Newer
Older
if(substr($custom_php_fpm_ini_dir,-1) != '/') $custom_php_fpm_ini_dir .= '/';
} else {
$default_php_fpm = true;
}
*/
if($data['new']['php'] == 'php-fpm' || $data['new']['php'] == 'hhvm'){
if(trim($data['new']['fastcgi_php_version']) != ''){
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
} else {
$default_php_fpm = true;
}
} else {
if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] != 'no'){
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
} else {
$default_php_fpm = true;
}
}
if($default_php_fpm){
$pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
} else {
$pool_dir = $custom_php_fpm_pool_dir;
}
if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
$pool_name = 'web'.$data['new']['domain_id'];
$socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']);
if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
if($data['new']['php_fpm_use_socket'] == 'y'){
$use_tcp = 0;
$use_socket = 1;
} else {
$use_tcp = 1;
$use_socket = 0;
}
$tpl->setVar('use_tcp', $use_tcp);
$tpl->setVar('use_socket', $use_socket);
$tpl->setVar('php_fpm_chroot', $data['new']['php_fpm_chroot']);
$tpl->setVar('php_fpm_chroot_web_folder', sprintf('/%s', trim($web_folder, '/')));
$fpm_socket = $socket_dir.$pool_name.'.sock';
$tpl->setVar('fpm_socket', $fpm_socket);
$tpl->setVar('rnd_php_dummy_file', '/'.md5(uniqid(microtime(), 1)).'.htm');
$vhost_data['fpm_port'] = $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1;
// backwards compatibility; since ISPConfig 3.0.5, the PHP mode for nginx is called 'php-fpm' instead of 'fast-cgi'. The following line makes sure that old web sites that have 'fast-cgi' in the database still get PHP-FPM support.
if($vhost_data['php'] == 'fast-cgi') $vhost_data['php'] = 'php-fpm';
// Custom rewrite rules
/*
$final_rewrite_rules = array();
$custom_rewrite_rules = $data['new']['rewrite_rules'];
// Make sure we only have Unix linebreaks
$custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
$custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
$custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
}
}
$tpl->setLoop('rewrite_rules', $final_rewrite_rules);
*/
// Custom rewrite rules
$final_rewrite_rules = array();
if(isset($data['new']['rewrite_rules']) && trim($data['new']['rewrite_rules']) != '') {
$custom_rewrite_rules = trim($data['new']['rewrite_rules']);
$custom_rewrites_are_valid = true;
// use this counter to make sure all curly brackets are properly closed
$if_level = 0;
// Make sure we only have Unix linebreaks
$custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
$custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
$custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
// ignore comments
if(substr(ltrim($custom_rewrite_rule_line), 0, 1) == '#'){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// empty lines
if(trim($custom_rewrite_rule_line) == ''){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// rewrite
if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
Falko Timme
committed
if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
// if
if(preg_match('@^\s*if\s+\(\s*\$\S+(\s+(\!?(=|~|~\*))\s+(\S+|\".+\"))?\s*\)\s*\{\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
$if_level += 1;
continue;
}
// if - check for files, directories, etc.
if(preg_match('@^\s*if\s+\(\s*\!?-(f|d|e|x)\s+\S+\s*\)\s*\{\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
$if_level += 1;
continue;
}
// break
if(preg_match('@^\s*break\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// return code [ text ]
if(preg_match('@^\s*return\s+\d\d\d.*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// return code URL
// return URL
if(preg_match('@^\s*return(\s+\d\d\d)?\s+(http|https|ftp)\://([a-zA-Z0-9\.\-]+(\:[a-zA-Z0-9\.&%\$\-]+)*\@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\-]+\.)*[a-zA-Z0-9\-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(\:[0-9]+)*(/($|[a-zA-Z0-9\.\,\?\'\\\+&%\$#\=~_\-]+))*\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// set
if(preg_match('@^\s*set\s+\$\S+\s+\S+\s*;\s*$@', $custom_rewrite_rule_line)){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
continue;
}
// closing curly bracket
if(trim($custom_rewrite_rule_line) == '}'){
$final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
$if_level -= 1;
continue;
}
$custom_rewrites_are_valid = false;
break;
}
}
if(!$custom_rewrites_are_valid || $if_level != 0){
$final_rewrite_rules = array();
}
}
$tpl->setLoop('rewrite_rules', $final_rewrite_rules);
// Custom nginx directives
$final_nginx_directives = array();
Florian Schaal
committed
if($data['new']['enable_pagespeed'] == 'y'){
// if PageSpeed is already enabled, don't add configuration again
if(stripos($nginx_directives, 'pagespeed') !== false){
$vhost_data['enable_pagespeed'] = false;
} else {
$vhost_data['enable_pagespeed'] = true;
}
} else {
$vhost_data['enable_pagespeed'] = false;
}
Falko Timme
committed
if(intval($data['new']['directive_snippets_id']) > 0){
$snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", $data['new']['directive_snippets_id']);
Falko Timme
committed
if(isset($snippet['snippet'])){
$nginx_directives = $snippet['snippet'];
} else {
$nginx_directives = $data['new']['nginx_directives'];
}
Florian Schaal
committed
/*
if($data['new']['enable_pagespeed'] == 'y'){
// if PageSpeed is already enabled, don't add configuration again
if(stripos($nginx_directives, 'pagespeed') !== false){
$vhost_data['enable_pagespeed'] = false;
} else {
$vhost_data['enable_pagespeed'] = true;
}
} else {
$vhost_data['enable_pagespeed'] = false;
}
Florian Schaal
committed
*/
Falko Timme
committed
} else {
$nginx_directives = $data['new']['nginx_directives'];
Florian Schaal
committed
// $vhost_data['enable_pagespeed'] = false;
Falko Timme
committed
}
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
// folder_directive_snippets
if(trim($data['new']['folder_directive_snippets']) != ''){
$data['new']['folder_directive_snippets'] = trim($data['new']['folder_directive_snippets']);
$data['new']['folder_directive_snippets'] = str_replace("\r\n", "\n", $data['new']['folder_directive_snippets']);
$data['new']['folder_directive_snippets'] = str_replace("\r", "\n", $data['new']['folder_directive_snippets']);
$folder_directive_snippets_lines = explode("\n", $data['new']['folder_directive_snippets']);
if(is_array($folder_directive_snippets_lines) && !empty($folder_directive_snippets_lines)){
foreach($folder_directive_snippets_lines as $folder_directive_snippets_line){
list($folder_directive_snippets_folder, $folder_directive_snippets_snippets_id) = explode(':', $folder_directive_snippets_line);
$folder_directive_snippets_folder = trim($folder_directive_snippets_folder);
$folder_directive_snippets_snippets_id = trim($folder_directive_snippets_snippets_id);
if($folder_directive_snippets_folder != '' && intval($folder_directive_snippets_snippets_id) > 0 && preg_match('@^((?!(.*\.\.)|(.*\./)|(.*//))[^/][\w/_\.\-]{1,100})?$@', $folder_directive_snippets_folder)){
if(substr($folder_directive_snippets_folder, -1) != '/') $folder_directive_snippets_folder .= '/';
if(substr($folder_directive_snippets_folder, 0, 1) == '/') $folder_directive_snippets_folder = substr($folder_directive_snippets_folder, 1);
$master_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'nginx' AND active = 'y' AND customer_viewable = 'y'", intval($folder_directive_snippets_snippets_id));
if(isset($master_snippet['snippet'])){
$folder_directive_snippets_trans = array('{FOLDER}' => $folder_directive_snippets_folder, '{FOLDERMD5}' => md5($folder_directive_snippets_folder));
$master_snippet['snippet'] = strtr($master_snippet['snippet'], $folder_directive_snippets_trans);
$nginx_directives .= "\n\n".$master_snippet['snippet'];
// create folder it it does not exist
if(!is_dir($data['new']['document_root'].'/' . $web_folder.$folder_directive_snippets_folder)){
$app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder.$folder_directive_snippets_folder);
$app->system->chown($data['new']['document_root'].'/' . $web_folder.$folder_directive_snippets_folder, $username);
$app->system->chgrp($data['new']['document_root'].'/' . $web_folder.$folder_directive_snippets_folder, $groupname);
}
}
}
}
}
}
// use vLib for template logic
if(trim($nginx_directives) != '') {
$nginx_directives_new = '';
$ngx_conf_tpl = new tpl();
$ngx_conf_tpl_tmp_file = tempnam($conf['temppath'], "ngx");
file_put_contents($ngx_conf_tpl_tmp_file, $nginx_directives);
$ngx_conf_tpl->newTemplate($ngx_conf_tpl_tmp_file);
$ngx_conf_tpl->setVar('use_tcp', $use_tcp);
$ngx_conf_tpl->setVar('use_socket', $use_socket);
$ngx_conf_tpl->setVar('fpm_socket', $fpm_socket);
$ngx_conf_tpl->setVar($vhost_data);
$nginx_directives_new = $ngx_conf_tpl->grab();
if(is_file($ngx_conf_tpl_tmp_file)) unlink($ngx_conf_tpl_tmp_file);
if($nginx_directives_new != '') $nginx_directives = $nginx_directives_new;
unset($nginx_directives_new);
}
// Make sure we only have Unix linebreaks
$nginx_directives = str_replace("\r\n", "\n", $nginx_directives);
$nginx_directives = str_replace("\r", "\n", $nginx_directives);
$nginx_directive_lines = explode("\n", $nginx_directives);
if(is_array($nginx_directive_lines) && !empty($nginx_directive_lines)){
$trans = array(
'{DOCROOT}' => $vhost_data['web_document_root_www'],
'{DOCROOT_CLIENT}' => $vhost_data['web_document_root'],
'{FASTCGIPASS}' => 'fastcgi_pass '.($data['new']['php_fpm_use_socket'] == 'y'? 'unix:'.$fpm_socket : '127.0.0.1:'.$vhost_data['fpm_port']).';'
);
foreach($nginx_directive_lines as $nginx_directive_line){
Falko Timme
committed
$final_nginx_directives[] = array('nginx_directive' => strtr($nginx_directive_line, $trans));
}
}
$tpl->setLoop('nginx_directives', $final_nginx_directives);
// Check if a SSL cert exists
$tmp = $app->letsencrypt->get_website_certificate_paths($data);
$domain = $tmp['domain'];
$key_file = $tmp['key'];
$key_file2 = $tmp['key2'];
$csr_file = $tmp['csr'];
$crt_file = $tmp['crt'];
$bundle_file = $tmp['bundle'];
unset($tmp);
$data['new']['ssl_domain'] = $domain;
$vhost_data['ssl_domain'] = $domain;
$vhost_data['ssl_crt_file'] = $crt_file;
$vhost_data['ssl_key_file'] = $key_file;
$vhost_data['ssl_bundle_file'] = $bundle_file;
//* Generate Let's Encrypt SSL certificat
Till Brehm
committed
if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && $conf['mirror_server_id'] == 0 && ( // ssl and let's encrypt is active and no mirror server
($data['old']['ssl'] == 'n' || $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
|| ($data['old']['domain'] != $data['new']['domain']) // we have domain update
|| ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
|| $this->update_letsencrypt == true
)) {
$success = $app->letsencrypt->request_certificates($data, 'nginx');
if($success) {
/* we don't need to store it.
/* Update the DB of the (local) Server */
Marius Burkard
committed
$app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
$app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
/* Update also the master-DB of the Server-Farm */
Marius Burkard
committed
$app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
} else {
$data['new']['ssl_letsencrypt'] = 'n';
if($data['old']['ssl'] == 'n') $data['new']['ssl'] = 'n';
/* Update the DB of the (local) Server */
$app->db->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ? AND `server_id` = ?", $data['new']['ssl'], 'n', $data['new']['domain'], $conf['server_id']);
/* Update also the master-DB of the Server-Farm */
$app->dbmaster->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ?", $data['new']['ssl'], 'n', $data['new']['domain']);
if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$vhost_data['ssl_enabled'] = 1;
$app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);
} else {
$vhost_data['ssl_enabled'] = 0;
$app->log('SSL Disabled. '.$domain, LOGLEVEL_DEBUG);
}
// Set SEO Redirect
if($data['new']['seo_redirect'] != ''){
$vhost_data['seo_redirect_enabled'] = 1;
$tmp_seo_redirects = $this->get_seo_redirects($data['new']);
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
foreach($tmp_seo_redirects as $key => $val){
$vhost_data[$key] = $val;
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
// Rewrite rules
$own_rewrite_rules = array();
$rewrite_rules = array();
$local_rewrite_rules = array();
if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
if(substr($data['new']['redirect_path'], -1) != '/') $data['new']['redirect_path'] .= '/';
if(substr($data['new']['redirect_path'], 0, 8) == '[scheme]'){
if($data['new']['redirect_type'] != 'proxy'){
$data['new']['redirect_path'] = '$scheme'.substr($data['new']['redirect_path'], 8);
} else {
$data['new']['redirect_path'] = 'http'.substr($data['new']['redirect_path'], 8);
}
}
// Custom proxy directives
if($data['new']['redirect_type'] == 'proxy' && trim($data['new']['proxy_directives'] != '')){
$final_proxy_directives = array();
$proxy_directives = $data['new']['proxy_directives'];
// Make sure we only have Unix linebreaks
$proxy_directives = str_replace("\r\n", "\n", $proxy_directives);
$proxy_directives = str_replace("\r", "\n", $proxy_directives);
$proxy_directive_lines = explode("\n", $proxy_directives);
if(is_array($proxy_directive_lines) && !empty($proxy_directive_lines)){
foreach($proxy_directive_lines as $proxy_directive_line){
$final_proxy_directives[] = array('proxy_directive' => $proxy_directive_line);
}
}
} else {
$final_proxy_directives = false;
}
switch($data['new']['subdomain']) {
case 'www':
$exclude_own_hostname = '';
if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
break;
}
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
} else { // URL - check if URL is local
$tmp_redirect_path = $data['new']['redirect_path'];
if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
if(($tmp_redirect_path_parts['host'] == $data['new']['domain'] || $tmp_redirect_path_parts['host'] == 'www.'.$data['new']['domain']) && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
// URL is local
if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
//$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
break;
} else {
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
$exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
$rewrite_exclude = '(.?)/';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
$own_rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
break;
case '*':
$exclude_own_hostname = '';
if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
break;
}
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
} else { // URL - check if URL is local
$tmp_redirect_path = $data['new']['redirect_path'];
if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
//if($is_serveralias && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
if($this->url_is_local($tmp_redirect_path_parts['host'], $data['new']['domain_id']) && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
// URL is local
if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
//$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
break;
} else {
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
$exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
$rewrite_exclude = '(.?)/';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
$own_rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
break;
default:
if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
$exclude_own_hostname = '';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
break;
}
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
} else { // URL - check if URL is local
$tmp_redirect_path = $data['new']['redirect_path'];
if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
if($tmp_redirect_path_parts['host'] == $data['new']['domain'] && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
// URL is local
if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
//$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
break;
} else {
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
$exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
$rewrite_exclude = '(.?)/';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
$own_rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
}
}
// http2 or spdy?
$vhost_data['enable_http2'] = 'n';
if($vhost_data['enable_spdy'] == 'y'){
// check if nginx support http_v2; if so, use that instead of spdy
exec("2>&1 nginx -V | tr -- - '\n' | grep http_v2_module", $tmp_output, $tmp_retval);
if($tmp_retval == 0){
$vhost_data['enable_http2'] = 'y';
$vhost_data['enable_spdy'] = 'n';
}
unset($tmp_output, $tmp_retval);
}
// set logging variable
$vhost_data['logging'] = $web_config['logging'];
$tpl->setVar($vhost_data);
$server_alias = array();
// get autoalias
$auto_alias = $web_config['website_autoalias'];
if($auto_alias != '') {
// get the client username
$client = $app->db->queryOneRecord("SELECT `username` FROM `client` WHERE `client_id` = ?", $client_id);
$aa_search = array('[client_id]', '[website_id]', '[client_username]', '[website_domain]');
$aa_replace = array($client_id, $data['new']['domain_id'], $client['username'], $data['new']['domain']);
$auto_alias = str_replace($aa_search, $aa_replace, $auto_alias);
unset($client);
unset($aa_search);
unset($aa_replace);
$server_alias[] .= $auto_alias.' ';
}
// get alias domains (co-domains and subdomains)
$aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND active = 'y' AND (type != 'vhostsubdomain' AND type != 'vhostalias')", $data['new']['domain_id']);
$alias_seo_redirects = array();
switch($data['new']['subdomain']) {
case 'www':
$server_alias[] = 'www.'.$data['new']['domain'].' ';
break;
case '*':
$server_alias[] = '*.'.$data['new']['domain'].' ';
break;
}
if(is_array($aliases)) {
foreach($aliases as $alias) {
// Custom proxy directives
if($alias['redirect_type'] == 'proxy' && trim($alias['proxy_directives'] != '')){
$final_proxy_directives = array();
$proxy_directives = $alias['proxy_directives'];
// Make sure we only have Unix linebreaks
$proxy_directives = str_replace("\r\n", "\n", $proxy_directives);
$proxy_directives = str_replace("\r", "\n", $proxy_directives);
$proxy_directive_lines = explode("\n", $proxy_directives);
if(is_array($proxy_directive_lines) && !empty($proxy_directive_lines)){
foreach($proxy_directive_lines as $proxy_directive_line){
$final_proxy_directives[] = array('proxy_directive' => $proxy_directive_line);
}
}
} else {
$final_proxy_directives = false;
}
if($alias['redirect_type'] == '' || $alias['redirect_path'] == '' || substr($alias['redirect_path'], 0, 1) == '/') {
switch($alias['subdomain']) {
case 'www':
$server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
break;
case '*':
$server_alias[] = '*.'.$alias['domain'].' '.$alias['domain'].' ';
break;
default:
$server_alias[] = $alias['domain'].' ';
break;
}
$app->log('Add server alias: '.$alias['domain'], LOGLEVEL_DEBUG);
// Add SEO redirects for alias domains
if($alias['seo_redirect'] != '' && $data['new']['seo_redirect'] != '*_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_to_domain_tld' && ($alias['type'] == 'alias' || ($alias['type'] == 'subdomain' && $data['new']['seo_redirect'] != '*_domain_tld_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_domain_tld_to_domain_tld'))){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects[] = $tmp_seo_redirects;
}
}
}
// Local Rewriting (inside vhost server {} container)
if($alias['redirect_type'] != '' && substr($alias['redirect_path'], 0, 1) == '/' && $alias['redirect_type'] != 'proxy') { // proxy makes no sense with local path
if(substr($alias['redirect_path'], -1) != '/') $alias['redirect_path'] .= '/';
Marius Burkard
committed
$rewrite_exclude = '(?!/('.substr($alias['redirect_path'], 1, -1).(substr($alias['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').'|\.well-known/acme-challenge))/';
switch($alias['subdomain']) {
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
case 'www':
// example.com
$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
'local_redirect_operator' => '=',
'local_redirect_exclude' => $rewrite_exclude,
'local_redirect_target' => $alias['redirect_path'],
'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
// www.example.com
$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => 'www.'.$alias['domain'],
'local_redirect_operator' => '=',
'local_redirect_exclude' => $rewrite_exclude,
'local_redirect_target' => $alias['redirect_path'],
'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
break;
case '*':
$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => '^('.str_replace('.', '\.', $alias['domain']).'|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
'local_redirect_operator' => '~*',
'local_redirect_exclude' => $rewrite_exclude,
'local_redirect_target' => $alias['redirect_path'],
'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
break;
default:
$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
'local_redirect_operator' => '=',
'local_redirect_exclude' => $rewrite_exclude,
'local_redirect_target' => $alias['redirect_path'],
'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
}
}
// External Rewriting (extra server {} containers)
if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'], 0, 1) != '/') {
if(substr($alias['redirect_path'], -1) != '/') $alias['redirect_path'] .= '/';
if(substr($alias['redirect_path'], 0, 8) == '[scheme]'){
if($alias['redirect_type'] != 'proxy'){
$alias['redirect_path'] = '$scheme'.substr($alias['redirect_path'], 8);
} else {
$alias['redirect_path'] = 'http'.substr($alias['redirect_path'], 8);
}
}
switch($alias['subdomain']) {
case 'www':
if($alias['redirect_type'] == 'proxy'){
$tmp_redirect_path = $alias['redirect_path'];
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
}
// Add SEO redirects for alias domains
$alias_seo_redirects2 = array();
if($alias['seo_redirect'] != ''){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'none');
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects2[] = $tmp_seo_redirects;
}
}
$rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'],
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_subdir' => $rewrite_subdir,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
// Add SEO redirects for alias domains
$alias_seo_redirects2 = array();
if($alias['seo_redirect'] != ''){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'www');
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects2[] = $tmp_seo_redirects;
}
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
}
$rewrite_rules[] = array( 'rewrite_domain' => 'www.'.$alias['domain'],
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_subdir' => $rewrite_subdir,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
break;
case '*':
if($alias['redirect_type'] == 'proxy'){
$tmp_redirect_path = $alias['redirect_path'];
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
}
// Add SEO redirects for alias domains
$alias_seo_redirects2 = array();
if($alias['seo_redirect'] != ''){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects2[] = $tmp_seo_redirects;
}
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
}
$rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'].' *.'.$alias['domain'],
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_subdir' => $rewrite_subdir,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
break;
default:
if($alias['redirect_type'] == 'proxy'){
$tmp_redirect_path = $alias['redirect_path'];
$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
if($rewrite_subdir == '/') $rewrite_subdir = '';
}
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
}
if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '*.'.substr($alias['domain'], 2);
else $domain_rule = $alias['domain'];
// Add SEO redirects for alias domains
$alias_seo_redirects2 = array();
if($alias['seo_redirect'] != ''){
if(substr($alias['domain'], 0, 2) === '*.'){
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
} else {
$tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'none');
}
if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
$alias_seo_redirects2[] = $tmp_seo_redirects;
}
}
$rewrite_rules[] = array( 'rewrite_domain' => $domain_rule,
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_subdir' => $rewrite_subdir,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
}
}
}
}
//* If we have some alias records
if(count($server_alias) > 0) {
$server_alias_str = '';
$n = 0;
foreach($server_alias as $tmp_alias) {
$server_alias_str .= $tmp_alias;
}
unset($tmp_alias);
$tpl->setVar('alias', trim($server_alias_str));
} else {
}
if(count($rewrite_rules) > 0) {
$tpl->setLoop('redirects', $rewrite_rules);
}
if(count($own_rewrite_rules) > 0) {
$tpl->setLoop('own_redirects', $own_rewrite_rules);
}
if(count($local_rewrite_rules) > 0) {
$tpl->setLoop('local_redirects', $local_rewrite_rules);
}
if(count($alias_seo_redirects) > 0) {
$tpl->setLoop('alias_seo_redirects', $alias_seo_redirects);
}
$stats_web_folder = 'web';
if($data['new']['type'] == 'vhost'){
if($data['new']['web_folder'] != ''){
if(substr($data['new']['web_folder'], 0, 1) == '/') $data['new']['web_folder'] = substr($data['new']['web_folder'],1);
if(substr($data['new']['web_folder'], -1) == '/') $data['new']['web_folder'] = substr($data['new']['web_folder'],0,-1);
}
$stats_web_folder .= '/'.$data['new']['web_folder'];
} elseif($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') {
$stats_web_folder = $data['new']['web_folder'];
}
//* Create basic http auth for website statistics
$tpl->setVar('stats_auth_passwd_file', $data['new']['document_root']."/" . $stats_web_folder . "/stats/.htpasswd_stats");
// Create basic http auth for other directories
$basic_auth_locations = $this->_create_web_folder_auth_configuration($data['new']);
if(is_array($basic_auth_locations) && !empty($basic_auth_locations)) $tpl->setLoop('basic_auth_locations', $basic_auth_locations);
$vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
//* Make a backup copy of vhost file
if(file_exists($vhost_file)) copy($vhost_file, $vhost_file.'~');
//* Write vhost file
$app->system->file_put_contents($vhost_file, $this->nginx_merge_locations($tpl->grab()));
$app->log('Writing the vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
unset($tpl);
//* Set the symlink to enable the vhost
//* First we check if there is a old type of symlink and remove it
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost');
if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink);
//* Remove old or changed symlinks
if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') {
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
}
//* New symlink
if($data['new']['subdomain'] == '*') {
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
} else {
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
}
if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
symlink($vhost_file, $vhost_symlink);
$app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
// remove old symlink and vhost file, if domain name of the site has changed
if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
$vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
if(is_link($vhost_symlink)) {
$app->system->unlink($vhost_symlink);
$app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
}
$vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
$app->system->unlink($vhost_file);
$app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG);
}
// create password file for stats directory
if(!is_file($data['new']['document_root'].'/' . $stats_web_folder . '/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
if(trim($data['new']['stats_password']) != '') {
$htp_file = 'admin:'.trim($data['new']['stats_password']);
$app->system->file_put_contents($data['new']['document_root'].'/' . $stats_web_folder . '/stats/.htpasswd_stats', $htp_file);
$app->system->chmod($data['new']['document_root'].'/' . $stats_web_folder . '/stats/.htpasswd_stats', 0755);
unset($htp_file);
}
}
//* Create awstats configuration
if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
$this->awstats_update($data, $web_config);
}
$this->php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir, $web_folder);
Marius Cramer
committed
$this->hhvm_update($data, $web_config);
if($web_config['check_apache_config'] == 'y') {
//* Test if nginx starts with the new configuration file
$nginx_online_status_before_restart = $this->_checkTcp('localhost', 80);
$app->log('nginx status is: '.($nginx_online_status_before_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
$retval = $app->services->restartService('httpd', 'restart'); // $retval['retval'] is 0 on success and > 0 on failure
$app->log('nginx restart return value is: '.$retval['retval'], LOGLEVEL_DEBUG);
// wait a few seconds, before we test the apache status again
sleep(2);
//* Check if nginx restarted successfully if it was online before
$nginx_online_status_after_restart = $this->_checkTcp('localhost', 80);
$app->log('nginx online status after restart is: '.($nginx_online_status_after_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
if($nginx_online_status_before_restart && !$nginx_online_status_after_restart || $retval['retval'] > 0) {
$app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err', LOGLEVEL_WARN);
if(is_array($retval['output']) && !empty($retval['output'])){
$app->log('Reason for nginx restart failure: '.implode("\n", $retval['output']), LOGLEVEL_WARN);
$app->dbmaster->datalogError(implode("\n", $retval['output']));
} else {
// if no output is given, check again
exec('nginx -t 2>&1', $tmp_output, $tmp_retval);
if($tmp_retval > 0 && is_array($tmp_output) && !empty($tmp_output)){
$app->log('Reason for nginx restart failure: '.implode("\n", $tmp_output), LOGLEVEL_WARN);
$app->dbmaster->datalogError(implode("\n", $tmp_output));
}
unset($tmp_output, $tmp_retval);
}
$app->system->copy($vhost_file, $vhost_file.'.err');
if(is_file($vhost_file.'~')) {
//* Copy back the last backup file
$app->system->copy($vhost_file.'~', $vhost_file);
} else {
//* There is no backup file, so we create a empty vhost file with a warning message inside
$app->system->file_put_contents($vhost_file, "# nginx did not start after modifying this vhost file.\n# Please check file $vhost_file.err for syntax errors.");
}
if($this->ssl_certificate_changed === true) {
$ssl_dir = $data['new']['document_root'].'/ssl';
$domain = $data['new']['ssl_domain'];
$key_file = $ssl_dir.'/'.$domain.'.key.org';
$key_file2 = $ssl_dir.'/'.$domain.'.key';
$csr_file = $ssl_dir.'/'.$domain.'.csr';
$crt_file = $ssl_dir.'/'.$domain.'.crt';
//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
//* Backup the files that might have caused the error
if(is_file($key_file)){
$app->system->copy($key_file, $key_file.'.err');
$app->system->chmod($key_file.'.err', 0400);
}
if(is_file($key_file2)){
$app->system->copy($key_file2, $key_file2.'.err');
$app->system->chmod($key_file2.'.err', 0400);
}
if(is_file($csr_file)) $app->system->copy($csr_file, $csr_file.'.err');
if(is_file($crt_file)) $app->system->copy($crt_file, $crt_file.'.err');
//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
//* Restore the ~ backup files
if(is_file($key_file.'~')) $app->system->copy($key_file.'~', $key_file);
if(is_file($key_file2.'~')) $app->system->copy($key_file2.'~', $key_file2);
if(is_file($crt_file.'~')) $app->system->copy($crt_file.'~', $crt_file);
if(is_file($csr_file.'~')) $app->system->copy($csr_file.'~', $csr_file);
//if(is_file($bundle_file.'~')) $app->system->copy($bundle_file.'~',$bundle_file);
$app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the SSL configuration. Saved non-working SSL files with .err extension.', LOGLEVEL_WARN);
}
$app->services->restartService('httpd', 'restart');
}
} else {
//* We do not check the nginx config after changes (is faster)
$app->services->restartServiceDelayed('httpd', 'reload');
}
//* The vhost is written and apache has been restarted, so we
// can reset the ssl changed var to false and cleanup some files
$this->ssl_certificate_changed = false;
if(@is_file($key_file.'~')) $app->system->unlink($key_file.'~');
if(@is_file($key_file2.'~')) $app->system->unlink($key_file2.'~');
if(@is_file($crt_file.'~')) $app->system->unlink($crt_file.'~');
if(@is_file($csr_file.'~')) $app->system->unlink($csr_file.'~');
//if(@is_file($bundle_file.'~')) $app->system->unlink($bundle_file.'~');
// Remove the backup copy of the config file.
if(@is_file($vhost_file.'~')) $app->system->unlink($vhost_file.'~');
//* Unset action to clean it for next processed vhost.
$this->action = '';
}
function delete($event_name, $data) {
global $app, $conf;
// load the server configuration options
$app->uses('getconf');
$app->uses('system');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') $app->system->web_folder_protection($data['old']['document_root'], false);
//* Check if this is a chrooted setup