add acme.conf alias also to froxlor vhost in case the acme-challenge path is not within the froxlor-docroot; fix empty redirect-code, fixes #1674
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -16,11 +16,11 @@
|
||||
|
||||
/**
|
||||
* return an array of all enabled redirect-codes
|
||||
*
|
||||
*
|
||||
* @return array array of enabled redirect-codes
|
||||
*/
|
||||
function getRedirectCodesArray() {
|
||||
|
||||
|
||||
$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
|
||||
$result_stmt = Database::query($sql);
|
||||
|
||||
@@ -35,13 +35,13 @@ function getRedirectCodesArray() {
|
||||
/**
|
||||
* return an array of all enabled redirect-codes
|
||||
* for the settings form
|
||||
*
|
||||
*
|
||||
* @return array array of enabled redirect-codes
|
||||
*/
|
||||
function getRedirectCodes() {
|
||||
|
||||
global $lng;
|
||||
|
||||
|
||||
$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
|
||||
$result_stmt = Database::query($sql);
|
||||
|
||||
@@ -54,16 +54,17 @@ function getRedirectCodes() {
|
||||
}
|
||||
|
||||
/**
|
||||
* returns the redirect-code for a given
|
||||
* returns the redirect-code for a given
|
||||
* domain-id
|
||||
*
|
||||
*
|
||||
* @param integer $domainid id of the domain
|
||||
*
|
||||
* @param string $default
|
||||
*
|
||||
* @return string redirect-code
|
||||
*/
|
||||
function getDomainRedirectCode($domainid = 0) {
|
||||
function getDomainRedirectCode($domainid = 0, $default = '') {
|
||||
|
||||
$code = '';
|
||||
$code = $default;
|
||||
if ($domainid > 0) {
|
||||
|
||||
$result_stmt = Database::prepare("
|
||||
@@ -83,11 +84,11 @@ function getDomainRedirectCode($domainid = 0) {
|
||||
}
|
||||
|
||||
/**
|
||||
* returns the redirect-id for a given
|
||||
* returns the redirect-id for a given
|
||||
* domain-id
|
||||
*
|
||||
*
|
||||
* @param integer $domainid id of the domain
|
||||
*
|
||||
*
|
||||
* @return integer redirect-code-id
|
||||
*/
|
||||
function getDomainRedirectId($domainid = 0) {
|
||||
@@ -112,10 +113,10 @@ function getDomainRedirectId($domainid = 0) {
|
||||
|
||||
/**
|
||||
* adds a redirectcode for a domain
|
||||
*
|
||||
*
|
||||
* @param integer $domainid id of the domain to add the code for
|
||||
* @param integer $redirect selected redirect-id
|
||||
*
|
||||
* @param integer $redirect selected redirect-id
|
||||
*
|
||||
* @return null
|
||||
*/
|
||||
function addRedirectToDomain($domainid = 0, $redirect = 1) {
|
||||
@@ -130,10 +131,10 @@ function addRedirectToDomain($domainid = 0, $redirect = 1) {
|
||||
/**
|
||||
* updates the redirectcode of a domain
|
||||
* if redirect-code is false, nothing happens
|
||||
*
|
||||
*
|
||||
* @param integer $domainid id of the domain to update
|
||||
* @param integer $redirect selected redirect-id or false
|
||||
*
|
||||
*
|
||||
* @return null
|
||||
*/
|
||||
function updateRedirectOfDomain($domainid = 0, $redirect = false) {
|
||||
|
||||
@@ -875,10 +875,8 @@ class apache extends HttpConfigBase
|
||||
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
|
||||
$corrected_docroot = $domain['documentroot'];
|
||||
|
||||
// prevent empty return-cde
|
||||
$code = "301";
|
||||
// Get domain's redirect code
|
||||
$code = getDomainRedirectCode($domain['id']);
|
||||
$code = getDomainRedirectCode($domain['id'], '301');
|
||||
$modrew_red = '';
|
||||
if ($code != '') {
|
||||
$modrew_red = ' [R=' . $code . ';L,NE]';
|
||||
|
||||
@@ -432,10 +432,9 @@ class lighttpd extends HttpConfigBase
|
||||
|
||||
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
|
||||
$uri = $domain['documentroot'];
|
||||
// prevent empty return-cde
|
||||
$code = "301";
|
||||
|
||||
// Get domain's redirect code
|
||||
$code = getDomainRedirectCode($domain['id']);
|
||||
$code = getDomainRedirectCode($domain['id'], '301');
|
||||
|
||||
$vhost_content .= ' url.redirect-code = ' . $code. "\n";
|
||||
$vhost_content .= ' url.redirect = (' . "\n";
|
||||
|
||||
@@ -196,17 +196,22 @@ class nginx extends HttpConfigBase
|
||||
}
|
||||
}
|
||||
|
||||
$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
|
||||
|
||||
$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
|
||||
|
||||
/**
|
||||
* this HAS to be set for the default host in nginx or else no vhost will work
|
||||
*/
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'listen ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'listen ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
|
||||
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . '# Froxlor default vhost' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'server_name ' . Settings::Get('system.hostname') . ';' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'access_log /var/log/nginx/access.log;' . "\n";
|
||||
|
||||
if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {
|
||||
$acmeConfFilename = Settings::Get('system.letsencryptacmeconf');
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'include ' . $acmeConfFilename . ';' . "\n";
|
||||
}
|
||||
|
||||
$is_redirect = false;
|
||||
// check for SSL redirect
|
||||
if ($row_ipsandports['ssl'] == '0' && Settings::Get('system.le_froxlor_redirect') == '1') {
|
||||
@@ -219,7 +224,7 @@ class nginx extends HttpConfigBase
|
||||
} else {
|
||||
$_sslport = $this->checkAlternativeSslPort();
|
||||
$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
|
||||
$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
|
||||
}
|
||||
@@ -464,12 +469,11 @@ class nginx extends HttpConfigBase
|
||||
if (substr($uri, - 1) == '/') {
|
||||
$uri = substr($uri, 0, - 1);
|
||||
}
|
||||
// prevent empty return-cde
|
||||
$code = "301";
|
||||
// Get domain's redirect code
|
||||
$code = getDomainRedirectCode($domain['id']);
|
||||
|
||||
$vhost_content .= "\t" . 'if ($request_uri !~ "^/\.well-known/acme-challenge/\w+$") {' . "\n";
|
||||
// Get domain's redirect code
|
||||
$code = getDomainRedirectCode($domain['id'], '301');
|
||||
|
||||
$vhost_content .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
|
||||
$vhost_content .= "\t\t" . 'return ' . $code .' ' . $uri . '$request_uri;' . "\n";
|
||||
$vhost_content .= "\t" . '}' . "\n";
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user