Newer
Older
Marius Burkard
committed
if(!file_exists($data['new']['document_root'].'/' . $web_folder . '/robots.txt')) $app->system->exec_safe('cp ? ?', $conf['rootpath'] . '/conf/index/robots.txt', $data['new']['document_root'].'/' . $web_folder . '/');
Till Brehm
committed
}
Marius Burkard
committed
$app->system->exec_safe('chmod -R a+r ?', $data['new']['document_root'].'/' . $web_folder . '/');
//** Copy the error documents on update when the error document checkbox has been activated and was deactivated before
} elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
Marius Burkard
committed
$error_page_path = $data['new']['document_root'].'/' . $web_folder . '/error/';
if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2))) {
$app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf-custom/error/'.substr($conf['language'], 0, 2).'/', $error_page_path);
}
else {
if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
Marius Burkard
committed
$app->system->exec_safe('cp ?*.html ?', $conf['rootpath'] . '/conf-custom/error/', $error_page_path);
}
else {
Marius Burkard
committed
$app->system->exec_safe('cp ?* ?', $conf['rootpath'] . '/conf/error/'.substr($conf['language'], 0, 2).'/', $error_page_path);
Marius Burkard
committed
$app->system->exec_safe('chmod -R a+r ?', $error_page_path);
$app->system->exec_safe('chown -R ?:? ?', $data['new']['system_user'], $data['new']['system_group'], $error_page_path);
} // end copy error docs
// Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias
if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
if($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$mb_soft = $data['new']['hd_quota'];
$mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0;
// get the primitive folder for document_root and the filesystem, will need it later.
Marius Burkard
committed
$df_output=explode(" ", $app->system->exec_safe("df -T ?|awk 'END{print \$2,\$NF}'", $data['new']['document_root']));
$file_system = $df_output[0];
$primitive_root = $df_output[1];
Marius Burkard
committed
$app->system->exec_safe("xfs_quota -x -c ? ?", "limit -u bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " " . $username, $primitive_root);
// xfs only supports timers globally, not per user.
Marius Burkard
committed
$app->system->exec_safe("xfs_quota -x -c 'timer -bir -i 604800' ?", $primitive_root);
unset($project_uid, $username_position, $xfs_projects);
unset($primitive_root, $df_output, $mb_hard, $mb_soft);
} else {
if($app->system->is_installed('setquota')) {
Marius Burkard
committed
$app->system->exec_safe('setquota -u ? ? ? 0 0 -a &> /dev/null', $username, $blocks_soft, $blocks_hard);
$app->system->exec_safe('setquota -T -u ? 604800 604800 -a &> /dev/null', $username);
if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
// Chown and chmod the directories below the document root
Marius Burkard
committed
$app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder);
// The document root itself has to be owned by root in normal level and by the web owner in security level 20
if($web_config['security_level'] == 20) {
Marius Burkard
committed
$app->system->exec_safe('chown ?:? ?', $username, $groupname, $data['new']['document_root'].'/' . $web_folder);
Marius Burkard
committed
$app->system->exec_safe('chown root:root ?', $data['new']['document_root'].'/' . $web_folder);
//* add the Apache user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
Marius Burkard
committed
if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, $web_config['user']);
//* If the security level is set to high
if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
$app->system->web_folder_protection($data['new']['document_root'], false);
//* Check if we have the new private folder and create it if nescessary
if(!is_dir($data['new']['document_root'].'/private')) $app->system->mkdir($data['new']['document_root'].'/private');
if($web_config['security_level'] == 20) {
$app->system->chmod($data['new']['document_root'], 0755);
Till Brehm
committed
$app->system->chmod($data['new']['document_root'].'/web', 0711);
$app->system->chmod($data['new']['document_root'].'/webdav', 0710);
$app->system->chmod($data['new']['document_root'].'/private', 0710);
$app->system->chmod($data['new']['document_root'].'/ssl', 0755);
// make tmp directory writable for Apache and the website users
$app->system->chmod($data['new']['document_root'].'/tmp', 0770);
// Set Log directory to 755 to make the logs accessible by the FTP user
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
$app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
if($web_config['add_web_users_to_sshusers_group'] == 'y') {
$command = 'usermod';
$command .= ' --groups sshusers';
Marius Burkard
committed
$command .= ' ? 2>/dev/null';
$app->system->exec_safe($command, $data['new']['system_user']);
//* if we have a chrooted Apache environment
if($apache_chrooted) {
Marius Burkard
committed
$app->system->exec_safe('chroot ? ?', $web_config['website_basedir'], $command);
//* add the apache user to the client group in the chroot environment
$tmp_groupfile = $app->system->server_conf['group_datei'];
$app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
Marius Burkard
committed
$app->system->add_user_to_group($groupname, $web_config['user']);
$app->system->server_conf['group_datei'] = $tmp_groupfile;
unset($tmp_groupfile);
}
//* Chown all default directories
$app->system->chown($data['new']['document_root'], 'root');
$app->system->chgrp($data['new']['document_root'], 'root');
$app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
$app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
$app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
$app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
$app->system->chown($data['new']['document_root'].'/ssl', 'root');
$app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
$app->system->chown($data['new']['document_root'].'/tmp', $username);
$app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
$app->system->chown($data['new']['document_root'].'/web', $username);
$app->system->chgrp($data['new']['document_root'].'/web', $groupname);
$app->system->chown($data['new']['document_root'].'/web/error', $username);
$app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
if($data['new']['stats_type'] != '') {
$app->system->chown($data['new']['document_root'].'/web/stats', $username);
$app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
}
$app->system->chown($data['new']['document_root'].'/webdav', $username);
$app->system->chgrp($data['new']['document_root'].'/webdav', $groupname);
$app->system->chown($data['new']['document_root'].'/private', $username);
$app->system->chgrp($data['new']['document_root'].'/private', $groupname);
// If the security Level is set to medium
} else {
$app->system->chmod($data['new']['document_root'], 0755);
$app->system->chmod($data['new']['document_root'].'/web', 0755);
$app->system->chmod($data['new']['document_root'].'/webdav', 0755);
$app->system->chmod($data['new']['document_root'].'/ssl', 0755);
$app->system->chmod($data['new']['document_root'].'/cgi-bin', 0755);
// make temp directory writable for Apache and the website users
$app->system->chmod($data['new']['document_root'].'/tmp', 0770);
// Set Log directory to 755 to make the logs accessible by the FTP user
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
$app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
$app->system->chown($data['new']['document_root'], 'root');
$app->system->chgrp($data['new']['document_root'], 'root');
$app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
$app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
$app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
$app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
$app->system->chown($data['new']['document_root'].'/ssl', 'root');
$app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
$app->system->chown($data['new']['document_root'].'/tmp', $username);
$app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
$app->system->chown($data['new']['document_root'].'/web', $username);
$app->system->chgrp($data['new']['document_root'].'/web', $groupname);
$app->system->chown($data['new']['document_root'].'/web/error', $username);
$app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
if($data['new']['stats_type'] != '') {
$app->system->chown($data['new']['document_root'].'/web/stats', $username);
$app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
}
$app->system->chown($data['new']['document_root'].'/webdav', $username);
$app->system->chgrp($data['new']['document_root'].'/webdav', $groupname);
} elseif((($data['new']['type'] == 'vhostsubdomain') || ($data['new']['type'] == 'vhostalias')) &&
(($this->action == 'insert') || ($web_config['set_folder_permissions_on_update'] == 'y'))) {
if($web_config['security_level'] == 20) {
$app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0710);
$app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
$app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
if($data['new']['stats_type'] != '') {
$app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
}
} else {
$app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0755);
$app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
$app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
if($data['new']['stats_type'] != '') {
$app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
}
//* Protect web folders
$app->system->web_folder_protection($data['new']['document_root'], true);
if($data['new']['type'] == 'vhost') {
// Change the ownership of the error log to the root user
Marius Burkard
committed
if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) {
$app->system->exec_safe('touch ?', '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log');
}
$app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
$app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
}
//* Write the custom php.ini file, if custom_php_ini fieled is not empty
$custom_php_ini_dir = $web_config['website_basedir'].'/conf/'.$data['new']['system_user'];
if($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') $custom_php_ini_dir .= '_' . $web_folder;
if(!is_dir($web_config['website_basedir'].'/conf')) $app->system->mkdir($web_config['website_basedir'].'/conf');
//* add open_basedir restriction to custom php.ini content, required for suphp only
if(!stristr($data['new']['custom_php_ini'], 'open_basedir') && $data['new']['php'] == 'suphp') {
$data['new']['custom_php_ini'] .= "\nopen_basedir = '".$data['new']['php_open_basedir']."'\n";
}
$fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
$custom_fastcgi_php_executable = '';
if($data['new']['server_php_id'] != 0){
$tmp_php = $app->db->queryOneRecord('SELECT * FROM server_php WHERE server_php_id = ?', $data['new']['server_php_id']);
if($tmp_php) {
if($data['new']['php'] === 'php-fpm') {
$custom_fastcgi_php_ini_dir = $tmp_php['php_fpm_ini_dir'];
$custom_fastcgi_php_executable = $tmp_php['php_fpm_init_script'];
} else {
$custom_fastcgi_php_ini_dir = $tmp_php['php_fastcgi_ini_dir'];
$custom_fastcgi_php_executable = $tmp_php['php_fastcgi_binary'];
}
if(is_file($custom_fastcgi_php_ini_dir)) $custom_fastcgi_php_ini_dir = dirname($custom_fastcgi_php_ini_dir);
if(substr($custom_fastcgi_php_ini_dir, -1) == '/') $custom_fastcgi_php_ini_dir = substr($custom_fastcgi_php_ini_dir, 0, -1);
}
if(trim($data['new']['custom_php_ini']) != '') {
$has_custom_php_ini = true;
if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
$php_ini_content = $this->get_master_php_ini_content($data['new']);
$php_ini_content .= str_replace("\r", '', trim($data['new']['custom_php_ini']));
if(intval($data['new']['directive_snippets_id']) > 0){
$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
$required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
if(is_array($required_php_snippets) && !empty($required_php_snippets)){
foreach($required_php_snippets as $required_php_snippet){
$required_php_snippet = intval($required_php_snippet);
if($required_php_snippet > 0){
$php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
$php_snippet['snippet'] = trim($php_snippet['snippet']);
if($php_snippet['snippet'] != ''){
$php_ini_content .= "\n".$php_snippet['snippet'];
}
}
}
}
}
}
$app->system->file_put_contents($custom_php_ini_dir.'/php.ini', $php_ini_content);
} else {
$has_custom_php_ini = false;
if(is_file($custom_php_ini_dir.'/php.ini')) $app->system->unlink($custom_php_ini_dir.'/php.ini');
}
//* Create the vhost config file
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('vhost.conf.master');
$vhost_data = $data['new'];
$vhost_data['web_document_root'] = $data['new']['document_root'].'/' . $web_folder;
$vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/' . $web_folder;
$vhost_data['web_basedir'] = $web_config['website_basedir'];
$vhost_data['security_level'] = $web_config['security_level'];
$vhost_data['allow_override'] = ($data['new']['allow_override'] == '')?'All':$data['new']['allow_override'];
$vhost_data['php_open_basedir'] = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
$vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
$vhost_data['has_custom_php_ini'] = $has_custom_php_ini;
Marius Burkard
committed
$vhost_data['custom_php_ini_dir'] = $custom_php_ini_dir;
$vhost_data['logging'] = $web_config['logging'];
Falko Timme
committed
if(intval($data['new']['directive_snippets_id']) > 0){
$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", $data['new']['directive_snippets_id']);
Falko Timme
committed
if(isset($snippet['snippet'])){
$vhost_data['apache_directives'] = $snippet['snippet'];
}
}
if(!$vhost_data['apache_directives']) {
$vhost_data['apache_directives'] = ''; // ensure it is not null
}
// Make sure we only have Unix linebreaks
$vhost_data['apache_directives'] = str_replace("\r\n", "\n", $vhost_data['apache_directives']);
$vhost_data['apache_directives'] = str_replace("\r", "\n", $vhost_data['apache_directives']);
$trans = array(
'{DOCROOT}' => $vhost_data['web_document_root_www'],
'{DOCROOT_CLIENT}' => $vhost_data['web_document_root'],
'{DOMAIN}' => $vhost_data['domain']
);
Falko Timme
committed
$vhost_data['apache_directives'] = strtr($vhost_data['apache_directives'], $trans);
// Check if a SSL cert exists
$tmp = $app->letsencrypt->get_website_certificate_paths($data);
$domain = $tmp['domain'];
$key_file = $tmp['key'];
$key_file2 = $tmp['key2'];
$csr_file = $tmp['csr'];
$crt_file = $tmp['crt'];
$bundle_file = $tmp['bundle'];
unset($tmp);
$data['new']['ssl_domain'] = $domain;
$vhost_data['ssl_domain'] = $domain;
$vhost_data['ssl_crt_file'] = $crt_file;
$vhost_data['ssl_key_file'] = $key_file;
$vhost_data['ssl_bundle_file'] = $bundle_file;
//* Generate Let's Encrypt SSL certificat
if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && $conf['mirror_server_id'] == 0 && ( // ssl and let's encrypt is active and no mirror server
($data['old']['ssl'] == 'n' || $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
|| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
|| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
|| $this->update_letsencrypt == true
)) {
$success = $app->letsencrypt->request_certificates($data);
if($success) {
/* we don't need to store it.
/* Update the DB of the (local) Server */
Marius Burkard
committed
$app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
/* Update also the master-DB of the Server-Farm */
$app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
} else {
$data['new']['ssl_letsencrypt'] = 'n';
if($data['old']['ssl'] == 'n') $data['new']['ssl'] = 'n';
/* Update the DB of the (local) Server */
$app->db->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ?", $data['new']['ssl'], 'n', $data['new']['domain']);
/* Update also the master-DB of the Server-Farm */
$app->dbmaster->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ? AND `server_id` = ?", $data['new']['ssl'], 'n', $data['new']['domain'], $conf['server_id']);
// Use separate bundle file only for apache versions < 2.4.8
if(@is_file($bundle_file) && version_compare($app->system->getapacheversion(true), '2.4.8', '<')) $vhost_data['has_bundle_cert'] = 1;
if($data['new']['seo_redirect'] != ''){
$tmp_seo_redirects = $this->get_seo_redirects($data['new']);
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
foreach($tmp_seo_redirects as $key => $val){
$vhost_data[$key] = $val;
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
$tpl->setVar($vhost_data);
$tpl->setVar('apache_version', $app->system->getapacheversion());
// Rewrite rules
$rewrite_rules = array();
$rewrite_wildcard_rules = array();
if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
if(substr($data['new']['redirect_path'], -1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $data['new']['redirect_path'])) $data['new']['redirect_path'] .= '/';
if(substr($data['new']['redirect_path'], 0, 8) == '[scheme]'){
$rewrite_target = 'http'.substr($data['new']['redirect_path'], 8);
$rewrite_target_ssl = 'https'.substr($data['new']['redirect_path'], 8);
} else {
$rewrite_target = $data['new']['redirect_path'];
$rewrite_target_ssl = $data['new']['redirect_path'];
}
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
switch($data['new']['subdomain']) {
case 'www':
$rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
$rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
break;
case '*':
$rewrite_wildcard_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
break;
default:
$rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
$server_alias = array();
// get autoalias
$auto_alias = $web_config['website_autoalias'];
if($auto_alias != '') {
// get the client username
$client = $app->db->queryOneRecord("SELECT `username` FROM `client` WHERE `client_id` = ?", $client_id);
$aa_search = array('[client_id]', '[website_id]', '[client_username]', '[website_domain]');
$aa_replace = array($client_id, $data['new']['domain_id'], $client['username'], $data['new']['domain']);
$auto_alias = str_replace($aa_search, $aa_replace, $auto_alias);
unset($client);
unset($aa_search);
unset($aa_replace);
$server_alias[] .= $auto_alias.' ';
}
// get alias domains (co-domains and subdomains)
$aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND active = 'y' AND (type != 'vhostsubdomain' AND type != 'vhostalias')", $data['new']['domain_id']);
$alias_seo_redirects = array();
switch($data['new']['subdomain']) {
$server_alias[] = 'www.'.$data['new']['domain'].' ';
$server_alias[] = '*.'.$data['new']['domain'].' ';
if(is_array($aliases)) {
foreach($aliases as $alias) {
switch($alias['subdomain']) {
case 'www':
$server_alias[] .= 'www.'.$alias['domain'].' '.$alias['domain'].' ';
break;
case '*':
$server_alias[] .= '*.'.$alias['domain'].' '.$alias['domain'].' ';
break;
default:
$server_alias[] .= $alias['domain'].' ';
break;
$app->log('Add server alias: '.$alias['domain'], LOGLEVEL_DEBUG);
// Add SEO redirects for alias domains
if($alias['seo_redirect'] != '' && $data['new']['seo_redirect'] != '*_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_to_domain_tld' && ($alias['type'] == 'alias' || ($alias['type'] == 'subdomain' && $data['new']['seo_redirect'] != '*_domain_tld_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_domain_tld_to_domain_tld'))){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects[] = $tmp_seo_redirects;
}
}
// Rewriting
if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
if(substr($alias['redirect_path'], -1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $alias['redirect_path'])) $alias['redirect_path'] .= '/';
if(substr($alias['redirect_path'], 0, 8) == '[scheme]'){
$rewrite_target = 'http'.substr($alias['redirect_path'], 8);
$rewrite_target_ssl = 'https'.substr($alias['redirect_path'], 8);
} else {
$rewrite_target = $alias['redirect_path'];
$rewrite_target_ssl = $alias['redirect_path'];
}
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
switch($alias['subdomain']) {
case 'www':
$rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
$rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
break;
case '*':
$rewrite_wildcard_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
break;
default:
if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '(^|\.)'.$this->_rewrite_quote(substr($alias['domain'], 2));
else $domain_rule = '^'.$this->_rewrite_quote($alias['domain']);
$rewrite_rules[] = array( 'rewrite_domain' => $domain_rule,
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl,
'rewrite_is_url' => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
}
}
}
//* If we have some alias records
if(count($server_alias) > 0) {
$server_alias_str = '';
$n = 0;
// begin a new ServerAlias line after 30 alias domains
foreach($server_alias as $tmp_alias) {
if($n % 30 == 0) $server_alias_str .= "\n ServerAlias ";
$server_alias_str .= $tmp_alias;
}
unset($tmp_alias);
$tpl->setVar('alias', trim($server_alias_str));
} else {
if (count($rewrite_wildcard_rules) > 0) $rewrite_rules = array_merge($rewrite_rules, $rewrite_wildcard_rules); // Append wildcard rules to the end of rules
if(count($rewrite_rules) > 0 || $vhost_data['seo_redirect_enabled'] > 0 || count($alias_seo_redirects) > 0 || $data['new']['rewrite_to_https'] == 'y') {
$tpl->setVar('rewrite_enabled', 1);
$tpl->setVar('rewrite_enabled', 0);
if($data['new']['ssl'] == 'n') {
$tpl->setVar('rewrite_to_https', 'n');
//$tpl->setLoop('redirects',$rewrite_rules);
/**
* install fast-cgi starter script and add script aliasd config
* first we create the script directory if not already created, then copy over the starter script
* settings are copied over from the server ini config for now
* TODO: Create form for fastcgi configs per site.
*/
if ($data['new']['php'] == 'fast-cgi') {
$fastcgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $fastcgi_config['fastcgi_starter_path']);
$fastcgi_starter_path = str_replace('[client_id]', $client_id, $fastcgi_starter_path);
if (!is_dir($fastcgi_starter_path)) {
$app->system->mkdirpath($fastcgi_starter_path);
$app->log('Creating fastcgi starter script directory: '.$fastcgi_starter_path, LOGLEVEL_DEBUG);
$app->system->chown($fastcgi_starter_path, $data['new']['system_user']);
$app->system->chgrp($fastcgi_starter_path, $data['new']['system_group']);
Till Brehm
committed
if($web_config['security_level'] == 10) {
$app->system->chmod($fastcgi_starter_path, 0755);
} else {
$app->system->chmod($fastcgi_starter_path, 0550);
}
$fcgi_tpl = new tpl();
$fcgi_tpl->newTemplate('php-fcgi-starter.master');
$fcgi_tpl->setVar('apache_version', $app->system->getapacheversion());
// Support for multiple PHP versions (FastCGI)
if($data['new']['server_php_id'] != 0){
$default_fastcgi_php = false;
if(substr($custom_fastcgi_php_ini_dir, -1) != '/') $custom_fastcgi_php_ini_dir .= '/';
} else {
$default_fastcgi_php = true;
}
if($has_custom_php_ini) {
Marius Burkard
committed
$fcgi_tpl->setVar('php_ini_path', $custom_php_ini_dir);
if($default_fastcgi_php){
Marius Burkard
committed
$fcgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']);
} else {
Marius Burkard
committed
$fcgi_tpl->setVar('php_ini_path', $custom_fastcgi_php_ini_dir);
Marius Burkard
committed
$fcgi_tpl->setVar('document_root', $data['new']['document_root']);
$fcgi_tpl->setVar('php_fcgi_children', $fastcgi_config['fastcgi_children']);
$fcgi_tpl->setVar('php_fcgi_max_requests', $fastcgi_config['fastcgi_max_requests']);
if($default_fastcgi_php){
Marius Burkard
committed
$fcgi_tpl->setVar('php_fcgi_bin', $fastcgi_config['fastcgi_bin']);
} else {
Marius Burkard
committed
$fcgi_tpl->setVar('php_fcgi_bin', $custom_fastcgi_php_executable);
$fcgi_tpl->setVar('security_level', intval($web_config['security_level']));
Marius Burkard
committed
$fcgi_tpl->setVar('domain', $data['new']['domain']);
$php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
Marius Burkard
committed
$fcgi_tpl->setVar('open_basedir', $php_open_basedir);
Marius Burkard
committed
$fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '');
$app->system->set_immutable($fcgi_starter_script, false);
$app->system->file_put_contents($fcgi_starter_script, $fcgi_tpl->grab());
unset($fcgi_tpl);
$app->log('Creating fastcgi starter script: '.$fcgi_starter_script, LOGLEVEL_DEBUG);
Till Brehm
committed
if($web_config['security_level'] == 10) {
$app->system->chmod($fcgi_starter_script, 0755);
} else {
$app->system->chmod($fcgi_starter_script, 0550);
}
$app->system->chown($fcgi_starter_script, $data['new']['system_user']);
$app->system->chgrp($fcgi_starter_script, $data['new']['system_group']);
$app->system->set_immutable($fcgi_starter_script, true);
$tpl->setVar('fastcgi_alias', $fastcgi_config['fastcgi_alias']);
$tpl->setVar('fastcgi_starter_path', $fastcgi_starter_path);
$tpl->setVar('fastcgi_starter_script', $fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
$tpl->setVar('fastcgi_config_syntax', $fastcgi_config['fastcgi_config_syntax']);
$tpl->setVar('fastcgi_max_requests', $fastcgi_config['fastcgi_max_requests']);
} else {
//remove the php fastgi starter script if available
Till Brehm
committed
$fastcgi_starter_script = $fastcgi_config['fastcgi_starter_script'].($data['old']['type'] == 'vhostsubdomain' ? '_web' . $data['old']['domain_id'] : '');
if ($data['old']['php'] == 'fast-cgi') {
$fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $fastcgi_config['fastcgi_starter_path']);
$fastcgi_starter_path = str_replace('[client_id]', $client_id, $fastcgi_starter_path);
$app->system->set_immutable($fastcgi_starter_path, false, true);
if($data['old']['type'] == 'vhost') {
Till Brehm
committed
if(is_file($fastcgi_starter_script)) @unlink($fastcgi_starter_script);
if (is_dir($fastcgi_starter_path)) @rmdir($fastcgi_starter_path);
Till Brehm
committed
if(is_file($fastcgi_starter_script)) @unlink($fastcgi_starter_script);
}
}
}
if($data['new']['server_php_id'] != 0){
$default_php_fpm = false;
$tmp_php = $app->db->queryOneRecord('SELECT * FROM server_php WHERE server_php_id = ?', $data['new']['server_php_id']);
if($tmp_php) {
$custom_php_fpm_ini_dir = $tmp_php['php_fpm_ini_dir'];
$custom_php_fpm_init_script = $tmp_php['php_fpm_init_script'];
$custom_php_fpm_pool_dir = $tmp_php['php_fpm_pool_dir'];
if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
}
} else {
$default_php_fpm = true;
}
if($data['old']['server_php_id'] != 0 && ($data['old']['php'] == 'php-fpm' || $data['old']['php'] == 'hhvm')){
$default_php_fpm = false;
$tmp_php = $app->db->queryOneRecord('SELECT * FROM server_php WHERE server_php_id = ?', $data['old']['server_php_id']);
if($tmp_php) {
$custom_php_fpm_ini_dir = $tmp_php['php_fpm_ini_dir'];
$custom_php_fpm_init_script = $tmp_php['php_fpm_init_script'];
$custom_php_fpm_pool_dir = $tmp_php['php_fpm_pool_dir'];
if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
}
} else {
$default_php_fpm = true;
}
Marius Burkard
committed
$pool_dir = $web_config['php_fpm_pool_dir'];
$pool_dir = $custom_php_fpm_pool_dir;
}
if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
$pool_name = 'web'.$data['new']['domain_id'];
Marius Burkard
committed
$socket_dir = $web_config['php_fpm_socket_dir'];
if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
if($data['new']['php_fpm_use_socket'] == 'y'){
$use_tcp = 0;
$use_socket = 1;
} else {
$use_tcp = 1;
$use_socket = 0;
}
$tpl->setVar('use_tcp', $use_tcp);
$tpl->setVar('use_socket', $use_socket);
$tpl->setVar('php_fpm_chroot', $data['new']['php_fpm_chroot']);
$tpl->setVar('php_fpm_chroot_web_folder', sprintf('/%s', trim($web_folder, '/')));
$fpm_socket = $socket_dir.$pool_name.'.sock';
$tpl->setVar('fpm_socket', $fpm_socket);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
/**
* install cgi starter script and add script alias to config.
* This is needed to allow cgi with suexec (to do so, we need a bin in the document-path!)
* first we create the script directory if not already created, then copy over the starter script.
* TODO: we have to fetch the data from the server-settings.
*/
if ($data['new']['php'] == 'cgi') {
//$cgi_config = $app->getconf->get_server_config($conf['server_id'], 'cgi');
$cgi_config['cgi_starter_path'] = $web_config['website_basedir'].'/php-cgi-scripts/[system_user]/';
$cgi_config['cgi_starter_script'] = 'php-cgi-starter'.(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '');
$cgi_config['cgi_bin'] = '/usr/bin/php-cgi';
$cgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $cgi_config['cgi_starter_path']);
$cgi_starter_path = str_replace('[client_id]', $client_id, $cgi_starter_path);
$app->system->mkdirpath($cgi_starter_path);
$app->system->chown($cgi_starter_path, $data['new']['system_user']);
$app->system->chgrp($cgi_starter_path, $data['new']['system_group']);
Till Brehm
committed
if($web_config['security_level'] == 10) {
$app->system->chmod($cgi_starter_path, 0755);
} else {
$app->system->chmod($cgi_starter_path, 0550);
}
$app->log('Creating cgi starter script directory: '.$cgi_starter_path, LOGLEVEL_DEBUG);
}
$cgi_tpl = new tpl();
$cgi_tpl->newTemplate('php-cgi-starter.master');
$cgi_tpl->setVar('apache_version', $app->system->getapacheversion());
// This works because PHP "rewrites" a symlink to the physical path
$php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
Marius Burkard
committed
$cgi_tpl->setVar('open_basedir', $php_open_basedir);
$cgi_tpl->setVar('document_root', $data['new']['document_root']);
// This will NOT work!
//$cgi_tpl->setVar('open_basedir', '/var/www/' . $data['new']['domain']);
$cgi_tpl->setVar('php_cgi_bin', $cgi_config['cgi_bin']);
$cgi_tpl->setVar('security_level', $web_config['security_level']);
$cgi_tpl->setVar('has_custom_php_ini', $has_custom_php_ini);
if($has_custom_php_ini) {
Marius Burkard
committed
$cgi_tpl->setVar('php_ini_path', $custom_php_ini_dir);
Marius Burkard
committed
$cgi_tpl->setVar('php_ini_path', $fastcgi_config['fastcgi_phpini_path']);
Marius Burkard
committed
$cgi_starter_script = $cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '');
$app->system->set_immutable($cgi_starter_script, false);
$app->system->file_put_contents($cgi_starter_script, $cgi_tpl->grab());
unset($cgi_tpl);
$app->log('Creating cgi starter script: '.$cgi_starter_script, LOGLEVEL_DEBUG);
Till Brehm
committed
if($web_config['security_level'] == 10) {
$app->system->chmod($cgi_starter_script, 0755);
} else {
$app->system->chmod($cgi_starter_script, 0550);
}
$app->system->chown($cgi_starter_script, $data['new']['system_user']);
$app->system->chgrp($cgi_starter_script, $data['new']['system_group']);
$app->system->set_immutable($cgi_starter_script, true);
$tpl->setVar('cgi_starter_path', $cgi_starter_path);
$tpl->setVar('cgi_starter_script', $cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
}
Marius Burkard
committed
$vhost_file = $web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost';
//* Make a backup copy of vhost file
if(file_exists($vhost_file)) $app->system->copy($vhost_file, $vhost_file.'~');
//* create empty vhost array
$vhosts = array();
//* use ip-mapping for web-mirror
if($data['new']['ip_address'] != '*' && $conf['mirror_server_id'] > 0) {
$sql = "SELECT destination_ip FROM server_ip_map WHERE server_id = ? AND source_ip = ?";
$newip = $app->db->queryOneRecord($sql, $conf['server_id'], $data['new']['ip_address']);
$data['new']['ip_address'] = $newip['destination_ip'];
unset($newip);
}
$tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80);
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
//if proxy protocol is enabled we need to add a new port to lsiten to
if($web_config['vhost_proxy_protocol_enabled'] == 'y' && $data['new']['proxy_protocol'] == 'y'){
if((int)$web_config['vhost_proxy_protocol_http_port'] > 0) {
$tmp_vhost_arr['port'] = (int)$web_config['vhost_proxy_protocol_http_port'];
$tmp_vhost_arr['use_proxy_protocol'] = $data['new']['proxy_protocol'];
//* Add vhost for ipv4 IP with SSL
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
$ipv4_ssl_alias_seo_redirects = $alias_seo_redirects;
if(is_array($ipv4_ssl_alias_seo_redirects) && !empty($ipv4_ssl_alias_seo_redirects)){
for($i=0;$i<count($ipv4_ssl_alias_seo_redirects);$i++){
$ipv4_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
}
}
if(count($ipv4_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv4_ssl_alias_seo_redirects);
//if proxy protocol is enabled we need to add a new port to lsiten to
if($web_config['vhost_proxy_protocol_enabled'] == 'y' && $data['new']['proxy_protocol'] == 'y'){
if((int)$web_config['vhost_proxy_protocol_https_port'] > 0) {
$tmp_vhost_arr['port'] = (int)$web_config['vhost_proxy_protocol_https_port'];
$tmp_vhost_arr['use_proxy_protocol'] = $data['new']['proxy_protocol'];
unset($tmp_vhost_arr, $ipv4_ssl_alias_seo_redirects);
$app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);
//* Add vhost for IPv6 IP
if($data['new']['ipv6_address'] != '') {
//* rewrite ipv6 on mirrors
/* chang $conf to $web_config */
if ($web_config['serverconfig']['web']['vhost_rewrite_v6'] == 'y') {
if (isset($web_config['serverconfig']['server']['v6_prefix']) && $web_config['serverconfig']['server']['v6_prefix'] <> '') {
$explode_v6prefix=explode(':', $web_config['serverconfig']['server']['v6_prefix']);
$explode_v6=explode(':', $data['new']['ipv6_address']);
for ( $i = 0; $i <= count($explode_v6prefix)-1; $i++ ) {
$explode_v6[$i] = $explode_v6prefix[$i];
}
$data['new']['ipv6_address'] = implode(':', $explode_v6);
if($data['new']['ipv6_address'] == '*') $data['new']['ipv6_address'] = '::';
$tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
$vhosts[] = $tmp_vhost_arr;
unset($tmp_vhost_arr);
//* Add vhost for ipv6 IP with SSL
if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');
if(count($rewrite_rules) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
$ipv6_ssl_alias_seo_redirects = $alias_seo_redirects;
if(is_array($ipv6_ssl_alias_seo_redirects) && !empty($ipv6_ssl_alias_seo_redirects)){
for($i=0;$i<count($ipv6_ssl_alias_seo_redirects);$i++){
$ipv6_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
}
}
if(count($ipv6_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv6_ssl_alias_seo_redirects);
unset($tmp_vhost_arr, $ipv6_ssl_alias_seo_redirects);
$app->log('Enable SSL for IPv6: '.$domain, LOGLEVEL_DEBUG);
$tpl->setLoop('vhosts', $vhosts);
//* Write vhost file
$app->system->file_put_contents($vhost_file, $tpl->grab());
$app->log('Writing the vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
unset($tpl);
/*
* maybe we have some webdav - user. If so, add them...
*/
$this->_patchVhostWebdav($vhost_file, $data['new']['document_root'] . '/webdav');
//* Set the symlink to enable the vhost
//* First we check if there is a old type of symlink and remove it
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost';
if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink);
//* Remove old or changed symlinks
if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') {
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost';
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost';
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
//* New symlink
if($data['new']['subdomain'] == '*') {
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost';
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost';
if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
symlink($vhost_file, $vhost_symlink);
$app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
// remove old symlink and vhost file, if domain name of the site has changed
if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost';
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost';
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
Marius Burkard
committed
$vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost';
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
Marius Burkard
committed
$vhost_file = $web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost';
$app->system->unlink($vhost_file);
$app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG);
//* Create .htaccess and .htpasswd file for website statistics
//if(!is_file($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess') or $data['old']['document_root'] != $data['new']['document_root']) {
if($data['new']['stats_type'] != '') {
if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdir($data['new']['document_root'].'/' . $web_folder . '/stats');
$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data['new']['document_root']."/web/stats/.htpasswd_stats\nrequire valid-user\nDirectoryIndex index.html index.php\nHeader unset Content-Security-Policy\n<Files \"goaindex.html\">\nAddDefaultCharset UTF-8\n</Files>\n";
$app->system->file_put_contents($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', $ht_file);
$app->system->chmod($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', 0755);
unset($ht_file);
if(!is_file($data['new']['document_root'].'/web/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
if(trim($data['new']['stats_password']) != '') {
$htp_file = 'admin:'.trim($data['new']['stats_password']);
$app->system->web_folder_protection($data['new']['document_root'], false);
$app->system->file_put_contents($data['new']['document_root'].'/web/stats/.htpasswd_stats', $htp_file);
$app->system->web_folder_protection($data['new']['document_root'], true);
$app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats', 0755);
unset($htp_file);
}
//* Create awstats configuration
if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
$this->awstats_update($data, $web_config);
//* Create GoAccess configuration
if($data['new']['stats_type'] == 'goaccess' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
$this->goaccess_update($data, $web_config);
}