Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
ISPConfig 3
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
isp
ISPConfig 3
Commits
89ba0d1b
Commit
89ba0d1b
authored
Jan 28, 2018
by
Jozef Sroka
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
php-fpm chroot support
parent
87b3ba14
Changes
8
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
57 additions
and
1 deletion
+57
-1
install/sql/incremental/upd_dev_collection.sql
install/sql/incremental/upd_dev_collection.sql
+1
-0
install/sql/ispconfig3.sql
install/sql/ispconfig3.sql
+1
-0
interface/web/sites/form/web_vhost_domain.tform.php
interface/web/sites/form/web_vhost_domain.tform.php
+6
-0
interface/web/sites/lib/lang/en_web_vhost_domain.lng
interface/web/sites/lib/lang/en_web_vhost_domain.lng
+1
-0
interface/web/sites/templates/web_vhost_domain_advanced.htm
interface/web/sites/templates/web_vhost_domain_advanced.htm
+6
-0
server/conf/nginx_vhost.conf.master
server/conf/nginx_vhost.conf.master
+4
-0
server/conf/php_fpm_pool.conf.master
server/conf/php_fpm_pool.conf.master
+18
-0
server/plugins-available/nginx_plugin.inc.php
server/plugins-available/nginx_plugin.inc.php
+20
-1
No files found.
install/sql/incremental/upd_dev_collection.sql
View file @
89ba0d1b
ALTER
TABLE
`web_domain`
ADD
COLUMN
`ssl_letsencrypt_exclude`
enum
(
'n'
,
'y'
)
NOT
NULL
DEFAULT
'n'
AFTER
`ssl_letsencrypt`
;
ALTER
TABLE
`remote_user`
ADD
`remote_access`
ENUM
(
'y'
,
'n'
)
NOT
NULL
DEFAULT
'y'
AFTER
`remote_password`
;
ALTER
TABLE
`remote_user`
ADD
`remote_ips`
TEXT
AFTER
`remote_access`
;
ALTER
TABLE
`web_domain`
ADD
`php_fpm_chroot`
enum
(
'n'
,
'y'
)
NOT
NULL
DEFAULT
'n'
AFTER
`php_fpm_use_socket`
;
install/sql/ispconfig3.sql
View file @
89ba0d1b
...
...
@@ -1963,6 +1963,7 @@ CREATE TABLE `web_domain` (
`apache_directives`
mediumtext
,
`nginx_directives`
mediumtext
,
`php_fpm_use_socket`
ENUM
(
'n'
,
'y'
)
NOT
NULL
DEFAULT
'y'
,
`php_fpm_chroot`
ENUM
(
'n'
,
'y'
)
NOT
NULL
DEFAULT
'n'
,
`pm`
enum
(
'static'
,
'dynamic'
,
'ondemand'
)
NOT
NULL
DEFAULT
'dynamic'
,
`pm_max_children`
int
(
11
)
NOT
NULL
DEFAULT
'10'
,
`pm_start_servers`
int
(
11
)
NOT
NULL
DEFAULT
'2'
,
...
...
interface/web/sites/form/web_vhost_domain.tform.php
View file @
89ba0d1b
...
...
@@ -766,6 +766,12 @@ if($_SESSION["s"]["user"]["typ"] == 'admin'
'default'
=>
'n'
,
'value'
=>
array
(
0
=>
'n'
,
1
=>
'y'
)
),
'php_fpm_chroot'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'CHECKBOX'
,
'default'
=>
'n'
,
'value'
=>
array
(
0
=>
'n'
,
1
=>
'y'
)
),
'pm'
=>
array
(
'datatype'
=>
'VARCHAR'
,
'formtype'
=>
'SELECT'
,
...
...
interface/web/sites/lib/lang/en_web_vhost_domain.lng
View file @
89ba0d1b
...
...
@@ -29,6 +29,7 @@ $wb['vhost_type_txt'] = 'VHost Type';
$wb
[
'hd_quota_txt'
]
=
'Harddisk Quota'
;
$wb
[
'traffic_quota_txt'
]
=
'Traffic Quota'
;
$wb
[
'cgi_txt'
]
=
'CGI'
;
$wb
[
'php_fpm_chroot_txt'
]
=
'PHP-FPM Chroot'
;
$wb
[
'ssi_txt'
]
=
'SSI'
;
$wb
[
'errordocs_txt'
]
=
'Own Error-Documents'
;
$wb
[
'subdomain_txt'
]
=
'Auto-Subdomain'
;
...
...
interface/web/sites/templates/web_vhost_domain_advanced.htm
View file @
89ba0d1b
...
...
@@ -57,6 +57,12 @@
{tmpl_var name='php_fpm_use_socket'}
</div>
</div>
<div
class=
"form-group nginx"
>
<label
class=
"col-sm-3 control-label"
>
{tmpl_var name='php_fpm_chroot_txt'}
</label>
<div
class=
"col-sm-9"
>
{tmpl_var name='php_fpm_chroot'}
</div>
</div>
<div
class=
"form-group"
>
<label
for=
"pm"
class=
"col-sm-3 control-label"
>
{tmpl_var name='pm_txt'}
</label>
<div
class=
"col-sm-9"
><select
name=
"pm"
id=
"pm"
class=
"form-control"
>
...
...
server/conf/nginx_vhost.conf.master
View file @
89ba0d1b
...
...
@@ -167,7 +167,11 @@ server {
fastcgi_pass unix:<tmpl_var name='fpm_socket'>;
</tmpl_if>
fastcgi_index index.php;
<tmpl_if name='php_fpm_chroot'>
fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name;
</tmpl_else>
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
</tmpl_if>
#fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_intercept_errors on;
}
...
...
server/conf/php_fpm_pool.conf.master
View file @
89ba0d1b
...
...
@@ -26,20 +26,38 @@ pm.process_idle_timeout = <tmpl_var name='pm_process_idle_timeout'>s;
</tmpl_if>
pm.max_requests = <tmpl_var name='pm_max_requests'>
<tmpl_if name='php_fpm_chroot'>
prefix = <tmpl_var name='document_root'>
chroot = $prefix
</tmpl_if>
chdir = /
env[HOSTNAME] = $HOSTNAME
<tmpl_if name='php_fpm_chroot'>
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
</tmpl_else>
env[TMP] = <tmpl_var name='document_root'>/tmp
env[TMPDIR] = <tmpl_var name='document_root'>/tmp
env[TEMP] = <tmpl_var name='document_root'>/tmp
</tmpl_if>
env[PATH] = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
<tmpl_if name='security_level' op='==' value='20'>
<tmpl_var name='enable_php_open_basedir'>php_admin_value[open_basedir] = <tmpl_var name='php_open_basedir'>
<tmpl_if name='custom_session_save_path' op='!=' value='y'>
<tmpl_if name='php_fpm_chroot'>
php_admin_value[session.save_path] = /tmp
</tmpl_else>
php_admin_value[session.save_path] = <tmpl_var name='document_root'>/tmp
</tmpl_if>
</tmpl_if>
<tmpl_if name='php_fpm_chroot'>
php_admin_value[upload_tmp_dir] = /tmp
</tmpl_else>
php_admin_value[upload_tmp_dir] = <tmpl_var name='document_root'>/tmp
</tmpl_if>
php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f webmaster@<tmpl_var name='domain'>"
</tmpl_if>
...
...
server/plugins-available/nginx_plugin.inc.php
View file @
89ba0d1b
...
...
@@ -1024,6 +1024,11 @@ class nginx_plugin {
$socket_dir
=
escapeshellcmd
(
$web_config
[
'php_fpm_socket_dir'
]);
if
(
substr
(
$socket_dir
,
-
1
)
!=
'/'
)
$socket_dir
.
=
'/'
;
if
(
$data
[
'new'
][
'php_fpm_chroot'
]
==
'y'
){
$php_fpm_chroot
=
1
;
}
else
{
$php_fpm_chroot
=
0
;
}
if
(
$data
[
'new'
][
'php_fpm_use_socket'
]
==
'y'
){
$use_tcp
=
0
;
$use_socket
=
1
;
...
...
@@ -1033,6 +1038,7 @@ class nginx_plugin {
}
$tpl
->
setVar
(
'use_tcp'
,
$use_tcp
);
$tpl
->
setVar
(
'use_socket'
,
$use_socket
);
$tpl
->
setVar
(
'php_fpm_chroot'
,
$php_fpm_chroot
);
$fpm_socket
=
$socket_dir
.
$pool_name
.
'.sock'
;
$tpl
->
setVar
(
'fpm_socket'
,
$fpm_socket
);
$tpl
->
setVar
(
'rnd_php_dummy_file'
,
'/'
.
md5
(
uniqid
(
microtime
(),
1
))
.
'.htm'
);
...
...
@@ -2653,6 +2659,11 @@ class nginx_plugin {
$tpl
=
new
tpl
();
$tpl
->
newTemplate
(
'php_fpm_pool.conf.master'
);
if
(
$data
[
'new'
][
'php_fpm_chroot'
]
==
'y'
){
$php_fpm_chroot
=
1
;
}
else
{
$php_fpm_chroot
=
0
;
}
if
(
$data
[
'new'
][
'php_fpm_use_socket'
]
==
'y'
){
$use_tcp
=
0
;
$use_socket
=
1
;
...
...
@@ -2663,6 +2674,7 @@ class nginx_plugin {
}
$tpl
->
setVar
(
'use_tcp'
,
$use_tcp
);
$tpl
->
setVar
(
'use_socket'
,
$use_socket
);
$tpl
->
setVar
(
'php_fpm_chroot'
,
$php_fpm_chroot
);
$fpm_socket
=
$socket_dir
.
$pool_name
.
'.sock'
;
$tpl
->
setVar
(
'fpm_socket'
,
$fpm_socket
);
...
...
@@ -2702,7 +2714,14 @@ class nginx_plugin {
$tpl
->
setVar
(
'security_level'
,
$web_config
[
'security_level'
]);
$tpl
->
setVar
(
'domain'
,
$data
[
'new'
][
'domain'
]);
$php_open_basedir
=
(
$data
[
'new'
][
'php_open_basedir'
]
==
''
)
?
escapeshellcmd
(
$data
[
'new'
][
'document_root'
])
:
escapeshellcmd
(
$data
[
'new'
][
'php_open_basedir'
]);
$tpl
->
setVar
(
'php_open_basedir'
,
$php_open_basedir
);
if
(
$php_fpm_chroot
){
$document_root
=
$data
[
'new'
][
'document_root'
];
$domain
=
$data
[
'new'
][
'domain'
];
$php_open_basedir
=
str_replace
(
":/srv/www/
$domain
/web"
,
''
,
$php_open_basedir
);
$php_open_basedir
=
str_replace
(
":/var/www/
$domain
/web"
,
''
,
$php_open_basedir
);
$php_open_basedir
=
str_replace
(
"
$document_root
"
,
''
,
$php_open_basedir
);
}
$tpl
->
setVar
(
'php_open_basedir'
,
$php_open_basedir
);
if
(
$php_open_basedir
!=
''
){
$tpl
->
setVar
(
'enable_php_open_basedir'
,
''
);
}
else
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment