maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

use correct syntax for postconf in Let's Encrypt renew-hook service-configuration replacement; add missing language strings

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2024-01-19 16:01:31 +01:00
parent bc1892d4ec
commit 616dcb1fda
4 changed files with 30 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
View File

@@ -643,22 +643,24 @@ EOSSL;
}
if (Settings::IsInList('system.le_renew_services', 'proftpd')) {
$proftpd_conf = '/etc/proftpd/tls.conf'; // @fixme setting?
$rval = false;
if (strpos($certificate_folder, '_ecc') === false) {
// comment out RSA related settings
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateFile|# TLSRSACertificateFile|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateKeyFile|# TLSRSACertificateKeyFile|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateFile|# TLSRSACertificateFile|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateKeyFile|# TLSRSACertificateKeyFile|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
// add ECC directives
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateFile.*|TLSECCertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateKeyFile.*|TLSECCertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateFile.*|TLSECCertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateKeyFile.*|TLSECCertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
} else {
// comment out ECC related settings
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateFile|# TLSECCertificateFile|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateKeyFile|# TLSECCertificateKeyFile|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateFile|# TLSECCertificateFile|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateKeyFile|# TLSECCertificateKeyFile|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
// add RSA directives
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateFile.*|TLSRSACertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateKeyFile.*|TLSRSACertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateFile.*|TLSRSACertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateKeyFile.*|TLSRSACertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
}
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSCACertificateFile.*|TLSCACertificateFile " . $ca_file . "|' " . escapeshellarg($proftpd_conf));
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSCACertificateFile.*|TLSCACertificateFile " . $ca_file . "|' " . escapeshellarg($proftpd_conf), $rval, ['|', '?']);
}
// reload the services
FileDir::safe_exec(Settings::Get('system.le_renew_hook'));

2
lib/Froxlor/Validate/Form/Data.php
View File

@@ -241,7 +241,7 @@ class Data
$returnvalue = isset($fielddata['select_var'][$newfieldvalue]);
}
if ($returnvalue === true || $fielddata['visible'] == false) {
if ($returnvalue === true || (isset($fielddata['visible']) && $fielddata['visible'] == false)) {
return true;
} else {
if (isset($fielddata['option_emptyallowed']) && $fielddata['option_emptyallowed']) {

8
lng/de.lng.php
View File

@@ -2101,6 +2101,14 @@ Vielen Dank, Ihr Administrator',
'title' => 'Menüabschnitte einklappen',
'description' => 'Bei Deaktivierung werden die Menübereiche auf der linken Seite immer aufgeklappt angezeigt.',
],
'le_renew_services' => [
'title' => 'Verwende das froxlor Let\'s Encrypt Zertifikat für folgende Dienste',
'description' => 'Wenn auf "Keine" gesetzt (oder der Renew-Hook-Befehl unten leer ist), werden keine Konfigurationsanpassungen bezüglich SSL an den ausgewählten Diensten vorgenommen.<br><br>Der Reload-Befehl für die ausgewählten Dienste sollte im Renew-Hook-Befehl hinzugefügt werden, da sonst die Konfigurationsänderungen oder erneuerten Zertifikate möglicherweise nicht korrekt angewendet werden.',
],
'le_renew_hook' => [
'title' => 'Let\'s Encrypt Renew-Hook Befehl',
'description' => 'Lege den Befehl fest, der die oben ausgewählten Dienste neu startet, damit erneuerte Zertifikate vom Dienst ordnungsgemäß verwendet werden.',
],
],
'spf' => [
'use_spf' => [

8
lng/en.lng.php
View File

@@ -2229,6 +2229,14 @@ Yours sincerely, your administrator',
'title' => 'Collapse menu-sections',
'description' => 'If deactivated, the left-side menu sections will always be expanded.',
],
'le_renew_services' => [
'title' => 'Use froxlor Let\'s Encrypt certificate for these services',
'description' => 'If set to none (or the renew-hook command below is empty), no configuration adjustments regarding ssl will be made to the selected services.<br><br>The reload-command for the services selected should be added in the renew-hook command or the configuration changes or renewed certificates may not be applied correctly.',
],
'le_renew_hook' => [
'title' => 'Let\'s Encrypt renew-hook command',
'description' => 'Set this to a command that restarts the services selected above in order for renewed certificates to be used correctly by the service.',
],
],
'spf' => [
'use_spf' => [