Esempio n. 1
0
function buildHost($uid = null, $hostname, $ssl = null, $d_path = null, $Params = array())
{
    $prefixOutput = "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\"";
    echo "{$prefixOutput} [" . __LINE__ . "] Building \"{$hostname}\"\n";
    build_progress("create_cron_task()", 6);
    create_cron_task();
    build_progress("CheckLibraries()", 7);
    CheckLibraries();
    $unix = $GLOBALS["CLASS_UNIX"];
    $sock = $GLOBALS["CLASS_SOCKETS"];
    $users = $GLOBALS["CLASS_USERS_MENUS"];
    $AuthLDAP = 0;
    $mod_pagespedd = null;
    $EnableLDAPAllSubDirectories = 0;
    $APACHE_MOD_AUTHNZ_LDAP = $users->APACHE_MOD_AUTHNZ_LDAP;
    $APACHE_MOD_PAGESPEED = $users->APACHE_MOD_PAGESPEED;
    build_progress("Loading {$hostname} configuration", 8);
    $freeweb = new freeweb($hostname);
    $Params = $freeweb->Params;
    if ($freeweb->servername == null) {
        build_progress("Fatal {$hostname} no such servername", 110);
        echo "{$prefixOutput} [" . __LINE__ . "] freeweb->servername no such servername \n";
        return;
    }
    $FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
    $FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
    $FreeWebDisableSSL = trim($sock->GET_INFO("FreeWebDisableSSL"));
    if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
        $FreeWebsEnableOpenVPNProxy = 0;
    }
    if (!is_numeric($FreeWebDisableSSL)) {
        $FreeWebDisableSSL = 0;
    }
    if ($FreeWebDisableSSL == 1) {
        if ($freeweb->SSL_enabled) {
            echo "{$prefixOutput} [" . __LINE__ . "] SSL is globally disabled \n";
        }
        $freeweb->SSL_enabled = false;
    }
    $d_path = $freeweb->APACHE_DIR_SITES_ENABLED;
    if (isset($Params["LDAP"]["enabled"])) {
        $AuthLDAP = $Params["LDAP"]["enabled"];
    }
    if (isset($Params["LDAP"]["EnableLDAPAllSubDirectories"])) {
        $EnableLDAPAllSubDirectories = $Params["LDAP"]["EnableLDAPAllSubDirectories"];
    }
    //server signature.
    if (!isset($Params["SECURITY"])) {
        $Params["SECURITY"]["ServerSignature"] = null;
    }
    if (!isset($Params["SECURITY"]["ServerSignature"])) {
        $Params["SECURITY"]["ServerSignature"] = null;
    }
    $ServerSignature = $Params["SECURITY"]["ServerSignature"];
    if ($ServerSignature == null) {
        $ServerSignature = $sock->GET_INFO("ApacheServerSignature");
    }
    if (!is_numeric($ServerSignature)) {
        $ServerSignature = 1;
    }
    if ($ServerSignature == 1) {
        $ServerSignature = "On";
    } else {
        $ServerSignature = "Off";
    }
    if (!$APACHE_MOD_AUTHNZ_LDAP) {
        $AuthLDAP = 0;
    }
    $apache_usr = $unix->APACHE_SRC_ACCOUNT();
    $apache_group = $unix->APACHE_SRC_GROUP();
    $FreeWebListenPort = $sock->GET_INFO("FreeWebListenPort");
    $FreeWebListenSSLPort = $sock->GET_INFO("FreeWebListenSSLPort");
    $FreeWebListen = $unix->APACHE_ListenDefaultAddress();
    $FreeWebsDisableSSLv2 = $sock->GET_INFO("FreeWebsDisableSSLv2");
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 10);
    if ($apache_usr == null) {
        build_progress("Fatal could not find apache username", 110);
        echo "WARNING !!! could not find apache username!!!\n";
        return false;
    }
    if ($FreeWebListen == null) {
        $FreeWebListen = "*";
    }
    if ($FreeWebListen != "*") {
        $FreeWebListenApache = "{$FreeWebListen}";
    }
    if ($FreeWebListenSSLPort == null) {
        $FreeWebListenSSLPort = 443;
    }
    if (!is_numeric($FreeWebListenSSLPort)) {
        $FreeWebListenSSLPort = 443;
    }
    if (!is_numeric($FreeWebListenPort)) {
        $FreeWebListenPort = 80;
    }
    if (!is_numeric($FreeWebsDisableSSLv2)) {
        $FreeWebsDisableSSLv2 = 0;
    }
    $unix = new unix();
    if ($unix->isNGnx()) {
        $FreeWebListenPort = 82;
        $FreeWebListenSSLPort = 447;
        $FreeWebListen = "127.0.0.1";
    }
    if ($unix->IsSquidReverse()) {
        $FreeWebListenPort = 82;
        $FreeWebListenSSLPort = 447;
        $FreeWebListen = "127.0.0.1";
    }
    $port = $FreeWebListenPort;
    if ($uid != null) {
        $u = new user($uid);
        $ServerAdmin = $u->mail;
    }
    if (!isset($ServerAdmin)) {
        $ServerAdmin = "webmaster@{$hostname}";
    }
    $DirectoryIndex = $freeweb->DirectoryIndex();
    if ($hostname == "_default_") {
        $FreeWebListen = "_default_";
    }
    $LoadModules = $freeweb->LoadModules();
    if ($unix->isNGnx()) {
        $freeweb->SSL_enabled = 0;
    }
    if ($FreeWebDisableSSL == 1) {
        $freeweb->SSL_enabled = 0;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 11);
    echo "{$prefixOutput} [" . __LINE__ . "] SSL_enabled = {$freeweb->SSL_enabled}\n";
    if ($freeweb->SSL_enabled) {
        $port = $FreeWebListenSSLPort;
        if ($freeweb->ServerPort > 0) {
            $FreeWebListenPort = $freeweb->ServerPort;
        }
        $conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
        if ($hostname != "_default_") {
            $conf[] = "\tServerName {$hostname}";
        }
        $conf[] = "\tServerSignature {$ServerSignature}";
        $conf[] = "\tRewriteEngine On";
        if ($freeweb->Forwarder == 0) {
            $conf[] = "\tRewriteCond %{HTTPS} off";
        }
        $IsSquidReverse = false;
        if ($unix->IsSquidReverse()) {
            $IsSquidReverse = true;
        }
        if ($unix->isNGnx()) {
            $IsSquidReverse = true;
        }
        if ($freeweb->Forwarder == 0) {
            $redirectPage = null;
            if ($IsSquidReverse) {
                if ($FreeWebListenSSLPort != 443) {
                    $conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}:{$FreeWebListenSSLPort}{$redirectPage}";
                } else {
                    $conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}{$redirectPage}";
                }
            } else {
                $conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}{$redirectPage}";
            }
        }
        if ($freeweb->Forwarder == 1) {
            $conf[] = "\tRewriteRule (.*) {$freeweb->ForwardTo}";
        }
        $conf[] = "</VirtualHost>";
        $conf[] = "";
        $FreeWebListenPort = $FreeWebListenSSLPort;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 12);
    $freeweb->CheckDefaultPage();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 13);
    $freeweb->CheckWorkingDirectory();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 14);
    $ServerAlias = $freeweb->ServerAlias();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 15);
    echo "{$prefixOutput} [" . __LINE__ . "] Listen {$FreeWebListen}:{$FreeWebListenPort}\n";
    echo "{$prefixOutput} [" . __LINE__ . "] Directory {$freeweb->WORKING_DIRECTORY}\n";
    echo "{$prefixOutput} [" . __LINE__ . "] Groupware \"{$freeweb->groupware}\"\n";
    if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $freeweb->ServerIP)) {
        $freeweb->ServerIP = null;
    }
    if ($LoadModules != null) {
        $conf[] = "{$LoadModules}";
    }
    if ($freeweb->ServerIP == null) {
        if ($freeweb->ServerPort > 0) {
            $conf[] = "<VirtualHost {$FreeWebListen}:{$freeweb->ServerPort}>";
        } else {
            $conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
        }
    } else {
        if ($freeweb->ServerPort > 0) {
            $conf[] = "<VirtualHost {$freeweb->ServerIP}:{$freeweb->ServerPort}>";
        } else {
            $conf[] = "<VirtualHost {$freeweb->ServerIP}:{$FreeWebListenPort}>";
        }
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 16);
    $AddType = $freeweb->AddType();
    if ($AddType != null) {
        $conf[] = $AddType;
    }
    if ($freeweb->SSL_enabled) {
        $conf[] = "\tSetEnvIf User-Agent \".*MSIE.*\" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0";
        $conf[] = "\tSSLEngine on";
        echo "{$prefixOutput} [" . __LINE__ . "] SSLEngine()\n";
        $certificates = $freeweb->SSLEngine();
        if ($certificates != null) {
            $conf[] = $certificates;
        }
        if ($FreeWebsDisableSSLv2 == 1) {
            $conf[] = "\tSSLProtocol -ALL +SSLv3 +TLSv1";
            $conf[] = "\tSSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
        }
    }
    $unix = new unix();
    if ($hostname != "_default_") {
        $conf[] = "\tServerName {$hostname}";
        if ($ServerAlias != null) {
            $conf[] = $ServerAlias;
        }
        $sock = new sockets();
        $FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
        $FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
        if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
            $FreeWebsEnableOpenVPNProxy = 0;
        }
        if (!is_numeric($FreeWebsOpenVPNRemotPort)) {
            $FreeWebsOpenVPNRemotPort = 0;
        }
        if ($FreeWebsEnableOpenVPNProxy == 1) {
            if ($FreeWebsOpenVPNRemotPort > 0) {
                $conf[] = "\tProxyRequests On";
                $conf[] = "\tProxyVia On";
                $conf[] = "\tAllowCONNECT 1194";
                $conf[] = "\tKeepAlive On";
            }
        }
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 17);
    $content_plus = $freeweb->content_plus;
    $php_open_base_dir = $freeweb->open_basedir();
    $geoip = $freeweb->mod_geoip();
    $mod_status = $freeweb->mod_status();
    $mod_evasive = $freeweb->mod_evasive();
    $Charsets = $freeweb->Charsets();
    $php_values = $freeweb->php_values();
    $WebdavHeader = $freeweb->WebdavHeader();
    $QUOS = $freeweb->QUOS();
    $Aliases = $freeweb->Aliases();
    $mod_cache = $freeweb->mod_cache();
    $mod_fcgid = $freeweb->mod_fcgid();
    $RewriteEngine = $freeweb->RewriteEngine();
    $mod_bw = $freeweb->mod_bw();
    $mpm_itk_module = $freeweb->mpm_itk_module();
    $ErrorDocument = $freeweb->ErrorDocument();
    $Apache2_AuthenNTLM = $freeweb->Apache2_AuthenNTLM();
    if ($APACHE_MOD_PAGESPEED) {
        $mod_pagespedd = $freeweb->mod_pagespeed();
    }
    $conf[] = "\tServerAdmin {$ServerAdmin}";
    $conf[] = "\tServerSignature {$ServerSignature}";
    $conf[] = "\tDocumentRoot {$freeweb->WORKING_DIRECTORY}";
    if ($content_plus != null) {
        $conf[] = "\n############## personal content #############\n{$content_plus}\n############################\n";
    }
    if ($ErrorDocument != null) {
        $conf[] = $ErrorDocument;
    }
    if ($mpm_itk_module != null) {
        $conf[] = $mpm_itk_module;
    }
    if ($mod_evasive != null) {
        $conf[] = $mod_evasive;
    }
    if ($Charsets != null) {
        $conf[] = $Charsets;
    }
    if ($php_values != null) {
        $conf[] = $php_values;
    }
    if ($WebdavHeader != null) {
        $conf[] = $WebdavHeader;
    }
    if ($QUOS != null) {
        $conf[] = $QUOS;
    }
    if ($mod_bw != null) {
        $conf[] = $mod_bw;
    }
    if ($Aliases != null) {
        $conf[] = $Aliases;
    }
    if ($mod_cache != null) {
        $conf[] = $mod_cache;
    }
    if ($geoip != null) {
        $conf[] = $geoip;
    }
    if ($mod_pagespedd != null) {
        $conf[] = $mod_pagespedd;
        shell_exec("/bin/chown -R {$apache_usr}:{$apache_group} /var/cache/apache2/mod_pagespeed/{$hostname}");
    }
    if ($mod_status != null) {
        $conf[] = $mod_status;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 18);
    $ldapRule = null;
    if ($freeweb->groupware == "ZARAFA") {
        $ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
        if (!is_numeric($ZarafaWebNTLM)) {
            $ZarafaWebNTLM = 0;
        }
        $PARAMS = $freeweb->Params["ZARAFAWEB_PARAMS"];
        if (!isset($PARAMS["ZarafaWebNTLM"])) {
            $PARAMS["ZarafaWebNTLM"] = $ZarafaWebNTLM;
        }
        if (!is_numeric($PARAMS["ZarafaWebNTLM"])) {
            $PARAMS["ZarafaWebNTLM"] = $ZarafaWebNTLM;
        }
        $ZarafaWebNTLM = $PARAMS["ZarafaWebNTLM"];
        if ($ZarafaWebNTLM == 1) {
            $AuthLDAP = 1;
        }
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 19);
    if ($AuthLDAP == 1) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" ldap authentication enabled\n";
        $ldap = $GLOBALS["CLASS_LDAP"];
        $dn_master_branch = "dc=organizations,{$ldap->suffix}";
        if ($uid != null) {
            $usr = new user($uid);
            $dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
        }
        $authentication_banner = base64_decode($freeweb->Params["LDAP"]["authentication_banner"]);
        if ($authentication_banner == null) {
            $authentication_banner = "{$hostname} auth:";
        }
        $ldapAuth[] = "\t\tAuthName \"{$authentication_banner}\"";
        $ldapAuth[] = "\t\tAuthType Basic";
        $ldapAuth[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
        $ldapAuth[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
        $ldapAuth[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
        $ldapAuth[] = "\t\tAuthLDAPGroupAttribute memberUid";
        $ldapAuth[] = "\t\tAuthBasicProvider ldap";
        $ldapAuth[] = "\t\tAuthzLDAPAuthoritative off";
        $AuthUsers = $freeweb->AuthUsers();
        if ($AuthUsers != null) {
            $ldapAuth[] = $AuthUsers;
        } else {
            $ldapAuth[] = "\t\trequire valid-user";
        }
        $ldapAuth[] = "";
        $ldapRule = @implode("\n", $ldapAuth);
    }
    //DIRECTORY
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 20);
    $OptionExecCGI = null;
    $allowFrom = $freeweb->AllowFrom();
    $JkMount = $freeweb->JkMount();
    if ($JkMount != null) {
        $conf[] = $JkMount;
    }
    $WebDav = $freeweb->WebDav();
    $AllowOverride = $freeweb->AllowOverride();
    $mod_rewrite = $freeweb->mod_rewrite();
    $IndexIgnores = $freeweb->IndexIgnores();
    $DirectorySecond = $freeweb->DirectorySecond();
    if ($mod_fcgid != null) {
        $OptionExecCGI = " +ExecCGI";
    }
    $DirectoryContent = $freeweb->DirectoryContent();
    $SymLinksIfOwnerMatch = null;
    $FollowSymLinks = null;
    $Indexes = " Indexes";
    if ($freeweb->Params["SECURITY"]["FreeWebsDisableBrowsing"] == 1) {
        $Indexes = " -Indexes";
    }
    if ($freeweb->Params["SECURITY"]["SymLinksIfOwnerMatch"] == 1) {
        $SymLinksIfOwnerMatch = " +SymLinksIfOwnerMatch";
    }
    if ($freeweb->Params["SECURITY"]["FollowSymLinks"] == 1) {
        $FollowSymLinks = " +FollowSymLinks";
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 21);
    $conf[] = "\n\t<Directory \"{$freeweb->WORKING_DIRECTORY}/\">";
    if ($Apache2_AuthenNTLM != null) {
        $conf[] = $Apache2_AuthenNTLM;
    }
    if ($DirectoryContent == null) {
        $DirectoryIndex = $freeweb->DirectoryIndex();
        $conf[] = "\t\tDirectoryIndex {$DirectoryIndex}";
        $conf[] = "\t\tOptions{$Indexes}{$FollowSymLinks}{$SymLinksIfOwnerMatch} MultiViews{$OptionExecCGI}";
        if ($IndexIgnores != null) {
            $conf[] = $IndexIgnores;
        }
        if ($WebDav != null) {
            $conf[] = $WebDav;
        }
        if ($AllowOverride != null) {
            $conf[] = $AllowOverride;
        } else {
            $conf[] = "\t\tAllowOverride AuthConfig FileInfo";
        }
        $conf[] = "\t\tOrder allow,deny";
        if ($allowFrom != null) {
            $conf[] = $allowFrom;
        }
    } else {
        $conf[] = $DirectoryContent;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 22);
    if ($geoip != null) {
        $conf[] = "\t\tDeny from env=BlockCountry";
    }
    if ($mod_rewrite != null) {
        $conf[] = $mod_rewrite;
    }
    if ($ldapRule != null) {
        $conf[] = $ldapRule;
    }
    if ($RewriteEngine != null) {
        $conf[] = $RewriteEngine;
    }
    $conf[] = "\t</Directory>\n";
    if ($mod_fcgid != null) {
        $conf[] = $mod_fcgid;
    }
    if ($DirectorySecond != null) {
        $conf[] = $DirectorySecond;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 23);
    $zarafaProxy = $freeweb->ZarafaProxyJabberd();
    if ($zarafaProxy != null) {
        $conf[] = $zarafaProxy;
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 24);
    $WebDavFree = $freeweb->WebDavTable();
    if ($WebDavFree != null) {
        $conf[] = $WebDavFree;
    }
    if ($freeweb->UseReverseProxy == 1) {
        $conf[] = $freeweb->ReverseProxy();
        $conf[] = "\t<Proxy *>";
        $conf[] = "\t\tOrder allow,deny";
        $conf[] = $freeweb->AllowFrom();
        if ($AuthLDAP == 1) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" ldap authentication enabled\n";
            $ldap = $GLOBALS["CLASS_LDAP"];
            $dn_master_branch = "dc=organizations,{$ldap->suffix}";
            if ($uid != null) {
                $usr = new user($uid);
                $dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
            }
            if ($freeweb->Params["LDAP"]["authentication_banner"] == null) {
                $freeweb->Params["LDAP"]["authentication_banner"] = "Please Logon";
            }
            $conf[] = "";
            $conf[] = "\t\tAuthName \"" . base64_decode($freeweb->Params["LDAP"]["authentication_banner"]) . "\"";
            $conf[] = "\t\tAuthType Basic";
            $conf[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
            $conf[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
            $conf[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
            $conf[] = "\t\tAuthLDAPGroupAttributeIsDN off";
            $conf[] = "\t\tAuthLDAPGroupAttribute memberUid";
            $conf[] = "\t\tAuthBasicProvider ldap";
            $conf[] = "\t\tAuthzLDAPAuthoritative off";
            $AuthUsers = $freeweb->AuthUsers();
            if ($AuthUsers != null) {
                $conf[] = $AuthUsers;
            } else {
                $conf[] = "\t\trequire valid-user";
            }
            $conf[] = "";
        }
        $conf[] = "\t</Proxy>";
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 25);
    $conf[] = $freeweb->FilesRestrictions();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 26);
    $conf[] = $freeweb->mod_security();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 27);
    $ScriptAliases = $freeweb->ScriptAliases();
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 28);
    if (!is_dir("/var/log/apache2/{$hostname}")) {
        @mkdir("/var/log/apache2/{$hostname}", 0755, true);
    }
    if ($ScriptAliases != null) {
        $conf[] = $ScriptAliases;
    }
    $conf[] = "\tLogFormat \"%h %{X-Forwarded-For}i %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\" combinedv";
    $conf[] = "\tCustomLog /var/log/apache2/common-access.log combinedv";
    $conf[] = "\tErrorLog /var/log/apache2/error.log";
    $conf[] = "\tLogLevel warn";
    $conf[] = "</VirtualHost>";
    $conf[] = "";
    $prefix_filename = "artica-";
    $suffix_filename = ".conf";
    $middle_filename = $hostname;
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 29);
    if ($hostname == "_default_") {
        $prefix_filename = "000-";
        $middle_filename = "default";
        $suffix_filename = null;
        if ($freeweb->SSL_enabled) {
            $prefix_filename = null;
            $middle_filename = "default-ssl";
            @file_put_contents("/etc/apache2/sites-enabled/default-ssl", @implode("\n", $conf));
        }
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 30);
    $FileConfigurationPath = "{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}";
    $FileConfigurationBackupPath = "/root/{$prefix_filename}{$middle_filename}{$suffix_filename}";
    if (is_file($FileConfigurationPath)) {
        @unlink($FileConfigurationBackupPath);
        echo "Starting......: " . date("H:i:s") . " [INIT]: Apache backup old configuration\n";
        @copy($FileConfigurationPath, $FileConfigurationBackupPath);
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Apache saving *** {$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename} *** line " . __LINE__ . "\n";
    }
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 31);
    @file_put_contents($FileConfigurationPath, @implode("\n", $conf));
    echo "Starting......: " . date("H:i:s") . " [INIT]: Apache \"{$hostname}\" filename: '" . basename("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}") . "' done\n";
    build_progress("Building {$hostname} configuration [" . __LINE__ . "]", 32);
    $freeweb->phpmyadmin();
    if (!is_dir("{$freeweb->WORKING_DIRECTORY}")) {
        @mkdir("{$freeweb->WORKING_DIRECTORY}", 0755, true);
    }
    if (is_file("/etc/apache2/sites-enabled/000-default")) {
        @touch("/etc/apache2/sites-enabled/000-default");
    }
    build_progress("Building {$hostname} {testing_configuration}", 33);
    if (!TestingApacheConfigurationFile()) {
        build_progress("Building {$hostname} {testing_configuration} {failed}", 110);
        $freeweb->SetError(1);
        @unlink($FileConfigurationPath);
        if (is_file($FileConfigurationBackupPath)) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Apache restore old configuration file\n";
            @copy($FileConfigurationBackupPath, $FileConfigurationPath);
        }
        return false;
    } else {
        $freeweb->SetError(0);
    }
    $unix = new unix();
    $nohup = $unix->find_program("nohup");
    $chown = $unix->find_program("chown");
    $php = $unix->LOCATE_PHP5_BIN();
    if (is_file("/etc/php5/apache2/php.ini")) {
        $timephpini = $unix->file_time_min("/etc/php5/apache2/php.ini");
        if ($timephpini > 60) {
            shell_exec("{$php} /usr/share/artica-postfix/exec.php.ini.php");
        }
    }
    build_progress("Building {$hostname} {apply_permissions} - {$freeweb->groupware} -", 34);
    if ($freeweb->groupware == "EYEOS") {
        install_EYEOS($hostname);
    }
    if ($freeweb->groupware == "GROUPOFFICE") {
        group_office_install($hostname, true);
    }
    if ($freeweb->groupware == "PIWIK") {
        install_PIWIK($hostname, true);
    }
    if ($freeweb->groupware == "DRUPAL") {
        shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.freeweb.php --drupal-infos \"{$hostname}\" >/dev/null 2>&1 &");
    }
    if ($freeweb->groupware == "WORDPRESS") {
        build_progress("Building {$hostname} verify wordpress website..", 35);
        system("{$php} /usr/share/artica-postfix/exec.wordpress.php \"{$hostname}\"");
        if (!is_file("{$freeweb->WORKING_DIRECTORY}/wp-config.php")) {
            return false;
        }
    }
    build_progress("Building {$hostname} {apply_permissions}", 60);
    $freeweb->ApplyPermissions();
    build_progress("Building {$hostname} {checking_reverse_proxy}", 65);
    $freeweb->update_groupware_version();
    if ($GLOBALS["NGINX_CONFIGURE"]) {
        $EnableNginx = $sock->GET_INFO("EnableNginx");
        if (!is_numeric($EnableNginx)) {
            $EnableNginx = 1;
        }
        if ($EnableNginx == 1) {
            $php = $unix->LOCATE_PHP5_BIN();
            build_progress("Building {$hostname} {checking_reverse_proxy} - NGINX", 70);
            system("{$php} /usr/share/artica-postfix/exec.nginx.php --reconfigure \"{$hostname}\"");
            build_progress("Building {$hostname} {checking_reverse_proxy} OK", 75);
        }
    }
    build_progress("Building {$hostname} -> DONE", 80);
    return true;
}
Esempio n. 2
0
function buildHost($uid=null,$hostname,$ssl=null,$d_path=null,$Params=array()){
	echo "Starting......: Apache building \"$hostname\"\n";
	create_cron_task();
	CheckLibraries();
	$unix=$GLOBALS["CLASS_UNIX"];
	$sock=$GLOBALS["CLASS_SOCKETS"];
	$users=$GLOBALS["CLASS_USERS_MENUS"];
	$AuthLDAP=0;
	$APACHE_MOD_AUTHNZ_LDAP=$users->APACHE_MOD_AUTHNZ_LDAP;
	$freeweb=new freeweb($hostname);
	$Params=$freeweb->Params;
	if($freeweb->servername==null){
		echo "Starting......: Apache \"$hostname\" freeweb->servername no such servername \n";
		return;
	
	}
	$d_path=$freeweb->APACHE_DIR_SITES_ENABLED;
	
	
	if(isset($Params["LDAP"]["enabled"])){$AuthLDAP=$Params["LDAP"]["enabled"];}
	
	//server signature.
	if(!isset($Params["SECURITY"])){$Params["SECURITY"]["ServerSignature"]=null;}
	$ServerSignature=$Params["SECURITY"]["ServerSignature"];
	if($ServerSignature==null){$ServerSignature=$sock->GET_INFO("ApacheServerSignature");}
	if(!is_numeric($ServerSignature)){$ServerSignature=1;}
	if($ServerSignature==1){$ServerSignature="On";}else{$ServerSignature="Off";}
	
	
	
	
	if(!$APACHE_MOD_AUTHNZ_LDAP){$AuthLDAP=0;}
	
	$apache_usr=$unix->APACHE_SRC_ACCOUNT();
	$FreeWebListen=$sock->GET_INFO("FreeWebListen");
	$FreeWebListenPort=$sock->GET_INFO("FreeWebListenPort");
	$FreeWebListenSSLPort=$sock->GET_INFO("FreeWebListenSSLPort");
	$FreeWebListen=$sock->GET_INFO("FreeWebListen");
	$FreeWebsDisableSSLv2=$sock->GET_INFO("FreeWebsDisableSSLv2");
	
	
	if($FreeWebListen==null){$FreeWebListen="*";}
	if($FreeWebListen<>"*"){$FreeWebListenApache="$FreeWebListen";}	
	if($FreeWebListenSSLPort==null){$FreeWebListenSSLPort=443;}
	
	if(!is_numeric($FreeWebListenSSLPort)){$FreeWebListenSSLPort=443;}
	if(!is_numeric($FreeWebListenPort)){$FreeWebListenPort=80;}
	if(!is_numeric($FreeWebsDisableSSLv2)){$FreeWebsDisableSSLv2=0;}		

	$port=$FreeWebListen;
	if($uid<>null){
		$u=new user($uid);
		$ServerAdmin=$u->mail;
	}
	if(!isset($ServerAdmin)){$ServerAdmin="webmaster@$hostname";}
	$DirectoryIndex=$freeweb->DirectoryIndex();
	if($hostname=="_default_"){$FreeWebListen="_default_";}
	
	
	if($freeweb->SSL_enabled){
		$unix->vhosts_BuildCertificate($hostname);
		$port=$FreeWebListenSSLPort;
		if($freeweb->ServerPort>0){$FreeWebListenPort=$freeweb->ServerPort;}
		$conf[]="<VirtualHost $FreeWebListen:$FreeWebListenPort>";
		if($hostname<>"_default_"){$conf[]="\tServerName $hostname";}
		$conf[]="\tServerSignature $ServerSignature";
		$conf[]="\tRewriteEngine On";
		if($freeweb->Forwarder==0){$conf[]="\tRewriteCond %{HTTPS} off";}
		if($freeweb->Forwarder==0){$conf[]="\tRewriteRule (.*) https://%{HTTP_HOST}:$FreeWebListenSSLPort";}
		if($freeweb->Forwarder==1){$conf[]="\tRewriteRule (.*) $freeweb->ForwardTo";}
		$conf[]="</VirtualHost>";
		$conf[]="";
		$FreeWebListenPort=$FreeWebListenSSLPort;
	}
	
	$freeweb->CheckDefaultPage();
	$freeweb->CheckWorkingDirectory();
	if($freeweb->ServerPort>0){$FreeWebListenPort=$freeweb->ServerPort;}
	echo "Starting......: Apache \"$hostname\" Listen $FreeWebListen:$FreeWebListenPort\n";
	echo "Starting......: Apache \"$hostname\" Directory $freeweb->WORKING_DIRECTORY\n";
	$conf[]="<VirtualHost $FreeWebListen:$FreeWebListenPort>";
	
	
	
	if($freeweb->SSL_enabled){
		$conf[]="\tSetEnvIf User-Agent \".*MSIE.*\" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0";
		$conf[]="\tSSLEngine on";
		$conf[]="\tSSLCertificateFile {$GLOBALS["SSLKEY_PATH"]}/$hostname.crt";
		$conf[]="\tSSLCertificateKeyFile {$GLOBALS["SSLKEY_PATH"]}/$hostname.key";	
		if($FreeWebsDisableSSLv2==1){
			$conf[]="\tSSLProtocol -ALL +SSLv3 +TLSv1";
			$conf[]="\tSSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
		}			
		
	}
	
	
	
	if($hostname<>"_default_"){$conf[]="\tServerName $hostname";}
	$conf[]="\tServerAdmin $ServerAdmin";
	$conf[]="\tServerSignature $ServerSignature";
	$conf[]="\tDocumentRoot $freeweb->WORKING_DIRECTORY";
		$conf[]=$freeweb->mod_evasive();
		$conf[]=$freeweb->Charsets();
		$conf[]="\tphp_value  error_log  \"$freeweb->WORKING_DIRECTORY/php_logs/php.log\"";
		$conf[]="\tphp_value open_basedir \"".$freeweb->open_basedir()."\"";
		$conf[]=$freeweb->php_values();
		$conf[]=$freeweb->WebdavHeader();
		$conf[]=$freeweb->QUOS();
		$conf[]=$freeweb->Aliases();
		$conf[]=$freeweb->mod_cache();
		
		if($GLOBALS["VERBOSE"]){echo "Starting......: Apache \"$hostname\" is forwarder ? ($freeweb->Forwarder)\n";}
		
		if($freeweb->Forwarder==1){
			echo "Starting......: Apache \"$hostname\" is forwared to $freeweb->ForwardTo\n";
			$conf[]="\tRewriteEngine On";
			$conf[]="\tRewriteRule (.*) $freeweb->ForwardTo";
		}
	
	
	//DIRECTORY
	$conf[]="\t<Directory \"$freeweb->WORKING_DIRECTORY\">\n";
		$conf[]="\t\tDirectoryIndex $DirectoryIndex";
    	$conf[]="\t\tOptions Indexes +FollowSymLinks MultiViews";
		$conf[]=$freeweb->WebDav();
		$conf[]=$freeweb->AllowOverride();
		$conf[]="\t\tOrder allow,deny";
		$conf[]=$freeweb->AllowFrom();
		if($AuthLDAP==1){
			echo "Starting......: Apache \"$hostname\" ldap authentication enabled\n";
			$ldap=$GLOBALS["CLASS_LDAP"];
			$dn_master_branch="dc=organizations,$ldap->suffix";
			if($uid<>null){
				$usr=new user($uid);
				$dn_master_branch="ou=users,ou=$usr->ou,dc=organizations,$ldap->suffix";
			}
			$conf[]="";
		    $conf[]="\t\tAuthName \"". base64_decode($Params["LDAP"]["authentication_banner"])."\"";
		    $conf[]="\t\tAuthType Basic";
		    $conf[]="\t\tAuthLDAPURL ldap://$ldap->ldap_host:$ldap->ldap_port/$dn_master_branch?uid";
		   	$conf[]="\t\tAuthLDAPBindDN cn=$ldap->ldap_admin,$ldap->suffix";
		   	$conf[]="\t\tAuthLDAPBindPassword $ldap->ldap_password";
			$conf[]="\t\tAuthLDAPGroupAttribute memberUid";
			$conf[]="\t\tAuthBasicProvider ldap";
		    $conf[]="\t\tAuthzLDAPAuthoritative off";
		    $AuthUsers=$freeweb->AuthUsers();
		    if($AuthUsers<>null){$conf[]=$AuthUsers;}else{$conf[]="\t\trequire valid-user";}	
		    $conf[]="";	
		}
		$conf[]=$freeweb->mod_rewrite();
	
	$conf[]="\t</Directory>";
	
	if($freeweb->UseReverseProxy==1){
	
		$conf[]=$freeweb->ReverseProxy();
		$conf[]="\t<Proxy *>";
			$conf[]="\t\tOrder allow,deny";
			$conf[]=$freeweb->AllowFrom();		
			if($AuthLDAP==1){
				echo "Starting......: Apache \"$hostname\" ldap authentication enabled\n";
				$ldap=$GLOBALS["CLASS_LDAP"];
				$dn_master_branch="dc=organizations,$ldap->suffix";
				if($uid<>null){
					$usr=new user($uid);
					$dn_master_branch="ou=users,ou=$usr->ou,dc=organizations,$ldap->suffix";
				}
				$conf[]="";
			    $conf[]="\t\tAuthName \"". base64_decode($Params["LDAP"]["authentication_banner"])."\"";
			    $conf[]="\t\tAuthType Basic";
			    $conf[]="\t\tAuthLDAPURL ldap://$ldap->ldap_host:$ldap->ldap_port/$dn_master_branch?uid";
			   	$conf[]="\t\tAuthLDAPBindDN cn=$ldap->ldap_admin,$ldap->suffix";
			   	$conf[]="\t\tAuthLDAPBindPassword $ldap->ldap_password";
			   	$conf[]="\t\tAuthLDAPGroupAttributeIsDN off";
			   	$conf[]="\t\tAuthLDAPGroupAttribute memberUid";
			    $conf[]="\t\tAuthBasicProvider ldap";
			    $conf[]="\t\tAuthzLDAPAuthoritative off";
		    	$AuthUsers=$freeweb->AuthUsers();
		    	if($AuthUsers<>null){$conf[]=$AuthUsers;}else{$conf[]="\t\trequire valid-user";}	
			    $conf[]="";	
		}
		$conf[]="\t</Proxy>";
	
	}
	$conf[]=$freeweb->FilesRestrictions();	
	$conf[]=$freeweb->mod_security();

	
	if(!is_dir("/var/log/apache2/$hostname")){@mkdir("/var/log/apache2/$hostname",755,true);}
	$conf[]=$freeweb->ScriptAliases();
	$conf[]="\tLogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\" combinedv";
	$conf[]="\tCustomLog /var/log/apache2/$hostname/access.log combinedv";
	$conf[]="\tErrorLog /var/log/apache2/$hostname/error.log";
	$conf[]="\tLogLevel warn";
	$conf[]="</VirtualHost>";
	$conf[]="";
	
	
	
	$prefix_filename="artica-";
	$suffix_filename=".conf";
	$middle_filename=$hostname;
	if($hostname=="_default_"){$prefix_filename="000-";$middle_filename="default";$suffix_filename=null;}
	
	if($GLOBALS["VERBOSE"]){
		echo "Starting......: Apache saving *** $d_path/$prefix_filename$middle_filename$suffix_filename *** line ".__LINE__."\n";
	}
	
	
	@file_put_contents("$d_path/$prefix_filename$middle_filename$suffix_filename",@implode("\n",$conf));
	echo "Starting......: Apache \"$hostname\" filename: '". basename("$d_path/$prefix_filename$middle_filename$suffix_filename")."' done\n";
	$freeweb->phpmyadmin();
	@mkdir("$freeweb->WORKING_DIRECTORY",666,true);
	
	if($freeweb->groupware=="EYEOS"){install_EYEOS($hostname);}
	
}
Esempio n. 3
0
function buildHost($uid = null, $hostname, $ssl = null, $d_path = null, $Params = array())
{
    echo "Starting......: Apache building \"{$hostname}\"\n";
    create_cron_task();
    CheckLibraries();
    $unix = $GLOBALS["CLASS_UNIX"];
    $sock = $GLOBALS["CLASS_SOCKETS"];
    $users = $GLOBALS["CLASS_USERS_MENUS"];
    $AuthLDAP = 0;
    $mod_pagespedd = null;
    $EnableLDAPAllSubDirectories = 0;
    $APACHE_MOD_AUTHNZ_LDAP = $users->APACHE_MOD_AUTHNZ_LDAP;
    $APACHE_MOD_PAGESPEED = $users->APACHE_MOD_PAGESPEED;
    $freeweb = new freeweb($hostname);
    $Params = $freeweb->Params;
    if ($freeweb->servername == null) {
        echo "Starting......: Apache \"{$hostname}\" freeweb->servername no such servername \n";
        return;
    }
    $FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
    $FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
    $FreeWebDisableSSL = trim($sock->GET_INFO("FreeWebDisableSSL"));
    if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
        $FreeWebsEnableOpenVPNProxy = 0;
    }
    if (!is_numeric($FreeWebDisableSSL)) {
        $FreeWebDisableSSL = 0;
    }
    if ($FreeWebDisableSSL == 1) {
        if ($freeweb->SSL_enabled) {
            echo "Starting......: Apache \"{$hostname}\" SSL is globally disabled \n";
        }
        $freeweb->SSL_enabled = false;
    }
    $d_path = $freeweb->APACHE_DIR_SITES_ENABLED;
    if (isset($Params["LDAP"]["enabled"])) {
        $AuthLDAP = $Params["LDAP"]["enabled"];
    }
    if (isset($Params["LDAP"]["EnableLDAPAllSubDirectories"])) {
        $EnableLDAPAllSubDirectories = $Params["LDAP"]["EnableLDAPAllSubDirectories"];
    }
    //server signature.
    if (!isset($Params["SECURITY"])) {
        $Params["SECURITY"]["ServerSignature"] = null;
    }
    $ServerSignature = $Params["SECURITY"]["ServerSignature"];
    if ($ServerSignature == null) {
        $ServerSignature = $sock->GET_INFO("ApacheServerSignature");
    }
    if (!is_numeric($ServerSignature)) {
        $ServerSignature = 1;
    }
    if ($ServerSignature == 1) {
        $ServerSignature = "On";
    } else {
        $ServerSignature = "Off";
    }
    if (!$APACHE_MOD_AUTHNZ_LDAP) {
        $AuthLDAP = 0;
    }
    $apache_usr = $unix->APACHE_SRC_ACCOUNT();
    $apache_group = $unix->APACHE_SRC_GROUP();
    $FreeWebListen = $sock->GET_INFO("FreeWebListen");
    $FreeWebListenPort = $sock->GET_INFO("FreeWebListenPort");
    $FreeWebListenSSLPort = $sock->GET_INFO("FreeWebListenSSLPort");
    $FreeWebListen = $sock->GET_INFO("FreeWebListen");
    $FreeWebsDisableSSLv2 = $sock->GET_INFO("FreeWebsDisableSSLv2");
    if ($FreeWebListen == null) {
        $FreeWebListen = "*";
    }
    if ($FreeWebListen != "*") {
        $FreeWebListenApache = "{$FreeWebListen}";
    }
    if ($FreeWebListenSSLPort == null) {
        $FreeWebListenSSLPort = 443;
    }
    if (!is_numeric($FreeWebListenSSLPort)) {
        $FreeWebListenSSLPort = 443;
    }
    if (!is_numeric($FreeWebListenPort)) {
        $FreeWebListenPort = 80;
    }
    if (!is_numeric($FreeWebsDisableSSLv2)) {
        $FreeWebsDisableSSLv2 = 0;
    }
    $port = $FreeWebListen;
    if ($uid != null) {
        $u = new user($uid);
        $ServerAdmin = $u->mail;
    }
    if (!isset($ServerAdmin)) {
        $ServerAdmin = "webmaster@{$hostname}";
    }
    $DirectoryIndex = $freeweb->DirectoryIndex();
    if ($hostname == "_default_") {
        $FreeWebListen = "_default_";
    }
    if ($freeweb->SSL_enabled) {
        $unix->vhosts_BuildCertificate($hostname);
        $port = $FreeWebListenSSLPort;
        if ($freeweb->ServerPort > 0) {
            $FreeWebListenPort = $freeweb->ServerPort;
        }
        $conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
        if ($hostname != "_default_") {
            $conf[] = "\tServerName {$hostname}";
        }
        $conf[] = "\tServerSignature {$ServerSignature}";
        $conf[] = "\tRewriteEngine On";
        if ($freeweb->Forwarder == 0) {
            $conf[] = "\tRewriteCond %{HTTPS} off";
        }
        if ($freeweb->Forwarder == 0) {
            $conf[] = "\tRewriteRule (.*) https://%{HTTP_HOST}:{$FreeWebListenSSLPort}";
        }
        if ($freeweb->Forwarder == 1) {
            $conf[] = "\tRewriteRule (.*) {$freeweb->ForwardTo}";
        }
        $conf[] = "</VirtualHost>";
        $conf[] = "";
        $FreeWebListenPort = $FreeWebListenSSLPort;
    }
    $freeweb->CheckDefaultPage();
    $freeweb->CheckWorkingDirectory();
    $ServerAlias = $freeweb->ServerAlias();
    if ($freeweb->ServerPort > 0) {
        $FreeWebListenPort = $freeweb->ServerPort;
    }
    echo "Starting......: Apache \"{$hostname}\" Listen {$FreeWebListen}:{$FreeWebListenPort}\n";
    echo "Starting......: Apache \"{$hostname}\" Directory {$freeweb->WORKING_DIRECTORY}\n";
    $conf[] = "<VirtualHost {$FreeWebListen}:{$FreeWebListenPort}>";
    if ($freeweb->SSL_enabled) {
        $conf[] = "\tSetEnvIf User-Agent \".*MSIE.*\" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0";
        $conf[] = "\tSSLEngine on";
        $conf[] = "\tSSLCertificateFile {$GLOBALS["SSLKEY_PATH"]}/{$hostname}.crt";
        $conf[] = "\tSSLCertificateKeyFile {$GLOBALS["SSLKEY_PATH"]}/{$hostname}.key";
        if ($FreeWebsDisableSSLv2 == 1) {
            $conf[] = "\tSSLProtocol -ALL +SSLv3 +TLSv1";
            $conf[] = "\tSSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
        }
    }
    if ($hostname != "_default_") {
        $conf[] = "\tServerName {$hostname}";
        if ($ServerAlias != null) {
            $conf[] = $ServerAlias;
        }
        $sock = new sockets();
        $FreeWebsEnableOpenVPNProxy = $sock->GET_INFO("FreeWebsEnableOpenVPNProxy");
        $FreeWebsOpenVPNRemotPort = trim($sock->GET_INFO("FreeWebsOpenVPNRemotPort"));
        if (!is_numeric($FreeWebsEnableOpenVPNProxy)) {
            $FreeWebsEnableOpenVPNProxy = 0;
        }
        if (!is_numeric($FreeWebsOpenVPNRemotPort)) {
            $FreeWebsOpenVPNRemotPort = 0;
        }
        if ($FreeWebsEnableOpenVPNProxy == 1) {
            if ($FreeWebsOpenVPNRemotPort > 0) {
                $conf[] = "\tProxyRequests On";
                $conf[] = "\tProxyVia On";
                $conf[] = "\tAllowCONNECT 1194";
                $conf[] = "\tKeepAlive On";
            }
        }
    }
    $php_open_base_dir = $freeweb->open_basedir();
    $geoip = $freeweb->mod_geoip();
    $mod_status = $freeweb->mod_status();
    $mod_evasive = $freeweb->mod_evasive();
    $Charsets = $freeweb->Charsets();
    $php_values = $freeweb->php_values();
    $WebdavHeader = $freeweb->WebdavHeader();
    $QUOS = $freeweb->QUOS();
    $Aliases = $freeweb->Aliases();
    $mod_cache = $freeweb->mod_cache();
    $mod_fcgid = $freeweb->mod_fcgid();
    $RewriteEngine = $freeweb->RewriteEngine();
    if ($APACHE_MOD_PAGESPEED) {
        $mod_pagespedd = $freeweb->mod_pagespeed();
    }
    $conf[] = "\tServerAdmin {$ServerAdmin}";
    $conf[] = "\tServerSignature {$ServerSignature}";
    $conf[] = "\tDocumentRoot {$freeweb->WORKING_DIRECTORY}";
    if ($mod_evasive != null) {
        $conf[] = $mod_evasive;
    }
    if ($Charsets != null) {
        $conf[] = $Charsets;
    }
    if ($php_values != null) {
        $conf[] = $php_values;
    }
    if ($WebdavHeader != null) {
        $conf[] = $WebdavHeader;
    }
    if ($QUOS != null) {
        $conf[] = $QUOS;
    }
    if ($QUOS != null) {
        $conf[] = $QUOS;
    }
    if ($Aliases != null) {
        $conf[] = $Aliases;
    }
    if ($mod_cache != null) {
        $conf[] = $mod_cache;
    }
    if ($geoip != null) {
        $conf[] = $geoip;
    }
    if ($mod_pagespedd != null) {
        $conf[] = $mod_pagespedd;
        shell_exec("/bin/chown -R {$apache_usr}:{$apache_group} /var/cache/apache2/mod_pagespeed/{$hostname}");
    }
    if ($mod_status != null) {
        $conf[] = $mod_status;
    }
    if ($RewriteEngine != null) {
        $conf[] = $RewriteEngine;
    }
    $ldapRule = null;
    if ($freeweb->groupware == "ZARAFA") {
        $ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
        if (!is_numeric($ZarafaWebNTLM)) {
            $ZarafaWebNTLM = 0;
        }
        if ($ZarafaWebNTLM == 1) {
            $AuthLDAP = 1;
        }
    }
    if ($AuthLDAP == 1) {
        echo "Starting......: Apache \"{$hostname}\" ldap authentication enabled\n";
        $ldap = $GLOBALS["CLASS_LDAP"];
        $dn_master_branch = "dc=organizations,{$ldap->suffix}";
        if ($uid != null) {
            $usr = new user($uid);
            $dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
        }
        $ldapAuth[] = "\t\tAuthName \"" . base64_decode($Params["LDAP"]["authentication_banner"]) . "\"";
        $ldapAuth[] = "\t\tAuthType Basic";
        $ldapAuth[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
        $ldapAuth[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
        $ldapAuth[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
        $ldapAuth[] = "\t\tAuthLDAPGroupAttribute memberUid";
        $ldapAuth[] = "\t\tAuthBasicProvider ldap";
        $ldapAuth[] = "\t\tAuthzLDAPAuthoritative off";
        $AuthUsers = $freeweb->AuthUsers();
        if ($AuthUsers != null) {
            $ldapAuth[] = $AuthUsers;
        } else {
            $ldapAuth[] = "\t\trequire valid-user";
        }
        $ldapAuth[] = "";
        $ldapRule = @implode("\n", $ldapAuth);
    }
    //DIRECTORY
    $OptionExecCGI = null;
    $allowFrom = $freeweb->AllowFrom();
    $JkMount = $freeweb->JkMount();
    if ($JkMount != null) {
        $conf[] = $JkMount;
    }
    $WebDav = $freeweb->WebDav();
    $AllowOverride = $freeweb->AllowOverride();
    $mod_rewrite = $freeweb->mod_rewrite();
    if ($mod_fcgid != null) {
        $OptionExecCGI = " +ExecCGI";
    }
    $conf[] = "\n\t<Directory \"{$freeweb->WORKING_DIRECTORY}/\">";
    $conf[] = "\t\tDirectoryIndex {$DirectoryIndex}";
    $conf[] = "\t\tOptions Indexes +FollowSymLinks MultiViews{$OptionExecCGI}";
    $conf[] = "\t\tAllowOverride All";
    if ($WebDav != null) {
        $conf[] = $WebDav;
    }
    if ($AllowOverride != null) {
        $conf[] = $AllowOverride;
    }
    $conf[] = "\t\tOrder allow,deny";
    if ($allowFrom != null) {
        $conf[] = $allowFrom;
    }
    if ($geoip != null) {
        $conf[] = "\t\tDeny from env=BlockCountry";
    }
    if ($mod_rewrite != null) {
        $conf[] = $mod_rewrite;
    }
    if ($ldapRule != null) {
        $conf[] = $ldapRule;
    }
    $conf[] = "\t</Directory>\n";
    if ($mod_fcgid != null) {
        $conf[] = $mod_fcgid;
    }
    if ($freeweb->UseReverseProxy == 1) {
        $conf[] = $freeweb->ReverseProxy();
        $conf[] = "\t<Proxy *>";
        $conf[] = "\t\tOrder allow,deny";
        $conf[] = $freeweb->AllowFrom();
        if ($AuthLDAP == 1) {
            echo "Starting......: Apache \"{$hostname}\" ldap authentication enabled\n";
            $ldap = $GLOBALS["CLASS_LDAP"];
            $dn_master_branch = "dc=organizations,{$ldap->suffix}";
            if ($uid != null) {
                $usr = new user($uid);
                $dn_master_branch = "ou=users,ou={$usr->ou},dc=organizations,{$ldap->suffix}";
            }
            $conf[] = "";
            $conf[] = "\t\tAuthName \"" . base64_decode($Params["LDAP"]["authentication_banner"]) . "\"";
            $conf[] = "\t\tAuthType Basic";
            $conf[] = "\t\tAuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/{$dn_master_branch}?uid";
            $conf[] = "\t\tAuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
            $conf[] = "\t\tAuthLDAPBindPassword {$ldap->ldap_password}";
            $conf[] = "\t\tAuthLDAPGroupAttributeIsDN off";
            $conf[] = "\t\tAuthLDAPGroupAttribute memberUid";
            $conf[] = "\t\tAuthBasicProvider ldap";
            $conf[] = "\t\tAuthzLDAPAuthoritative off";
            $AuthUsers = $freeweb->AuthUsers();
            if ($AuthUsers != null) {
                $conf[] = $AuthUsers;
            } else {
                $conf[] = "\t\trequire valid-user";
            }
            $conf[] = "";
        }
        $conf[] = "\t</Proxy>";
    }
    $conf[] = $freeweb->FilesRestrictions();
    $conf[] = $freeweb->mod_security();
    if (!is_dir("/var/log/apache2/{$hostname}")) {
        @mkdir("/var/log/apache2/{$hostname}", 755, true);
    }
    $conf[] = $freeweb->ScriptAliases();
    $conf[] = "\tLogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\" combinedv";
    $conf[] = "\tCustomLog /var/log/apache2/{$hostname}/access.log combinedv";
    $conf[] = "\tErrorLog /var/log/apache2/{$hostname}/error.log";
    $conf[] = "\tLogLevel warn";
    $conf[] = "</VirtualHost>";
    $conf[] = "";
    $prefix_filename = "artica-";
    $suffix_filename = ".conf";
    $middle_filename = $hostname;
    if ($hostname == "_default_") {
        $prefix_filename = "000-";
        $middle_filename = "default";
        $suffix_filename = null;
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Starting......: Apache saving *** {$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename} *** line " . __LINE__ . "\n";
    }
    @file_put_contents("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}", @implode("\n", $conf));
    echo "Starting......: Apache \"{$hostname}\" filename: '" . basename("{$d_path}/{$prefix_filename}{$middle_filename}{$suffix_filename}") . "' done\n";
    $freeweb->phpmyadmin();
    @mkdir("{$freeweb->WORKING_DIRECTORY}", 666, true);
    if ($freeweb->groupware == "EYEOS") {
        install_EYEOS($hostname);
    }
    if ($freeweb->groupware == "GROUPOFFICE") {
        group_office_install($hostname, true);
    }
    if ($freeweb->groupware == "PIWIK") {
        install_PIWIK($hostname, true);
    }
    if ($freeweb->groupware == "DRUPAL") {
        $unix = new unix();
        $nohup = $unix->find_program("nohup");
        shell_exec("{$nohup} " . $unix->LOCATE_PHP5_BIN() . " /usr/share/artica-postfix/exec.freeweb.php --drupal-infos \"{$hostname}\" >/dev/null 2>&1 &");
    }
}