Beispiel #1
0
 public function ApacheVhostCreate($DomainName, $FarmID, $FarmRoleID, $DocumentRootDir, $EnableSSL, $SSLPrivateKey = null, $SSLCertificate = null)
 {
     $this->restrictAccess(Acl::RESOURCE_SERVICES_APACHE);
     $validator = new Scalr_Validator();
     if ($validator->validateDomain($DomainName) !== true) {
         $err[] = _("Domain name is incorrect");
     }
     $DBFarm = DBFarm::LoadByID($FarmID);
     if ($DBFarm->EnvID != $this->Environment->id) {
         throw new Exception(sprintf("Farm #%s not found", $FarmID));
     }
     $this->user->getPermissions()->validate($DBFarm);
     $DBFarmRole = DBFarmRole::LoadByID($FarmRoleID);
     if ($DBFarm->ID != $DBFarmRole->FarmID) {
         throw new Exception(sprintf("FarmRole #%s not found on Farm #%s", $FarmRoleID, $FarmID));
     }
     if (!$DocumentRootDir) {
         throw new Exception(_("DocumentRootDir required"));
     }
     $options = serialize(array("document_root" => trim($DocumentRootDir), "logs_dir" => "/var/log", "server_admin" => $this->user->getEmail()));
     $httpConfigTemplateSSL = @file_get_contents(dirname(__FILE__) . "/../../templates/services/apache/ssl.vhost.tpl");
     $httpConfigTemplate = @file_get_contents(dirname(__FILE__) . "/../../templates/services/apache/nonssl.vhost.tpl");
     $vHost = Scalr_Service_Apache_Vhost::init();
     $vHost->envId = (int) $this->Environment->id;
     $vHost->clientId = $this->user->getAccountId();
     $vHost->domainName = $DomainName;
     $vHost->isSslEnabled = $EnableSSL ? true : false;
     $vHost->farmId = $FarmID;
     $vHost->farmRoleId = $FarmRoleID;
     $vHost->httpdConf = $httpConfigTemplate;
     $vHost->templateOptions = $options;
     $this->DB->BeginTrans();
     try {
         //SSL stuff
         if ($vHost->isSslEnabled) {
             $cert = new Entity\SslCertificate();
             $cert->envId = $DBFarm->EnvID;
             $cert->name = $DomainName;
             $cert->privateKey = base64_decode($SSLPrivateKey);
             $cert->certificate = base64_decode($SSLCertificate);
             $cert->save();
             $vHost->sslCertId = $cert->id;
             $vHost->httpdConfSsl = $httpConfigTemplateSSL;
         } else {
             $vHost->sslCertId = 0;
         }
         $vHost->save();
         $this->DB->CommitTrans();
     } catch (\Exception $e) {
         $this->DB->RollbackTrans();
         throw new Exception('Error saving VHost. ' . $e->getMessage(), $e->getCode(), $e);
     }
     $servers = $DBFarm->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
     foreach ($servers as $DBServer) {
         if ($DBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::NGINX) || $DBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::APACHE)) {
             $DBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
         }
     }
     $response = $this->CreateInitialResponse();
     $response->Result = 1;
     return $response;
 }
 /**
  * Return HTTPS certificate and private key
  * @return DOMDocument
  */
 protected function GetHttpsCertificate()
 {
     $ResponseDOMDocument = $this->CreateResponse();
     if (in_array($this->DBServer->status, array(SERVER_STATUS::PENDING_TERMINATE, SERVER_STATUS::TERMINATED, SERVER_STATUS::TROUBLESHOOTING, SERVER_STATUS::SUSPENDED))) {
         return $ResponseDOMDocument;
     }
     $hostName = $this->GetArg("hostname") ? " AND name=" . $this->qstr($this->GetArg("hostname")) : "";
     if ($this->GetArg("id")) {
         $sslInfo = Entity\SslCertificate::findPk($this->GetArg("id"));
         if ($sslInfo->envId != $this->DBServer->envId) {
             $sslInfo = null;
         }
     } else {
         if ($this->DBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::NGINX)) {
             $vhost_info = $this->DB->GetRow("SELECT * FROM apache_vhosts WHERE farm_id=? AND is_ssl_enabled='1' {$hostName} LIMIT 1", array($this->DBServer->farmId));
         } else {
             $vhost_info = $this->DB->GetRow("SELECT * FROM apache_vhosts WHERE farm_roleid=? AND is_ssl_enabled='1' {$hostName} LIMIT 1", array($this->DBServer->farmRoleId));
         }
         if ($vhost_info) {
             $sslInfo = Entity\SslCertificate::findPk($vhost_info['ssl_cert_id']);
             if ($sslInfo->envId != $this->DBServer->envId) {
                 $sslInfo = null;
             }
         }
     }
     if ($sslInfo) {
         $vhost = $ResponseDOMDocument->createElement("virtualhost");
         $vhost->setAttribute("name", $sslInfo->name);
         $vhost->appendChild($ResponseDOMDocument->createElement("cert", $sslInfo->certificate));
         $vhost->appendChild($ResponseDOMDocument->createElement("pkey", $sslInfo->privateKey));
         $vhost->appendChild($ResponseDOMDocument->createElement("ca_cert", $sslInfo->caBundle));
         $ResponseDOMDocument->documentElement->appendChild($vhost);
     }
     return $ResponseDOMDocument;
 }
Beispiel #3
0
 /**
  * @throws Scalr_Exception_Core
  */
 public function xListCertificatesAction()
 {
     $this->request->restrictAccess(Acl::RESOURCE_SERVICES_SSL);
     $criteria = [['envId' => $this->getEnvironmentId()]];
     $certs = Entity\SslCertificate::find($criteria);
     $certInfos = [];
     /* @var \Scalr\Model\Entity\SslCertificate $cert */
     foreach ($certs as $cert) {
         $certInfos[] = $cert->getInfo();
     }
     $this->response->data(['data' => $certInfos]);
 }
Beispiel #4
0
 public function xSaveAction()
 {
     $this->request->restrictAccess(Acl::RESOURCE_SERVICES_APACHE, Acl::PERM_SERVICES_APACHE_MANAGE);
     $validator = new Scalr_Validator();
     try {
         if ($validator->validateDomain($this->getParam('domainName')) !== true) {
             $err['domainName'] = _("Domain name is incorrect");
         }
         if (!$this->getParam('farmId')) {
             $err['farmId'] = _("Farm required");
         } else {
             $dbFarm = DBFarm::LoadByID($this->getParam('farmId'));
             $this->user->getPermissions()->validate($dbFarm);
         }
         if (!$this->getParam('farmRoleId')) {
             $err['farmRoleId'] = _("Role required");
         } else {
             $dbFarmRole = DBFarmRole::LoadByID($this->getParam('farmRoleId'));
             if ($dbFarmRole->FarmID != $dbFarm->ID) {
                 $err['farmRoleId'] = _("Role not found");
             }
         }
         if ($validator->validateEmail($this->getParam('serverAdmin'), null, true) !== true) {
             $err['serverAdmin'] = _("Server admin's email is incorrect or empty ");
         }
         if (!$this->getParam('documentRoot')) {
             $err['documentRoot'] = _("Document root required");
         }
         if (!$this->getParam('logsDir')) {
             $err['logsDir'] = _("Logs directory required");
         }
         if ($this->db->GetOne("SELECT id FROM apache_vhosts WHERE env_id=? AND `name` = ? AND id != ? AND farm_id = ? AND farm_roleid = ? LIMIT 1", array($this->getEnvironmentId(), $this->getParam('domainName'), $this->getParam('vhostId'), $this->getParam('farmId'), $this->getParam('farmRoleId')))) {
             $err['domainName'] = "'{$this->getParam('domainName')}' virtualhost already exists";
         }
     } catch (Exception $e) {
         $err[] = $e->getMessage();
     }
     if (count($err) == 0) {
         $vHost = Scalr_Service_Apache_Vhost::init();
         if ($this->getParam('vhostId')) {
             $vHost->loadById($this->getParam('vhostId'));
             $this->user->getPermissions()->validate($vHost);
         } else {
             $vHost->envId = $this->getEnvironmentId();
             $vHost->clientId = $this->user->getAccountId();
         }
         $vHost->domainName = $this->getParam('domainName');
         $isSslEnabled = $this->getParam('isSslEnabled') == 'on' ? true : false;
         if ($vHost->farmRoleId && $vHost->farmRoleId != $this->getParam('farmRoleId')) {
             $oldFarmRoleId = $vHost->farmRoleId;
         }
         $vHost->farmId = $this->getParam('farmId');
         $vHost->farmRoleId = $this->getParam('farmRoleId');
         $vHost->isSslEnabled = $isSslEnabled ? 1 : 0;
         $vHost->httpdConf = $this->getParam("nonSslTemplate", true);
         $vHost->templateOptions = serialize(array("document_root" => trim($this->getParam('documentRoot')), "logs_dir" => trim($this->getParam('logsDir')), "server_admin" => trim($this->getParam('serverAdmin')), "server_alias" => trim($this->getParam('serverAlias'))));
         //SSL stuff
         if ($isSslEnabled) {
             $cert = Entity\SslCertificate::findPk($this->getParam('sslCertId'));
             $this->user->getPermissions()->validate($cert);
             $vHost->sslCertId = $cert->id;
             $vHost->httpdConfSsl = $this->getParam("sslTemplate", true);
         } else {
             $vHost->sslCertId = 0;
             $vHost->httpdConfSsl = "";
         }
         $vHost->save();
         $servers = $dbFarm->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
         foreach ($servers as $dBServer) {
             if ($dBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::NGINX) || $dBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::APACHE) && $dBServer->farmRoleId == $vHost->farmRoleId) {
                 $dBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
             }
         }
         if ($oldFarmRoleId) {
             $oldFarmRole = DBFarmRole::LoadByID($oldFarmRoleId);
             $servers = $oldFarmRole->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
             foreach ($servers as $dBServer) {
                 $dBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
             }
         }
         $this->response->success(_('Virtualhost successfully saved'));
     } else {
         $this->response->failure();
         $this->response->data(array('errors' => $err));
     }
 }
Beispiel #5
0
 public function getConfiguration(DBServer $dbServer)
 {
     $configuration = new stdClass();
     $configuration->keyfile = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_KEYFILE);
     $configuration->volumeConfig = $this->getVolumeConfig($dbServer->GetFarmRoleObject(), $dbServer);
     $configuration->snapshotConfig = $this->getSnapshotConfig($dbServer->GetFarmRoleObject(), $dbServer);
     $configuration->password = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_PASSWORD);
     $configuration->replicaSetIndex = $dbServer->GetProperty(self::SERVER_REPLICA_SET_INDEX);
     $configuration->shardIndex = $dbServer->GetProperty(self::SERVER_SHARD_INDEX);
     $configuration->shardsTotal = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_SHARDS_COUNT);
     $configuration->replicasPerShard = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_REPLICAS_COUNT);
     $configuration->cfgServerStorageSize = 5;
     $mmsApiKey = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_MMS_API_KEY);
     if ($mmsApiKey) {
         $configuration->mms = new stdClass();
         $configuration->mms->apiKey = $mmsApiKey;
         $configuration->mms->secretKey = $dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_MMS_SECRET_KEY);
     }
     if ($dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_SSL_ENABLED) == 1) {
         $cert = Entity\SslCertificate::findPk($dbServer->GetFarmRoleObject()->GetSetting(self::ROLE_SSL_CERT_ID));
         $configuration->ssl = new stdClass();
         $configuration->ssl->privateKey = $cert->privateKey;
         $configuration->ssl->certificate = $cert->certificate;
         $configuration->ssl->privateKeyPassword = $cert->privateKeyPassword;
     }
     $configServers = $this->db->GetAll("SELECT * FROM services_mongodb_config_servers WHERE\n                `farm_role_id` = ?\n            ", array($dbServer->farmRoleId));
     if (count($configServers) > 0) {
         $configuration->config_servers = array();
         foreach ($configServers as $cs) {
             $itm = new stdClass();
             $itm->id = $cs['config_server_index'];
             $itm->replicaSetIndex = $cs['replica_set_index'];
             $itm->shardIndex = $cs['shard_index'];
             try {
                 $volume = Scalr_Storage_Volume::init()->loadById($cs['volume_id']);
                 $volumeConfig = $volume->getConfig();
             } catch (Exception $e) {
             }
             $itm->volume = $volumeConfig;
             $configuration->config_servers[] = $itm;
         }
     }
     return $configuration;
 }