/**
* We put together the needed php options in the virtualhost entries
*
* @param array $domain
* @param bool $ssl_vhost
*
* @return string
*/
protected function composePhpOptions($domain, $ssl_vhost = false)
{
$php_options_text = '';
if ($domain['phpenabled'] == '1') {
// This vHost has PHP enabled and we are using the regular mod_php
if ($domain['openbasedir'] == '1') {
$_phpappendopenbasedir = appendOpenBasedirPath($domain['customerroot'], true);
$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$php_options_text .= ' php_admin_value open_basedir "' . $_phpappendopenbasedir . '"' . "\n";
}
} else {
$php_options_text .= ' # PHP is disabled for this vHost' . "\n";
$php_options_text .= ' php_flag engine off' . "\n";
}
/**
* check for apache-itk-support, #1400
* why is this here? Because it only works with mod_php
*/
if (Settings::get('system.apacheitksupport') == 1) {
$php_options_text .= ' <IfModule mpm_itk_module>' . "\n";
$php_options_text .= ' AssignUserID ' . $domain['loginname'] . ' ' . $domain['loginname'] . "\n";
$php_options_text .= ' </IfModule>' . "\n";
}
return $php_options_text;
}
/**
* create fpm-pool config
*
* @param array $phpconfig
*/
public function createConfig($phpconfig)
{
$fh = @fopen($this->getConfigFile(), 'w');
if ($fh) {
$fpm_pm = Settings::Get('phpfpm.pm');
$fpm_children = (int) Settings::Get('phpfpm.max_children');
$fpm_start_servers = (int) Settings::Get('phpfpm.start_servers');
$fpm_min_spare_servers = (int) Settings::Get('phpfpm.min_spare_servers');
$fpm_max_spare_servers = (int) Settings::Get('phpfpm.max_spare_servers');
$fpm_requests = (int) Settings::Get('phpfpm.max_requests');
$fpm_process_idle_timeout = (int) Settings::Get('phpfpm.idle_timeout');
if ($fpm_children == 0) {
$fpm_children = 1;
}
$fpm_config = ';PHP-FPM configuration for "' . $this->_domain['domain'] . '" created on ' . date("Y.m.d H:i:s") . "\n";
$fpm_config .= '[' . $this->_domain['domain'] . ']' . "\n";
$fpm_config .= 'listen = ' . $this->getSocketFile() . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config .= 'listen.owner = ' . $this->_domain['guid'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config .= 'listen.owner = ' . $this->_domain['loginname'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['loginname'] . "\n";
}
// see #1418 why this is 0660
$fpm_config .= 'listen.mode = 0660' . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config .= 'user = '******'guid'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config .= 'user = '******'loginname'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['loginname'] . "\n";
}
$fpm_config .= 'pm = ' . $fpm_pm . "\n";
$fpm_config .= 'pm.max_children = ' . $fpm_children . "\n";
if ($fpm_pm == 'dynamic') {
// honor max_children
if ($fpm_children < $fpm_min_spare_servers) {
$fpm_min_spare_servers = $fpm_children;
}
if ($fpm_children < $fpm_max_spare_servers) {
$fpm_max_spare_servers = $fpm_children;
}
// failsafe, refs #955
if ($fpm_start_servers < $fpm_min_spare_servers) {
$fpm_start_servers = $fpm_min_spare_servers;
}
if ($fpm_start_servers > $fpm_max_spare_servers) {
$fpm_start_servers = $fpm_start_servers - ($fpm_start_servers - $fpm_max_spare_servers + 1);
}
$fpm_config .= 'pm.start_servers = ' . $fpm_start_servers . "\n";
$fpm_config .= 'pm.min_spare_servers = ' . $fpm_min_spare_servers . "\n";
$fpm_config .= 'pm.max_spare_servers = ' . $fpm_max_spare_servers . "\n";
} elseif ($fpm_pm == 'ondemand') {
$fpm_config .= 'pm.process_idle_timeout = ' . $fpm_process_idle_timeout . "\n";
}
$fpm_config .= 'pm.max_requests = ' . $fpm_requests . "\n";
// possible slowlog configs
if ($phpconfig['fpm_slowlog'] == '1') {
$fpm_config .= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
$fpm_config .= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
$slowlog = makeCorrectFile(Settings::Get('system.logfiles_directory') . '/' . $this->_domain['loginname'] . '-php-slow.log');
$fpm_config .= 'slowlog = ' . $slowlog . "\n";
$fpm_config .= 'catch_workers_output = yes' . "\n";
}
$fpm_config .= ';chroot = ' . makeCorrectDir($this->_domain['documentroot']) . "\n";
$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
if (!is_dir($tmpdir)) {
$this->getTempDir();
}
$fpm_config .= 'env[TMP] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TMPDIR] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TEMP] = ' . $tmpdir . "\n";
$openbasedir = '';
if ($this->_domain['loginname'] != 'froxlor.panel') {
if ($this->_domain['openbasedir'] == '1') {
$_phpappendopenbasedir = '';
$_custom_openbasedir = explode(':', Settings::Get('phpfpm.peardir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
} else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
$openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir;
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
foreach ($openbasedir as $number => $path) {
if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
}
}
$fpm_config .= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$fpm_config .= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$admin = $this->_getAdminData($this->_domain['adminid']);
$php_ini_variables = array('SAFE_MODE' => 'Off', 'PEAR_DIR' => Settings::Get('system.mod_fcgid_peardir'), 'TMP_DIR' => $this->getTempDir(), 'CUSTOMER_EMAIL' => $this->_domain['email'], 'ADMIN_EMAIL' => $admin['email'], 'DOMAIN' => $this->_domain['domain'], 'CUSTOMER' => $this->_domain['loginname'], 'ADMIN' => $admin['loginname'], 'OPEN_BASEDIR' => $openbasedir, 'OPEN_BASEDIR_C' => '');
$phpini = replace_variables($phpconfig['phpsettings'], $php_ini_variables);
$phpini_array = explode("\n", $phpini);
$fpm_config .= "\n\n";
foreach ($phpini_array as $inisection) {
$is = explode("=", $inisection);
foreach ($this->_ini as $sec => $possibles) {
if (in_array(trim($is[0]), $possibles)) {
// check explictly for open_basedir
if (trim($is[0]) == 'open_basedir' && $openbasedir == '') {
continue;
}
$fpm_config .= $sec . '[' . trim($is[0]) . '] = ' . trim($is[1]) . "\n";
}
}
}
// now check if 'sendmail_path' has not beed set in the custom-php.ini
// if not we use our fallback-default as usual
if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->_domain['email'] . "\n";
}
fwrite($fh, $fpm_config, strlen($fpm_config));
fclose($fh);
}
}
/**
* We put together the needed php options in the virtualhost entries
*
* @param array $domain
* @param bool $ssl_vhost
*
* @return string
*/
protected function composePhpOptions($domain, $ssl_vhost = false)
{
$php_options_text = '';
if ($domain['phpenabled'] == '1') {
// This vHost has PHP enabled and we are using the regular mod_php
if ($domain['openbasedir'] == '1') {
$_phpappendopenbasedir = appendOpenBasedirPath($domain['customerroot'], true);
$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$php_options_text .= ' php_admin_value open_basedir "' . $_phpappendopenbasedir . '"' . "\n";
}
} else {
$php_options_text .= ' # PHP is disabled for this vHost' . "\n";
$php_options_text .= ' php_flag engine off' . "\n";
}
return $php_options_text;
}
/**
* create customized php.ini
*
* @param array $phpconfig
*/
public function createIniFile($phpconfig)
{
$openbasedir = '';
$openbasedirc = ';';
if ($this->_domain['openbasedir'] == '1') {
$openbasedirc = '';
$_phpappendopenbasedir = '';
$_custom_openbasedir = explode(':', Settings::Get('system.mod_fcgid_peardir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
} else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
$openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir;
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
foreach ($openbasedir as $number => $path) {
if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
} else {
$openbasedir = 'none';
$openbasedirc = ';';
}
$admin = $this->_getAdminData($this->_domain['adminid']);
$php_ini_variables = array('SAFE_MODE' => 'Off', 'PEAR_DIR' => Settings::Get('system.mod_fcgid_peardir'), 'OPEN_BASEDIR' => $openbasedir, 'OPEN_BASEDIR_C' => $openbasedirc, 'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.hpappendopenbasedir'), 'TMP_DIR' => $this->getTempDir(), 'CUSTOMER_EMAIL' => $this->_domain['email'], 'ADMIN_EMAIL' => $admin['email'], 'DOMAIN' => $this->_domain['domain'], 'CUSTOMER' => $this->_domain['loginname'], 'ADMIN' => $admin['loginname']);
//insert a small header for the file
$phpini_file = ";\n";
$phpini_file .= "; php.ini created/changed on " . date("Y.m.d H:i:s") . " for domain '" . $this->_domain['domain'] . "' with id #" . $this->_domain['id'] . " from php template '" . $phpconfig['description'] . "' with id #" . $phpconfig['id'] . "\n";
$phpini_file .= "; Do not change anything in this file, it will be overwritten by the Froxlor Cronjob!\n";
$phpini_file .= ";\n\n";
$phpini_file .= replace_variables($phpconfig['phpsettings'], $php_ini_variables);
$phpini_file = str_replace('"none"', 'none', $phpini_file);
$phpini_file = preg_replace('/\\"+/', '"', $phpini_file);
$phpini_file_handler = fopen($this->getIniFile(), 'w');
fwrite($phpini_file_handler, $phpini_file);
fclose($phpini_file_handler);
safe_exec('chown root:0 ' . escapeshellarg($this->getIniFile()));
safe_exec('chmod 0644 ' . escapeshellarg($this->getIniFile()));
}
protected function composePhpOptions($domain)
{
$php_options_text = '';
if ($domain['phpenabled'] == '1') {
// This vHost has PHP enabled and we are using the regular mod_php
if ($domain['openbasedir'] == '1') {
if ($domain['openbasedir_path'] == '1' || strstr($domain['documentroot'], ":") !== false) {
$_phpappendopenbasedir = appendOpenBasedirPath($domain['customerroot'], true);
} else {
$_phpappendopenbasedir = appendOpenBasedirPath($domain['documentroot'], true);
}
$_custom_openbasedir = explode(':', $this->settings['system']['phpappendopenbasedir']);
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$php_options_text .= ' php_admin_value open_basedir "' . $_phpappendopenbasedir . '"' . "\n";
}
if ($domain['safemode'] == '0') {
$php_options_text .= ' php_admin_flag safe_mode Off ' . "\n";
} else {
$php_options_text .= ' php_admin_flag safe_mode On ' . "\n";
}
} else {
$php_options_text .= ' # PHP is disabled for this vHost' . "\n";
$php_options_text .= ' php_flag engine off' . "\n";
}
return $php_options_text;
}
public function createConfig($phpconfig)
{
$fh = @fopen($this->getConfigFile(), 'w');
if ($fh) {
$fpm_pm = $this->_settings['phpfpm']['pm'];
$fpm_children = (int) $this->_settings['phpfpm']['max_children'];
$fpm_start_servers = (int) $this->_settings['phpfpm']['start_servers'];
$fpm_min_spare_servers = (int) $this->_settings['phpfpm']['min_spare_servers'];
$fpm_max_spare_servers = (int) $this->_settings['phpfpm']['max_spare_servers'];
$fpm_requests = (int) $this->_settings['phpfpm']['max_requests'];
if ($fpm_children == 0) {
$fpm_children = 1;
}
$fpm_config = ';PHP-FPM configuration for "' . $this->_domain['domain'] . '" created on ' . date("Y.m.d H:i:s") . "\n";
$fpm_config .= '[' . $this->_domain['domain'] . ']' . "\n";
$fpm_config .= 'listen = ' . $this->getSocketFile() . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config .= 'listen.owner = ' . $this->_domain['guid'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config .= 'listen.owner = ' . $this->_domain['loginname'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['loginname'] . "\n";
}
$fpm_config .= 'listen.mode = 0666' . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config .= 'user = '******'guid'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config .= 'user = '******'loginname'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['loginname'] . "\n";
}
$fpm_config .= 'pm = ' . $fpm_pm . "\n";
$fpm_config .= 'pm.max_children = ' . $fpm_children . "\n";
if ($fpm_pm == 'dynamic') {
$fpm_config .= 'pm.start_servers = ' . $fpm_start_servers . "\n";
$fpm_config .= 'pm.min_spare_servers = ' . $fpm_min_spare_servers . "\n";
$fpm_config .= 'pm.max_spare_servers = ' . $fpm_max_spare_servers . "\n";
}
$fpm_config .= 'pm.max_requests = ' . $fpm_requests . "\n";
$fpm_config .= ';chroot = ' . makeCorrectDir($this->_domain['documentroot']) . "\n";
$tmpdir = makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/');
if (!is_dir($tmpdir)) {
$this->getTempDir();
}
//$slowlog = makeCorrectFile($this->_settings['system']['logfiles_directory'] . $this->_domain['loginname'] . '/php-fpm_slow.log');
$fpm_config .= 'env[TMP] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TMPDIR] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TEMP] = ' . $tmpdir . "\n";
$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->_domain['email'] . "\n";
if ($this->_domain['loginname'] != 'froxlor.panel') {
if ($this->_domain['openbasedir'] == '1') {
$openbasedir = '';
$_phpappendopenbasedir = '';
$_custom_openbasedir = explode(':', $this->_settings['phpfpm']['peardir']);
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', $this->_settings['system']['phpappendopenbasedir']);
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
} else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
$openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir;
$openbasedir = explode(':', $openbasedir);
$clean_openbasedir = array();
foreach ($openbasedir as $number => $path) {
if (trim($path) != '/') {
$clean_openbasedir[] = makeCorrectDir($path);
}
}
$openbasedir = implode(':', $clean_openbasedir);
$fpm_config .= 'php_admin_value[open_basedir] = ' . $openbasedir . "\n";
}
}
$fpm_config .= 'php_admin_value[session.save_path] = ' . makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/') . "\n";
$fpm_config .= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir($this->_settings['phpfpm']['tmpdir'] . '/' . $this->_domain['loginname'] . '/') . "\n";
fwrite($fh, $fpm_config, strlen($fpm_config));
fclose($fh);
}
}
