maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge branch 'master' into master

Browse Source
This commit is contained in:
Michael Kaufmann
2016-12-11 08:19:16 +01:00
committed by GitHub
parent 30087548b0 d8994ca65b
commit 3d4b56b233
27 changed files with 227 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/jobs/cron_tasks.inc.dns.10.bind.php
View File

@@ -129,9 +129,7 @@ class bind extends DnsBase
// AXFR server #100
if (count($this->_axfr) > 0) {
foreach ($this->_axfr as $axfrserver) {
if (validate_ip($axfrserver, true) !== false) {
$bindconf_file .= ' ' . $axfrserver . ';' . "\n";
}
$bindconf_file .= ' ' . $axfrserver . ';' . "\n";
}
}
// close allow-transfer

6
scripts/jobs/cron_tasks.inc.dns.20.pdns.php
View File

@@ -194,10 +194,8 @@ class pdns extends DnsBase
// AXFR server #100
if (count($this->_axfr) > 0) {
foreach ($this->_axfr as $axfrserver) {
if (validate_ip($axfrserver, true) !== false) {
$ins_data['value'] = $axfrserver;
$ins_stmt->execute($ins_data);
}
$ins_data['value'] = $axfrserver;
$ins_stmt->execute($ins_data);
}
}
}

15
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -344,6 +344,15 @@ class apache extends HttpConfigBase
);
}
} // end of ssl-redirect check
else
{
// fallback of froxlor domain-data for processSpecialConfigTemplate()
$domain = array(
'domain' => Settings::Get('system.hostname'),
'loginname' => 'froxlor.panel',
'documentroot' => $mypath
);
}
/**
* dirprotection, see #72
@@ -808,7 +817,7 @@ class apache extends HttpConfigBase
$_sslport = ":" . $ssldestport['port'];
}
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
$domain['documentroot'] = 'https://%{HTTP_HOST}' . $_sslport . '/';
}
if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
@@ -875,10 +884,8 @@ class apache extends HttpConfigBase
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
$corrected_docroot = $domain['documentroot'];
// prevent empty return-cde
$code = "301";
// Get domain's redirect code
$code = getDomainRedirectCode($domain['id']);
$code = getDomainRedirectCode($domain['id'], '301');
$modrew_red = '';
if ($code != '') {
$modrew_red = ' [R=' . $code . ';L,NE]';

33
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -162,7 +162,25 @@ class lighttpd extends HttpConfigBase
$this->lighttpd_data[$vhost_filename] .= "\t" . ')' . "\n";
$this->lighttpd_data[$vhost_filename] .= "\t" . ')' . "\n";
$this->lighttpd_data[$vhost_filename] .= ' )' . "\n";
} else {
$domain = array(
'id' => 'none',
'domain' => Settings::Get('system.hostname'),
'adminid' => 1, /* first admin-user (superadmin) */
'guid' => Settings::Get('system.httpuser'),
'openbasedir' => 0,
'email' => Settings::Get('panel.adminmail'),
'loginname' => 'froxlor.panel',
'documentroot' => $mypath
);
}
} else {
// fallback of froxlor domain-data for processSpecialConfigTemplate()
$domain = array(
'domain' => Settings::Get('system.hostname'),
'loginname' => 'froxlor.panel',
'documentroot' => $mypath
);
}
if ($row_ipsandports['specialsettings'] != '') {
@@ -424,7 +442,7 @@ class lighttpd extends HttpConfigBase
$_sslport = ":" . $ssldestport['port'];
}
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
$domain['documentroot'] = 'https://%1' . $_sslport . '/';
}
// avoid using any whitespaces
@@ -432,10 +450,9 @@ class lighttpd extends HttpConfigBase
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
$uri = $domain['documentroot'];
// prevent empty return-cde
$code = "301";
// Get domain's redirect code
$code = getDomainRedirectCode($domain['id']);
$code = getDomainRedirectCode($domain['id'], '301');
$vhost_content .= ' url.redirect-code = ' . $code. "\n";
$vhost_content .= ' url.redirect = (' . "\n";
@@ -532,14 +549,14 @@ class lighttpd extends HttpConfigBase
if ($domain['hsts'] >= 0) {
$vhost_content .= '$HTTP["scheme"] == "https" { setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts'];
$ssl_settings .= '$HTTP["scheme"] == "https" { setenv.add-response-header = ( "Strict-Transport-Security" => "max-age=' . $domain['hsts'];
if ($domain['hsts_sub'] == 1) {
$vhost_content .= '; includeSubDomains';
$ssl_settings .= '; includeSubDomains';
}
if ($domain['hsts_preload'] == 1) {
$vhost_content .= '; preload';
$ssl_settings .= '; preload';
}
$vhost_content .= '") }' . "\n";
$ssl_settings .= '") }' . "\n";
}
}
}

26
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -196,15 +196,22 @@ class nginx extends HttpConfigBase
}
}
$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
/**
* this HAS to be set for the default host in nginx or else no vhost will work
*/
$this->nginx_data[$vhost_filename] .= "\t" . 'listen ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . 'listen ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . '# Froxlor default vhost' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . 'server_name ' . Settings::Get('system.hostname') . ';' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . 'access_log /var/log/nginx/access.log;' . "\n";
if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {
$acmeConfFilename = Settings::Get('system.letsencryptacmeconf');
$this->nginx_data[$vhost_filename] .= "\t" . 'include ' . $acmeConfFilename . ';' . "\n";
}
$is_redirect = false;
// check for SSL redirect
if ($row_ipsandports['ssl'] == '0' && Settings::Get('system.le_froxlor_redirect') == '1') {
@@ -217,7 +224,7 @@ class nginx extends HttpConfigBase
} else {
$_sslport = $this->checkAlternativeSslPort();
$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
}
@@ -411,7 +418,9 @@ class nginx extends HttpConfigBase
$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
}
$vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n";
$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
$vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
}
// get all server-names
@@ -438,7 +447,7 @@ class nginx extends HttpConfigBase
$_sslport = ":" . $ssldestport['port'];
}
$domain['documentroot'] = 'https://' . $domain['domain'] . $_sslport . '/';
$domain['documentroot'] = 'https://$host' . $_sslport . '/';
}
// avoid using any whitespaces
@@ -460,12 +469,11 @@ class nginx extends HttpConfigBase
if (substr($uri, - 1) == '/') {
$uri = substr($uri, 0, - 1);
}
// prevent empty return-cde
$code = "301";
// Get domain's redirect code
$code = getDomainRedirectCode($domain['id']);
$vhost_content .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
// Get domain's redirect code
$code = getDomainRedirectCode($domain['id'], '301');
$vhost_content .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
$vhost_content .= "\t\t" . 'return ' . $code .' ' . $uri . '$request_uri;' . "\n";
$vhost_content .= "\t" . '}' . "\n";
} else {