maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Vhost templates: Extended the cron scripts to check for the designated webserver and referential integrity

Browse Source
This commit is contained in:
Johannes Feichtner
2016-02-27 20:19:50 +01:00
parent 088eef9728
commit 101e791add
3 changed files with 46 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -868,15 +868,18 @@ class apache extends HttpConfigBase {
// check if vhost config template is set and if so, merge it // check if vhost config template is set and if so, merge it
if ($domain['vhostsettingid'] != 0) { if ($domain['vhostsettingid'] != 0) {
$vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . " WHERE `id` = :id LIMIT 1;"); $vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . "
WHERE `webserver` = 'apache2' AND `id` = :id LIMIT 1;");
$vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid'])); $vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid']));
$vhost_content .= $this->processSpecialConfigTemplate( if (is_array($vhostconfig)) {
$vhostconfig['vhostsettings'], $vhost_content .= $this->processSpecialConfigTemplate(
$domain, $vhostconfig['vhostsettings'],
$domain['ip'], $domain,
$domain['port'], $domain['ip'],
$ssl_vhost) . "\n"; $domain['port'],
$ssl_vhost) . "\n";
}
} }
if ($domain['specialsettings'] != '') { if ($domain['specialsettings'] != '') {

19
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -457,15 +457,18 @@ class lighttpd extends HttpConfigBase {
// check if vhost config template is set and if so, merge it // check if vhost config template is set and if so, merge it
if ($domain['vhostsettingid'] != 0) { if ($domain['vhostsettingid'] != 0) {
$vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . " WHERE `id` = :id LIMIT 1;"); $vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . "
WHERE `webserver` = 'lighttpd' AND `id` = :id LIMIT 1;");
$vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid'])); $vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid']));
$vhost_content .= $this->processSpecialConfigTemplate( if (is_array($vhostconfig)) {
$vhostconfig['vhostsettings'], $vhost_content .= $this->processSpecialConfigTemplate(
$domain, $vhostconfig['vhostsettings'],
$domain['ip'], $domain,
$domain['port'], $domain['ip'],
$ssl_vhost) . "\n"; $domain['port'],
$ssl_vhost) . "\n";
}
} }
if ($domain['specialsettings'] != "") { if ($domain['specialsettings'] != "") {
@@ -531,7 +534,7 @@ class lighttpd extends HttpConfigBase {
if ($domain['ssl_ca_file'] != '') { if ($domain['ssl_ca_file'] != '') {
$ssl_settings.= 'ssl.ca-file = "' . makeCorrectFile($domain['ssl_ca_file']) . '"' . "\n"; $ssl_settings.= 'ssl.ca-file = "' . makeCorrectFile($domain['ssl_ca_file']) . '"' . "\n";
} }
if ($domain['hsts'] > 0) { if ($domain['hsts'] > 0) {
$vhost_content .= '$HTTP["scheme"] == "https" { setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts']; $vhost_content .= '$HTTP["scheme"] == "https" { setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts'];

47
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -207,11 +207,11 @@ class nginx extends HttpConfigBase {
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;\n";
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param PATH_INFO \$fastcgi_path_info;\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param PATH_INFO \$fastcgi_path_info;\n";
$this->nginx_data[$vhost_filename] .= "\t\ttry_files \$fastcgi_script_name =404;\n"; $this->nginx_data[$vhost_filename] .= "\t\ttry_files \$fastcgi_script_name =404;\n";
if ($row_ipsandports['ssl'] == '1') { if ($row_ipsandports['ssl'] == '1') {
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param HTTPS on;\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_param HTTPS on;\n";
} }
if ((int)Settings::Get('phpfpm.enabled') == 1 && (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) { if ((int)Settings::Get('phpfpm.enabled') == 1 && (int)Settings::Get('phpfpm.enabled_ownvhost') == 1) {
$domain = array( $domain = array(
'id' => 'none', 'id' => 'none',
@@ -225,16 +225,16 @@ class nginx extends HttpConfigBase {
'loginname' => 'froxlor.panel', 'loginname' => 'froxlor.panel',
'documentroot' => $mypath, 'documentroot' => $mypath,
); );
$php = new phpinterface($domain); $php = new phpinterface($domain);
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_pass unix:".$php->getInterface()->getSocketFile().";\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_pass unix:".$php->getInterface()->getSocketFile().";\n";
} else { } else {
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_pass ".Settings::Get('system.nginx_php_backend').";\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_pass ".Settings::Get('system.nginx_php_backend').";\n";
} }
$this->nginx_data[$vhost_filename] .= "\t\tfastcgi_index index.php;\n"; $this->nginx_data[$vhost_filename] .= "\t\tfastcgi_index index.php;\n";
$this->nginx_data[$vhost_filename] .= "\t}\n"; $this->nginx_data[$vhost_filename] .= "\t}\n";
$this->nginx_data[$vhost_filename] .= "}\n\n"; $this->nginx_data[$vhost_filename] .= "}\n\n";
// End of Froxlor server{}-part // End of Froxlor server{}-part
} }
@@ -446,20 +446,23 @@ class nginx extends HttpConfigBase {
// check if vhost config template is set and if so, merge it // check if vhost config template is set and if so, merge it
if ($domain['vhostsettingid'] != 0) { if ($domain['vhostsettingid'] != 0) {
$vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . " WHERE `id` = :id LIMIT 1;"); $vhostsettings_stmt = Database::prepare("SELECT `description`, `vhostsettings` FROM " . TABLE_PANEL_VHOSTCONFIGS . "
WHERE `webserver` = 'nginx' AND `id` = :id LIMIT 1;");
$vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid'])); $vhostconfig = Database::pexecute_first($vhostsettings_stmt, array('id' => $domain['vhostsettingid']));
// replace {SOCKET} var with unix socket if (is_array($vhostconfig)) {
$php = new phpinterface($domain); // replace {SOCKET} var with unix socket
$vhostconfig['vhostsettings'] = str_replace("{SOCKET}", $php->getInterface()->getSocketFile(), $vhostconfig['vhostsettings']); $php = new phpinterface($domain);
$vhostconfig['vhostsettings'] = str_replace("{SOCKET}", $php->getInterface()->getSocketFile(), $vhostconfig['vhostsettings']);
$vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate( $vhost_content = $this->mergeVhostCustom($vhost_content, $this->processSpecialConfigTemplate(
$vhostconfig['vhostsettings'], $vhostconfig['vhostsettings'],
$domain, $domain,
$domain['ip'], $domain['ip'],
$domain['port'], $domain['port'],
$ssl_vhost $ssl_vhost
)); ));
}
} }
if ($domain['specialsettings'] != "") { if ($domain['specialsettings'] != "") {
@@ -580,7 +583,7 @@ class nginx extends HttpConfigBase {
} }
if ($domain_or_ip['ssl_cert_file'] != '') { if ($domain_or_ip['ssl_cert_file'] != '') {
// check for existence, #1485 // check for existence, #1485
if (!file_exists($domain_or_ip['ssl_cert_file'])) { if (!file_exists($domain_or_ip['ssl_cert_file'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERR, $domain_or_ip['domain'] . ' :: certificate file "'.$domain_or_ip['ssl_cert_file'].'" does not exist! Cannot create ssl-directives'); $this->logger->logAction(CRON_ACTION, LOG_ERR, $domain_or_ip['domain'] . ' :: certificate file "'.$domain_or_ip['ssl_cert_file'].'" does not exist! Cannot create ssl-directives');
@@ -593,7 +596,7 @@ class nginx extends HttpConfigBase {
$sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n"; $sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n"; $sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
$sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain_or_ip['ssl_cert_file']) . ';' . "\n"; $sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain_or_ip['ssl_cert_file']) . ';' . "\n";
if ($domain_or_ip['ssl_key_file'] != '') { if ($domain_or_ip['ssl_key_file'] != '') {
// check for existence, #1485 // check for existence, #1485
if (!file_exists($domain_or_ip['ssl_key_file'])) { if (!file_exists($domain_or_ip['ssl_key_file'])) {
@@ -603,7 +606,7 @@ class nginx extends HttpConfigBase {
$sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain_or_ip['ssl_key_file']) . ';' . "\n"; $sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain_or_ip['ssl_key_file']) . ';' . "\n";
} }
} }
if ($domain_or_ip['ssl_ca_file'] != '') { if ($domain_or_ip['ssl_ca_file'] != '') {
// check for existence, #1485 // check for existence, #1485
if (!file_exists($domain_or_ip['ssl_ca_file'])) { if (!file_exists($domain_or_ip['ssl_ca_file'])) {
@@ -613,7 +616,7 @@ class nginx extends HttpConfigBase {
$sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain_or_ip['ssl_ca_file']) . ';' . "\n"; $sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain_or_ip['ssl_ca_file']) . ';' . "\n";
} }
} }
if (isset($domain_or_ip['hsts']) && $domain_or_ip['hsts'] > 0) { if (isset($domain_or_ip['hsts']) && $domain_or_ip['hsts'] > 0) {
$vhost_content .= 'add_header Strict-Transport-Security "max-age=' . $domain_or_ip['hsts']; $vhost_content .= 'add_header Strict-Transport-Security "max-age=' . $domain_or_ip['hsts'];
@@ -853,11 +856,11 @@ class nginx extends HttpConfigBase {
$phpopts .= "\t\tfastcgi_param HTTPS on;\n"; $phpopts .= "\t\tfastcgi_param HTTPS on;\n";
} }
$phpopts .= "\t}\n\n"; $phpopts .= "\t}\n\n";
} }
return $phpopts; return $phpopts;
} }
protected function getWebroot($domain, $ssl) { protected function getWebroot($domain, $ssl) {
$webroot_text = ''; $webroot_text = '';