diff --git a/install/tpl/apache_ispconfig.conf.master b/install/tpl/apache_ispconfig.conf.master
index cd9924a3770da2c523bb4134c7366ca34bb63583..c65d6d30da5d8455e85ae866d8254bf79c90125f 100644
--- a/install/tpl/apache_ispconfig.conf.master
+++ b/install/tpl/apache_ispconfig.conf.master
@@ -118,6 +118,8 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
Alias /awstats-icon "/usr/share/awstats/icon"
</tmpl_if>
+Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme-challenge
+
NameVirtualHost *:80
NameVirtualHost *:443
<tmpl_loop name="ip_adresses">
diff --git a/interface/acme-challenge/empty.dir b/interface/acme-challenge/empty.dir
new file mode 100644
index 0000000000000000000000000000000000000000..95ba9ef37cca69318bcba17e67cd44ae84bd41e1
--- /dev/null
+++ b/interface/acme-challenge/empty.dir
@@ -0,0 +1 @@
+This empty directory is needed by ISPConfig.
diff --git a/interface/web/sites/lib/module.conf.php b/interface/web/sites/lib/module.conf.php
index 979aa63df29ddcd7e9e741e389e3999c2bada6a0..94c5ba0593faeec34ef62e4748abaefc77bcf4eb 100644
--- a/interface/web/sites/lib/module.conf.php
+++ b/interface/web/sites/lib/module.conf.php
@@ -194,6 +194,11 @@ $items[] = array( 'title' => 'Web traffic',
'link' => 'sites/web_sites_stats.php',
'html_id' => 'websites_stats');
+$items[] = array( 'title' => 'FTP traffic',
+ 'target' => 'content',
+ 'link' => 'sites/ftp_sites_stats.php',
+ 'html_id' => 'ftpsites_stats');
+
$items[] = array( 'title' => 'Website quota (Harddisk)',
'target' => 'content',
'link' => 'sites/user_quota_stats.php',
diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master
index 97862c5b5a4ab03e108ec118ab572f090f1a50ee..0569674d7f483e2dc1113f04441c68a7994d32fa 100644
--- a/server/conf/nginx_vhost.conf.master
+++ b/server/conf/nginx_vhost.conf.master
@@ -263,6 +263,13 @@ server {
}
</tmpl_if>
+location /\.well-known/acme-challenge {
+ root /usr/local/ispconfig/interface/acme-challenge;
+ index index.html index.htm;
+ try_files $uri =404;
+}
+
+
<tmpl_loop name="basic_auth_locations">
location <tmpl_var name='htpasswd_location'> { ##merge##
auth_basic "Members Only";
@@ -293,6 +300,13 @@ server {
</tmpl_if>
server_name <tmpl_var name='rewrite_domain'>;
+
+location /\.well-known/acme-challenge {
+ root /usr/local/ispconfig/interface/acme-challenge;
+ index index.html index.htm;
+ try_files $uri =404;
+}
+
<tmpl_if name='alias_seo_redirects2'>
<tmpl_loop name="alias_seo_redirects2">
if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 76528c23284dd5441973a43d17d1291811dc1691..3a54946a5f2e488f39621dbe317c1e4c27f37540 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -1121,6 +1121,7 @@ class apache2_plugin {
|| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
|| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
|| ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
+ || ($data['old']['type'] == 'alias' || $data['new']['type'] == 'alias') // we have new or update on aliasdomain
)) {
if(substr($domain, 0, 2) === '*.') {
// wildcard domain not yet supported by letsencrypt!
@@ -1135,6 +1136,7 @@ class apache2_plugin {
$temp_domains = array();
$lddomain = $domain;
$subdomains = null;
+ $aliasdomains = null;
//* be sure to have good domain
if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
@@ -1148,6 +1150,17 @@ class apache2_plugin {
$temp_domains[] = $subdomain['domain'];
}
}
+
+ //* then, add alias domain if we have
+ $aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias'");
+ if(is_array($aliasdomains)) {
+ foreach($aliasdomains as $aliasdomain) {
+ $temp_domains[] = $aliasdomain['domain'];
+ if(isset($aliasdomain['subdomain']) && ! empty($aliasdomain['subdomain'])) {
+ $temp_domains[] = $aliasdomain['subdomain'] . "." . $aliasdomain['domain'];
+ }
+ }
+ }
// prevent duplicate
$temp_domains = array_unique($temp_domains);
@@ -1170,22 +1183,8 @@ class apache2_plugin {
if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
- if(is_dir($webroot . "/.well-known/acme-challenge/")) {
- $app->log("Remove old challenge directory", LOGLEVEL_DEBUG);
- $this->_exec("rm -rf " . $webroot . "/.well-known/acme-challenge/");
- }
-
- $app->log("Create challenge directory", LOGLEVEL_DEBUG);
- $app->system->mkdirpath($webroot . "/.well-known/");
- $app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);
- $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
- $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
- $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
- $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
- $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
- $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme-challenge");
}
};
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index d351bb27301a5bacbc116f6587e99000d024b179..e070725e8ea94821d8cefc7a90c7cc0f92ac76c2 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1238,6 +1238,7 @@ class nginx_plugin {
|| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
|| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
|| ($data['new']['type'] == 'subdomain') // we have new or update on subdomain
+ || ($data['old']['type'] == 'alias' || $data['new']['type'] == 'alias') // we have new or update on alias domain
)) {
//* be sure to have good domain
@@ -1254,6 +1255,7 @@ class nginx_plugin {
$temp_domains = array();
$lddomain = $domain;
$subdomains = null;
+ $aliasdomains = null;
//* be sure to have good domain
if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
@@ -1267,7 +1269,18 @@ class nginx_plugin {
$temp_domains[] = $subdomain['domain'];
}
}
-
+
+ //* then, add alias domain if we have
+ $aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias'");
+ if(is_array($aliasdomains)) {
+ foreach($aliasdomains as $aliasdomain) {
+ $temp_domains[] = $aliasdomain['domain'];
+ if(isset($aliasdomain['subdomain']) && ! empty($aliasdomain['subdomain'])) {
+ $temp_domains[] = $aliasdomain['subdomain'] . "." . $aliasdomain['domain'];
+ }
+ }
+ }
+
// prevent duplicate
$temp_domains = array_unique($temp_domains);
@@ -1290,31 +1303,17 @@ class nginx_plugin {
if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
- if(is_dir($webroot . "/.well-known/acme-challenge/")) {
- $app->log("Remove old challenge directory", LOGLEVEL_DEBUG);
- $this->_exec("rm -rf " . $webroot . "/.well-known/acme-challenge/");
- }
-
- $app->log("Create challenge directory", LOGLEVEL_DEBUG);
- $app->system->mkdirpath($webroot . "/.well-known/");
- $app->system->chown($webroot . "/.well-known/", $data['new']['system_user']);
- $app->system->chgrp($webroot . "/.well-known/", $data['new']['system_group']);
- $app->system->mkdirpath($webroot . "/.well-known/acme-challenge");
- $app->system->chown($webroot . "/.well-known/acme-challenge/", $data['new']['system_user']);
- $app->system->chgrp($webroot . "/.well-known/acme-challenge/", $data['new']['system_group']);
- $app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
-
if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
- $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+ $this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme-challenge");
}
};
//* check is been correctly created
if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {
- $date = date("YmdHis");
-//* TODO: check if is a symlink, if target same keep it, either remove it
+ $date = date("YmdHis");
+ //* TODO: check if is a symlink, if target same keep it, either remove it
if(is_file($key_file)) {
- $app->system->copy($key_file, $key_file.'.old'.$date);
+ $app->system->copy($key_file, $key_file.'.old.'.$date);
$app->system->chmod($key_file.'.old.'.$date, 0400);
$app->system->unlink($key_file);
}