maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

don't create one giant vhost for all IP's but separate ones for each ip

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-05-02 13:02:40 +02:00
parent 9691a39102
commit 4825c77e2e
1 changed files with 97 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

191
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -589,133 +589,136 @@ class apache
} }
$query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip`
WHERE dip.id_domain = '".$domain[id]."' AND i.id = dip.id_ipandports "; WHERE dip.id_domain = '".$domain['id']."' AND i.id = dip.id_ipandports ";
if ($ssl_vhost === true if ($ssl_vhost === true
&& ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1')
) { ) {
$query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;"; // by ordering by cert-file the row with filled out SSL-Fields will be shown last, thus it is enough to fill out 1 set of SSL-Fields // by ordering by cert-file the row with filled out SSL-Fields will be shown last, thus it is enough to fill out 1 set of SSL-Fields
$query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;";
} else { } else {
$query .= "AND i.ssl = '0';"; $query .= "AND i.ssl = '0';";
} }
$ipport = ''; $vhost_content = '';
$result = $this->db->query($query); $result = $this->db->query($query);
while ($ipandport = $this->db->fetch_array($result)) { while ($ipandport = $this->db->fetch_array($result)) {
$ipport = '';
$domain['ip'] = $ipandport['ip']; $domain['ip'] = $ipandport['ip'];
$domain['port'] = $ipandport['port']; $domain['port'] = $ipandport['port'];
if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$ipport .= '['.$domain[ip].']:'.$domain[port]. ' '; $ipport = '['.$domain['ip'].']:'.$domain['port']. ' ';
} else { } else {
$ipport .= $domain[ip].':'.$domain[port].' '; $ipport = $domain['ip'].':'.$domain['port'].' ';
}
}
$domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save last delivered ssl settings
$domain['ssl_key_file'] = $ipandport['ssl_key_file'];
$domain['ssl_ca_file'] = $ipandport['ssl_ca_file'];
// #418
$domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile'];
$vhost_content = '<VirtualHost ' . $ipport . '>' . "\n";
$vhost_content.= $this->getServerNames($domain);
if(($ssl_vhost == false
&& $domain['ssl'] == '1'
&& $domain['ssl_redirect'] == '1')
) {
$domain['documentroot'] = 'https://' . $domain['domain'] . '/';
}
if ($ssl_vhost === true
&& $domain['ssl'] == '1'
&& $this->settings['system']['use_ssl'] == '1'
) {
if ($domain['ssl_cert_file'] == '') {
$domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file'];
}
if ($domain['ssl_key_file'] == '') {
$domain['ssl_key_file'] = $this->settings['system']['ssl_key_file'];
}
if ($domain['ssl_ca_file'] == '') {
$domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
} }
$domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save last delivered ssl settings
$domain['ssl_key_file'] = $ipandport['ssl_key_file'];
$domain['ssl_ca_file'] = $ipandport['ssl_ca_file'];
// #418 // #418
if ($domain['ssl_cert_chainfile'] == '') { $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile'];
$domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile'];
$vhost_content .= '<VirtualHost ' . $ipport . '>' . "\n";
$vhost_content.= $this->getServerNames($domain);
if(($ssl_vhost == false
&& $domain['ssl'] == '1'
&& $domain['ssl_redirect'] == '1')
) {
$domain['documentroot'] = 'https://' . $domain['domain'] . '/';
} }
if ($domain['ssl_cert_file'] != '') { if ($ssl_vhost === true
$vhost_content .= ' SSLEngine On' . "\n"; && $domain['ssl'] == '1'
$vhost_content .= ' SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n"; && $this->settings['system']['use_ssl'] == '1'
) {
if ($domain['ssl_key_file'] != '') { if ($domain['ssl_cert_file'] == '') {
$vhost_content .= ' SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n"; $domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file'];
} }
if ($domain['ssl_ca_file'] != '') { if ($domain['ssl_key_file'] == '') {
$vhost_content .= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n"; $domain['ssl_key_file'] = $this->settings['system']['ssl_key_file'];
}
if ($domain['ssl_ca_file'] == '') {
$domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file'];
} }
// #418 // #418
if ($domain['ssl_cert_chainfile'] != '') { if ($domain['ssl_cert_chainfile'] == '') {
$vhost_content .= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n"; $domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile'];
}
if ($domain['ssl_cert_file'] != '') {
$vhost_content .= ' SSLEngine On' . "\n";
$vhost_content .= ' SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n";
if ($domain['ssl_key_file'] != '') {
$vhost_content .= ' SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n";
}
if ($domain['ssl_ca_file'] != '') {
$vhost_content .= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n";
}
// #418
if ($domain['ssl_cert_chainfile'] != '') {
$vhost_content .= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n";
}
} }
} }
}
if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { if (preg_match('/^https?\:\/\//', $domain['documentroot'])) {
$corrected_docroot = $this->idnaConvert->encode($domain['documentroot']); $corrected_docroot = $this->idnaConvert->encode($domain['documentroot']);
if (substr($corrected_docroot, -1) == '/') { if (substr($corrected_docroot, -1) == '/') {
$corrected_docroot = substr($corrected_docroot, 0, -1); $corrected_docroot = substr($corrected_docroot, 0, -1);
}
/* Get domain's redirect code */
$code = getDomainRedirectCode($domain['id']);
$modrew_red = '';
if ($code != '') {
$modrew_red = '[R='. $code . ';L]';
}
// redirect everything, not only root-directory, #541
$vhost_content .= ' <IfModule mod_rewrite.c>'."\n";
$vhost_content .= ' RewriteEngine On' . "\n";
$vhost_content .= ' RewriteCond %{HTTPS} off' . "\n";
$vhost_content .= ' RewriteRule (.*) '. $corrected_docroot.'%{REQUEST_URI} ' . $modrew_red . "\n";
$vhost_content .= ' </IfModule>' . "\n";
$code = getDomainRedirectCode($domain['id']);
$vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n";
} else {
mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true, true);
$vhost_content .= $this->getWebroot($domain);
if ($this->_deactivated == false) {
$vhost_content .= $this->composePhpOptions($domain,$ssl_vhost);
$vhost_content .= $this->getStats($domain);
}
$vhost_content .= $this->getLogfiles($domain);
if ($domain['specialsettings'] != '') {
$vhost_content .= $domain['specialsettings'] . "\n";
}
if ($ipandport['default_vhostconf_domain'] != '') {
$vhost_content .= $ipandport['default_vhostconf_domain'] . "\n";
}
if ($this->settings['system']['default_vhostconf'] != '') {
$vhost_content .= $this->settings['system']['default_vhostconf'] . "\n";
}
} }
/* Get domain's redirect code */ $vhost_content .= '</VirtualHost>' . "\n";
$code = getDomainRedirectCode($domain['id']);
$modrew_red = '';
if ($code != '') {
$modrew_red = '[R='. $code . ';L]';
}
// redirect everything, not only root-directory, #541 } // while ip's
$vhost_content .= ' <IfModule mod_rewrite.c>'."\n";
$vhost_content .= ' RewriteEngine On' . "\n";
$vhost_content .= ' RewriteCond %{HTTPS} off' . "\n";
$vhost_content .= ' RewriteRule (.*) '. $corrected_docroot.'%{REQUEST_URI} ' . $modrew_red . "\n";
$vhost_content .= ' </IfModule>' . "\n";
$code = getDomainRedirectCode($domain['id']);
$vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n";
} else {
mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true, true);
$vhost_content .= $this->getWebroot($domain);
if ($this->_deactivated == false) {
$vhost_content .= $this->composePhpOptions($domain,$ssl_vhost);
$vhost_content .= $this->getStats($domain);
}
$vhost_content .= $this->getLogfiles($domain);
if ($domain['specialsettings'] != '') {
$vhost_content .= $domain['specialsettings'] . "\n";
}
if ($ipandport['default_vhostconf_domain'] != '') {
$vhost_content .= $ipandport['default_vhostconf_domain'] . "\n";
}
if ($this->settings['system']['default_vhostconf'] != '') {
$vhost_content .= $this->settings['system']['default_vhostconf'] . "\n";
}
}
$vhost_content .= '</VirtualHost>' . "\n";
return $vhost_content; return $vhost_content;
} }