plugins->registerEvent('web_domain_insert',$this->plugin_name,'ssl'); $app->plugins->registerEvent('web_domain_update',$this->plugin_name,'ssl'); $app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'ssl'); $app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'insert'); $app->plugins->registerEvent('web_domain_update',$this->plugin_name,'update'); $app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'delete'); $app->plugins->registerEvent('server_ip_insert',$this->plugin_name,'server_ip'); $app->plugins->registerEvent('server_ip_update',$this->plugin_name,'server_ip'); $app->plugins->registerEvent('server_ip_delete',$this->plugin_name,'server_ip'); } // Handle the creation of SSL certificates function ssl($event_name,$data) { global $app, $conf; if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl"); $ssl_dir = $data["new"]["document_root"]."/ssl"; $domain = $data["new"]["domain"]; $key_file = $ssl_dir.'/'.$domain.".key.org"; $key_file2 = $ssl_dir.'/'.$domain.".key"; $csr_file = $ssl_dir.'/'.$domain.".csr"; $crt_file = $ssl_dir.'/'.$domain.".crt"; //* Create a SSL Certificate if($data["new"]["ssl_action"] == 'create') { $rand_file = $ssl_dir."/random_file"; $rand_data = md5(uniqid(microtime(),1)); for($i=0; $i<1000; $i++){ $rand_data .= md5(uniqid(microtime(),1)); $rand_data .= md5(uniqid(microtime(),1)); $rand_data .= md5(uniqid(microtime(),1)); $rand_data .= md5(uniqid(microtime(),1)); } file_put_contents($rand_file, $rand_data); $ssl_password = substr(md5(uniqid(microtime(),1)), 0, 15); $ssl_cnf = " RANDFILE = $rand_file [ req ] default_bits = 1024 default_keyfile = keyfile.pem distinguished_name = req_distinguished_name attributes = req_attributes prompt = no output_password = $ssl_password [ req_distinguished_name ] C = $data[new][ssl_country] ST = $data[new][ssl_state] L = $data[new][ssl_locality] O = $data[new][ssl_organisation] OU = $data[new][ssl_organisation_unit] CN = $domain emailAddress = webmatser@$data[new][domain] [ req_attributes ] challengePassword = A challenge password"; $ssl_cnf_file = $ssl_dir."/openssl.conf"; file_get_contents($ssl_cnf_file,$ssl_cnf); $rand_file = escapeshellcmd($rand_file); $key_file = escapeshellcmd($key_file); $key_file2 = escapeshellcmd($key_file2); $ssl_days = 3650; $csr_file = escapeshellcmd($csr_file); $config_file = escapeshellcmd($config_file); $crt_file escapeshellcmd($crt_file); if(is_file($ssl_cnf_file)){ exec("openssl genrsa -des3 -rand $rand_file \ -passout pass:$ssl_password \ -out $key_file 1024 \ && openssl req -new -passin pass:$ssl_password \ -passout pass:$ssl_password -key $key_file \ -out $csr_file -days $ssl_days \ -config $config_file \ && openssl req -x509 -passin pass:$ssl_password \ -passout pass:$ssl_password \ -key $key_file -in $csr_file \ -out $crt_file -days $ssl_days \ -config $config_file \ && openssl rsa -passin pass:$ssl_password \ -in $key_file \ -out $key_file2"); } exec("chmod 400 $key_file2"); exec("rm -f $config_file"); exec("rm -f $rand_file"); $ssl_request = file_get_contents($csr_file); $ssl_cert = file_get_contents($crt_file); $mod->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'"); } //* Save a SSL certificate to disk if($data["new"]["ssl_action"] == 'save') { } } function insert($event_name,$data) { global $app, $conf; // just run the update function $this->update($event_name,$data); } function update($event_name,$data) { global $app, $conf; if($data["new"]["type"] != "vhost" && $data["new"]["parent_domain_id"] > 0) { // This is not a vhost, so we need to update the parent record instead. $parent_domain_id = intval($data["new"]["parent_domain_id"]); $tmp = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$parent_domain_id." AND active = 'y'"); $data["new"] = $tmp; $data["old"] = $tmp; } // load the server configuration options $app->uses("getconf"); $web_config = $app->getconf->get_server_config($conf["server_id"], 'web'); if($data["new"]["document_root"] == '') { $app->log("document_root not set",LOGLEVEL_WARN); return 0; } if($data["new"]["system_user"] == 'root' or $data["new"]["system_group"] == 'root') { $app->log("Websites can not be owned by the root user or group.",LOGLEVEL_WARN); return 0; } //print_r($data); // Check if the directories are there and create them if nescessary. if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web"); if(!is_dir($data["new"]["document_root"]."/web/error")) exec("mkdir -p ".$data["new"]["document_root"]."/web/error"); //if(!is_dir($data["new"]["document_root"]."/log")) exec("mkdir -p ".$data["new"]["document_root"]."/log"); if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl"); if(!is_dir($data["new"]["document_root"]."/cgi-bin")) exec("mkdir -p ".$data["new"]["document_root"]."/cgi-bin"); // Create the symlink for the logfiles if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]); if(!is_link($data["new"]["document_root"]."/log")) exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log"); // Create the symlinks for the sites $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"])); $client_id = intval($client["client_id"]); unset($client); $tmp_symlinks_array = explode(':',$web_config["website_symlinks"]); if(is_array($tmp_symlinks_array)) { foreach($tmp_symlinks_array as $tmp_symlink) { $tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink); $tmp_symlink = str_replace("[website_domain]",$data["new"]["domain"],$tmp_symlink); // Remove trailing slash if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(!is_link($tmp_symlink)) { exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink)); $app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/ ".$tmp_symlink,LOGLEVEL_DEBUG); } } } // Copy the error pages $error_page_path = escapeshellcmd($data["new"]["web_document_root"])."/web/error/"; exec("cp /usr/local/ispconfig/server/conf/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path); // Create group and user, if not exist $app->uses("system"); $groupname = escapeshellcmd($data["new"]["system_group"]); if($data["new"]["system_group"] != '' && !$app->system->is_group($data["new"]["system_group"])) { exec("groupadd $groupname"); $app->log("Adding the group: $groupname",LOGLEVEL_DEBUG); } $username = escapeshellcmd($data["new"]["system_user"]); if($data["new"]["system_user"] != '' && !$app->system->is_user($data["new"]["system_user"])) { exec("useradd -d ".escapeshellcmd($data["new"]["document_root"])." -g $groupname $username"); $app->log("Adding the user: $username",LOGLEVEL_DEBUG); } // Set the quota for the user if($username != '' && $app->system->is_user($username)) { if($data["new"]["hd_quota"] > 0){ $blocks_soft = $data["new"]["hd_quota"] * 1024; $blocks_hard = $blocks_soft + 1024; } else { $blocks_soft = $blocks_hard = 0; } exec("setquota -u $username $blocks_soft $blocks_hard 0 0 -a &> /dev/null"); exec("setquota -T -u $username 604800 604800 -a &> /dev/null"); } // Chown and chmod the directories exec("chown -R $username:$groupname ".escapeshellcmd($data["new"]["document_root"])); // Create the vhost config file $app->load('tpl'); $tpl = new tpl(); $tpl->newTemplate("vhost.conf.master"); $vhost_data = $data["new"]; $vhost_data["web_document_root"] = $data["new"]["document_root"]."/web"; //$vhost_data["document_root"] = $data["new"]["document_root"]."/web"; $tpl->setVar($vhost_data); // Rewrite rules $rewrite_rules = array(); if($data["new"]["redirect_type"] != '') { $rewrite_rules[] = array( 'rewrite_domain' => $data["new"]["domain"], 'rewrite_type' => $data["new"]["redirect_type"], 'rewrite_target' => $data["new"]["redirect_path"]); } // get alias domains (co-domains and subdomains) $aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ".$data["new"]["domain_id"]." AND active = 'y'"); $server_alias = ''; if(is_array($aliases)) { foreach($aliases as $alias) { $server_alias .= $alias["domain"].' '; $app->log("Add server alias: $alias[domain]",LOGLEVEL_DEBUG); // Rewriting if($alias["redirect_type"] != '') { $rewrite_rules[] = array( 'rewrite_domain' => $alias["domain"], 'rewrite_type' => $alias["redirect_type"], 'rewrite_target' => $alias["redirect_path"]); } } } $tpl->setVar('alias',trim($server_alias)); if(count($rewrite_rules) > 0) { $tpl->setVar('rewrite_enabled',1); } else { $tpl->setVar('rewrite_enabled',0); } $tpl->setLoop('redirects',$rewrite_rules); $vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost'); file_put_contents($vhost_file,$tpl->grab()); $app->log("Writing the vhost file: $vhost_file",LOGLEVEL_DEBUG); unset($tpl); // Set the symlink to enable the vhost $vhost_symlink = escapeshellcmd($web_config["vhost_conf_enabled_dir"].'/'.$data["new"]["domain"].'.vhost'); if($data["new"]["active"] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file,$vhost_symlink); $app->log("Creating the symlink: $vhost_symlink => $vhost_file",LOGLEVEL_DEBUG); } // Remove the symlink, if site is inactive if($data["new"]["active"] == 'n' && is_link($vhost_symlink)) { unlink($vhost_symlink); $app->log("Removing symlink: $vhost_symlink => $vhost_file",LOGLEVEL_DEBUG); } // request a httpd reload when all records have been processed $app->services->restartServiceDelayed('httpd','reload'); } function delete($event_name,$data) { global $app, $conf; // load the server configuration options $app->uses("getconf"); $web_config = $app->getconf->get_server_config($conf["server_id"], 'web'); // Deleting the vhost file, symlink and the data directory $vhost_symlink = escapeshellcmd($web_config["vhost_conf_enabled_dir"].'/'.$data["old"]["domain"].'.vhost'); unlink($vhost_symlink); $app->log("Removing symlink: $vhost_symlink => $vhost_file",LOGLEVEL_DEBUG); $vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["old"]["domain"].'.vhost'); unlink($vhost_file); $app->log("Removing vhost file: $vhost_file",LOGLEVEL_DEBUG); $docroot = escapeshellcmd($data["old"]["document_root"]); if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot"); $app->log("Removing website: $docroot",LOGLEVEL_DEBUG); // Delete the symlinks for the sites $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"])); $client_id = intval($client["client_id"]); unset($client); $tmp_symlinks_array = explode(':',$web_config["website_symlinks"]); if(is_array($tmp_symlinks_array)) { foreach($tmp_symlinks_array as $tmp_symlink) { $tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink); $tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink); // Remove trailing slash if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1); // create the symlinks, if not exist if(is_link($tmp_symlink)) { unlink($tmp_symlink)); $app->log("Removing symlink: ".$tmp_symlink,LOGLEVEL_DEBUG); } } } // end removing symlinks } //* This function is called when a IP on the server is inserted, updated or deleted function server_ip($event_name,$data) { global $app, $conf; // Here we write the name virtualhost directives // NameVirtualHost IP:80 // NameVirtualHost IP:443 } } // end class ?>