added configuration adjustment for prodtpd if renew-hook for lets encrypt is used; updater-compatibility if gui_access field is not present yet (froxlor <2.2); removed depercated gentoo config templates
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
@@ -621,6 +621,7 @@ EOC;
|
||||
$certificate_folder = self::getCertificateFolder(strtolower(Settings::Get('system.hostname')));
|
||||
$fullchain = FileDir::makeCorrectFile($certificate_folder . '/fullchain.cer');
|
||||
$keyfile = FileDir::makeCorrectFile($certificate_folder . '/' . strtolower(Settings::Get('system.hostname')) . '.key');
|
||||
$ca_file = FileDir::makeCorrectFile($certificate_folder . '/ca.cer');
|
||||
|
||||
if (Settings::IsInList('system.le_renew_services', 'postfix')) {
|
||||
// "postconf -e" for postfix
|
||||
@@ -641,7 +642,23 @@ EOSSL;
|
||||
file_put_contents($dovecot_conf, $ssl_content);
|
||||
}
|
||||
if (Settings::IsInList('system.le_renew_services', 'proftpd')) {
|
||||
// @todo
|
||||
$proftpd_conf = '/etc/proftpd/tls.conf'; // @fixme setting?
|
||||
if (strpos($certificate_folder, '_ecc') === false) {
|
||||
// comment out RSA related settings
|
||||
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateFile|# TLSRSACertificateFile|' " . escapeshellarg($proftpd_conf));
|
||||
FileDir::safe_exec("sed -i.bak 's|^TLSRSACertificateKeyFile|# TLSRSACertificateKeyFile|' " . escapeshellarg($proftpd_conf));
|
||||
// add ECC directives
|
||||
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateFile.*|TLSECCertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf));
|
||||
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSECCertificateKeyFile.*|TLSECCertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf));
|
||||
} else {
|
||||
// comment out ECC related settings
|
||||
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateFile|# TLSECCertificateFile|' " . escapeshellarg($proftpd_conf));
|
||||
FileDir::safe_exec("sed -i.bak 's|^TLSECCertificateKeyFile|# TLSECCertificateKeyFile|' " . escapeshellarg($proftpd_conf));
|
||||
// add RSA directives
|
||||
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateFile.*|TLSRSACertificateFile " . $fullchain . "|' " . escapeshellarg($proftpd_conf));
|
||||
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSRSACertificateKeyFile.*|TLSRSACertificateKeyFile " . $keyfile . "|' " . escapeshellarg($proftpd_conf));
|
||||
}
|
||||
FileDir::safe_exec("sed -i.bak 's|^#\?\s\?TLSCACertificateFile.*|TLSCACertificateFile " . $ca_file . "|' " . escapeshellarg($proftpd_conf));
|
||||
}
|
||||
// reload the services
|
||||
FileDir::safe_exec(Settings::Get('system.le_renew_hook'));
|
||||
|
||||
@@ -431,23 +431,14 @@ class Core
|
||||
|
||||
// check currently used php version and set values of fpm/fcgid accordingly
|
||||
if (defined('PHP_MAJOR_VERSION') && defined('PHP_MINOR_VERSION')) {
|
||||
// gentoo specific
|
||||
if ($this->validatedData['distribution'] == 'gentoo') {
|
||||
// php-fpm
|
||||
$reload = "/etc/init.d/php-fpm restart";
|
||||
$config_dir = "/etc/php/fpm-php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "/fpm.d/";
|
||||
// fcgid
|
||||
$binary = "/usr/bin/php-cgi";
|
||||
// php-fpm
|
||||
$reload = "service php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-fpm restart";
|
||||
$config_dir = "/etc/php/" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "/fpm/pool.d/";
|
||||
// fcgid
|
||||
if ($this->validatedData['distribution'] == 'bookworm') {
|
||||
$binary = "/usr/bin/php-cgi" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;
|
||||
} else {
|
||||
// php-fpm
|
||||
$reload = "service php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-fpm restart";
|
||||
$config_dir = "/etc/php/" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "/fpm/pool.d/";
|
||||
// fcgid
|
||||
if ($this->validatedData['distribution'] == 'bookworm') {
|
||||
$binary = "/usr/bin/php-cgi" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;
|
||||
} else {
|
||||
$binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi";
|
||||
}
|
||||
$binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi";
|
||||
}
|
||||
$db_user->query("UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET `reload_cmd` = '" . $reload . "', `config_dir` = '" . $config_dir . "' WHERE `id` ='1';");
|
||||
$db_user->query("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET `binary` = '" . $binary . "';");
|
||||
|
||||
@@ -3056,6 +3056,7 @@ TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
|
||||
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
|
||||
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
|
||||
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
|
||||
# TLSCACertificateFile
|
||||
TLSOptions NoSessionReuseRequired
|
||||
TLSVerifyClient off
|
||||
|
||||
|
||||
@@ -4624,6 +4624,7 @@ TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
|
||||
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
|
||||
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
|
||||
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
|
||||
# TLSCACertificateFile
|
||||
TLSOptions NoSessionReuseRequired
|
||||
TLSVerifyClient off
|
||||
|
||||
|
||||
@@ -3843,6 +3843,7 @@ TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
|
||||
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
|
||||
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
|
||||
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
|
||||
# TLSCACertificateFile
|
||||
TLSOptions NoSessionReuseRequired
|
||||
TLSVerifyClient off
|
||||
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -3835,6 +3835,7 @@ TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
|
||||
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
|
||||
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
|
||||
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
|
||||
# TLSCACertificateFile
|
||||
TLSOptions NoSessionReuseRequired
|
||||
TLSVerifyClient off
|
||||
|
||||
|
||||
Reference in New Issue
Block a user