maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge branch 'Froxlor:master' into logo-custom-login

Browse Source
This commit is contained in:
Daniel
2021-06-28 10:39:02 +08:00
committed by GitHub
parent acb04566f5 73991e855c
commit dfbb4127e2
10 changed files with 524 additions and 487 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
actions/admin/settings/131.ssl.php
View File

@@ -142,6 +142,9 @@ return array(
'default' => '/etc/apache2/conf-enabled/acme.conf', 'default' => '/etc/apache2/conf-enabled/acme.conf',
'save_method' => 'storeSettingField' 'save_method' => 'storeSettingField'
), ),
/**
* currently the only option anyway
*
'system_leapiversion' => array( 'system_leapiversion' => array(
'label' => $lng['serversettings']['leapiversion'], 'label' => $lng['serversettings']['leapiversion'],
'settinggroup' => 'system', 'settinggroup' => 'system',
@@ -154,16 +157,18 @@ return array(
), ),
'save_method' => 'storeSettingField' 'save_method' => 'storeSettingField'
), ),
*/
'system_letsencryptca' => array( 'system_letsencryptca' => array(
'label' => $lng['serversettings']['letsencryptca'], 'label' => $lng['serversettings']['letsencryptca'],
'settinggroup' => 'system', 'settinggroup' => 'system',
'varname' => 'letsencryptca', 'varname' => 'letsencryptca',
'type' => 'option', 'type' => 'option',
'default' => 'production', 'default' => 'letsencrypt',
'option_mode' => 'one', 'option_mode' => 'one',
'option_options' => array( 'option_options' => array(
'testing' => 'https://acme-staging-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Test)', 'letsencrypt_test' => 'Let\'s Encrypt (Test / Staging)',
'production' => 'https://acme-v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)' 'letsencrypt' => 'Let\'s Encrypt (Live)',
'zerossl' => 'ZeroSSL (Live)'
), ),
'save_method' => 'storeSettingField' 'save_method' => 'storeSettingField'
), ),

14
composer.lock generated
View File

@@ -150,16 +150,16 @@
}, },
{ {
"name": "phpmailer/phpmailer", "name": "phpmailer/phpmailer",
"version": "v6.4.1", "version": "v6.5.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/PHPMailer/PHPMailer.git", "url": "https://github.com/PHPMailer/PHPMailer.git",
"reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d" "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/9256f12d8fb0cd0500f93b19e18c356906cbed3d", "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c",
"reference": "9256f12d8fb0cd0500f93b19e18c356906cbed3d", "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@@ -214,7 +214,7 @@
"description": "PHPMailer is a full-featured email creation and transfer class for PHP", "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
"support": { "support": {
"issues": "https://github.com/PHPMailer/PHPMailer/issues", "issues": "https://github.com/PHPMailer/PHPMailer/issues",
"source": "https://github.com/PHPMailer/PHPMailer/tree/v6.4.1" "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0"
}, },
"funding": [ "funding": [
{ {
@@ -222,7 +222,7 @@
"type": "github" "type": "github"
} }
], ],
"time": "2021-04-29T12:25:04+00:00" "time": "2021-06-16T14:33:43+00:00"
}, },
{ {
"name": "psr/log", "name": "psr/log",
@@ -4133,5 +4133,5 @@
"php": ">=7.3", "php": ">=7.3",
"ext-pcntl": "*" "ext-pcntl": "*"
}, },
"plugin-api-version": "2.0.0" "plugin-api-version": "2.1.0"
} }

4
install/froxlor.sql
View File

@@ -628,7 +628,7 @@ opcache.interned_strings_buffer'),
('system', 'apacheitksupport', '0'), ('system', 'apacheitksupport', '0'),
('system', 'leprivatekey', 'unset'), ('system', 'leprivatekey', 'unset'),
('system', 'lepublickey', 'unset'), ('system', 'lepublickey', 'unset'),
('system', 'letsencryptca', 'production'), ('system', 'letsencryptca', 'letsencrypt'),
('system', 'letsencryptcountrycode', 'DE'), ('system', 'letsencryptcountrycode', 'DE'),
('system', 'letsencryptstate', 'Hessen'), ('system', 'letsencryptstate', 'Hessen'),
('system', 'letsencryptchallengepath', '/var/www/froxlor'), ('system', 'letsencryptchallengepath', '/var/www/froxlor'),
@@ -716,7 +716,7 @@ opcache.interned_strings_buffer'),
('panel', 'terms_url', ''), ('panel', 'terms_url', ''),
('panel', 'privacy_url', ''), ('panel', 'privacy_url', ''),
('panel', 'version', '0.10.26'), ('panel', 'version', '0.10.26'),
('panel', 'db_version', '202106160'); ('panel', 'db_version', '202106270');
DROP TABLE IF EXISTS `panel_tasks`; DROP TABLE IF EXISTS `panel_tasks`;

13
install/updates/froxlor/0.10/update_0.10.inc.php
View File

@@ -812,3 +812,16 @@ if (\Froxlor\Froxlor::isDatabaseVersion('202103240')) {
\Froxlor\Froxlor::updateToDbVersion('202106160'); \Froxlor\Froxlor::updateToDbVersion('202106160');
} }
if (\Froxlor\Froxlor::isDatabaseVersion('202106160')) {
showUpdateStep("Adjusting Let's Encrypt endpoint configuration to support ZeroSSL", true);
if (Settings::Get('system.letsencryptca') == 'testing') {
Settings::Set("system.letsencryptca", 'letsencrypt_test');
} else {
Settings::Set("system.letsencryptca", 'letsencrypt');
}
lastStepStatus(0);
\Froxlor\Froxlor::updateToDbVersion('202106270');
}

16
lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
View File

@@ -28,6 +28,12 @@ use Froxlor\FileDir;
class AcmeSh extends \Froxlor\Cron\FroxlorCron class AcmeSh extends \Froxlor\Cron\FroxlorCron
{ {
const ACME_PROVIDER = [
'letsencrypt' => "https://acme-v02.api.letsencrypt.org/directory",
'letsencrypt_test' => "https://acme-staging-v02.api.letsencrypt.org/directory",
'zerossl' => "https://acme.zerossl.com/v2/DV90"
];
private static $apiserver = ""; private static $apiserver = "";
private static $acmesh = "/root/.acme.sh/acme.sh"; private static $acmesh = "/root/.acme.sh/acme.sh";
@@ -63,7 +69,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
$issue_domains = self::issueDomains(); $issue_domains = self::issueDomains();
$renew_froxlor = self::renewFroxlorVhost(); $renew_froxlor = self::renewFroxlorVhost();
$renew_domains = self::renewDomains(true); $renew_domains = self::renewDomains(true);
if ($issue_froxlor || !empty($issue_domains) || !empty($renew_froxlor) || $renew_domains) { if ($issue_froxlor || ! empty($issue_domains) || ! empty($renew_froxlor) || $renew_domains) {
// insert task to generate certificates and vhost-configs // insert task to generate certificates and vhost-configs
\Froxlor\System\Cronjob::inserttask(1); \Froxlor\System\Cronjob::inserttask(1);
} }
@@ -71,7 +77,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
} }
// set server according to settings // set server according to settings
self::$apiserver = 'https://acme-' . (Settings::Get('system.letsencryptca') == 'testing' ? 'staging-' : '') . 'v0' . \Froxlor\Settings::Get('system.leapiversion') . '.api.letsencrypt.org/directory'; self::$apiserver = self::ACME_PROVIDER[Settings::Get('system.letsencryptca')];
// validate acme.sh installation // validate acme.sh installation
if (! self::checkInstall()) { if (! self::checkInstall()) {
@@ -306,7 +312,7 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
if (Settings::Get('system.letsencryptreuseold') != '1') { if (Settings::Get('system.letsencryptreuseold') != '1') {
$acmesh_cmd .= " --always-force-new-domain-key"; $acmesh_cmd .= " --always-force-new-domain-key";
} }
if (Settings::Get('system.letsencryptca') == 'testing') { if (Settings::Get('system.letsencryptca') == 'letsencrypt_test') {
$acmesh_cmd .= " --staging"; $acmesh_cmd .= " --staging";
} }
if ($force) { if ($force) {
@@ -518,8 +524,8 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
if (file_exists($env_file)) { if (file_exists($env_file)) {
$output = []; $output = [];
$cut = <<<EOC $cut = <<<EOC
cut -d'"' -f2 cut -d'"' -f2
EOC; EOC;
exec('grep "LE_WORKING_DIR" ' . escapeshellarg($env_file) . ' | ' . $cut, $output); exec('grep "LE_WORKING_DIR" ' . escapeshellarg($env_file) . ' | ' . $cut, $output);
if (is_array($output) && ! empty($output) && isset($output[0]) && ! empty($output[0])) { if (is_array($output) && ! empty($output) && isset($output[0]) && ! empty($output[0])) {
return FileDir::makeCorrectDir($output[0] . "/" . $domain); return FileDir::makeCorrectDir($output[0] . "/" . $domain);

24
lib/Froxlor/Dns/Dns.php
View File

@@ -53,7 +53,7 @@ class Dns
$domain = $domain_id; $domain = $domain_id;
} }
if ($domain['isbinddomain'] != '1') { if (!isset($domain['isbinddomain']) || $domain['isbinddomain'] != '1') {
return; return;
} }
@@ -190,10 +190,24 @@ class Dns
'@', '@',
'www', 'www',
'*' '*'
] as $crceord) { ] as $crecord) {
if ($entry['type'] == 'CNAME' && $entry['record'] == '@' && (array_key_exists(md5($crceord), $required_entries['A']) || array_key_exists(md5($crceord), $required_entries['AAAA']))) { if ($entry['type'] == 'CNAME' && $entry['record'] == '@' && (array_key_exists(md5($crecord), $required_entries['A']) || array_key_exists(md5($crecord), $required_entries['AAAA']))) {
unset($required_entries['A'][md5($crceord)]); unset($required_entries['A'][md5($crecord)]);
unset($required_entries['AAAA'][md5($crceord)]); unset($required_entries['AAAA'][md5($crecord)]);
}
}
// also allow overriding of auto-generated values (imap,pop3,mail,smtp) if enabled in the settings
if (Settings::Get('system.dns_createmailentry')) {
foreach (array(
'imap',
'pop3',
'mail',
'smtp'
) as $crecord) {
if ($entry['type'] == 'CNAME' && $entry['record'] == $crecord && (array_key_exists(md5($crecord), $required_entries['A']) || array_key_exists(md5($crecord), $required_entries['AAAA']))) {
unset($required_entries['A'][md5($crecord)]);
unset($required_entries['AAAA'][md5($crecord)]);
}
} }
} }
$zonerecords[] = new DnsEntry($entry['record'], $entry['type'], $entry['content'], $entry['prio'], $entry['ttl']); $zonerecords[] = new DnsEntry($entry['record'], $entry['type'], $entry['content'], $entry['prio'], $entry['ttl']);

2
lib/Froxlor/Froxlor.php
View File

@@ -10,7 +10,7 @@ final class Froxlor
const VERSION = '0.10.26'; const VERSION = '0.10.26';
// Database version (YYYYMMDDC where C is a daily counter) // Database version (YYYYMMDDC where C is a daily counter)
const DBVERSION = '202106160'; const DBVERSION = '202106270';
// Distribution branding-tag (used for Debian etc.) // Distribution branding-tag (used for Debian etc.)
const BRANDING = ''; const BRANDING = '';

21
lib/configfiles/focal.xml
View File

@@ -74,7 +74,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
]]> ]]>
</content> </content>
</file> </file>
<command><![CDATA[/etc/init.d/apache2 restart]]></command> <command><![CDATA[service apache2 restart]]></command>
</daemon> </daemon>
<!-- HTTP Lighttpd --> <!-- HTTP Lighttpd -->
<daemon name="lighttpd" title="LigHTTPd"> <daemon name="lighttpd" title="LigHTTPd">
@@ -138,7 +138,7 @@ include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
</command> </command>
<command><![CDATA[lighty-disable-mod cgi]]></command> <command><![CDATA[lighty-disable-mod cgi]]></command>
<command><![CDATA[lighty-disable-mod fastcgi]]></command> <command><![CDATA[lighty-disable-mod fastcgi]]></command>
<command><![CDATA[/etc/init.d/lighttpd restart]]></command> <command><![CDATA[service lighttpd restart]]></command>
</daemon> </daemon>
<!-- HTTP Nginx --> <!-- HTTP Nginx -->
<daemon name="nginx" title="nginx"> <daemon name="nginx" title="nginx">
@@ -354,7 +354,6 @@ exit "$RETVAL"
</visibility> </visibility>
<content><![CDATA[/etc/init.d/php-fcgi restart]]></content> <content><![CDATA[/etc/init.d/php-fcgi restart]]></content>
</command> </command>
<command><![CDATA[/etc/init.d/nginx restart]]></command>
</daemon> </daemon>
</service> </service>
<!--DNS --> <!--DNS -->
@@ -366,7 +365,7 @@ exit "$RETVAL"
<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command> <command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[chown bind:0 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command> <command><![CDATA[chown bind:0 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command> <command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
<command><![CDATA[/etc/init.d/bind9 restart]]></command> <command><![CDATA[service bind9 restart]]></command>
</daemon> </daemon>
<daemon name="powerdns" title="PowerDNS (standalone)"> <daemon name="powerdns" title="PowerDNS (standalone)">
<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install> <install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
@@ -908,7 +907,7 @@ gmysql-password=
]]> ]]>
</content> </content>
</file> </file>
<command><![CDATA[/etc/init.d/pdns restart]]></command> <command><![CDATA[service pdns restart]]></command>
</daemon> </daemon>
<daemon name="powerdns_bind" <daemon name="powerdns_bind"
title="PowerDNS via bind-backend"> title="PowerDNS via bind-backend">
@@ -1455,7 +1454,7 @@ bind-check-interval=180
]]> ]]>
</content> </content>
</file> </file>
<command><![CDATA[/etc/init.d/pdns restart]]></command> <command><![CDATA[service pdns restart]]></command>
</daemon> </daemon>
</service> </service>
<!-- SMTP services --> <!-- SMTP services -->
@@ -1578,7 +1577,7 @@ root: root@<SERVERNAME>
</files> </files>
<commands index="3"> <commands index="3">
<command><![CDATA[newaliases]]></command> <command><![CDATA[newaliases]]></command>
<command><![CDATA[/etc/init.d/postfix restart]]></command> <command><![CDATA[service postfix restart]]></command>
</commands> </commands>
</general> </general>
<!-- postfix with dovecot --> <!-- postfix with dovecot -->
@@ -3299,7 +3298,7 @@ plugin {
</file> </file>
</files> </files>
<commands index="1"> <commands index="1">
<command><![CDATA[/etc/init.d/dovecot restart]]></command> <command><![CDATA[service dovecot restart]]></command>
</commands> </commands>
</general> </general>
<!-- Dovecot with postfix --> <!-- Dovecot with postfix -->
@@ -3722,7 +3721,7 @@ TLSVerifyClient off
]]> ]]>
</content> </content>
</file> </file>
<command><![CDATA[/etc/init.d/proftpd restart]]></command> <command><![CDATA[service proftpd restart]]></command>
</daemon> </daemon>
<!-- Pureftpd --> <!-- Pureftpd -->
<daemon name="pureftpd" title="PureFTPd"> <daemon name="pureftpd" title="PureFTPd">
@@ -3948,7 +3947,7 @@ UPLOADGID=
]]> ]]>
</content> </content>
</file> </file>
<command><![CDATA[/etc/init.d/pure-ftpd-mysql restart]]></command> <command><![CDATA[service pure-ftpd-mysql restart]]></command>
</daemon> </daemon>
</service> </service>
<!-- System tools/services --> <!-- System tools/services -->
@@ -4088,7 +4087,7 @@ aliases: files
<commands index="5"> <commands index="5">
<visibility mode="equals" value="apache2">{{settings.system.webserver}} <visibility mode="equals" value="apache2">{{settings.system.webserver}}
</visibility> </visibility>
<command><![CDATA[/etc/init.d/apache2 restart]]></command> <command><![CDATA[service apache2 restart]]></command>
</commands> </commands>
<!-- instead of just restarting apache, we let the cronjob do all the <!-- instead of just restarting apache, we let the cronjob do all the
dirty work --> dirty work -->

4
lng/english.lng.php
View File

@@ -1839,8 +1839,8 @@ $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Using Let\'s Encrypt is
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot handle wildcard-domains using ACME in froxlor (requires dns-challenge), sorry. Please set the ServerAlias to WWW or disable it completely'; $lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot handle wildcard-domains using ACME in froxlor (requires dns-challenge), sorry. Please set the ServerAlias to WWW or disable it completely';
$lng['panel']['letsencrypt'] = 'Using Let\'s encrypt'; $lng['panel']['letsencrypt'] = 'Using Let\'s encrypt';
$lng['crondesc']['cron_letsencrypt'] = 'updating Let\'s Encrypt certificates'; $lng['crondesc']['cron_letsencrypt'] = 'updating Let\'s Encrypt certificates';
$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt environment"; $lng['serversettings']['letsencryptca']['title'] = "ACME environment";
$lng['serversettings']['letsencryptca']['description'] = "Environment to be used for Let's Encrypt certificates."; $lng['serversettings']['letsencryptca']['description'] = "Environment to be used for Let's Encrypt / ZeroSSL certificates.";
$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt country code"; $lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt country code";
$lng['serversettings']['letsencryptcountrycode']['description'] = "2 letter country code used to generate Let's Encrypt certificates."; $lng['serversettings']['letsencryptcountrycode']['description'] = "2 letter country code used to generate Let's Encrypt certificates.";
$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt state"; $lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt state";

4
lng/german.lng.php
View File

@@ -1490,8 +1490,8 @@ $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann mittels ACME Wildcard-Domains nur via DNS validieren, sorry. Bitte den ServerAlias auf WWW setzen oder deaktivieren'; $lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann mittels ACME Wildcard-Domains nur via DNS validieren, sorry. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
$lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt'; $lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt';
$lng['crondesc']['cron_letsencrypt'] = 'Aktualisierung der Let\'s Encrypt Zertifikate'; $lng['crondesc']['cron_letsencrypt'] = 'Aktualisierung der Let\'s Encrypt Zertifikate';
$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt Umgebung"; $lng['serversettings']['letsencryptca']['title'] = "ACME Umgebung";
$lng['serversettings']['letsencryptca']['description'] = "Let's Encrypt - Umgebung, welche genutzt wird um Zertifikate zu bestellen."; $lng['serversettings']['letsencryptca']['description'] = "Umgebung, welche genutzt wird um Zertifikate zu bestellen.";
$lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt Ländercode"; $lng['serversettings']['letsencryptcountrycode']['title'] = "Let's Encrypt Ländercode";
$lng['serversettings']['letsencryptcountrycode']['description'] = "2 - stelliger Ländercode, welcher benutzt wird um Let's Encrypt - Zertifikate zu bestellen."; $lng['serversettings']['letsencryptcountrycode']['description'] = "2 - stelliger Ländercode, welcher benutzt wird um Let's Encrypt - Zertifikate zu bestellen.";
$lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt Bundesland"; $lng['serversettings']['letsencryptstate']['title'] = "Let's Encrypt Bundesland";