diff --git a/install/sql/incremental/upd_0022.sql b/install/sql/incremental/upd_0022.sql new file mode 100644 index 0000000000000000000000000000000000000000..e6ea92224503d4a30ccced7b3588d486e532d8be --- /dev/null +++ b/install/sql/incremental/upd_0022.sql @@ -0,0 +1 @@ +ALTER TABLE `web_domain` ADD `ipv6_address` VARCHAR( 255 ) default NULL AFTER `ip_address`; \ No newline at end of file diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 0a9d8d99dd6c714d75af0c1450267d8cd92648e0..d6f645e7f441a5fb721b94f8dc6609f36856141f 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -1474,6 +1474,7 @@ CREATE TABLE `web_domain` ( `sys_perm_other` varchar(5) default NULL, `server_id` int(11) unsigned NOT NULL default '0', `ip_address` varchar(39) default NULL, + `ipv6_address` VARCHAR( 255 ) default NULL `domain` varchar(255) default NULL, `type` varchar(32) default NULL, `parent_domain_id` int(11) unsigned NOT NULL default '0', diff --git a/interface/web/sites/ajax_get_ip.php b/interface/web/sites/ajax_get_ip.php index 0d3227bee3a7ef4cf914b4310899aa17151972b5..62d62e8678d613fd098f19b310b41dc318a59e55 100644 --- a/interface/web/sites/ajax_get_ip.php +++ b/interface/web/sites/ajax_get_ip.php @@ -35,10 +35,12 @@ require_once('../../lib/app.inc.php'); $app->auth->check_module_permissions('sites'); $server_id = intval($_GET["server_id"]); +$client_group_id = intval($_GET["client_group_id"]); +$ip_type = $app->db->quote($_GET['ip_type']); if($_SESSION["s"]["user"]["typ"] == 'admin') { - $sql = "SELECT ip_address FROM server_ip WHERE server_id = $server_id"; + $sql = "SELECT ip_address FROM server_ip WHERE ip_type = '$ip_type' AND server_id = $server_id"; $ips = $app->db->queryAllRecords($sql); // $ip_select = ""; $ip_select = "*"; diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php index 5e3a87355260e0d610591cb88ca06d0aced4e272..b5032e0fc749362acea8ebda96ab72bd7df8bd22 100644 --- a/interface/web/sites/form/web_domain.tform.php +++ b/interface/web/sites/form/web_domain.tform.php @@ -82,11 +82,22 @@ $form["tabs"]['domain'] = array ( 'datatype' => 'VARCHAR', 'formtype' => 'SELECT', 'default' => '', - 'datasource' => array ( 'type' => 'SQL', - 'querystring' => 'SELECT ip_address,ip_address FROM server_ip WHERE {AUTHSQL} ORDER BY ip_address', + /*'datasource' => array ( 'type' => 'SQL', + 'querystring' => "SELECT ip_address,ip_address FROM server_ip WHERE ip_type = 'IPv4' AND {AUTHSQL} ORDER BY ip_address", 'keyfield'=> 'ip_address', 'valuefield'=> 'ip_address' - ), + ),*/ + 'value' => '' + ), + 'ipv6_address' => array ( + 'datatype' => 'VARCHAR', + 'formtype' => 'SELECT', + 'default' => '', + /*'datasource' => array ( 'type' => 'SQL', + 'querystring' => "SELECT ip_address,ip_address FROM server_ip WHERE ip_type = 'IPv6' AND {AUTHSQL} ORDER BY ip_address", + 'keyfield'=> 'ip_address', + 'valuefield'=> 'ip_address' + ),*/ 'value' => '' ), 'domain' => array ( diff --git a/interface/web/sites/lib/lang/en_web_domain.lng b/interface/web/sites/lib/lang/en_web_domain.lng index 9bc71ad45d8bfc73f9ae3e90bec00d7201bfa3da..40e1fad27c487949f579166e746c769b965655cb 100644 --- a/interface/web/sites/lib/lang/en_web_domain.lng +++ b/interface/web/sites/lib/lang/en_web_domain.lng @@ -21,7 +21,8 @@ $wb["active_txt"] = 'Active'; $wb["document_root_txt"] = 'Documentroot'; $wb["system_user_txt"] = 'Linux User'; $wb["system_group_txt"] = 'Linux Group'; -$wb["ip_address_txt"] = 'IP-Address'; +$wb["ip_address_txt"] = 'IPv4-Address'; +$wb["ipv6_address_txt"] = 'IPv6-Address'; $wb["vhost_type_txt"] = 'VHost Type'; $wb["hd_quota_txt"] = 'Harddisk Quota'; $wb["traffic_quota_txt"] = 'Traffic Quota'; diff --git a/interface/web/sites/templates/web_domain_edit.htm b/interface/web/sites/templates/web_domain_edit.htm index 9e2a6b5d0eb8cdadf6517734cf883dc6356248d1..f8c51740ad05c391266ce3f31bf5cd8a3f200bb2 100644 --- a/interface/web/sites/templates/web_domain_edit.htm +++ b/interface/web/sites/templates/web_domain_edit.htm @@ -15,14 +15,14 @@ - {tmpl_var name='server_id'}
- {tmpl_var name='client_group_id'}
@@ -30,7 +30,7 @@
- {tmpl_var name='client_group_id'}
@@ -40,6 +40,12 @@ + +
+ +
@@ -158,5 +164,10 @@ } }); } + + function reloadWebIP() { + loadOptionInto('ip_address','sites/ajax_get_ip.php?ip_type=IPv4&server_id='+document.getElementById('server_id').value)&client_group_id='+document.getElementById('client_group_id').value); + loadOptionInto('ipv6_address','sites/ajax_get_ip.php?ip_type=IPv6&server_id='+document.getElementById('server_id').value)&client_group_id='+document.getElementById('client_group_id').value); + } diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php index b552a6430939b29074e7d0556cae19d3a722d6b6..ee865c59b0f59f36faa01615cf1384c5f76d1759 100644 --- a/interface/web/sites/web_domain_edit.php +++ b/interface/web/sites/web_domain_edit.php @@ -94,8 +94,8 @@ class page_action extends tform_actions { $app->tpl->setVar("server_id",""); unset($tmp); - // Fill the IP select field with the IP addresses that are allowed for this client - $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND client_id=0 OR client_id=".$_SESSION['s']['user']['client_id']; + //* Fill the IPv4 select field with the IP addresses that are allowed for this client + $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")"; $ips = $app->db->queryAllRecords($sql); $ip_select = ""; //$ip_select = ""; @@ -108,6 +108,21 @@ class page_action extends tform_actions { $app->tpl->setVar("ip_address",$ip_select); unset($tmp); unset($ips); + + //* Fill the IPv6 select field with the IP addresses that are allowed for this client + $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")"; + $ips = $app->db->queryAllRecords($sql); + $ip_select = ""; + //$ip_select = ""; + if(is_array($ips)) { + foreach( $ips as $ip) { + $selected = ($ip["ip_address"] == $this->dataRecord["ipv6_address"])?'SELECTED':''; + $ip_select .= "\r\n"; + } + } + $app->tpl->setVar("ipv6_address",$ip_select); + unset($tmp); + unset($ips); //* Reseller: If the logged in user is not admin and has sub clients (is a reseller) } elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { @@ -135,8 +150,8 @@ class page_action extends tform_actions { } $app->tpl->setVar("client_group_id",$client_select); - // Fill the IP select field with the IP addresses that are allowed for this client - $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND client_id=0 OR client_id=".$_SESSION['s']['user']['client_id']; + //* Fill the IPv4 select field with the IP addresses that are allowed for this client + $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")"; $ips = $app->db->queryAllRecords($sql); $ip_select = ""; //$ip_select = ""; @@ -149,6 +164,21 @@ class page_action extends tform_actions { $app->tpl->setVar("ip_address",$ip_select); unset($tmp); unset($ips); + + //* Fill the IPv6 select field with the IP addresses that are allowed for this client + $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$client['default_webserver']." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")"; + $ips = $app->db->queryAllRecords($sql); + $ip_select = ""; + //$ip_select = ""; + if(is_array($ips)) { + foreach( $ips as $ip) { + $selected = ($ip["ip_address"] == $this->dataRecord["ipv6_address"])?'SELECTED':''; + $ip_select .= "\r\n"; + } + } + $app->tpl->setVar("ipv6_address",$ip_select); + unset($tmp); + unset($ips); //* Admin: If the logged in user is admin } else { @@ -161,8 +191,9 @@ class page_action extends tform_actions { $tmp = $app->db->queryOneRecord("SELECT server_id FROM server WHERE web_server = 1 ORDER BY server_name LIMIT 0,1"); $server_id = $tmp['server_id']; } - - $sql = "SELECT ip_address FROM server_ip WHERE server_id = $server_id"; + + //* Fill the IPv4 select field + $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv4' AND server_id = $server_id"; $ips = $app->db->queryAllRecords($sql); $ip_select = ""; //$ip_select = ""; @@ -175,6 +206,21 @@ class page_action extends tform_actions { $app->tpl->setVar("ip_address",$ip_select); unset($tmp); unset($ips); + + //* Fill the IPv6 select field + $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND server_id = $server_id"; + $ips = $app->db->queryAllRecords($sql); + $ip_select = ""; + //$ip_select = ""; + if(is_array($ips)) { + foreach( $ips as $ip) { + $selected = ($ip["ip_address"] == $this->dataRecord["ipv6_address"])?'SELECTED':''; + $ip_select .= "\r\n"; + } + } + $app->tpl->setVar("ipv6_address",$ip_select); + unset($tmp); + unset($ips); // Fill the client select field $sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0 ORDER BY name"; diff --git a/server/conf/nginx_reverseproxy_rewrites.conf.master b/server/conf/nginx_reverseproxy_rewrites.conf.master deleted file mode 100644 index c9080a7e30aaadce04eefa7372e1bc7e79447de1..0000000000000000000000000000000000000000 --- a/server/conf/nginx_reverseproxy_rewrites.conf.master +++ /dev/null @@ -1,9 +0,0 @@ -server { - listen 80 default_server; - listen 443 default_server; - server_name _; - include /etc/nginx/proxy.conf; - - rewrite ^{tmpl_var name="rewrite_url_src"} {tmpl_var name="rewrite_url_dst"}; - -} diff --git a/server/conf/nginx_reverseproxy_vhost.conf.master b/server/conf/nginx_reverseproxy_vhost.conf.master deleted file mode 100644 index 40df895090e7c53cfc80b7c2ac195aa3571bafdf..0000000000000000000000000000000000000000 --- a/server/conf/nginx_reverseproxy_vhost.conf.master +++ /dev/null @@ -1,69 +0,0 @@ -server { - listen 80; - server_name ; - - access_log /var/log/ispconfig/nginx//access.log; - error_log /var/log/ispconfig/nginx//error.log; - - include /etc/nginx/proxy.conf; - - location / { - proxy_pass http://:80; - } - - location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { - # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header, - # whether logged in or not (may be too heavy-handed). - proxy_cache_valid 200 120m; - expires 864000; - proxy_pass http://:80; - } - - - - - - - -} - - - -########################################################### -# SSL Vhost -########################################################### -server { - listen 443; - server_name ; - - access_log /var/log/ispconfig/nginx//access.log - error_log /var/log/ispconfig/nginx//error.log - - ### SSL cert files ### - ssl_certificate /ssl/.crt - ssl_certificate_key /ssl/.crt - - - ssl_client_certificate /ssl/.bundle - - - ### Add SSL specific settings here ### - keepalive_timeout 60; - - ### Limiting Ciphers ######################## - # Uncomment as per your setup - #ssl_ciphers HIGH:!ADH; - #ssl_perfer_server_ciphers on; - #ssl_protocols SSLv3; - ############################################## - - include /etc/nginx/proxy.conf; - - ### Most PHP, Python, Rails, Java App can use this header ### - proxy_set_header X-Forwarded-Proto https; - - location / { - proxy_pass https://:443; - } -} - diff --git a/server/conf/ufw.before.rules.master b/server/conf/ufw.before.rules.master deleted file mode 100644 index 613e5250d8fc2d8a1f42a1c271465366bde25abd..0000000000000000000000000000000000000000 --- a/server/conf/ufw.before.rules.master +++ /dev/null @@ -1,78 +0,0 @@ -# -# rules.before -# -# Rules that should be run before the ufw command line added rules. Custom -# rules should be added to one of these chains: -# ufw-before-input -# ufw-before-output -# ufw-before-forward -# - -# Don't delete these required lines, otherwise there will be errors -*filter -:ufw-before-input - [0:0] -:ufw-before-output - [0:0] -:ufw-before-forward - [0:0] -:ufw-not-local - [0:0] -# End required lines - - -# allow all on loopback --A ufw-before-input -i lo -j ACCEPT --A ufw-before-output -o lo -j ACCEPT - -# connection tracking rules --A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT - -# drop INVALID packets (logs these in loglevel medium and higher) --A ufw-before-input -m state --state INVALID -j ufw-logging-deny --A ufw-before-input -m state --state INVALID -j DROP - -# connection tracking for outbound --A ufw-before-output -p tcp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT --A ufw-before-output -p udp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT - -# ok icmp codes --A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT --A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT --A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT --A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT --A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT - -# allow dhcp client to work --A ufw-before-input -p udp --sport 67 --dport 68 -j ACCEPT - -# -# ufw-not-local -# --A ufw-before-input -j ufw-not-local - -# if LOCAL, RETURN --A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN - -# if MULTICAST, RETURN --A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN - -# if BROADCAST, RETURN --A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN - -# all other non-local packets are dropped --A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny --A ufw-not-local -j DROP - -# allow MULTICAST, be sure the MULTICAST line above is uncommented --A ufw-before-input -s 224.0.0.0/4 -j ACCEPT --A ufw-before-input -d 224.0.0.0/4 -j ACCEPT - -COMMIT - -# nat Table rules -*nat -:POSTROUTING ACCEPT [0:0] - --A POSTROUTING -s 192.168.5.2/24 -o eth0 -j SNAT --to 192.168.5.105 - --A PREROUTING -p tcp -d 192.168.5.105 --dport 80 -i eth0 -j DNAT --to-destination 192.168.5.200:80 - -# don't delete the 'COMMIT' line or these rules won't be processed -COMMIT diff --git a/server/conf/ufw.conf.master b/server/conf/ufw.conf.master deleted file mode 100644 index a3710d7bf37cfd6fe70d2727ad43409c72fd3f5c..0000000000000000000000000000000000000000 --- a/server/conf/ufw.conf.master +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/ufw/ufw.conf -# - -# set to yes to start on boot -ENABLED={tmpl_var name='enable'} - -# set to one of 'off', 'low', 'medium', 'high' -LOGLEVEL={tmpl_var name='log_level'} diff --git a/server/conf/ufw.default.master b/server/conf/ufw.default.master deleted file mode 100644 index 2deb421ac397837baf706c6c63f4b29a1edbbd4f..0000000000000000000000000000000000000000 --- a/server/conf/ufw.default.master +++ /dev/null @@ -1,39 +0,0 @@ -# /etc/default/ufw -# - -# set to yes to apply rules to support IPv6 (no means only IPv6 on loopback -# accepted). You will need to 'disable' and then 'enable' the firewall for -# the changes to take affect. -IPV6={tmpl_var name='ipv6'} - -# set the default input policy to ACCEPT, DROP or REJECT. Please note that if -# you change this you will most likely want to adjust your rules -DEFAULT_INPUT_POLICY="{tmpl_var name='default_input_policy'}" - -# set the default output policy to ACCEPT, DROP, or REJECT. Please note that -# if you change this you will most likely want to adjust your rules -DEFAULT_OUTPUT_POLICY="{tmpl_var name='default_output_policy'}T" - -# set the default forward policy to ACCEPT, DROP or REJECT. Please note that -# if you change this you will most likely want to adjust your rules -DEFAULT_FORWARD_POLICY="{tmpl_var name='default_forward_policy'}" - -# set the default application policy to ACCEPT, DROP, REJECT or SKIP. Please -# note that setting this to ACCEPT may be a security risk. See 'man ufw' for -# details -DEFAULT_APPLICATION_POLICY="{tmpl_var name='default_application_policy'}" - -# By default, ufw only touches its own chains. Set this to 'yes' to have ufw -# manage the built-in chains too. Warning: setting this to 'yes' will break -# non-ufw managed firewall rules -MANAGE_BUILTINS={tmpl_var name='manage_builtins'} - -# -# IPT backend -# -# only enable if using iptables backend -IPT_SYSCTL=/etc/ufw/sysctl.conf - -# extra connection tracking modules to load -IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_irc nf_nat_irc" - diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master index e1d59d4a93e3a975a58c48fd842f17de7a00eb38..ad722c56f7952cc3d917a274659dd7600226aff4 100644 --- a/server/conf/vhost.conf.master +++ b/server/conf/vhost.conf.master @@ -5,7 +5,8 @@ Deny from all -:80> + + DocumentRoot @@ -34,7 +35,17 @@ ErrorDocument 500 /error/500.html ErrorDocument 503 /error/503.html - + + + + SSLEngine on + SSLCertificateFile /ssl/.crt + SSLCertificateKeyFile /ssl/.key + + + SSLCACertificateFile /ssl/.bundle + + Options FollowSymLinks AllowOverride @@ -225,228 +236,4 @@ - - - - - -########################################################### -# SSL Vhost -########################################################### - -:443> - - DocumentRoot - - - DocumentRoot - - DocumentRoot - - - - ServerName - - - - ServerAdmin webmaster@ - - ErrorLog /var/log/ispconfig/httpd//error.log - - - ErrorDocument 400 /error/400.html - ErrorDocument 401 /error/401.html - ErrorDocument 403 /error/403.html - ErrorDocument 404 /error/404.html - ErrorDocument 405 /error/405.html - ErrorDocument 500 /error/500.html - ErrorDocument 503 /error/503.html - - - SSLEngine on - SSLCertificateFile /ssl/.crt - SSLCertificateKeyFile /ssl/.key - - SSLCACertificateFile /ssl/.bundle - - - - Options FollowSymLinks - AllowOverride - Order allow,deny - Allow from all - - - # ssi enabled - AddType text/html .shtml - AddOutputFilter INCLUDES .shtml - Options +Includes - - - - Order allow,deny - Deny from all - Allow from none - - - - - Options FollowSymLinks - AllowOverride - Order allow,deny - Allow from all - - - # ssi enabled - AddType text/html .shtml - AddOutputFilter INCLUDES .shtml - Options +Includes - - - - Order allow,deny - Deny from all - Allow from none - - - - - - # cgi enabled - - Order allow,deny - Allow from all - - ScriptAlias /cgi-bin/ /cgi-bin/ - AddHandler cgi-script .cgi - AddHandler cgi-script .pl - - - # ssi enabled - AddType text/html .shtml - AddOutputFilter INCLUDES .shtml - - - # suexec enabled - SuexecUserGroup - -# Clear PHP settings of this website - - SetHandler None - - - # mod_php enabled - AddType application/x-httpd-php .php .php3 .php4 .php5 - php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@" - php_admin_value upload_tmp_dir /tmp - php_admin_value session.save_path /tmp - # PHPIniDir - - php_admin_value open_basedir - - - - # suphp enabled - - - suPHP_Engine on - # suPHP_UserGroup - - suPHP_ConfigPath - - AddHandler x-httpd-suphp .php .php3 .php4 .php5 - suPHP_AddHandler x-httpd-suphp - - - - - # php as cgi enabled - ScriptAlias /php5-cgi - Action php5-cgi /php5-cgi - AddHandler php5-cgi .php .php3 .php4 .php5 - - Order allow,deny - Allow from all - - - - # php as fast-cgi enabled - # See: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html - - - FcgidIdleTimeout 300 - FcgidProcessLifeTime 3600 - FcgidMaxProcesses 1000 - FcgidMinProcessesPerClass 0 - FcgidMaxProcessesPerClass 100 - FcgidConnectTimeout 3 - FcgidIOTimeout 360 - FcgidBusyTimeout 300 - - IdleTimeout 300 - ProcessLifeTime 3600 - # MaxProcessCount 1000 - DefaultMinClassProcessCount 0 - DefaultMaxClassProcessCount 100 - IPCConnectTimeout 3 - IPCCommTimeout 360 - BusyTimeout 300 - - - - AddHandler fcgid-script .php .php3 .php4 .php5 - FCGIWrapper .php - Options +ExecCGI - AllowOverride - Order allow,deny - Allow from all - - - AddHandler fcgid-script .php .php3 .php4 .php5 - FCGIWrapper .php - Options +ExecCGI - AllowOverride - Order allow,deny - Allow from all - - - - - RewriteEngine on - - - - RewriteCond %{HTTP_HOST} ^$ [NC] - RewriteRule ^(.*)$ https:///$1 [R=301,L] - - - - - RewriteCond %{HTTP_HOST} ^ [NC] - RewriteRule ^/(.*)$ $1 - - - - # add support for apache mpm_itk - - AssignUserId - - - - # Do not execute PHP files in webdav directory - - - SetHandler None - - - # DO NOT REMOVE THE COMMENTS! - # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE! - # WEBDAV BEGIN - # WEBDAV END - - - - - - - + \ No newline at end of file diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index 2f641b1ae2851893658ab4dbdcb83aeb8647a309..51c6a66c639b4de2d5a34e02fd515891c0286c50 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -651,6 +651,7 @@ class apache2_plugin { $tpl->newTemplate('vhost.conf.master'); $vhost_data = $data['new']; + //unset($vhost_data['ip_address']); $vhost_data['web_document_root'] = $data['new']['document_root'].'/web'; $vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/web'; $vhost_data['web_basedir'] = $web_config['website_basedir']; @@ -668,6 +669,7 @@ class apache2_plugin { $crt_file = $ssl_dir.'/'.$domain.'.crt'; $bundle_file = $ssl_dir.'/'.$domain.'.bundle'; + /* if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) { $vhost_data['ssl_enabled'] = 1; $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG); @@ -675,6 +677,7 @@ class apache2_plugin { $vhost_data['ssl_enabled'] = 0; $app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG); } + */ if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1; @@ -951,6 +954,32 @@ class apache2_plugin { //* Make a backup copy of vhost file if(file_exists($vhost_file)) copy($vhost_file,$vhost_file.'~'); + //* create empty vhost array + $vhosts = array(); + + //* Add vhost for ipv4 IP + $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80 ); + + //* Add vhost for ipv4 IP with SSL + if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) { + $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443' ); + $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG); + } + + //* Add vhost for IPv6 IP + if($data['new']['ipv6_address'] != '') { + $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80 ); + + //* Add vhost for ipv6 IP with SSL + if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) { + $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443' ); + $app->log('Enable SSL for IPv6: '.$domain,LOGLEVEL_DEBUG); + } + } + + //* Set the vhost loop + $tpl->setLoop('vhosts',$vhosts); + //* Write vhost file file_put_contents($vhost_file,$tpl->grab()); $app->log('Writing the vhost file: '.$vhost_file,LOGLEVEL_DEBUG);