diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php
index 16a0c856c21bb1be4af307c40c8fccdf791e5f5e..de5164da198243cf2a85e3f4344cb02265bd0e3e 100644
--- a/interface/web/sites/form/web_domain.tform.php
+++ b/interface/web/sites/form/web_domain.tform.php
@@ -232,6 +232,12 @@ $form["tabs"]['domain'] = array (
'default' => 'n',
'value' => array(0 => 'n', 1 => 'y')
),
+ 'ssl_letsencrypt' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
'php' => array (
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
diff --git a/interface/web/sites/lib/lang/ar_web_domain.lng b/interface/web/sites/lib/lang/ar_web_domain.lng
index 1714b6417784f4beb9a1d890fc6a5d2a9650fa22..a8928e2d358a9f8101819b54696121f204c5260d 100644
--- a/interface/web/sites/lib/lang/ar_web_domain.lng
+++ b/interface/web/sites/lib/lang/ar_web_domain.lng
@@ -28,6 +28,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Own Error-Documents';
$wb['subdomain_txt'] = 'Auto-Subdomain';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Client';
diff --git a/interface/web/sites/lib/lang/bg_web_domain.lng b/interface/web/sites/lib/lang/bg_web_domain.lng
index 594b6f2c7cc4b0e4e281e33a7adec9ffb398ba2b..5d6d786edc3bc10bd0385a89f06ad4d17784b1df 100644
--- a/interface/web/sites/lib/lang/bg_web_domain.lng
+++ b/interface/web/sites/lib/lang/bg_web_domain.lng
@@ -26,6 +26,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Собствени страници за грешки';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Клиент';
diff --git a/interface/web/sites/lib/lang/br_web_domain.lng b/interface/web/sites/lib/lang/br_web_domain.lng
index 21525c5d95ddd7e727cf7990479dc948082feca7..9c5192e71d692f5cbfd7e7270d442aeb5fed9019 100644
--- a/interface/web/sites/lib/lang/br_web_domain.lng
+++ b/interface/web/sites/lib/lang/br_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Suas Páginas de Erro';
$wb['subdomain_txt'] = 'Auto-Subdomínio';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Cliente';
diff --git a/interface/web/sites/lib/lang/cz_web_domain.lng b/interface/web/sites/lib/lang/cz_web_domain.lng
index 64eccd2dcdc5707096cda4094e8e4f3c7421ec49..7c1e910975541299b83e1a73fd1d7d5e24307f1a 100644
--- a/interface/web/sites/lib/lang/cz_web_domain.lng
+++ b/interface/web/sites/lib/lang/cz_web_domain.lng
@@ -27,6 +27,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['subdomain_txt'] = 'Automatická subdoména';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klient';
diff --git a/interface/web/sites/lib/lang/de_web_domain.lng b/interface/web/sites/lib/lang/de_web_domain.lng
index b90ff9a53a8c195bab31fc6412c5794b0a1a4a32..260aef1d1fc669560607b82866cbd789cabe9321 100644
--- a/interface/web/sites/lib/lang/de_web_domain.lng
+++ b/interface/web/sites/lib/lang/de_web_domain.lng
@@ -27,6 +27,7 @@ $wb['traffic_quota_txt'] = 'Transfervolumenbeschränkung';
$wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Kunde';
diff --git a/interface/web/sites/lib/lang/el_web_domain.lng b/interface/web/sites/lib/lang/el_web_domain.lng
index b2792cefb7fa34fc95428f9d13c531905934f482..bb544bdf21c9f91e5c8bf0cbd972ae51460843f3 100644
--- a/interface/web/sites/lib/lang/el_web_domain.lng
+++ b/interface/web/sites/lib/lang/el_web_domain.lng
@@ -30,6 +30,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Προσωπικά έγγραφα σφάλματος';
$wb['subdomain_txt'] = 'Auto-Subdomain';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Πελάτης';
diff --git a/interface/web/sites/lib/lang/en_web_domain.lng b/interface/web/sites/lib/lang/en_web_domain.lng
index 14b3d526fdcfd55c1c9acb555ed08e72f725b8cc..38675dc7001d4f9632aadd4cd7792eac9f221ada 100644
--- a/interface/web/sites/lib/lang/en_web_domain.lng
+++ b/interface/web/sites/lib/lang/en_web_domain.lng
@@ -33,6 +33,7 @@ $wb["ssi_txt"] = 'SSI';
$wb["errordocs_txt"] = 'Own Error-Documents';
$wb["subdomain_txt"] = 'Auto-Subdomain';
$wb["ssl_txt"] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb["suexec_txt"] = 'SuEXEC';
$wb["php_txt"] = 'PHP';
$wb["client_txt"] = 'Client';
diff --git a/interface/web/sites/lib/lang/fi_web_domain.lng b/interface/web/sites/lib/lang/fi_web_domain.lng
index e13fb8f54a820c67bf38527afdc8bf8275f3d96b..3070aa03f5c0c36fd6a05abd39c6aa2cb7f8d9cc 100755
--- a/interface/web/sites/lib/lang/fi_web_domain.lng
+++ b/interface/web/sites/lib/lang/fi_web_domain.lng
@@ -25,6 +25,7 @@ $wb['traffic_quota_txt'] = 'Liikenneraja';
$wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Asiakas';
diff --git a/interface/web/sites/lib/lang/fr_web_domain.lng b/interface/web/sites/lib/lang/fr_web_domain.lng
index 7c01ca3f944a561019dc9fe45b164aeb954ccab6..7dea7467760226e6d695bac7a58eb4a358c7c8f6 100644
--- a/interface/web/sites/lib/lang/fr_web_domain.lng
+++ b/interface/web/sites/lib/lang/fr_web_domain.lng
@@ -25,6 +25,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Pages derreurs personnalisées';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Client';
diff --git a/interface/web/sites/lib/lang/hr_web_domain.lng b/interface/web/sites/lib/lang/hr_web_domain.lng
index ddcbdbc3195b5765ae6b61c36b0b1ebdb6195f24..c7b0e4a654875de79bcd7785025ed6c12cbbb614 100644
--- a/interface/web/sites/lib/lang/hr_web_domain.lng
+++ b/interface/web/sites/lib/lang/hr_web_domain.lng
@@ -30,6 +30,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Vlastite error stranice';
$wb['subdomain_txt'] = 'Automatska poddomena';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klijent';
diff --git a/interface/web/sites/lib/lang/hu_web_domain.lng b/interface/web/sites/lib/lang/hu_web_domain.lng
index 3fc994edc4bbee74ca80f051b16a9826ae1f4636..9b3ff59443a32fe75dbe4c086f3299ee29236a63 100644
--- a/interface/web/sites/lib/lang/hu_web_domain.lng
+++ b/interface/web/sites/lib/lang/hu_web_domain.lng
@@ -26,6 +26,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Saját hibaoldal';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['disabled_txt'] = 'Letiltva';
diff --git a/interface/web/sites/lib/lang/id_web_domain.lng b/interface/web/sites/lib/lang/id_web_domain.lng
index 8ed9ad9dfe1815998e02b64bd2755a56b02865c3..3506258fb1dce6b886896ec87b2fd68aa7bbbe6c 100644
--- a/interface/web/sites/lib/lang/id_web_domain.lng
+++ b/interface/web/sites/lib/lang/id_web_domain.lng
@@ -28,6 +28,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Dokumen-Kesalahan Pribadi';
$wb['subdomain_txt'] = 'Subdomain Otomatis';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klien';
diff --git a/interface/web/sites/lib/lang/it_web_domain.lng b/interface/web/sites/lib/lang/it_web_domain.lng
index 5a2bdf5448c9f0e9d21f3bd2ba3afec1d17188eb..fcf69b4b04cadbd29cc46461bc88a914ebfc7cf5 100644
--- a/interface/web/sites/lib/lang/it_web_domain.lng
+++ b/interface/web/sites/lib/lang/it_web_domain.lng
@@ -26,6 +26,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Errori personalizzati';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Cliente';
diff --git a/interface/web/sites/lib/lang/ja_web_domain.lng b/interface/web/sites/lib/lang/ja_web_domain.lng
index 41ce4717fd9eb42f16a87879298e6eb3837caf96..2a34ff8fec99361c0b2dfbd72d0720c90d76b2ea 100644
--- a/interface/web/sites/lib/lang/ja_web_domain.lng
+++ b/interface/web/sites/lib/lang/ja_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = '独自のエラーページを使う';
$wb['subdomain_txt'] = '自動サブドメイン';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'クライアント';
diff --git a/interface/web/sites/lib/lang/nl_web_domain.lng b/interface/web/sites/lib/lang/nl_web_domain.lng
index aa3134b92ede3fa784332fb3bb6c82c021c205e6..e1ecbf24e9efa9b463fddbd525797afd60f3b705 100644
--- a/interface/web/sites/lib/lang/nl_web_domain.lng
+++ b/interface/web/sites/lib/lang/nl_web_domain.lng
@@ -30,6 +30,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Own Error-documenten';
$wb['subdomain_txt'] = 'Auto-subdomein';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klant';
diff --git a/interface/web/sites/lib/lang/pl_web_domain.lng b/interface/web/sites/lib/lang/pl_web_domain.lng
index 858b35c6f4b27560dec1b029cebb56cc3426309e..e3f5171301cdbe10c5c705f36c2699259debff83 100644
--- a/interface/web/sites/lib/lang/pl_web_domain.lng
+++ b/interface/web/sites/lib/lang/pl_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Własne strony błędów';
$wb['subdomain_txt'] = 'Automatyczna subdomena';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klient';
diff --git a/interface/web/sites/lib/lang/pt_web_domain.lng b/interface/web/sites/lib/lang/pt_web_domain.lng
index ac0f7f724f01fa4005f3a3b7607b00f3a58fed3c..e279f8d82bc93800f461ddd9605f012d6639828b 100644
--- a/interface/web/sites/lib/lang/pt_web_domain.lng
+++ b/interface/web/sites/lib/lang/pt_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Páginas de Erro';
$wb['subdomain_txt'] = 'Auto-Subdomínio';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Cliente';
diff --git a/interface/web/sites/lib/lang/ro_web_domain.lng b/interface/web/sites/lib/lang/ro_web_domain.lng
index d4667d00c40eea49a1a6ae553f992d461b174cb8..9dbd4c18ae70ade25d236b87b3c91f9f8bd47493 100644
--- a/interface/web/sites/lib/lang/ro_web_domain.lng
+++ b/interface/web/sites/lib/lang/ro_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Own Error-Documents';
$wb['subdomain_txt'] = 'Auto-Subdomain';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Client';
diff --git a/interface/web/sites/lib/lang/ru_web_domain.lng b/interface/web/sites/lib/lang/ru_web_domain.lng
index 06d82c1a2b5e7dbbd259db415f514b81241b218d..8e9444449ac44643ec13bb886299b06b06c6b3f5 100644
--- a/interface/web/sites/lib/lang/ru_web_domain.lng
+++ b/interface/web/sites/lib/lang/ru_web_domain.lng
@@ -25,6 +25,7 @@ $wb['traffic_quota_txt'] = 'Квота трафика';
$wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Клиент';
diff --git a/interface/web/sites/lib/lang/se_web_domain.lng b/interface/web/sites/lib/lang/se_web_domain.lng
index d25c8b15284d70f7bd4899189de631aa24a3d0e4..eb9e7878b14f4e7ecd5bbc3de02e2a88251b13f7 100644
--- a/interface/web/sites/lib/lang/se_web_domain.lng
+++ b/interface/web/sites/lib/lang/se_web_domain.lng
@@ -26,6 +26,7 @@ $wb['cgi_txt'] = 'CGI';
$wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Own Error-Documents';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Client';
diff --git a/interface/web/sites/lib/lang/sk_web_domain.lng b/interface/web/sites/lib/lang/sk_web_domain.lng
index e38610de4f01f55eca7b7087cddb0812b94a1e63..affc3f2fb3677b7e835450259fa68cd0a56b39cc 100644
--- a/interface/web/sites/lib/lang/sk_web_domain.lng
+++ b/interface/web/sites/lib/lang/sk_web_domain.lng
@@ -27,6 +27,7 @@ $wb['ssi_txt'] = 'SSI';
$wb['errordocs_txt'] = 'Vlastné Error-Dokumenty';
$wb['subdomain_txt'] = 'Auto-Subdomény';
$wb['ssl_txt'] = 'SSL';
+$wb['ssl_letsencrypt_txt'] = 'Let\'s Encrypt';
$wb['suexec_txt'] = 'SuEXEC';
$wb['php_txt'] = 'PHP';
$wb['client_txt'] = 'Klient';
diff --git a/interface/web/sites/templates/web_domain_edit.htm b/interface/web/sites/templates/web_domain_edit.htm
index d12c3a36c2f70a2fbb238345a03ae95046793188..2ac3bcb59175621f04a938d88ff9195b37233174 100644
--- a/interface/web/sites/templates/web_domain_edit.htm
+++ b/interface/web/sites/templates/web_domain_edit.htm
@@ -130,6 +130,12 @@
{tmpl_var name='ssl'}
+
+
+
{tmpl_var name='ssl_letsencrypt_txt'}
+
+ {tmpl_var name='ssl_letsencrypt'}
+
@@ -261,5 +267,11 @@
submitForm('pageForm','sites/web_domain_edit.php');
});
-
-
\ No newline at end of file
+
+ jQuery('input#ssl_letsencrypt').bind('change', function() {
+ if(jQuery('input#ssl_letsencrypt').is(":checked")) jQuery('input#ssl').prop('checked', true);
+ });
+ jQuery('input#ssl').bind('change', function() {
+ if(jQuery('input#ssl_letsencrypt').is(":checked")) jQuery('input#ssl_letsencrypt').prop('checked', false);
+ });
+
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 54a77123d866480f99d0deb727f76f8e396b8ab5..e6797d71996ea3754a4ba6708839142866d895cd 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -950,6 +950,92 @@ class apache2_plugin {
}
*/
+ //* Generate Let's Encrypt SSL certificat
+ if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
+ $data['new']['ssl_domain'] = $domain;
+ $vhost_data['ssl_domain'] = $domain;
+
+ //* be sure to have good domain
+ $lddomain = (string) "$domain";
+ if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
+ $lddomain .= (string) " --domains www." . $domain;
+ }
+
+ $crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
+ $key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
+ $bundle_tmp_file = "/etc/letsencrypt/live/".$domain."/chain.pem";
+ $webroot = $data['new']['document_root']."/web";
+
+ //* check if we have already a Let's Encrypt cert
+ if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
+ $app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
+
+ if(is_dir($webroot . "/.well-known/")) {
+ $app->log("Remove old challenge directory", LOGLEVEL_DEBUG);
+ $this->_exec("rm -rf " . $webroot . "/.well-known/");
+ }
+
+ $app->log("Create challenge directory", LOGLEVEL_DEBUG);
+ $app->system->mkdirpath($webroot . "/.well-known/");
+ $app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);
+ $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
+ $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
+ $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
+ $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
+ $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
+
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+ };
+
+ //* check is been correctly created
+ if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {
+ $date = date("YmdHis");
+ if(is_file($key_file)) {
+ $app->system->copy($key_file, $key_file.'.old'.$date);
+ $app->system->chmod($key_file.'.old.'.$date, 0400);
+ $app->system->unlink($key_file);
+ }
+
+ if ($web_config["website_symlinks_rel"] == 'y') {
+ $this->create_relative_link(escapeshellcmd($key_tmp_file), escapeshellcmd($key_file));
+ } else {
+ exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file));
+ }
+
+ if(is_file($crt_file)) {
+ $app->system->copy($crt_file, $crt_file.'.old.'.$date);
+ $app->system->chmod($crt_file.'.old.'.$date, 0400);
+ $app->system->unlink($crt_file);
+ }
+
+ if($web_config["website_symlinks_rel"] == 'y') {
+ $this->create_relative_link(escapeshellcmd($crt_tmp_file), escapeshellcmd($crt_file));
+ } else {
+ exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file));
+ }
+
+ if(is_file($bundle_file)) {
+ $app->system->copy($bundle_file, $bundle_file.'.old.'.$date);
+ $app->system->chmod($bundle_file.'.old.'.$date, 0400);
+ $app->system->unlink($bundle_file);
+ }
+
+ if($web_config["website_symlinks_rel"] == 'y') {
+ $this->create_relative_link(escapeshellcmd($bundle_tmp_file), escapeshellcmd($bundle_file));
+ } else {
+ exec("ln -s ".escapeshellcmd($bundle_tmp_file)." ".escapeshellcmd($bundle_file));
+ }
+
+ /* we don't need to store it.
+ /* Update the DB of the (local) Server */
+ $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
+ $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
+ /* Update also the master-DB of the Server-Farm */
+ $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key' WHERE domain = '".$data['new']['domain']."'");
+ $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
+ }
+ };
+
if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
//$vhost_data['document_root'] = $data['new']['document_root'].'/' . $web_folder;
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 02fb427fe1fb4f3b71aad475f3f984f08ecdf989..fb2329aed58d1f950ab8e3fe2209768db4f14116 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1102,10 +1102,87 @@ class nginx_plugin {
// Check if a SSL cert exists
$ssl_dir = $data['new']['document_root'].'/ssl';
+ if(!isset($data['new']['ssl_domain']) OR empty($data['new']['ssl_domain'])) { $data['new']['ssl_domain'] = $data['new']['domain']; }
$domain = $data['new']['ssl_domain'];
+ $tpl->setVar('ssl_domain', $domain);
$key_file = $ssl_dir.'/'.$domain.'.key';
$crt_file = $ssl_dir.'/'.$domain.'.crt';
+
+ $tpl->setVar('ssl_letsencrypt', "n");
+ //* Generate Let's Encrypt SSL certificat
+ if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
+ //* be sure to have good domain
+ $lddomain = (string) "$domain";
+ if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
+ $lddomain .= (string) " --domains www." . $domain;
+ }
+
+ $tpl->setVar('ssl_letsencrypt', "y");
+ //* TODO: check dns entry is correct
+ $crt_tmp_file = "/etc/letsencrypt/live/".$domain."/fullchain.pem";
+ $key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
+ $webroot = $data['new']['document_root']."/web";
+
+ //* check if we have already a Let's Encrypt cert
+ if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
+ $app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
+
+ if(is_dir($webroot . "/.well-known/")) {
+ $app->log("Remove old challenge directory", LOGLEVEL_DEBUG);
+ $this->_exec("rm -rf " . $webroot . "/.well-known/");
+ }
+
+ $app->log("Create challenge directory", LOGLEVEL_DEBUG);
+ $app->system->mkdirpath($webroot . "/.well-known/");
+ $app->system->chown($webroot . "/.well-known/", $$data['new']['system_user']);
+ $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
+ $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
+ $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
+ $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
+ $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
+
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth -a webroot --email postmaster@$domain --domains $lddomain --webroot-path $webroot");
+ };
+
+ //* check is been correctly created
+ if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {
+ $date = date("YmdHis");
+//* TODO: check if is a symlink, if target same keep it, either remove it
+ if(is_file($key_file)) {
+ $app->system->copy($key_file, $key_file.'.old'.$date);
+ $app->system->chmod($key_file.'.old.'.$date, 0400);
+ $app->system->unlink($key_file);
+ }
+
+ if ($web_config["website_symlinks_rel"] == 'y') {
+ $this->create_relative_link(escapeshellcmd($key_tmp_file), escapeshellcmd($key_file));
+ } else {
+ exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file));
+ }
+
+ if(is_file($crt_file)) {
+ $app->system->copy($crt_file, $crt_file.'.old.'.$date);
+ $app->system->chmod($crt_file.'.old.'.$date, 0400);
+ $app->system->unlink($crt_file);
+ }
+
+ if($web_config["website_symlinks_rel"] == 'y') {
+ $this->create_relative_link(escapeshellcmd($crt_tmp_file), escapeshellcmd($crt_file));
+ } else {
+ exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file));
+ }
+
+ /* we don't need to store it.
+ /* Update the DB of the (local) Server */
+ $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = '".$data['new']['domain']."'");
+ $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
+ /* Update also the master-DB of the Server-Farm */
+ $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = '".$data['new']['domain']."'");
+ $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
+ }
+ };
+
if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$vhost_data['ssl_enabled'] = 1;
$app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);