From 99b55bfba53aa6de380c84a036b286c951533dcb Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 28 Sep 2011 10:28:29 +0000
Subject: [PATCH] - nginx: If apps vhost is reconfigured, apps pool (PHP-FPM)
 is reconfigured as well. - Installer adds Apache and nginx user to ispapps
 group. - Installer makes sure that /var/www/apps has 755 permissions.

---
 install/dist/lib/fedora.lib.php               |  4 ++++
 install/dist/lib/gentoo.lib.php               |  8 ++++++-
 install/dist/lib/opensuse.lib.php             |  4 ++++
 install/lib/installer_base.lib.php            | 10 ++++++++-
 server/conf/apps_php_fpm_pool.conf.master     | 19 ++++++++++++++++
 .../apps_vhost_plugin.inc.php                 | 22 ++++++++++++++++---
 6 files changed, 62 insertions(+), 5 deletions(-)
 create mode 100644 server/conf/apps_php_fpm_pool.conf.master

diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index e9929475c1..4093831377 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -857,6 +857,8 @@ class installer_dist extends installer_base {
 		if($conf['apache']['installed'] == true){
 			$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		if($conf['nginx']['installed'] == true){
 			$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
@@ -864,6 +866,8 @@ class installer_dist extends installer_base {
 			// Allow the ispapps vhost access to /etc/squirrelmail
 			$command = 'usermod -a -G '.$conf['apache']['group'].' ispapps';
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'usermod -a -G ispapps '.$conf['nginx']['user']';
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		
 		//* Make the shell scripts executable
diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php
index ffc919d290..d4a261d7ab 100644
--- a/install/dist/lib/gentoo.lib.php
+++ b/install/dist/lib/gentoo.lib.php
@@ -572,8 +572,10 @@ class installer extends installer_base
 			$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		
-			if (!@is_dir($install_dir)) {
+			if(!@is_dir($install_dir)){
 				mkdir($install_dir, 0755, true);
+			} else {
+				chmod($install_dir, 0755);
 			}
 			chown($install_dir, $apps_vhost_user);
 			chgrp($install_dir, $apps_vhost_group);
@@ -864,10 +866,14 @@ class installer extends installer_base
 		if($conf['apache']['installed'] == true){
 			$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		if($conf['nginx']['installed'] == true){
 			$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		
 		//* Make the shell scripts executable
diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index e29b18ca0a..fbf4c68e04 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -894,10 +894,14 @@ class installer_dist extends installer_base {
 		if($conf['apache']['installed'] == true){
 			$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		if($conf['nginx']['installed'] == true){
 			$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		
 		//* Make the shell scripts executable
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index ab1f110b98..c35b6015f3 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -1396,7 +1396,11 @@ class installer_base {
 			$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
-			if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
+			if(!@is_dir($install_dir)){
+				mkdir($install_dir, 0755, true);
+			} else {
+				chmod($install_dir, 0755);
+			}
 			chown($install_dir, $apps_vhost_user);
 			chgrp($install_dir, $apps_vhost_group);
 
@@ -1744,10 +1748,14 @@ class installer_base {
 		if($conf['apache']['installed'] == true){
 			$command = 'adduser '.$conf['apache']['user'].' ispconfig';
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'adduser '.$conf['apache']['user'].' ispapps';
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 		if($conf['nginx']['installed'] == true){
 			$command = 'adduser '.$conf['nginx']['user'].' ispconfig';
 			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+			$command = 'adduser '.$conf['nginx']['user'].' ispapps';
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		}
 
 		//* Make the shell scripts executable
diff --git a/server/conf/apps_php_fpm_pool.conf.master b/server/conf/apps_php_fpm_pool.conf.master
new file mode 100644
index 0000000000..adda0b587c
--- /dev/null
+++ b/server/conf/apps_php_fpm_pool.conf.master
@@ -0,0 +1,19 @@
+[{fpm_pool}]
+
+listen = {fpm_socket}
+listen.owner = {fpm_user}
+listen.group = {fpm_group}
+listen.mode = 0660
+
+user = {fpm_user}
+group = {fpm_group}
+
+pm = dynamic
+pm.max_children = 50
+pm.start_servers = 20
+pm.min_spare_servers = 5
+pm.max_spare_servers = 35
+
+chdir = /
+
+php_admin_flag[magic_quotes_gpc] = off
\ No newline at end of file
diff --git a/server/plugins-available/apps_vhost_plugin.inc.php b/server/plugins-available/apps_vhost_plugin.inc.php
index 5e942b241f..d89a61c672 100644
--- a/server/plugins-available/apps_vhost_plugin.inc.php
+++ b/server/plugins-available/apps_vhost_plugin.inc.php
@@ -99,6 +99,9 @@ class apps_vhost_plugin {
 			} else {
 				$content = str_replace('{vhost_port_listen}', '', $content);
 			}
+			
+			file_put_contents("$vhost_conf_dir/apps.vhost", $content);
+			$app->services->restartServiceDelayed('httpd','restart');
 		}
 		
 		if($web_config['server_type'] == 'nginx'){
@@ -108,6 +111,9 @@ class apps_vhost_plugin {
 			$vhost_conf_dir = $web_config['nginx_vhost_conf_dir'];
 			$vhost_conf_enabled_dir = $web_config['nginx_vhost_conf_enabled_dir'];
 			$apps_vhost_servername = ($web_config['apps_vhost_servername'] == '')?'_':$web_config['apps_vhost_servername'];
+			
+			$apps_vhost_user = 'ispapps';
+			$apps_vhost_group = 'ispapps';
 		
 			$web_config['apps_vhost_port'] = (empty($web_config['apps_vhost_port']))?8081:$web_config['apps_vhost_port'];
 			$web_config['apps_vhost_ip'] = (empty($web_config['apps_vhost_ip']))?'_default_':$web_config['apps_vhost_ip'];
@@ -129,10 +135,20 @@ class apps_vhost_plugin {
 			$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
 			//$content = str_replace('{fpm_port}', $web_config['php_fpm_start_port']+1, $content);
 			$content = str_replace('{fpm_socket}', $fpm_socket, $content);
+			
+			// PHP-FPM
+			// Dont just copy over the php-fpm pool template but add some custom settings
+			$fpm_content = file_get_contents($conf["rootpath"]."/conf/apps_php_fpm_pool.conf.master");
+			$fpm_content = str_replace('{fpm_pool}', 'apps', $fpm_content);
+			//$fpm_content = str_replace('{fpm_port}', $web_config['php_fpm_start_port']+1, $fpm_content);
+			$fpm_content = str_replace('{fpm_socket}', $fpm_socket, $fpm_content);
+			$fpm_content = str_replace('{fpm_user}', $apps_vhost_user, $fpm_content);
+			$fpm_content = str_replace('{fpm_group}', $apps_vhost_group, $fpm_content);
+			file_put_contents($web_config['php_fpm_pool_dir'].'/apps.conf', $fpm_content);
+			
+			file_put_contents("$vhost_conf_dir/apps.vhost", $content);
+			$app->services->restartServiceDelayed('httpd','reload');
 		}
-		
-		file_put_contents("$vhost_conf_dir/apps.vhost", $content);
-		$app->services->restartServiceDelayed('httpd','restart');
 	}
 	
 
-- 
GitLab