function buildHost($uid = null, $hostname, $ssl = null, $d_path = null, $Params = array())
{
$prefixOutput = "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\"";
echo "{$prefixOutput} [" . __LINE__ . "] Building \"{$hostname}\"\n";
build_progress("create_cron_task()", 6);
create_cron_task();
build_progress("CheckLibraries()", 7);
CheckLibraries();
$unix = $GLOBALS["CLASS_UNIX"];
$sock = $GLOBALS["CLASS_SOCKETS"];
$users = $GLOBALS["CLASS_USERS_MENUS"];
$AuthLDAP = 0;
$mod_pagespedd = null;
$EnableLDAPAllSubDirectories = 0;
$APACHE_MOD_AUTHNZ_LDAP = $users->APACHE_MOD_AUTHNZ_LDAP;
$APACHE_MOD_PAGESPEED = $users->APACHE_MOD_PAGESPEED;
build_progress("Loading {$hostname} configuration", 8);
$freeweb = new freeweb($hostname);
$Params = $freeweb->Params;
if ($freeweb->servername == null) {
build_progress("Fatal {$hostname} no such servername", 110);
echo "{$prefixOutput} [" . __LINE__ . "] freeweb->servername no such servername \n";
return;
}
$FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
$FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
$FreeWebDisableSSL = trim($sock->GET_INFO("FreeWebDisableSSL"));
if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
$FreeWebsEnableOpenVPNProxy = 0;
}
if (!is_numeric($FreeWebDisableSSL)) {
$FreeWebDisableSSL = 0;
}
if ($FreeWebDisableSSL == 1) {
if ($freeweb->SSL_enabled) {
echo "{$prefixOutput} [" . __LINE__ . "] SSL is globally disabled \n";
}
$freeweb->SSL_enabled = false;
}
$d_path = $freeweb->APACHE_DIR_SITES_ENABLED;
if (isset($Params["LDAP"]["enabled"])) {
$AuthLDAP = $Params["LDAP"]["enabled"];
}
if (isset($Params["LDAP"]["EnableLDAPAllSubDirectories"])) {
$EnableLDAPAllSubDirectories = $Params["LDAP"]["EnableLDAPAllSubDirectories"];
}
//server signature.
if (!isset($Params["SECURITY"])) {
$Params["SECURITY"]["ServerSignature"] = null;
}
if (!isset($Params["SECURITY"]["ServerSignature"])) {
$Params["SECURITY"]["ServerSignature"] = null;
}
$ServerSignature = $Params["SECURITY"]["ServerSignature"];
if ($ServerSignature == null) {
$ServerSignature = $sock->GET_INFO("ApacheServerSignature");
}
if (!is_numeric($ServerSignature)) {
$ServerSignature = 1;
}
if ($ServerSignature == 1) {
$ServerSignature = "On";
} else {
$ServerSignature = "Off";
}
if (!$APACHE_MOD_AUTHNZ_LDAP) {
$AuthLDAP = 0;
}
$apache_usr = $unix->APACHE_SRC_ACCOUNT();
$apache_group = $unix->APACHE_SRC_GROUP();
$FreeWebListenPort = $sock->GET_INFO("FreeWebListenPort");
$FreeWebListenSSLPort = $sock->GET_INFO("FreeWebListenSSLPort");
$FreeWebListen = $unix->APACHE_ListenDefaultAddress();
$FreeWebsDisableSSLv2 = $sock->GET_INFO("FreeWebsDisableSSLv2");
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 10);
if ($apache_usr == null) {
build_progress("Fatal could not find apache username", 110);
echo "WARNING !!! could not find apache username!!!\n";
return false;
}
if ($FreeWebListen == null) {
$FreeWebListen = "*";
}
if ($FreeWebListen != "*") {
$FreeWebListenApache = "{$FreeWebListen}";
}
if ($FreeWebListenSSLPort == null) {
$FreeWebListenSSLPort = 443;
}
if (!is_numeric($FreeWebListenSSLPort)) {
$FreeWebListenSSLPort = 443;
}
if (!is_numeric($FreeWebListenPort)) {
$FreeWebListenPort = 80;
}
if (!is_numeric($FreeWebsDisableSSLv2)) {
$FreeWebsDisableSSLv2 = 0;
}
$unix = new unix();
if ($unix->isNGnx()) {
$FreeWebListenPort = 82;
$FreeWebListenSSLPort = 447;
$FreeWebListen = "127.0.0.1";
}
if ($unix->IsSquidReverse()) {
$FreeWebListenPort = 82;
$FreeWebListenSSLPort = 447;
$FreeWebListen = "127.0.0.1";
}
$port = $FreeWebListenPort;
if ($uid != null) {
$u = new user($uid);
$ServerAdmin = $u->mail;
}
if (!isset($ServerAdmin)) {
$ServerAdmin = "webmaster@{$hostname}";
}
$DirectoryIndex = $freeweb->DirectoryIndex();
if ($hostname == "_default_") {
$FreeWebListen = "_default_";
}
$LoadModules = $freeweb->LoadModules();
if ($unix->isNGnx()) {
$freeweb->SSL_enabled = 0;
}
if ($FreeWebDisableSSL == 1) {
$freeweb->SSL_enabled = 0;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 11);
echo "{$prefixOutput} [" . __LINE__ . "] SSL_enabled = {$freeweb->SSL_enabled}\n";
if ($freeweb->SSL_enabled) {
$port = $FreeWebListenSSLPort;
if ($freeweb->ServerPort > 0) {
$FreeWebListenPort = $freeweb->ServerPort;
}
$conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
if ($hostname != "_default_") {
$conf[] = "\tServerName {$hostname}";
}
$conf[] = "\tServerSignature {$ServerSignature}";
$conf[] = "\tRewriteEngine On";
if ($freeweb->Forwarder == 0) {
$conf[] = "\tRewriteCond %{HTTPS} off";
}
$IsSquidReverse = false;
if ($unix->IsSquidReverse()) {
$IsSquidReverse = true;
}
if ($unix->isNGnx()) {
$IsSquidReverse = true;
}
if ($freeweb->Forwarder == 0) {
$redirectPage = null;
if ($IsSquidReverse) {
if ($FreeWebListenSSLPort != 443) {
$conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}:{$FreeWebListenSSLPort}{$redirectPage}";
} else {
$conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}{$redirectPage}";
}
} else {
$conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}{$redirectPage}";
}
}
if ($freeweb->Forwarder == 1) {
$conf[] = "\tRewriteRule (.*) {$freeweb->ForwardTo}";
}
$conf[] = "</VirtualHost>";
$conf[] = "";
$FreeWebListenPort = $FreeWebListenSSLPort;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 12);
$freeweb->CheckDefaultPage();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 13);
$freeweb->CheckWorkingDirectory();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 14);
$ServerAlias = $freeweb->ServerAlias();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 15);
echo "{$prefixOutput} [" . __LINE__ . "] Listen {$FreeWebListen}:{$FreeWebListenPort}\n";
echo "{$prefixOutput} [" . __LINE__ . "] Directory {$freeweb->WORKING_DIRECTORY}\n";
echo "{$prefixOutput} [" . __LINE__ . "] Groupware \"{$freeweb->groupware}\"\n";
if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $freeweb->ServerIP)) {
$freeweb->ServerIP = null;
}
if ($LoadModules != null) {
$conf[] = "{$LoadModules}";
}
if ($freeweb->ServerIP == null) {
if ($freeweb->ServerPort > 0) {
$conf[] = "<VirtualHost {$FreeWebListen}:{$freeweb->ServerPort}>";
} else {
$conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
}
} else {
if ($freeweb->ServerPort > 0) {
$conf[] = "<VirtualHost {$freeweb->ServerIP}:{$freeweb->ServerPort}>";
} else {
$conf[] = "<VirtualHost {$freeweb->ServerIP}:{$FreeWebListenPort}>";
}
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 16);
$AddType = $freeweb->AddType();
if ($AddType != null) {
$conf[] = $AddType;
}
if ($freeweb->SSL_enabled) {
$conf[] = "\tSetEnvIf User-Agent \".*MSIE.*\" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0";
$conf[] = "\tSSLEngine on";
echo "{$prefixOutput} [" . __LINE__ . "] SSLEngine()\n";
$certificates = $freeweb->SSLEngine();
if ($certificates != null) {
$conf[] = $certificates;
}
if ($FreeWebsDisableSSLv2 == 1) {
$conf[] = "\tSSLProtocol -ALL +SSLv3 +TLSv1";
$conf[] = "\tSSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
}
}
$unix = new unix();
if ($hostname != "_default_") {
$conf[] = "\tServerName {$hostname}";
if ($ServerAlias != null) {
$conf[] = $ServerAlias;
}
$sock = new sockets();
$FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
$FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
$FreeWebsEnableOpenVPNProxy = 0;
}
if (!is_numeric($FreeWebsOpenVPNRemotPort)) {
$FreeWebsOpenVPNRemotPort = 0;
}
if ($FreeWebsEnableOpenVPNProxy == 1) {
if ($FreeWebsOpenVPNRemotPort > 0) {
$conf[] = "\tProxyRequests On";
$conf[] = "\tProxyVia On";
$conf[] = "\tAllowCONNECT 1194";
$conf[] = "\tKeepAlive On";
}
}
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 17);
$content_plus = $freeweb->content_plus;
$php_open_base_dir = $freeweb->open_basedir();
$geoip = $freeweb->mod_geoip();
$mod_status = $freeweb->mod_status();
$mod_evasive = $freeweb->mod_evasive();
$Charsets = $freeweb->Charsets();
$php_values = $freeweb->php_values();
$WebdavHeader = $freeweb->WebdavHeader();
$QUOS = $freeweb->QUOS();
$Aliases = $freeweb->Aliases();
$mod_cache = $freeweb->mod_cache();
$mod_fcgid = $freeweb->mod_fcgid();
$RewriteEngine = $freeweb->RewriteEngine();
$mod_bw = $freeweb->mod_bw();
$mpm_itk_module = $freeweb->mpm_itk_module();
$ErrorDocument = $freeweb->ErrorDocument();
$Apache2_AuthenNTLM = $freeweb->Apache2_AuthenNTLM();
if ($APACHE_MOD_PAGESPEED) {
$mod_pagespedd = $freeweb->mod_pagespeed();
}
$conf[] = "\tServerAdmin {$ServerAdmin}";
$conf[] = "\tServerSignature {$ServerSignature}";
$conf[] = "\tDocumentRoot {$freeweb->WORKING_DIRECTORY}";
if ($content_plus != null) {
$conf[] = "\n############## personal content #############\n{$content_plus}\n############################\n";
}
if ($ErrorDocument != null) {
$conf[] = $ErrorDocument;
}
if ($mpm_itk_module != null) {
$conf[] = $mpm_itk_module;
}
if ($mod_evasive != null) {
$conf[] = $mod_evasive;
}
if ($Charsets != null) {
$conf[] = $Charsets;
}
if ($php_values != null) {
$conf[] = $php_values;
}
if ($WebdavHeader != null) {
$conf[] = $WebdavHeader;
}
if ($QUOS != null) {
$conf[] = $QUOS;
}
if ($mod_bw != null) {
$conf[] = $mod_bw;
}
if ($Aliases != null) {
$conf[] = $Aliases;
}
if ($mod_cache != null) {
$conf[] = $mod_cache;
}
if ($geoip != null) {
$conf[] = $geoip;
}
if ($mod_pagespedd != null) {
$conf[] = $mod_pagespedd;
shell_exec("/bin/chown -R {$apache_usr}:{$apache_group} /var/cache/apache2/mod_pagespeed/{$hostname}");
}
if ($mod_status != null) {
$conf[] = $mod_status;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 18);
$ldapRule = null;
if ($freeweb->groupware == "ZARAFA") {
$ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
if (!is_numeric($ZarafaWebNTLM)) {
$ZarafaWebNTLM = 0;
}
$PARAMS = $freeweb->Params["ZARAFAWEB_PARAMS"];
if (!isset($PARAMS["ZarafaWebNTLM"])) {
$PARAMS["ZarafaWebNTLM"] = $ZarafaWebNTLM;
}
if (!is_numeric($PARAMS["ZarafaWebNTLM"])) {
$PARAMS["ZarafaWebNTLM"] = $ZarafaWebNTLM;
}
$ZarafaWebNTLM = $PARAMS["ZarafaWebNTLM"];
if ($ZarafaWebNTLM == 1) {
$AuthLDAP = 1;
}
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 19);
if ($AuthLDAP == 1) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" ldap authentication enabled\n";
$ldap = $GLOBALS["CLASS_LDAP"];
$dn_master_branch = "dc=organizations,{$ldap->suffix}";
if ($uid != null) {
$usr = new user($uid);
$dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
}
$authentication_banner = base64_decode($freeweb->Params["LDAP"]["authentication_banner"]);
if ($authentication_banner == null) {
$authentication_banner = "{$hostname} auth:";
}
$ldapAuth[] = "\t\tAuthName \"{$authentication_banner}\"";
$ldapAuth[] = "\t\tAuthType Basic";
$ldapAuth[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
$ldapAuth[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$ldapAuth[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
$ldapAuth[] = "\t\tAuthLDAPGroupAttribute memberUid";
$ldapAuth[] = "\t\tAuthBasicProvider ldap";
$ldapAuth[] = "\t\tAuthzLDAPAuthoritative off";
$AuthUsers = $freeweb->AuthUsers();
if ($AuthUsers != null) {
$ldapAuth[] = $AuthUsers;
} else {
$ldapAuth[] = "\t\trequire valid-user";
}
$ldapAuth[] = "";
$ldapRule = @implode("\n", $ldapAuth);
}
//DIRECTORY
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 20);
$OptionExecCGI = null;
$allowFrom = $freeweb->AllowFrom();
$JkMount = $freeweb->JkMount();
if ($JkMount != null) {
$conf[] = $JkMount;
}
$WebDav = $freeweb->WebDav();
$AllowOverride = $freeweb->AllowOverride();
$mod_rewrite = $freeweb->mod_rewrite();
$IndexIgnores = $freeweb->IndexIgnores();
$DirectorySecond = $freeweb->DirectorySecond();
if ($mod_fcgid != null) {
$OptionExecCGI = " +ExecCGI";
}
$DirectoryContent = $freeweb->DirectoryContent();
$SymLinksIfOwnerMatch = null;
$FollowSymLinks = null;
$Indexes = " Indexes";
if ($freeweb->Params["SECURITY"]["FreeWebsDisableBrowsing"] == 1) {
$Indexes = " -Indexes";
}
if ($freeweb->Params["SECURITY"]["SymLinksIfOwnerMatch"] == 1) {
$SymLinksIfOwnerMatch = " +SymLinksIfOwnerMatch";
}
if ($freeweb->Params["SECURITY"]["FollowSymLinks"] == 1) {
$FollowSymLinks = " +FollowSymLinks";
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 21);
$conf[] = "\n\t<Directory \"{$freeweb->WORKING_DIRECTORY}/\">";
if ($Apache2_AuthenNTLM != null) {
$conf[] = $Apache2_AuthenNTLM;
}
if ($DirectoryContent == null) {
$DirectoryIndex = $freeweb->DirectoryIndex();
$conf[] = "\t\tDirectoryIndex {$DirectoryIndex}";
$conf[] = "\t\tOptions{$Indexes}{$FollowSymLinks}{$SymLinksIfOwnerMatch} MultiViews{$OptionExecCGI}";
if ($IndexIgnores != null) {
$conf[] = $IndexIgnores;
}
if ($WebDav != null) {
$conf[] = $WebDav;
}
if ($AllowOverride != null) {
$conf[] = $AllowOverride;
} else {
$conf[] = "\t\tAllowOverride AuthConfig FileInfo";
}
$conf[] = "\t\tOrder allow,deny";
if ($allowFrom != null) {
$conf[] = $allowFrom;
}
} else {
$conf[] = $DirectoryContent;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 22);
if ($geoip != null) {
$conf[] = "\t\tDeny from env=BlockCountry";
}
if ($mod_rewrite != null) {
$conf[] = $mod_rewrite;
}
if ($ldapRule != null) {
$conf[] = $ldapRule;
}
if ($RewriteEngine != null) {
$conf[] = $RewriteEngine;
}
$conf[] = "\t</Directory>\n";
if ($mod_fcgid != null) {
$conf[] = $mod_fcgid;
}
if ($DirectorySecond != null) {
$conf[] = $DirectorySecond;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 23);
$zarafaProxy = $freeweb->ZarafaProxyJabberd();
if ($zarafaProxy != null) {
$conf[] = $zarafaProxy;
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 24);
$WebDavFree = $freeweb->WebDavTable();
if ($WebDavFree != null) {
$conf[] = $WebDavFree;
}
if ($freeweb->UseReverseProxy == 1) {
$conf[] = $freeweb->ReverseProxy();
$conf[] = "\t<Proxy *>";
$conf[] = "\t\tOrder allow,deny";
$conf[] = $freeweb->AllowFrom();
if ($AuthLDAP == 1) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" ldap authentication enabled\n";
$ldap = $GLOBALS["CLASS_LDAP"];
$dn_master_branch = "dc=organizations,{$ldap->suffix}";
if ($uid != null) {
$usr = new user($uid);
$dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
}
if ($freeweb->Params["LDAP"]["authentication_banner"] == null) {
$freeweb->Params["LDAP"]["authentication_banner"] = "Please Logon";
}
$conf[] = "";
$conf[] = "\t\tAuthName \"" . base64_decode($freeweb->Params["LDAP"]["authentication_banner"]) . "\"";
$conf[] = "\t\tAuthType Basic";
$conf[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
$conf[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$conf[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
$conf[] = "\t\tAuthLDAPGroupAttributeIsDN off";
$conf[] = "\t\tAuthLDAPGroupAttribute memberUid";
$conf[] = "\t\tAuthBasicProvider ldap";
$conf[] = "\t\tAuthzLDAPAuthoritative off";
$AuthUsers = $freeweb->AuthUsers();
if ($AuthUsers != null) {
$conf[] = $AuthUsers;
} else {
$conf[] = "\t\trequire valid-user";
}
$conf[] = "";
}
$conf[] = "\t</Proxy>";
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 25);
$conf[] = $freeweb->FilesRestrictions();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 26);
$conf[] = $freeweb->mod_security();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 27);
$ScriptAliases = $freeweb->ScriptAliases();
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 28);
if (!is_dir("/var/log/apache2/{$hostname}")) {
@mkdir("/var/log/apache2/{$hostname}", 0755, true);
}
if ($ScriptAliases != null) {
$conf[] = $ScriptAliases;
}
$conf[] = "\tLogFormat \"%h %{X-Forwarded-For}i %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\" combinedv";
$conf[] = "\tCustomLog /var/log/apache2/common-access.log combinedv";
$conf[] = "\tErrorLog /var/log/apache2/error.log";
$conf[] = "\tLogLevel warn";
$conf[] = "</VirtualHost>";
$conf[] = "";
$prefix_filename = "artica-";
$suffix_filename = ".conf";
$middle_filename = $hostname;
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 29);
if ($hostname == "_default_") {
$prefix_filename = "000-";
$middle_filename = "default";
$suffix_filename = null;
if ($freeweb->SSL_enabled) {
$prefix_filename = null;
$middle_filename = "default-ssl";
@file_put_contents("/etc/apache2/sites-enabled/default-ssl", @implode("\n", $conf));
}
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 30);
$FileConfigurationPath = "{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}";
$FileConfigurationBackupPath = "/root/{$prefix_filename}{$middle_filename}{$suffix_filename}";
if (is_file($FileConfigurationPath)) {
@unlink($FileConfigurationBackupPath);
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache backup old configuration\n";
@copy($FileConfigurationPath, $FileConfigurationBackupPath);
}
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache saving *** {$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename} *** line " . __LINE__ . "\n";
}
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 31);
@file_put_contents($FileConfigurationPath, @implode("\n", $conf));
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" filename: '" . basename("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}") . "' done\n";
build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 32);
$freeweb->phpmyadmin();
if (!is_dir("{$freeweb->WORKING_DIRECTORY}")) {
@mkdir("{$freeweb->WORKING_DIRECTORY}", 0755, true);
}
if (is_file("/etc/apache2/sites-enabled/000-default")) {
@touch("/etc/apache2/sites-enabled/000-default");
}
build_progress("Building {$hostname} {testing_configuration}", 33);
if (!TestingApacheConfigurationFile()) {
build_progress("Building {$hostname} {testing_configuration} {failed}", 110);
$freeweb->SetError(1);
@unlink($FileConfigurationPath);
if (is_file($FileConfigurationBackupPath)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache restore old configuration file\n";
@copy($FileConfigurationBackupPath, $FileConfigurationPath);
}
return false;
} else {
$freeweb->SetError(0);
}
$unix = new unix();
$nohup = $unix->find_program("nohup");
$chown = $unix->find_program("chown");
$php = $unix->LOCATE_PHP5_BIN();
if (is_file("/etc/php5/apache2/php.ini")) {
$timephpini = $unix->file_time_min("/etc/php5/apache2/php.ini");
if ($timephpini > 60) {
shell_exec("{$php} /usr/share/artica-postfix/exec.php.ini.php");
}
}
build_progress("Building {$hostname} {apply_permissions} - {$freeweb->groupware} -", 34);
if ($freeweb->groupware == "EYEOS") {
install_EYEOS($hostname);
}
if ($freeweb->groupware == "GROUPOFFICE") {
group_office_install($hostname, true);
}
if ($freeweb->groupware == "PIWIK") {
install_PIWIK($hostname, true);
}
if ($freeweb->groupware == "DRUPAL") {
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.freeweb.php --drupal-infos \"{$hostname}\" >/dev/null 2>&1 &");
}
if ($freeweb->groupware == "WORDPRESS") {
build_progress("Building {$hostname} verify wordpress website..", 35);
system("{$php} /usr/share/artica-postfix/exec.wordpress.php \"{$hostname}\"");
if (!is_file("{$freeweb->WORKING_DIRECTORY}/wp-config.php")) {
return false;
}
}
build_progress("Building {$hostname} {apply_permissions}", 60);
$freeweb->ApplyPermissions();
build_progress("Building {$hostname} {checking_reverse_proxy}", 65);
$freeweb->update_groupware_version();
if ($GLOBALS["NGINX_CONFIGURE"]) {
$EnableNginx = $sock->GET_INFO("EnableNginx");
if (!is_numeric($EnableNginx)) {
$EnableNginx = 1;
}
if ($EnableNginx == 1) {
$php = $unix->LOCATE_PHP5_BIN();
build_progress("Building {$hostname} {checking_reverse_proxy} - NGINX", 70);
system("{$php} /usr/share/artica-postfix/exec.nginx.php --reconfigure \"{$hostname}\"");
build_progress("Building {$hostname} {checking_reverse_proxy} OK", 75);
}
}
build_progress("Building {$hostname} -> DONE", 80);
return true;
}
function buildHost($uid = null, $hostname, $ssl = null, $d_path = null, $Params = array())
{
echo "Starting......: Apache building \"{$hostname}\"\n";
create_cron_task();
CheckLibraries();
$unix = $GLOBALS["CLASS_UNIX"];
$sock = $GLOBALS["CLASS_SOCKETS"];
$users = $GLOBALS["CLASS_USERS_MENUS"];
$AuthLDAP = 0;
$mod_pagespedd = null;
$EnableLDAPAllSubDirectories = 0;
$APACHE_MOD_AUTHNZ_LDAP = $users->APACHE_MOD_AUTHNZ_LDAP;
$APACHE_MOD_PAGESPEED = $users->APACHE_MOD_PAGESPEED;
$freeweb = new freeweb($hostname);
$Params = $freeweb->Params;
if ($freeweb->servername == null) {
echo "Starting......: Apache \"{$hostname}\" freeweb->servername no such servername \n";
return;
}
$FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
$FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
$FreeWebDisableSSL = trim($sock->GET_INFO("FreeWebDisableSSL"));
if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
$FreeWebsEnableOpenVPNProxy = 0;
}
if (!is_numeric($FreeWebDisableSSL)) {
$FreeWebDisableSSL = 0;
}
if ($FreeWebDisableSSL == 1) {
if ($freeweb->SSL_enabled) {
echo "Starting......: Apache \"{$hostname}\" SSL is globally disabled \n";
}
$freeweb->SSL_enabled = false;
}
$d_path = $freeweb->APACHE_DIR_SITES_ENABLED;
if (isset($Params["LDAP"]["enabled"])) {
$AuthLDAP = $Params["LDAP"]["enabled"];
}
if (isset($Params["LDAP"]["EnableLDAPAllSubDirectories"])) {
$EnableLDAPAllSubDirectories = $Params["LDAP"]["EnableLDAPAllSubDirectories"];
}
//server signature.
if (!isset($Params["SECURITY"])) {
$Params["SECURITY"]["ServerSignature"] = null;
}
$ServerSignature = $Params["SECURITY"]["ServerSignature"];
if ($ServerSignature == null) {
$ServerSignature = $sock->GET_INFO("ApacheServerSignature");
}
if (!is_numeric($ServerSignature)) {
$ServerSignature = 1;
}
if ($ServerSignature == 1) {
$ServerSignature = "On";
} else {
$ServerSignature = "Off";
}
if (!$APACHE_MOD_AUTHNZ_LDAP) {
$AuthLDAP = 0;
}
$apache_usr = $unix->APACHE_SRC_ACCOUNT();
$apache_group = $unix->APACHE_SRC_GROUP();
$FreeWebListen = $sock->GET_INFO("FreeWebListen");
$FreeWebListenPort = $sock->GET_INFO("FreeWebListenPort");
$FreeWebListenSSLPort = $sock->GET_INFO("FreeWebListenSSLPort");
$FreeWebListen = $sock->GET_INFO("FreeWebListen");
$FreeWebsDisableSSLv2 = $sock->GET_INFO("FreeWebsDisableSSLv2");
if ($FreeWebListen == null) {
$FreeWebListen = "*";
}
if ($FreeWebListen != "*") {
$FreeWebListenApache = "{$FreeWebListen}";
}
if ($FreeWebListenSSLPort == null) {
$FreeWebListenSSLPort = 443;
}
if (!is_numeric($FreeWebListenSSLPort)) {
$FreeWebListenSSLPort = 443;
}
if (!is_numeric($FreeWebListenPort)) {
$FreeWebListenPort = 80;
}
if (!is_numeric($FreeWebsDisableSSLv2)) {
$FreeWebsDisableSSLv2 = 0;
}
$port = $FreeWebListen;
if ($uid != null) {
$u = new user($uid);
$ServerAdmin = $u->mail;
}
if (!isset($ServerAdmin)) {
$ServerAdmin = "webmaster@{$hostname}";
}
$DirectoryIndex = $freeweb->DirectoryIndex();
if ($hostname == "_default_") {
$FreeWebListen = "_default_";
}
if ($freeweb->SSL_enabled) {
$unix->vhosts_BuildCertificate($hostname);
$port = $FreeWebListenSSLPort;
if ($freeweb->ServerPort > 0) {
$FreeWebListenPort = $freeweb->ServerPort;
}
$conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
if ($hostname != "_default_") {
$conf[] = "\tServerName {$hostname}";
}
$conf[] = "\tServerSignature {$ServerSignature}";
$conf[] = "\tRewriteEngine On";
if ($freeweb->Forwarder == 0) {
$conf[] = "\tRewriteCond %{HTTPS} off";
}
if ($freeweb->Forwarder == 0) {
$conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}:{$FreeWebListenSSLPort}";
}
if ($freeweb->Forwarder == 1) {
$conf[] = "\tRewriteRule (.*) {$freeweb->ForwardTo}";
}
$conf[] = "</VirtualHost>";
$conf[] = "";
$FreeWebListenPort = $FreeWebListenSSLPort;
}
$freeweb->CheckDefaultPage();
$freeweb->CheckWorkingDirectory();
$ServerAlias = $freeweb->ServerAlias();
if ($freeweb->ServerPort > 0) {
$FreeWebListenPort = $freeweb->ServerPort;
}
echo "Starting......: Apache \"{$hostname}\" Listen {$FreeWebListen}:{$FreeWebListenPort}\n";
echo "Starting......: Apache \"{$hostname}\" Directory {$freeweb->WORKING_DIRECTORY}\n";
$conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
if ($freeweb->SSL_enabled) {
$conf[] = "\tSetEnvIf User-Agent \".*MSIE.*\" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0";
$conf[] = "\tSSLEngine on";
$conf[] = "\tSSLCertificateFile {$GLOBALS["SSLKEY_PATH"]}/{$hostname}.crt";
$conf[] = "\tSSLCertificateKeyFile {$GLOBALS["SSLKEY_PATH"]}/{$hostname}.key";
if ($FreeWebsDisableSSLv2 == 1) {
$conf[] = "\tSSLProtocol -ALL +SSLv3 +TLSv1";
$conf[] = "\tSSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
}
}
if ($hostname != "_default_") {
$conf[] = "\tServerName {$hostname}";
if ($ServerAlias != null) {
$conf[] = $ServerAlias;
}
$sock = new sockets();
$FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
$FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
$FreeWebsEnableOpenVPNProxy = 0;
}
if (!is_numeric($FreeWebsOpenVPNRemotPort)) {
$FreeWebsOpenVPNRemotPort = 0;
}
if ($FreeWebsEnableOpenVPNProxy == 1) {
if ($FreeWebsOpenVPNRemotPort > 0) {
$conf[] = "\tProxyRequests On";
$conf[] = "\tProxyVia On";
$conf[] = "\tAllowCONNECT 1194";
$conf[] = "\tKeepAlive On";
}
}
}
$php_open_base_dir = $freeweb->open_basedir();
$geoip = $freeweb->mod_geoip();
$mod_status = $freeweb->mod_status();
$mod_evasive = $freeweb->mod_evasive();
$Charsets = $freeweb->Charsets();
$php_values = $freeweb->php_values();
$WebdavHeader = $freeweb->WebdavHeader();
$QUOS = $freeweb->QUOS();
$Aliases = $freeweb->Aliases();
$mod_cache = $freeweb->mod_cache();
$mod_fcgid = $freeweb->mod_fcgid();
$RewriteEngine = $freeweb->RewriteEngine();
if ($APACHE_MOD_PAGESPEED) {
$mod_pagespedd = $freeweb->mod_pagespeed();
}
$conf[] = "\tServerAdmin {$ServerAdmin}";
$conf[] = "\tServerSignature {$ServerSignature}";
$conf[] = "\tDocumentRoot {$freeweb->WORKING_DIRECTORY}";
if ($mod_evasive != null) {
$conf[] = $mod_evasive;
}
if ($Charsets != null) {
$conf[] = $Charsets;
}
if ($php_values != null) {
$conf[] = $php_values;
}
if ($WebdavHeader != null) {
$conf[] = $WebdavHeader;
}
if ($QUOS != null) {
$conf[] = $QUOS;
}
if ($QUOS != null) {
$conf[] = $QUOS;
}
if ($Aliases != null) {
$conf[] = $Aliases;
}
if ($mod_cache != null) {
$conf[] = $mod_cache;
}
if ($geoip != null) {
$conf[] = $geoip;
}
if ($mod_pagespedd != null) {
$conf[] = $mod_pagespedd;
shell_exec("/bin/chown -R {$apache_usr}:{$apache_group} /var/cache/apache2/mod_pagespeed/{$hostname}");
}
if ($mod_status != null) {
$conf[] = $mod_status;
}
if ($RewriteEngine != null) {
$conf[] = $RewriteEngine;
}
$ldapRule = null;
if ($freeweb->groupware == "ZARAFA") {
$ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
if (!is_numeric($ZarafaWebNTLM)) {
$ZarafaWebNTLM = 0;
}
if ($ZarafaWebNTLM == 1) {
$AuthLDAP = 1;
}
}
if ($AuthLDAP == 1) {
echo "Starting......: Apache \"{$hostname}\" ldap authentication enabled\n";
$ldap = $GLOBALS["CLASS_LDAP"];
$dn_master_branch = "dc=organizations,{$ldap->suffix}";
if ($uid != null) {
$usr = new user($uid);
$dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
}
$ldapAuth[] = "\t\tAuthName \"" . base64_decode($Params["LDAP"]["authentication_banner"]) . "\"";
$ldapAuth[] = "\t\tAuthType Basic";
$ldapAuth[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
$ldapAuth[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$ldapAuth[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
$ldapAuth[] = "\t\tAuthLDAPGroupAttribute memberUid";
$ldapAuth[] = "\t\tAuthBasicProvider ldap";
$ldapAuth[] = "\t\tAuthzLDAPAuthoritative off";
$AuthUsers = $freeweb->AuthUsers();
if ($AuthUsers != null) {
$ldapAuth[] = $AuthUsers;
} else {
$ldapAuth[] = "\t\trequire valid-user";
}
$ldapAuth[] = "";
$ldapRule = @implode("\n", $ldapAuth);
}
//DIRECTORY
$OptionExecCGI = null;
$allowFrom = $freeweb->AllowFrom();
$JkMount = $freeweb->JkMount();
if ($JkMount != null) {
$conf[] = $JkMount;
}
$WebDav = $freeweb->WebDav();
$AllowOverride = $freeweb->AllowOverride();
$mod_rewrite = $freeweb->mod_rewrite();
if ($mod_fcgid != null) {
$OptionExecCGI = " +ExecCGI";
}
$conf[] = "\n\t<Directory \"{$freeweb->WORKING_DIRECTORY}/\">";
$conf[] = "\t\tDirectoryIndex {$DirectoryIndex}";
$conf[] = "\t\tOptions Indexes +FollowSymLinks MultiViews{$OptionExecCGI}";
$conf[] = "\t\tAllowOverride All";
if ($WebDav != null) {
$conf[] = $WebDav;
}
if ($AllowOverride != null) {
$conf[] = $AllowOverride;
}
$conf[] = "\t\tOrder allow,deny";
if ($allowFrom != null) {
$conf[] = $allowFrom;
}
if ($geoip != null) {
$conf[] = "\t\tDeny from env=BlockCountry";
}
if ($mod_rewrite != null) {
$conf[] = $mod_rewrite;
}
if ($ldapRule != null) {
$conf[] = $ldapRule;
}
$conf[] = "\t</Directory>\n";
if ($mod_fcgid != null) {
$conf[] = $mod_fcgid;
}
if ($freeweb->UseReverseProxy == 1) {
$conf[] = $freeweb->ReverseProxy();
$conf[] = "\t<Proxy *>";
$conf[] = "\t\tOrder allow,deny";
$conf[] = $freeweb->AllowFrom();
if ($AuthLDAP == 1) {
echo "Starting......: Apache \"{$hostname}\" ldap authentication enabled\n";
$ldap = $GLOBALS["CLASS_LDAP"];
$dn_master_branch = "dc=organizations,{$ldap->suffix}";
if ($uid != null) {
$usr = new user($uid);
$dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
}
$conf[] = "";
$conf[] = "\t\tAuthName \"" . base64_decode($Params["LDAP"]["authentication_banner"]) . "\"";
$conf[] = "\t\tAuthType Basic";
$conf[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
$conf[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$conf[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
$conf[] = "\t\tAuthLDAPGroupAttributeIsDN off";
$conf[] = "\t\tAuthLDAPGroupAttribute memberUid";
$conf[] = "\t\tAuthBasicProvider ldap";
$conf[] = "\t\tAuthzLDAPAuthoritative off";
$AuthUsers = $freeweb->AuthUsers();
if ($AuthUsers != null) {
$conf[] = $AuthUsers;
} else {
$conf[] = "\t\trequire valid-user";
}
$conf[] = "";
}
$conf[] = "\t</Proxy>";
}
$conf[] = $freeweb->FilesRestrictions();
$conf[] = $freeweb->mod_security();
if (!is_dir("/var/log/apache2/{$hostname}")) {
@mkdir("/var/log/apache2/{$hostname}", 755, true);
}
$conf[] = $freeweb->ScriptAliases();
$conf[] = "\tLogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\" combinedv";
$conf[] = "\tCustomLog /var/log/apache2/{$hostname}/access.log combinedv";
$conf[] = "\tErrorLog /var/log/apache2/{$hostname}/error.log";
$conf[] = "\tLogLevel warn";
$conf[] = "</VirtualHost>";
$conf[] = "";
$prefix_filename = "artica-";
$suffix_filename = ".conf";
$middle_filename = $hostname;
if ($hostname == "_default_") {
$prefix_filename = "000-";
$middle_filename = "default";
$suffix_filename = null;
}
if ($GLOBALS["VERBOSE"]) {
echo "Starting......: Apache saving *** {$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename} *** line " . __LINE__ . "\n";
}
@file_put_contents("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}", @implode("\n", $conf));
echo "Starting......: Apache \"{$hostname}\" filename: '" . basename("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}") . "' done\n";
$freeweb->phpmyadmin();
@mkdir("{$freeweb->WORKING_DIRECTORY}", 666, true);
if ($freeweb->groupware == "EYEOS") {
install_EYEOS($hostname);
}
if ($freeweb->groupware == "GROUPOFFICE") {
group_office_install($hostname, true);
}
if ($freeweb->groupware == "PIWIK") {
install_PIWIK($hostname, true);
}
if ($freeweb->groupware == "DRUPAL") {
$unix = new unix();
$nohup = $unix->find_program("nohup");
shell_exec("{$nohup} " . $unix->LOCATE_PHP5_BIN() . " /usr/share/artica-postfix/exec.freeweb.php --drupal-infos \"{$hostname}\" >/dev/null 2>&1 &");
}
}
