Add setting to specify domain aliases for the froxlor-vhost (and add them to the SAN list of let's encrypt certificates if enabled)

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

actions/admin/settings/122.froxlorvhost.php

@@ -30,6 +30,16 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
+				'system_froxloraliases' => array(
+					'label' => $lng['serversettings']['froxloraliases'],
+					'settinggroup' => 'system',
+					'varname' => 'froxloraliases',
+					'type' => 'string',
+					'string_regexp' => '/^(([a-z0-9\-\._]+, ?)*[a-z0-9\-\._]+)?$/i',
+					'string_emptyallowed' => true,
+					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
 				/**
 				 * SSL / Let's Encrypt
 				 */

install/froxlor.sql

@@ -645,6 +645,7 @@ opcache.interned_strings_buffer'),
 	('system', 'dhparams_file', ''),
 	('system', 'errorlog_level', 'warn'),
 	('system', 'leecc', '0'),
+	('system', 'froxloraliases', ''),
 	('api', 'enabled', '0'),
 	('2fa', 'enabled', '1'),
 	('panel', 'decimal_places', '4'),
@@ -680,7 +681,7 @@ opcache.interned_strings_buffer'),
 	('panel', 'customer_hide_options', ''),
 	('panel', 'is_configured', '0'),
 	('panel', 'version', '0.10.0'),
-	('panel', 'db_version', '201902170');
+	('panel', 'db_version', '201902210');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;

install/updates/froxlor/0.10/update_0.10.inc.php

@@ -224,3 +224,12 @@ if (\Froxlor\Froxlor::isDatabaseVersion('201902120')) {
 
 	\Froxlor\Froxlor::updateToDbVersion('201902170');
 }
+
+if (\Froxlor\Froxlor::isDatabaseVersion('201902170')) {
+
+	showUpdateStep("Adding new froxlor vhost domain alias setting");
+	Settings::AddNew('system.froxloraliases', "");
+	lastStepStatus(0);
+
+	\Froxlor\Froxlor::updateToDbVersion('201902210');
+}

lib/Froxlor/Cron/Http/Apache.php

@@ -201,6 +201,21 @@ class Apache extends HttpConfigBase
 
 				if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') {
 					$this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n";
+
+					$froxlor_aliases = Settings::Get('system.froxloraliases');
+					if (!empty($froxlor_aliases)) {
+						$froxlor_aliases = explode(",", $froxlor_aliases);
+						$aliases = "";
+						foreach ($froxlor_aliases as $falias) {
+							if (\Froxlor\Validate\Validate::validateDomain($falias)) {
+								$aliases = trim($falias) . " ";
+							}
+						}
+						$aliases = trim($aliases);
+						if (!empty($aliases)) {
+							$this->virtualhosts_data[$vhosts_filename] .= ' ServerAlias ' . $aliases . "\n";
+						}
+					}
 				}
 
 				$is_redirect = false;

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -173,6 +173,16 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron
 					$certrow['domain']
 				);
 
+				$froxlor_aliases = Settings::Get('system.froxloraliases');
+				if (!empty($froxlor_aliases)) {
+					$froxlor_aliases = explode(",", $froxlor_aliases);
+					foreach ($froxlor_aliases as $falias) {
+						if (\Froxlor\Validate\Validate::validateDomain($falias)) {
+							$domains[] = trim($falias);
+						}
+					}
+				}
+
 				// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
 				// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
 				if ($cert_mode == 'renew') {

lib/Froxlor/Cron/Http/Nginx.php

@@ -224,7 +224,19 @@ class Nginx extends HttpConfigBase
 				$this->nginx_data[$vhost_filename] .= "\t" . 'listen    ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
 
 				$this->nginx_data[$vhost_filename] .= "\t" . '# Froxlor default vhost' . "\n";
-				$this->nginx_data[$vhost_filename] .= "\t" . 'server_name    ' . Settings::Get('system.hostname') . ';' . "\n";
+
+				$aliases = "";
+				$froxlor_aliases = Settings::Get('system.froxloraliases');
+				if (!empty($froxlor_aliases)) {
+					$froxlor_aliases = explode(",", $froxlor_aliases);
+					foreach ($froxlor_aliases as $falias) {
+						if (\Froxlor\Validate\Validate::validateDomain($falias)) {
+							$aliases = trim($falias) . " ";
+						}
+					}
+					$aliases = " " . trim($aliases);
+				}
+				$this->nginx_data[$vhost_filename] .= "\t" . 'server_name    ' . Settings::Get('system.hostname') . $aliases . ';' . "\n";
 				$this->nginx_data[$vhost_filename] .= "\t" . 'access_log      /var/log/nginx/access.log;' . "\n";
 
 				if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') {

lib/Froxlor/Froxlor.php

@@ -10,7 +10,7 @@ final class Froxlor
 	const VERSION = '0.10.0';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '201902170';
+	const DBVERSION = '201902210';
 
 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';

lng/english.lng.php

@@ -2056,3 +2056,5 @@ $lng['serversettings']['errorlog_level']['title'] = 'Error log-level';
 $lng['serversettings']['errorlog_level']['description'] = 'Specify the error log level. Default is "warn" for apache-users and "error" for nginx-users.';
 $lng['serversettings']['letsencryptecc']['title'] = "Issue ECC / ECDSA certificate";
 $lng['serversettings']['letsencryptecc']['description'] = "If set to a valid key-size the certificate issued will use ECC / ECDSA";
+$lng['serversettings']['froxloraliases']['title'] = "Domain aliases for froxlor vhost";
+$lng['serversettings']['froxloraliases']['description'] = "Comma separated list of domains to add as server alias to the froxlor vhost";

lng/german.lng.php

@@ -1703,3 +1703,5 @@ $lng['serversettings']['errorlog_level']['title'] = 'Ausführlichkeit des Fehler
 $lng['serversettings']['errorlog_level']['description'] = 'Steuert die Ausführlichkeit des Fehlerprotokolls. Voreinstellung ist "warn" bei Apache und "error" bei Nginx.';
 $lng['serversettings']['letsencryptecc']['title'] = "ECC / ECDSA Zertifikate ausstellen";
 $lng['serversettings']['letsencryptecc']['description'] = "Wenn eine Schlüsselgröße ausgewählt wird, werden ECC / ECDSA Zertifikate erstellt";
+$lng['serversettings']['froxloraliases']['title'] = "Domain Aliase für Froxlor Vhost";
+$lng['serversettings']['froxloraliases']['description'] = "Komma getrennte Liste von Domains, welche als Server Alias zum Froxlor Vhost hinzugefügt werden";