From 41de161555a2546fdfb471c5f5f5c2c314133410 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Sun, 15 Jan 2023 23:48:37 +0100
Subject: [PATCH] show exact froxlor:config-services parameter for updater;
 better checks for changed acme-challenge paths; fix typo in PHP_EOL
 statement; remove crsf token from config-apply-parameter generation from
 within the ui

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 admin_configfiles.php                              |  3 +--
 install/updates/froxlor/update_2.x.inc.php         | 14 ++++++++++++--
 install/updates/preconfig/preconfig_2.x.inc.php    | 11 ++++++-----
 lib/Froxlor/Cli/ValidateAcmeWebroot.php            | 13 +++++++------
 templates/Froxlor/settings/configuration.html.twig |  5 ++---
 5 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/admin_configfiles.php b/admin_configfiles.php
index c3e3f0dd..ac4630db 100644
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -92,6 +92,7 @@ if ($userinfo['change_serversettings'] == '1') {
 
 	if ($distribution != "" && isset($_POST['finish'])) {
 		unset($_POST['finish']);
+		unset($_POST['csrf_token']);
 		$params = $_POST;
 		$params['distro'] = $distribution;
 		$params['system'] = [];
@@ -121,8 +122,6 @@ if ($userinfo['change_serversettings'] == '1') {
 				'distribution' => $distribution
 			]);
 		} else {
-			// @fixme check set distribution from settings
-
 			$cfg_formfield = [
 				'config' => [
 					'title' => lng('admin.configfiles.serverconfiguration'),
diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php
index a2e8baf0..2523069a 100644
--- a/install/updates/froxlor/update_2.x.inc.php
+++ b/install/updates/froxlor/update_2.x.inc.php
@@ -222,7 +222,7 @@ EOF;
 		file_put_contents($complete_filedir . '/froxlor_master_cronjob.php', $compCron);
 		Update::lastStepStatus(0);
 	} else {
-		$cron_run_cmd = 'chmod +x ' . FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/bin/froxlor-cli') . PHO_EOL;
+		$cron_run_cmd = 'chmod +x ' . FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/bin/froxlor-cli') . PHP_EOL;
 		$cron_run_cmd .= FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/bin/froxlor-cli') . ' froxlor:cron -r 99';
 		Update::lastStepStatus(1, 'manual commands needed', 'Please run the following commands manually:<br><pre>' . $cron_run_cmd . '</pre>');
 	}
@@ -323,7 +323,17 @@ if (Froxlor::isDatabaseVersion('202212060')) {
 	$system_letsencryptchallengepath_upd = isset($_POST['system_letsencryptchallengepath_upd']) ? $_POST['system_letsencryptchallengepath_upd'] : $acmesh_challenge_dir;
 	if ($acmesh_challenge_dir != $system_letsencryptchallengepath_upd) {
 		Settings::Set('system.letsencryptchallengepath', $system_letsencryptchallengepath_upd);
-		Update::lastStepStatus(1, 'manual commands needed', 'Please reconfigure webserver service using <pre>bin/froxlor-cli froxlor:config-services</pre> or adjust the path manually in <pre>' . Settings::Get('system.letsencryptacmeconf') . '</pre>');
+		// create JSON string for --apply
+		$dist = Settings::Get('system.distribution');
+		$webserver = Settings::Get('system.webserver');
+		if ($webserver == 'apache2') {
+			$webserver = 'apache22';
+			if (Settings::Get('system.apache24')) {
+				$webserver = 'apache24';
+			}
+		}
+		$apply_json = '{"http":"' . $webserver .'","dns":"x","smtp":"x","mail":"x","ftp":"x","distro":"' . $dist . '","system":[]}';
+		Update::lastStepStatus(1, 'manual commands needed', 'Please reconfigure webserver service using <pre>bin/froxlor-cli froxlor:config-services --apply=' . $apply_json . '</pre><br> or adjust the path manually in <pre>' . Settings::Get('system.letsencryptacmeconf') . '</pre>');
 	} else {
 		Update::lastStepStatus(0);
 	}
diff --git a/install/updates/preconfig/preconfig_2.x.inc.php b/install/updates/preconfig/preconfig_2.x.inc.php
index 45f0cd3a..ad15d812 100644
--- a/install/updates/preconfig/preconfig_2.x.inc.php
+++ b/install/updates/preconfig/preconfig_2.x.inc.php
@@ -74,15 +74,16 @@ if (Update::versionInUpdate($current_version, '2.0.0-beta1')) {
 }
 
 if (Update::versionInUpdate($current_db_version, '202301120')) {
-	$acmesh_challenge_dir = Settings::Get('system.letsencryptchallengepath');
-	if ($acmesh_challenge_dir != Froxlor::getInstallDir()) {
+	$acmesh_challenge_dir = rtrim(FileDir::makeCorrectDir(Settings::Get('system.letsencryptchallengepath')), "/");
+	$recommended = rtrim(FileDir::makeCorrectDir(Froxlor::getInstallDir()), "/");
+	if ($acmesh_challenge_dir != $recommended) {
 		$has_preconfig = true;
 		$description = 'ACME challenge docroot from settings differs from the current installation directory.';
-		$question = '<strong>Validate Let\'s Encrypt challenge path&nbsp;';
+		$question = '<strong>Validate Let\'s Encrypt challenge path (recommended value: ' . $recommended . ')&nbsp;';
 		$return['system_letsencryptchallengepath_upd'] = [
 			'type' => 'text',
-			'value' => $acmesh_challenge_dir,
-			'placeholder' => Froxlor::getInstallDir(),
+			'value' => $recommended,
+			'placeholder' => $acmesh_challenge_dir,
 			'label' => $question,
 			'prior_infotext' => $description
 		];
diff --git a/lib/Froxlor/Cli/ValidateAcmeWebroot.php b/lib/Froxlor/Cli/ValidateAcmeWebroot.php
index ede5cd9f..040cdba0 100644
--- a/lib/Froxlor/Cli/ValidateAcmeWebroot.php
+++ b/lib/Froxlor/Cli/ValidateAcmeWebroot.php
@@ -44,7 +44,7 @@ final class ValidateAcmeWebroot extends CliCommand
 	protected function configure()
 	{
 		$this->setName('froxlor:validate-acme-webroot');
-		$this->setDescription('Validates the Le_Webroot value is correct for froxlor managed domains with Let\s Encrypt certificate.');
+		$this->setDescription('Validates the Le_Webroot value is correct for froxlor managed domains with Let\'s Encrypt certificate.');
 		$this->addOption('yes-to-all', 'A', InputOption::VALUE_NONE, 'Do not ask for confirmation, update files if necessary');
 	}
 
@@ -71,19 +71,20 @@ final class ValidateAcmeWebroot extends CliCommand
 			$domains = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
 			$upd_stmt = Database::prepare("UPDATE domain_ssl_settings SET expirationdate=NULL WHERE `domainid` = :did");
 			$acmesh_dir = dirname(Settings::Get('system.acmeshpath'));
-			$acmesh_challenge_dir = Settings::Get('system.letsencryptchallengepath');
+			$acmesh_challenge_dir = rtrim(FileDir::makeCorrectDir(Settings::Get('system.letsencryptchallengepath')), "/");
+			$recommended = rtrim(FileDir::makeCorrectDir(Froxlor::getInstallDir()), "/");
 
-			if ($acmesh_challenge_dir != Froxlor::getInstallDir()) {
+			if ($acmesh_challenge_dir != $recommended) {
 				$io->warning([
 					"ACME challenge docroot from settings differs from the current installation directory.",
 					"Settings: '" . $acmesh_challenge_dir . "'",
-					"Default/recommended value: '" . Froxlor::getInstallDir() . "'",
+					"Default/recommended value: '" . $recommended . "'",
 				]);
 				$question = new ConfirmationQuestion('Fix ACME challenge docroot setting? [yes] ', true, '/^(y|j)/i');
 				if ($yestoall || $helper->ask($input, $output, $question)) {
-					Settings::Set('system.letsencryptchallengepath', Froxlor::getInstallDir());
+					Settings::Set('system.letsencryptchallengepath', $recommended);
 					$former_value = $acmesh_challenge_dir;
-					$acmesh_challenge_dir = Froxlor::getInstallDir();
+					$acmesh_challenge_dir = $recommended;
 					// need to update the corresponding acme-alias config-file
 					$acme_alias_file = Settings::Get('system.letsencryptacmeconf');
 					$sed_params = "s@".$former_value."@" . $acmesh_challenge_dir . "@";
diff --git a/templates/Froxlor/settings/configuration.html.twig b/templates/Froxlor/settings/configuration.html.twig
index f141b9b4..daba5668 100644
--- a/templates/Froxlor/settings/configuration.html.twig
+++ b/templates/Froxlor/settings/configuration.html.twig
@@ -45,7 +45,7 @@
 									{% if stype == 'system' %}
 										<div class="form-check">
 											{% set recommended = false %}
-											{% if 
+											{% if
 												(dtype == get_setting('system.traffictool')) or
 												(dtype == 'libnssextrausers' and (get_setting('system.mod_fcgid') == '1' or get_setting('phpfpm.enabled') == '1' or get_setting('system.apacheitksupport') == '1')) or
 												(dtype == 'logrotate') or
@@ -72,7 +72,7 @@
 										<div class="form-check">
 											{% set recommended = false %}
 											{% if
-												(dtype == 'apache22' and get_setting('system.webserver') == 'apache2' and get_setting('system.apache24') == '0') or 
+												(dtype == 'apache22' and get_setting('system.webserver') == 'apache2' and get_setting('system.apache24') == '0') or
 												(dtype == 'apache24' and get_setting('system.webserver') == 'apache2' and get_setting('system.apache24') == '1') or
 												(dtype == 'lighttpd' and get_setting('system.webserver') == 'lighttpd') or
 												(dtype == 'nginx' and get_setting('system.webserver') == 'nginx') or
@@ -112,7 +112,6 @@
 				{{ lng('admin.configfiles.recommendednote') }}
 			</div>
 			<div class="col-12 col-md-6 text-end">
-				<input type="hidden" name="dist" value="{{ distribution }}"/>
 				<button type="button" class="btn btn-outline-secondary" id="selectRecommendedConfig">{{ lng('admin.configfiles.selectrecommended') }}</button>
 				<button type="button" class="btn btn-outline-secondary" id="downloadSelectionAsJson">
 					<i class="fa-solid fa-download"></i>