inc.dns.20.pdns.php Normal file
View File

@@ -0,0 +1,213 @@
<?php
if (! defined('MASTER_CRONJOB'))
die('You cannot access this file directly!');
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
*/
class pdns extends DnsBase
{
private $pdns_db = null;
public function writeConfigs()
{
// tell the world what we are doing
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 started - Refreshing DNS database');
// connect to db
$this->_connectToPdnsDb();
// clean up
$this->_cleanZonefiles();
$domains = $this->getDomainList();
if (! empty($domains)) {
foreach ($domains as $domain) {
// check for system-hostname
$isFroxlorHostname = false;
if (isset($domain['froxlorhost']) && $domain['froxlorhost'] == 1) {
$isFroxlorHostname = true;
}
// create zone-file
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, 'Generating dns zone for ' . $domain['domain']);
$zone = createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname);
$dom_id = $this->_insertZone($zone->origin, $zone->serial);
$this->_insertRecords($dom_id, $zone->records, $zone->origin);
$this->_insertAllowedTransfers($dom_id);
$this->_logger->logAction(CRON_ACTION, LOG_INFO, '`' . $domain['domain'] . '` zone written');
}
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Database updated');
// reload Bind
safe_exec(escapeshellcmd(Settings::Get('system.bindreload_command')));
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'pdns reloaded');
}
}
private function _cleanZonefiles()
{
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Cleaning dns zone entries from database');
$this->pdns_db->query("TRUNCATE TABLE `records`");
$this->pdns_db->query("TRUNCATE TABLE `domains`");
$this->pdns_db->query("TRUNCATE TABLE `domainmetadata`");
}
private function _insertZone($domainname, $serial = 0)
{
$ins_stmt = $this->pdns_db->prepare("
INSERT INTO domains set `name` = :domainname, `notified_serial` = :serial, `type` = 'NATIVE'
");
$ins_stmt->execute(array('domainname' => $domainname, 'serial' => $serial));
$lastid = $this->pdns_db->lastInsertId();
return $lastid;
}
private function _insertRecords($domainid = 0, $records, $origin)
{
$ins_stmt = $this->pdns_db->prepare("
INSERT INTO records set
`domain_id` = :did,
`name` = :rec,
`type` = :type,
`content` = :content,
`ttl` = :ttl,
`prio` = :prio,
`disabled` = '0',
`change_date` = UNIX_TIMESTAMP()
");
foreach ($records as $record)
{
if ($record->record == '@') {
$_record = $origin;
}
else
{
$_record = $record->record.".".$origin;
}
$ins_data = array(
'did' => $domainid,
'rec' => $_record,
'type' => $record->type,
'content' => $record->content,
'ttl' => $record->ttl,
'prio' => $record->priority
);
$ins_stmt->execute($ins_data);
}
}
private function _insertAllowedTransfers($domainid)
{
$ins_stmt = $this->pdns_db->prepare("
INSERT INTO domainmetadata set `domain_id` = :did, `kind` = 'ALLOW-AXFR-FROM', `content` = :value
");
$ins_data = array(
'did' => $domainid
);
if (count($this->_ns) > 0 || count($this->_axfr) > 0) {
// put nameservers in allow-transfer
if (count($this->_ns) > 0) {
foreach ($this->_ns as $ns) {
foreach ($ns["ips"] as $ip) {
$ins_data['value'] = $ip;
$ins_stmt->execute($ins_data);
}
}
}
// AXFR server #100
if (count($this->_axfr) > 0) {
foreach ($this->_axfr as $axfrserver) {
if (validate_ip($axfrserver, true) !== false) {
$ins_data['value'] = $axfrserver;
$ins_stmt->execute($ins_data);
}
}
}
}
}
private function _connectToPdnsDb()
{
// get froxlor pdns config
$cf = Settings::Get('system.bindconf_directory').'/froxlor/pdns_froxlor.conf';
$config = makeCorrectFile($cf);
if (!file_exists($config))
{
$this->_logger->logAction(CRON_ACTION, LOG_ERROR, 'PowerDNS configuration file ('.$config.') not found. Did you go through the configuration templates?');
die('PowerDNS configuration file ('.$config.') not found. Did you go through the configuration templates?'.PHP_EOL);
}
$lines = file($config);
$mysql_data = array();
foreach ($lines as $line)
{
$line = trim($line);
if (strtolower(substr($line, 0, 6)) == 'gmysql')
{
$namevalue = explode("=", $line);
$mysql_data[$namevalue[0]] = $namevalue[1];
}
}
// build up connection string
$driver = 'mysql';
$dsn = $driver.":";
$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'set names utf8');
$attributes = array('ATTR_ERRMODE' => 'ERRMODE_EXCEPTION');
$dbconf = array();
$dbconf["dsn"] = array(
'dbname' => $mysql_data["gmysql-dbname"],
'charset' => 'utf8'
);
if (isset($mysql_data['gmysql-socket']) && !empty($mysql_data['gmysql-socket'])) {
$dbconf["dsn"]['unix_socket'] = makeCorrectFile($mysql_data['gmysql-socket']);
} else {
$dbconf["dsn"]['host'] = $mysql_data['gmysql-host'];
$dbconf["dsn"]['port'] = $mysql_data['gmysql-port'];
}
// add options to dsn-string
foreach ($dbconf["dsn"] as $k => $v) {
$dsn .= $k."=".$v.";";
}
// clean up
unset($dbconf);
// try to connect
try {
$this->pdns_db = new PDO($dsn, $mysql_data['gmysql-user'], $mysql_data['gmysql-password'], $options);
} catch (PDOException $e) {
die($e->getMessage());
}
// set attributes
foreach ($attributes as $k => $v) {
$this->pdns_db->setAttribute(constant("PDO::".$k), constant("PDO::".$v));
}
}
}

6
scripts/jobs/cron_tasks.php
View File

@@ -19,6 +19,7 @@
// necessary includes
require_once makeCorrectFile(dirname(__FILE__) . '/cron_tasks.inc.dns.10.bind.php');
require_once makeCorrectFile(dirname(__FILE__) . '/cron_tasks.inc.dns.20.pdns.php');
require_once makeCorrectFile(dirname(__FILE__) . '/cron_tasks.inc.http.10.apache.php');
require_once makeCorrectFile(dirname(__FILE__) . '/cron_tasks.inc.http.15.apache_fcgid.php');
require_once makeCorrectFile(dirname(__FILE__) . '/cron_tasks.inc.http.20.lighttpd.php');
@@ -179,8 +180,11 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
* TYPE=4 MEANS THAT SOMETHING IN THE BIND CONFIG HAS CHANGED. REBUILD froxlor_bind.conf IF BIND IS ENABLED
*/
elseif ($row['type'] == '4' && (int)Settings::Get('system.bind_enable') != 0) {
$dnssrv = Settings::Get('system.dns_server');
if (!isset($nameserver)) {
$nameserver = new bind($cronlog);
$nameserver = new $dnssrv($cronlog);
}
if (Settings::Get('dkim.use_dkim') == '1') {

3
templates/Sparkle/admin/domains/domains_edit.tpl vendored
View File

@@ -4,6 +4,9 @@ $header
<h2>
<img src="templates/{$theme}/assets/img/icons/domain_edit_big.png" alt="{$title}" />&nbsp;
{$title}
<if $result['isbinddomain'] == '1' && Settings::Get('system.dnsenabled') == '1'>
&nbsp;(<small><a href="{$linker->getLink(array('section' => 'domains', 'page' => 'domaindnseditor', 'domain_id' => $id))}">{$lng['dnseditor']['edit']}</a></small>)
</if>
</h2>
</header>

22
templates/Sparkle/assets/css/main.css vendored
View File

@@ -601,6 +601,12 @@ input[type="password"] {
background:#fff url(../img/icons/lock.png) no-repeat 5px 4px;
}
input[class="small"] {
width:auto;
margin-top: 5px;
}
/*
* BUTTONS
*/
@@ -1513,3 +1519,19 @@ fieldset.file {
table.hl tbody tr.domain-hostname:hover {
background-color: rgb(64, 150, 238);
}
td.size-5 {
width: 5%;
}
td.size-10 {
width: 10%;
}
td.size-20 {
width: 20%;
}
td.size-50 {
width: 50%;
}

3
templates/Sparkle/customer/domains/domains_edit.tpl vendored
View File

@@ -4,6 +4,9 @@ $header
<h2>
<img src="templates/{$theme}/assets/img/icons/domain_edit_big.png" alt="{$title}" />&nbsp;
{$title}
<if $result['isbinddomain'] == '1' && $userinfo['dnsenabled'] == '1' && Settings::Get('system.dnsenabled') == '1'>
&nbsp;(<small><a href="{$linker->getLink(array('section' => 'domains', 'page' => 'domaindnseditor', 'domain_id' => $id))}">{$lng['dnseditor']['edit']}</a></small>)
</if>
</h2>
</header>

10
templates/Sparkle/dns_editor/entry_bit.tpl vendored Normal file
View File

@@ -0,0 +1,10 @@
<tr>
<td>{$entry['record']}</td>
<td>{$entry['type']}</td>
<td><if ($entry['prio'] <= 0 && $entry['type'] != 'MX' && $entry['type'] != 'SRV')>&nbsp;<else>{$entry['prio']}</if></td>
<td>{$entry['content']}</td>
<td>{$entry['ttl']}</td>
<td>
<a href="{$linker->getLink(array('section' => 'domains', 'page' => $page, 'action' => 'delete', 'domain_id' => $domain_id, 'id' => $entry['id']))}"><img src="templates/{$theme}/assets/img/icons/delete.png" alt="{$lng['panel']['delete']}" title="{$lng['panel']['delete']}" /></a>
</td>
</tr>

39
templates/Sparkle/dns_editor/index.tpl vendored Normal file
View File

@@ -0,0 +1,39 @@
$header
<article>
<header>
<h2>
<img src="templates/{$theme}/assets/img/icons/domain_edit_big.png" alt="" />&nbsp;
DNS Editor&nbsp;(<a href="{$linker->getLink(array('section' => 'domains', 'page' => 'domains', 'action' => 'edit', 'id' => $domain_id))}">{$domain}</a>, {$entriescount} {$lng['dnseditor']['records']})
</h2>
</header>
<div class="messagewrapperfull">
<div class="warningcontainer bradius">
<div class="warningtitle">{$lng['admin']['warning']}</div>
<div class="warning">{$lng['dns']['howitworks']}</div>
</div>
</div>
<if !empty($errors)>
<div class="errorcontainer bradius">
<div class="errortitle">{$lng['error']['error']}</div>
<div class="error">{$errors}</div>
</div>
</if>
<if !empty($success_message)>
<div class="successcontainer bradius">
<div class="successtitle">{$lng['success']['success']}</div>
<div class="success">{$success_message}</div>
</div>
</if>
<section>
{$record_list}
</section>
</article>
<br><br>
<textarea rows="20" class="filecontent">{$zonefile}</textarea>
$footer

25
templates/Sparkle/dns_editor/list.tpl vendored Normal file
View File

@@ -0,0 +1,25 @@
<form method="post" action="{$linker->getLink(array('section' => 'domains', 'page' => $page, 'action' => 'add_record', 'domain_id' => $domain_id))}">
<table class="full hl">
<thead>
<tr>
<th class="size-20">Record</th>
<th class="size-5">Type</th>
<th class="size-5">Priority</th>
<th class="size-50">Content</th>
<th class="size-10">TTL</th>
<th class="size-10">&nbsp;</th>
</tr>
</thead>
<tbody>
<tr>
<td><input id="dns_record" type="text" name="record[record]" class="small" placeholder="Record" value="{$record}" /></td>
<td><select id="dns_type" name="record[type]" class="small">{$type_select}</select></td>
<td><input id="dns_mxp" type="text" name="record[prio]" class="small" placeholder="MX priority" value="{$prio}" /></td>
<td><input id="dns_content" type="text" name="record[content]" class="small" placeholder="Content" value="{$content}" /></td>
<td><input id="dns_ttl" type="text" name="record[ttl]" class="small" placeholder="18000" value="{$ttl}" /></td>
<td><input type="submit" class="submitsearch" value="add" name="add" /></td>
</tr>
{$existing_entries}
</tbody>
</table>
</form>