maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

try to implement ssl-redirect for froxlor-vhost; combine various settings that are froxlor-vhost related into its own category, fixes #1480

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2016-09-11 17:48:08 +02:00
parent 28461de7bc
commit b8c2047379
15 changed files with 931 additions and 823 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
scripts/classes/class.DnsBase.php
View File

@@ -1,10 +1,24 @@
<?php
/***
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
*/
/**
* Class DnsBase
*
* Base class for all DNS server configs
*
*/
abstract class DnsBase
{
@@ -69,8 +83,7 @@ abstract class DnsBase
protected function getDomainList()
{
$result_domains_stmt = Database::query(
"
$result_domains_stmt = Database::query("
SELECT
`d`.`id`,
`d`.`domain`,
@@ -131,35 +144,21 @@ abstract class DnsBase
$domains[$key]['children'] = array();
}
if ($domains[$key]['ismainbutsubto'] > 0) {
if (isset($domains[ $domains[$key]['ismainbutsubto'] ])) {
$domains[ $domains[$key]['ismainbutsubto'] ]['children'][] = $domains[$key]['id'];
if (isset($domains[$domains[$key]['ismainbutsubto']])) {
$domains[$domains[$key]['ismainbutsubto']]['children'][] = $domains[$key]['id'];
} else {
$this->_logger->logAction(CRON_ACTION, LOG_ERR,
'Database inconsistency: domain ' . $domain['domain'] . ' (ID #' . $key .
') is set to to be subdomain to non-existent domain ID #' .
$domains[$key]['ismainbutsubto'] .
'. No DNS record(s) will be created for this domain.');
$this->_logger->logAction(CRON_ACTION, LOG_ERR, 'Database inconsistency: domain ' . $domain['domain'] . ' (ID #' . $key . ') is set to to be subdomain to non-existent domain ID #' . $domains[$key]['ismainbutsubto'] . '. No DNS record(s) will be created for this domain.');
}
}
}
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG,
str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') .
'ismainbutsubto ' . str_pad('parent domain', 40, ' ') .
"list of child domain ids");
foreach ($domains as $domain) {
$logLine =
str_pad($domain['id'], 9, ' ') .
str_pad($domain['domain'], 40, ' ') .
str_pad($domain['ismainbutsubto'], 15, ' ') .
str_pad(((isset($domains[ $domain['ismainbutsubto'] ])) ?
$domains[ $domain['ismainbutsubto'] ]['domain'] :
'-'), 40, ' ') .
join(', ', $domain['children']);
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, $logLine);
}
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') . 'ismainbutsubto ' . str_pad('parent domain', 40, ' ') . "list of child domain ids");
foreach ($domains as $domain) {
$logLine = str_pad($domain['id'], 9, ' ') . str_pad($domain['domain'], 40, ' ') . str_pad($domain['ismainbutsubto'], 15, ' ') . str_pad(((isset($domains[$domain['ismainbutsubto']])) ? $domains[$domain['ismainbutsubto']]['domain'] : '-'), 40, ' ') . join(', ', $domain['children']);
$this->_logger->logAction(CRON_ACTION, LOG_DEBUG, $logLine);
}
return $domains;
return $domains;
}
public function reloadDaemon()
@@ -171,8 +170,7 @@ abstract class DnsBase
if ($cmdStatus === 0) {
$this->_logger->logAction(CRON_ACTION, LOG_INFO, Settings::Get('system.dns_server') . ' daemon reloaded');
} else {
$this->_logger->logAction(CRON_ACTION, LOG_ERR, 'Error while running `' . $cmd .
'`: exit code (' . $cmdStatus . ') - please check your system logs');
$this->_logger->logAction(CRON_ACTION, LOG_ERR, 'Error while running `' . $cmd . '`: exit code (' . $cmdStatus . ') - please check your system logs');
}
}

107
scripts/classes/class.HttpConfigBase.php
View File

@@ -1,11 +1,28 @@
<?php
/***
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
*/
/**
* Class HttpConfigBase
*
* Base class for all HTTP server configs
*
*/
class HttpConfigBase {
class HttpConfigBase
{
/**
* process special config as template, by substituting {VARIABLE} with the
@@ -13,26 +30,92 @@ class HttpConfigBase {
*
* The following variables are known at the moment:
*
* {DOMAIN} - domain name
* {IP} - IP for this domain
* {PORT} - Port for this domain
* {CUSTOMER} - customer name
* {IS_SSL} - evaluates to 'ssl' if domain/ip is ssl, otherwise it is an empty string
* {DOCROOT} - document root for this domain
* {DOMAIN} - domain name
* {IP} - IP for this domain
* {PORT} - Port for this domain
* {CUSTOMER} - customer name
* {IS_SSL} - evaluates to 'ssl' if domain/ip is ssl, otherwise it is an empty string
* {DOCROOT} - document root for this domain
*
* @param $template
* @param
* $template
* @return string
*/
protected function processSpecialConfigTemplate($template, $domain, $ip, $port, $is_ssl_vhost) {
protected function processSpecialConfigTemplate($template, $domain, $ip, $port, $is_ssl_vhost)
{
$templateVars = array(
'DOMAIN' => $domain['domain'],
'CUSTOMER' => $domain['loginname'],
'IP' => $ip,
'PORT' => $port,
'SCHEME' => ($is_ssl_vhost)?'https':'http',
'SCHEME' => ($is_ssl_vhost) ? 'https' : 'http',
'DOCROOT' => $domain['documentroot']
);
return replace_variables($template, $templateVars);
}
}
protected function getMyPath($ip_port = null)
{
if (! empty($ip_port) && $ip_port['docroot'] == '') {
if (Settings::Get('system.froxlordirectlyviahostname')) {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
} else {
$mypath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__)))));
}
} else {
// user-defined docroot, #417
$mypath = makeCorrectDir($row_ipsandports['docroot']);
}
return $mypath;
}
protected function checkAlternativeSslPort()
{
// We must not check if our port differs from port 443,
// but if there is a destination-port != 443
$_sslport = '';
// This returns the first port that is != 443 with ssl enabled,
// ordered by ssl-certificate (if any) so that the ip/port combo
// with certificate is used
$ssldestport_stmt = Database::prepare("
SELECT `ip`.`port` FROM " . TABLE_PANEL_IPSANDPORTS . " `ip`
WHERE `ip`.`ssl` = '1' AND `ip`.`port` != 443
ORDER BY `ip`.`ssl_cert_file` DESC, `ip`.`port` LIMIT 1;
");
$ssldestport = Database::pexecute_first($ssldestport_stmt);
if ($ssldestport['port'] != '') {
$_sslport = ":" . $ssldestport['port'];
}
return $_sslport;
}
protected function froxlorVhostHasLetsEncryptCert()
{
// check whether we have an entry with valid certificates which just does not need
// updating yet, so we need to skip this here
$froxlor_ssl_settings_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'
");
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
return true;
}
return false;
}
protected function froxlorVhostLetsEncryptNeedsRenew()
{
$froxlor_ssl_settings_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
WHERE `domainid` = '0' AND
(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
");
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
return true;
}
return false;
}
}