function update($event_name, $data)
{
global $app, $conf;
// load the server configuration options
$app->uses("getconf");
$mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail');
if (substr($mail_config["homedir_path"], -1) == '/') {
$mail_config["homedir_path"] = substr($mail_config["homedir_path"], 0, -1);
}
if (isset($data["new"]["email"])) {
$email_parts = explode("@", $data["new"]["email"]);
} else {
$email_parts = explode("@", $data["old"]["email"]);
}
// Write the custom mailfilter script, if mailfilter recipe has changed
if ($data["old"]["custom_mailfilter"] != $data["new"]["custom_mailfilter"] or $data["old"]["move_junk"] != $data["new"]["move_junk"] or $data["old"]["autoresponder_text"] != $data["new"]["autoresponder_text"] or $data["old"]["autoresponder"] != $data["new"]["autoresponder"] or isset($data["new"]["email"]) and $data["old"]["email"] != $data["new"]["email"] or $data["old"]["autoresponder_start_date"] != $data["new"]["autoresponder_start_date"] or $data["old"]["autoresponder_end_date"] != $data["new"]["autoresponder_end_date"] or $data["old"]["cc"] != $data["new"]["cc"]) {
$app->log("Mailfilter config has been changed", LOGLEVEL_DEBUG);
$sieve_file = $data["new"]["maildir"] . '/.sieve';
if (is_file($sieve_file)) {
unlink($sieve_file) or $app->log("Unable to delete file: {$sieve_file}", LOGLEVEL_WARN);
}
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate("sieve_filter.master");
// cc Field
$tpl->setVar('cc', $data["new"]["cc"]);
// Custom filters
$tpl->setVar('custom_mailfilter', $data["new"]["custom_mailfilter"]);
// Move junk
$tpl->setVar('move_junk', $data["new"]["move_junk"]);
// Set autoresponder start date
$tpl->setVar('start_date', $data["new"]["autoresponder_start_date"]);
// Set autoresponder end date
$tpl->setVar('end_date', $data["new"]["autoresponder_end_date"]);
// Autoresponder
$tpl->setVar('autoresponder', $data["new"]["autoresponder"]);
$data["new"]["autoresponder_text"] = str_replace("\"", "'", $data["new"]["autoresponder_text"]);
$tpl->setVar('autoresponder_text', $data["new"]["autoresponder_text"]);
//* Set alias addresses for autoresponder
$sql = "SELECT * FROM mail_forwarding WHERE type = 'alias' AND destination = '" . $app->db->quote($data["new"]["email"]) . "'";
$records = $app->db->queryAllRecords($sql);
$addresses = '';
if (is_array($records) && count($records) > 0) {
$addresses .= ':addresses ["' . $data["new"]["email"] . '",';
foreach ($records as $rec) {
$addresses .= '"' . $rec['source'] . '",';
}
$addresses = substr($addresses, 0, -1);
$addresses .= ']';
}
$tpl->setVar('addresses', $addresses);
file_put_contents($sieve_file, $tpl->grab());
unset($tpl);
}
}
function soa_update($event_name, $data)
{
global $app, $conf;
//* Load libraries
$app->uses("getconf,tpl");
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
//* Write the domain file
if (!empty($data['new']['id'])) {
$tpl = new tpl();
$tpl->newTemplate("bind_pri.domain.master");
$zone = $data['new'];
$tpl->setVar($zone);
$records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = " . $zone['id'] . " AND active = 'Y'");
$tpl->setLoop('zones', $records);
//TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'] . '/pri/' . substr($zone['origin'], 0, -1));
} else {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'] . '/pri.' . substr($zone['origin'], 0, -1));
}
$app->log("Writing BIND domain file: " . $filename, LOGLEVEL_DEBUG);
file_put_contents($filename, $tpl->grab());
chown($filename, escapeshellcmd($dns_config['bind_user']));
chgrp($filename, escapeshellcmd($dns_config['bind_group']));
unset($tpl);
unset($records);
unset($records_out);
unset($zone);
}
//* rebuild the named.conf file if the origin has changed or when the origin is inserted.
//if($this->action == 'insert' || $data['old']['origin'] != $data['new']['origin']) {
$this->write_named_conf($data, $dns_config);
//}
//* Delete old domain file, if domain name has been changed
if ($data['old']['origin'] != $data['new']['origin']) {
//TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) {
$filename = $dns_config['bind_zonefiles_dir'] . '/pri/' . substr($data['old']['origin'], 0, -1);
} else {
$filename = $dns_config['bind_zonefiles_dir'] . '/pri.' . substr($data['old']['origin'], 0, -1);
}
if (is_file($filename)) {
unset($filename);
}
}
//* Reload bind nameserver
$app->services->restartServiceDelayed('bind', 'reload');
}
function show()
{
global $app, $conf;
//* Loading Template
$app->uses('tpl');
$tpl = new tpl();
$tpl->newTemplate("dashlets/templates/modules.htm");
$wb = array();
$lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_dashlet_modules.lng';
if (is_file($lng_file)) {
include $lng_file;
}
$tpl->setVar($wb);
/*
* Show all modules, the user is allowed to use
*/
$modules = explode(',', $_SESSION['s']['user']['modules']);
$mod = array();
if (is_array($modules)) {
foreach ($modules as $mt) {
if (is_file('../' . $mt . '/lib/module.conf.php')) {
if (!preg_match("/^[a-z]{2,20}\$/i", $mt)) {
die('module name contains unallowed chars.');
}
include_once '../' . $mt . '/lib/module.conf.php';
/* We don't want to show the dashboard */
if ($mt != 'dashboard') {
$module_title = $app->lng($module['title']);
if (function_exists('mb_strlen')) {
if (mb_strlen($module_title, "UTF-8") > 8) {
$module_title = mb_substr($module_title, 0, 7, "UTF-8") . '..';
}
} else {
if (strlen($module_title) > 8) {
$module_title = substr($module_title, 0, 7) . '..';
}
}
$mod[] = array('modules_title' => $module_title, 'modules_startpage' => $module['startpage'], 'modules_name' => $module['name']);
}
}
}
$tpl->setloop('modules', $mod);
}
return $tpl->grab();
}
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir($install_dir)) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = 'useradd -g ispconfig -d ' . $install_dir . ' ispconfig';
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = 'cp -rf ../interface ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = 'cp -rf ../server ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make a backup of the security settings
if (is_file('/usr/local/ispconfig/security/security_settings.ini')) {
copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~');
}
//* copy the ISPConfig security part
$command = 'cp -rf ../security ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Apply changed security_settings.ini values to new security_settings.ini file
if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if (is_array($security_settings_new) && is_array($security_settings_old)) {
foreach ($security_settings_new as $section => $sval) {
if (is_array($sval)) {
foreach ($sval as $key => $val) {
if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new));
}
}
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /home/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy($install_dir . '/interface/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~');
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf($install_dir . '/interface/lib/' . $configfile, $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy($install_dir . '/server/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~');
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf($install_dir . '/server/lib/' . $configfile, $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if (method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['openvz']['installed'] ? 1 : 0;
$proxy_server_enabled = $conf['services']['proxy'] ? 1 : 0;
$firewall_server_enabled = $conf['services']['firewall'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}', proxy_server = '{$proxy_server_enabled}', firewall_server = '{$firewall_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
// chown install dir to root and chmod 755
$command = 'chown root:root ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 755 ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Chmod the files and directories in the install dir
$command = 'chmod -R 750 ' . $install_dir . '/*';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the interface files to the ispconfig user and group
$command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the server files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/server';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security directory and security_settings.ini to root:ispconfig
$command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
if (is_dir($install_dir . '/interface/web/temp')) {
exec("chmod -R 770 {$install_dir}/interface/web/temp");
}
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 {$install_dir}/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/config.inc.php', 0600);
chown($install_dir . '/server/lib/config.inc.php', 'root');
chgrp($install_dir . '/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir . '/interface/lib/config.inc.php', 0600);
chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chmod($install_dir . '/server/lib/remote_action.inc.php', 0600);
chown($install_dir . '/server/lib/remote_action.inc.php', 'root');
chgrp($install_dir . '/server/lib/remote_action.inc.php', 'root');
if (@is_file($install_dir . '/server/lib/mysql_clientdb.conf')) {
chmod($install_dir . '/server/lib/mysql_clientdb.conf', 0600);
chown($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
chgrp($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
$command = 'adduser ' . $conf['apache']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'adduser ' . $conf['apache']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
$command = 'adduser ' . $conf['nginx']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'adduser ' . $conf['nginx']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl('apache_ispconfig.vhost.master');
$tpl->setVar('vhost_port', $conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 8443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 8443) {
$tpl->setVar('vhost_port_listen', '#');
} else {
$tpl->setVar('vhost_port_listen', '');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment', '');
} else {
$tpl->setVar('ssl_comment', '#');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) {
$tpl->setVar('ssl_bundle_comment', '');
} else {
$tpl->setVar('ssl_bundle_comment', '#');
}
$tpl->setVar('apache_version', getapacheversion());
wf($vhost_conf_dir . '/ispconfig.vhost', $tpl->grab());
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
//if(!is_file('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
@mkdir('/home/www/php-fcgi-scripts/ispconfig', 0755, true);
wf('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
@symlink($install_dir . '/interface/web', '/home/www/ispconfig');
exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig');
//}
}
if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', 'on', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', 'off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
}
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
chown($install_dir . '/server/scripts/update_from_dev.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_dev.sh', 0700);
chown($install_dir . '/server/scripts/update_from_tgz.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_tgz.sh', 0700);
chown($install_dir . '/server/scripts/ispconfig_update.sh', 'root');
chmod($install_dir . '/server/scripts/ispconfig_update.sh', 0700);
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
}
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/mail.log')) {
exec('chmod +r /var/log/mail.log');
}
if (@is_file('/var/log/mail.warn')) {
exec('chmod +r /var/log/mail.warn');
}
if (@is_file('/var/log/mail.err')) {
exec('chmod +r /var/log/mail.err');
}
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
if (@is_file('/var/log/clamav/clamav.log')) {
exec('chmod +r /var/log/clamav/clamav.log');
}
if (@is_file('/var/log/clamav/freshclam.log')) {
exec('chmod +r /var/log/clamav/freshclam.log');
}
//* Create the ispconfig log file and directory
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir'], 0755);
}
touch($conf['ispconfig_log_dir'] . '/ispconfig.log');
}
//* Create the ispconfig auth log file and set uid/gid
if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) {
touch($conf['ispconfig_log_dir'] . '/auth.log');
}
exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log');
exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log');
if (is_user('getmail')) {
rename($install_dir . '/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
if (is_user('getmail')) {
chown('/usr/local/bin/run-getmail.sh', 'getmail');
}
chmod('/usr/local/bin/run-getmail.sh', 0744);
}
//* Add Log-Rotation
if (is_dir('/etc/logrotate.d')) {
@unlink('/etc/logrotate.d/logispc3');
// ignore, if the file is not there
/* We rotate these logs in cron_daily.php
$fh = fopen('/etc/logrotate.d/logispc3', 'w');
fwrite($fh,
"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"} \n" .
"$conf['ispconfig_log_dir']/cron.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"}");
fclose($fh);
*/
}
//* Remove Domain module as its functions are available in the client module now
if (@is_dir('/usr/local/ispconfig/interface/web/domain')) {
exec('rm -rf /usr/local/ispconfig/interface/web/domain');
}
//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
if (is_file('/etc/default/rkhunter')) {
replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
}
// Add symlink for patch tool
if (!is_link('/usr/local/bin/ispconfig_patch')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
}
// Change mode of a few files from amavisd
if (is_file($conf['amavis']['config_dir'] . '/conf.d/50-user')) {
chmod($conf['amavis']['config_dir'] . '/conf.d/50-user', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/50-user~')) {
chmod($conf['amavis']['config_dir'] . '/50-user~', 0400);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf~')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf~', 0400);
}
}
function show()
{
global $app, $conf;
$limits = array();
/* Limits to be shown*/
$limits[] = array('field' => 'limit_maildomain', 'db_table' => 'mail_domain', 'db_where' => '');
$limits[] = array('field' => 'limit_mailmailinglist', 'db_table' => 'mail_mailinglist', 'db_where' => '');
$limits[] = array('field' => 'limit_mailbox', 'db_table' => 'mail_user', 'db_where' => '');
$limits[] = array('field' => 'limit_mailalias', 'db_table' => 'mail_forwarding', 'db_where' => "type = 'alias'");
$limits[] = array('field' => 'limit_mailaliasdomain', 'db_table' => 'mail_forwarding', 'db_where' => "type = 'aliasdomain'");
$limits[] = array('field' => 'limit_mailforward', 'db_table' => 'mail_forwarding', 'db_where' => "type = 'forward'");
$limits[] = array('field' => 'limit_mailcatchall', 'db_table' => 'mail_forwarding', 'db_where' => "type = 'catchall'");
$limits[] = array('field' => 'limit_mailrouting', 'db_table' => 'mail_transport', 'db_where' => "");
$limits[] = array('field' => 'limit_mailfilter', 'db_table' => 'mail_user_filter', 'db_where' => "");
$limits[] = array('field' => 'limit_fetchmail', 'db_table' => 'mail_get', 'db_where' => "");
$limits[] = array('field' => 'limit_spamfilter_wblist', 'db_table' => 'spamfilter_wblist', 'db_where' => "");
$limits[] = array('field' => 'limit_spamfilter_user', 'db_table' => 'spamfilter_users', 'db_where' => "");
$limits[] = array('field' => 'limit_spamfilter_policy', 'db_table' => 'spamfilter_policy', 'db_where' => "");
$limits[] = array('field' => 'limit_web_domain', 'db_table' => 'web_domain', 'db_where' => "type = 'vhost'");
$limits[] = array('field' => 'limit_web_subdomain', 'db_table' => 'web_domain', 'db_where' => "(type = 'subdomain' OR type = 'vhostsubdomain')");
$limits[] = array('field' => 'limit_web_aliasdomain', 'db_table' => 'web_domain', 'db_where' => "type = 'alias'");
$limits[] = array('field' => 'limit_ftp_user', 'db_table' => 'ftp_user', 'db_where' => "");
$limits[] = array('field' => 'limit_shell_user', 'db_table' => 'shell_user', 'db_where' => "");
$limits[] = array('field' => 'limit_dns_zone', 'db_table' => 'dns_soa', 'db_where' => "");
$limits[] = array('field' => 'limit_dns_slave_zone', 'db_table' => 'dns_slave', 'db_where' => "");
$limits[] = array('field' => 'limit_dns_record', 'db_table' => 'dns_rr', 'db_where' => "");
$limits[] = array('field' => 'limit_database', 'db_table' => 'web_database', 'db_where' => "");
$limits[] = array('field' => 'limit_cron', 'db_table' => 'cron', 'db_where' => "");
$limits[] = array('field' => 'limit_client', 'db_table' => 'client', 'db_where' => "");
//* Loading Template
$app->uses('tpl,tform');
$tpl = new tpl();
$tpl->newTemplate("dashlets/templates/limits.htm");
$wb = array();
$lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_dashlet_limits.lng';
if (is_file($lng_file)) {
include $lng_file;
}
$tpl->setVar($wb);
if ($app->auth->is_admin()) {
$user_is_admin = true;
} else {
$user_is_admin = false;
}
$tpl->setVar('is_admin', $user_is_admin);
if ($user_is_admin == false) {
$client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT * FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = {$client_group_id}");
}
$rows = array();
foreach ($limits as $limit) {
$field = $limit['field'];
if ($user_is_admin) {
$value = $wb['unlimited_txt'];
} else {
$value = $client[$field];
}
if ($value != 0 || $value == $wb['unlimited_txt']) {
$value_formatted = $value == '-1' ? $wb['unlimited_txt'] : $value;
$rows[] = array('field' => $field, 'field_txt' => $wb[$field . '_txt'], 'value' => $value_formatted, 'usage' => $this->_get_limit_usage($limit));
}
}
$tpl->setLoop('rows', $rows);
return $tpl->grab();
}
function update($event_name, $data)
{
global $app, $conf;
/*
* If $action is not 'insert', let's set it to update
*/
if ($this->action != 'insert') {
$this->action = 'update';
}
/*
* load the server configuration options
*/
$app->uses('getconf');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
/*
* We load the global template engine
*/
$app->load('tpl');
/*
* Create a new template and choose which master template to take
* the file is located within /usr/local/ispconfig/server/conf/
*/
$tpl = new tpl();
$tpl->newTemplate('apache2_userdir_plugin.conf.master');
/*
* Write some values from the array to single variables
*/
$vhost_data = $data['new'];
/*
* To have a better overview we split our update function into several parts,
* for sites, aliases and subdomains
* -> vhost
*/
if ($data['new']['type'] == 'vhost') {
/*
* We have collected all data in the $vhost_data array
* so we can pass it to the template engine
*/
$tpl->setVar($vhost_data);
/*
* if this is an 'insert', we have to create the vhost file
*/
if ($this->action == 'insert') {
$this->vhost('insert', $data, $tpl->grab());
}
/*
* if this is an 'update', we have to update the vhost file
*/
if ($this->action == 'update') {
$vhost_backup = $this->vhost('update', $data, $tpl->grab());
}
}
/*
* reload the apache2 webserver to apply changes
*/
$app->services->restartServiceDelayed('httpd', 'reload');
/*
* everything went hopefully well, so we can now
* delete the vhosts backup
*/
if (isset($vhost_backup)) {
unlink($vhost_backup['file_new'] . '~');
}
unset($vhost_backup);
/*
* Unset 'action' to clean it for next processed vhost
*/
$this->action = '';
}
function update($event_name, $data)
{
global $app, $conf;
// load the server configuration options
$app->uses("getconf");
$mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail');
if (substr($mail_config["homedir_path"], -1) == '/') {
$mail_config["homedir_path"] = substr($mail_config["homedir_path"], 0, -1);
}
if (isset($data["new"]["email"])) {
$email_parts = explode("@", $data["new"]["email"]);
} else {
$email_parts = explode("@", $data["old"]["email"]);
}
// Write the custom mailfilter script, if mailfilter recipe has changed
if ($data["old"]["custom_mailfilter"] != $data["new"]["custom_mailfilter"] or $data["old"]["move_junk"] != $data["new"]["move_junk"] or $data["old"]["autoresponder_subject"] != $data["new"]["autoresponder_subject"] or $data["old"]["autoresponder_text"] != $data["new"]["autoresponder_text"] or $data["old"]["autoresponder"] != $data["new"]["autoresponder"] or isset($data["new"]["email"]) and $data["old"]["email"] != $data["new"]["email"] or $data["old"]["autoresponder_start_date"] != $data["new"]["autoresponder_start_date"] or $data["old"]["autoresponder_end_date"] != $data["new"]["autoresponder_end_date"] or $data["old"]["cc"] != $data["new"]["cc"]) {
$app->log("Mailfilter config has been changed", LOGLEVEL_DEBUG);
$sieve_file = $data["new"]["maildir"] . '/.sieve';
if (is_file($sieve_file)) {
unlink($sieve_file) or $app->log("Unable to delete file: {$sieve_file}", LOGLEVEL_WARN);
}
$app->load('tpl');
//* Select sieve filter file for dovecot version
exec('dovecot --version', $tmp);
if (substr($tmp[0], 0, 3) == '1.0') {
$filter_file_template = "sieve_filter.master";
} elseif (substr($tmp[0], 0, 3) == '1.2') {
$filter_file_template = "sieve_filter_1.2.master";
} elseif (substr($tmp[0], 0, 1) == '2') {
$filter_file_template = "sieve_filter_1.2.master";
} else {
$filter_file_template = "sieve_filter.master";
}
unset($tmp);
//* Create new filter file based on template
$tpl = new tpl();
$tpl->newTemplate($filter_file_template);
// cc Field
$tmp_mails_arr = explode(',', $data["new"]["cc"]);
$tmp_addresses_arr = array();
foreach ($tmp_mails_arr as $address) {
if (trim($address) != '') {
$tmp_addresses_arr[] = array('address' => trim($address));
}
}
$tpl->setVar('cc', $data["new"]["cc"]);
$tpl->setLoop('ccloop', $tmp_addresses_arr);
// Custom filters
if ($data["new"]["custom_mailfilter"] == 'NULL') {
$data["new"]["custom_mailfilter"] = '';
}
$tpl->setVar('custom_mailfilter', $data["new"]["custom_mailfilter"]);
// Move junk
$tpl->setVar('move_junk', $data["new"]["move_junk"]);
// Check autoresponder dates
if ($data["new"]["autoresponder_start_date"] == '0000-00-00 00:00:00' && $data["new"]["autoresponder_end_date"] == '0000-00-00 00:00:00') {
$tpl->setVar('autoresponder_date_limit', 0);
} else {
$tpl->setVar('autoresponder_date_limit', 1);
}
// Set autoresponder start date
$data["new"]["autoresponder_start_date"] = str_replace(" ", "T", $data["new"]["autoresponder_start_date"]);
$tpl->setVar('start_date', $data["new"]["autoresponder_start_date"]);
// Set autoresponder end date
$data["new"]["autoresponder_end_date"] = str_replace(" ", "T", $data["new"]["autoresponder_end_date"]);
$tpl->setVar('end_date', $data["new"]["autoresponder_end_date"]);
// Autoresponder
$tpl->setVar('autoresponder', $data["new"]["autoresponder"]);
// Autoresponder Subject
$data["new"]["autoresponder_subject"] = str_replace("\"", "'", $data["new"]["autoresponder_subject"]);
$tpl->setVar('autoresponder_subject', $data["new"]["autoresponder_subject"]);
// Autoresponder Text
$data["new"]["autoresponder_text"] = str_replace("\"", "'", $data["new"]["autoresponder_text"]);
$tpl->setVar('autoresponder_text', $data["new"]["autoresponder_text"]);
//* Set alias addresses for autoresponder
$sql = "SELECT * FROM mail_forwarding WHERE type = 'alias' AND destination = '" . $app->db->quote($data["new"]["email"]) . "'";
$records = $app->db->queryAllRecords($sql);
$addresses = array();
$addresses[] = $data["new"]["email"];
if (is_array($records) && count($records) > 0) {
foreach ($records as $rec) {
$addresses[] = $rec['source'];
}
}
$app->log("Found " . count($addresses) . " addresses.", LOGLEVEL_DEBUG);
$alias_addresses = array();
$email_parts = explode('@', $data["new"]["email"]);
$sql = "SELECT * FROM mail_forwarding WHERE type = 'aliasdomain' AND destination = '@" . $app->db->quote($email_parts[1]) . "'";
$records = $app->db->queryAllRecords($sql);
if (is_array($records) && count($records) > 0) {
$app->log("Found " . count($records) . " records (aliasdomains).", LOGLEVEL_DEBUG);
foreach ($records as $rec) {
$aliasdomain = substr($rec['source'], 1);
foreach ($addresses as $email) {
$email_parts = explode('@', $email);
$alias_addresses[] = $email_parts[0] . '@' . $aliasdomain;
}
}
}
$app->log("Found " . count($addresses) . " addresses at all.", LOGLEVEL_DEBUG);
$addresses = array_unique(array_merge($addresses, $alias_addresses));
$app->log("Found " . count($addresses) . " unique addresses at all.", LOGLEVEL_DEBUG);
$address_str = '';
if (is_array($addresses) && count($addresses) > 0) {
$address_str .= ':addresses [';
foreach ($addresses as $rec) {
$address_str .= '"' . $rec . '",';
}
$address_str = substr($address_str, 0, -1);
$address_str .= ']';
}
$tpl->setVar('addresses', $address_str);
file_put_contents($sieve_file, $tpl->grab());
exec('chown ' . $mail_config['mailuser_name'] . ':' . $mail_config['mailuser_group'] . ' ' . escapeshellcmd($sieve_file));
unset($tpl);
}
}
function onShow()
{
global $app;
$listTpl = new tpl();
$listTpl->newTemplate('templates/web_backup_list.htm');
//* Loading language file
$lng_file = "lib/lang/" . $_SESSION["s"]["language"] . "_web_backup_list.lng";
include $lng_file;
$listTpl->setVar($wb);
$message = '';
$error = '';
if (isset($_GET['backup_action'])) {
$backup_id = $app->functions->intval($_GET['backup_id']);
//* check if the user is owner of the parent domain
$domain_backup = $app->db->queryOneRecord("SELECT parent_domain_id FROM web_backup WHERE backup_id = " . $backup_id);
$check_perm = 'u';
if ($_GET['backup_action'] == 'download') {
$check_perm = 'r';
}
// only check read permissions on download, not update permissions
$get_domain = $app->db->queryOneRecord("SELECT domain_id FROM web_domain WHERE domain_id = " . $app->functions->intval($domain_backup["parent_domain_id"]) . " AND " . $app->tform->getAuthSQL($check_perm));
if (empty($get_domain) || !$get_domain) {
$app->error($app->tform->lng('no_domain_perm'));
}
if ($_GET['backup_action'] == 'download' && $backup_id > 0) {
$server_id = $this->form->dataRecord['server_id'];
$backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = " . $backup_id);
if ($backup['server_id'] > 0) {
$server_id = $backup['server_id'];
}
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_download' AND action_param = '{$backup_id}'";
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] == 0) {
$message .= $wb['download_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . "VALUES (" . (int) $server_id . ", " . time() . ", " . "'backup_download', " . "'" . $backup_id . "', " . "'pending', " . "''" . ")";
$app->db->query($sql);
} else {
$error .= $wb['download_pending_txt'];
}
}
if ($_GET['backup_action'] == 'restore' && $backup_id > 0) {
$server_id = $this->form->dataRecord['server_id'];
$backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = " . $backup_id);
if ($backup['server_id'] > 0) {
$server_id = $backup['server_id'];
}
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = '{$backup_id}'";
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] == 0) {
$message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . "VALUES (" . (int) $server_id . ", " . time() . ", " . "'backup_restore', " . "'" . $backup_id . "', " . "'pending', " . "''" . ")";
$app->db->query($sql);
} else {
$error .= $wb['restore_pending_txt'];
}
}
}
//* Get the data
$server_ids = array();
$web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = " . $app->functions->intval($this->form->id));
$databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = " . $app->functions->intval($this->form->id));
if ($app->functions->intval($web['server_id']) > 0) {
$server_ids[] = $app->functions->intval($web['server_id']);
}
if (is_array($databases) && !empty($databases)) {
foreach ($databases as $database) {
if ($app->functions->intval($database['server_id']) > 0) {
$server_ids[] = $app->functions->intval($database['server_id']);
}
}
}
$server_ids = array_unique($server_ids);
$sql = "SELECT * FROM web_backup WHERE parent_domain_id = " . $app->functions->intval($this->form->id) . " AND server_id IN (" . implode(',', $server_ids) . ") ORDER BY tstamp DESC, backup_type ASC";
$records = $app->db->queryAllRecords($sql);
$bgcolor = "#FFFFFF";
if (is_array($records)) {
foreach ($records as $rec) {
// Change of color
$bgcolor = $bgcolor == "#FFFFFF" ? "#EEEEEE" : "#FFFFFF";
$rec["bgcolor"] = $bgcolor;
$rec['date'] = date($app->lng('conf_format_datetime'), $rec['tstamp']);
$rec['backup_type'] = $wb['backup_type_' . $rec['backup_type']];
$rec['download_available'] = true;
if ($rec['server_id'] != $web['server_id']) {
$rec['download_available'] = false;
}
$records_new[] = $rec;
}
}
$listTpl->setLoop('records', @$records_new);
$listTpl->setVar('parent_id', $this->form->id);
$listTpl->setVar('msg', $message);
$listTpl->setVar('error', $error);
// Setting Returnto information in the session
$list_name = 'backup_list';
// $_SESSION["s"]["list"][$list_name]["parent_id"] = $app->tform_actions->id;
$_SESSION["s"]["list"][$list_name]["parent_id"] = $this->form->id;
$_SESSION["s"]["list"][$list_name]["parent_name"] = $app->tform->formDef["name"];
$_SESSION["s"]["list"][$list_name]["parent_tab"] = $_SESSION["s"]["form"]["tab"];
$_SESSION["s"]["list"][$list_name]["parent_script"] = $app->tform->formDef["action"];
$_SESSION["s"]["form"]["return_to"] = $list_name;
return $listTpl->grab();
}
function show()
{
global $app, $conf;
//* Loading Template
$app->uses('tpl');
$tpl = new tpl();
$tpl->newTemplate("dashlets/templates/quota.htm");
$wb = array();
$lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_dashlet_quota.lng';
if (is_file($lng_file)) {
include $lng_file;
}
$tpl->setVar($wb);
$tmp_rec = $app->db->queryAllRecords("SELECT data from monitor_data WHERE type = 'harddisk_quota' ORDER BY created DESC");
$monitor_data = array();
if (is_array($tmp_rec)) {
foreach ($tmp_rec as $tmp_mon) {
$monitor_data = array_merge_recursive($monitor_data, unserialize($app->db->unquote($tmp_mon['data'])));
}
}
//print_r($monitor_data);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql_where = " AND sys_groupid = " . $app->functions->intval($_SESSION['s']['user']['default_group']);
}
$has_quota = false;
// select websites belonging to client
$sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND type = 'vhost'" . $sql_where);
//print_r($sites);
if (is_array($sites) && !empty($sites)) {
for ($i = 0; $i < sizeof($sites); $i++) {
$username = $sites[$i]['system_user'];
$sites[$i]['used'] = $monitor_data['user'][$username]['used'];
$sites[$i]['soft'] = $monitor_data['user'][$username]['soft'];
$sites[$i]['hard'] = $monitor_data['user'][$username]['hard'];
$sites[$i]['files'] = $monitor_data['user'][$username]['files'];
if (!is_numeric($sites[$i]['used'])) {
if ($sites[$i]['used'][0] > $sites[$i]['used'][1]) {
$sites[$i]['used'] = $sites[$i]['used'][0];
} else {
$sites[$i]['used'] = $sites[$i]['used'][1];
}
}
if (!is_numeric($sites[$i]['soft'])) {
$sites[$i]['soft'] = $sites[$i]['soft'][1];
}
if (!is_numeric($sites[$i]['hard'])) {
$sites[$i]['hard'] = $sites[$i]['hard'][1];
}
if (!is_numeric($sites[$i]['files'])) {
$sites[$i]['files'] = $sites[$i]['files'][1];
}
// colours
$sites[$i]['display_colour'] = '#000000';
if ($sites[$i]['soft'] > 0) {
$used_ratio = $sites[$i]['used'] / $sites[$i]['soft'];
} else {
$used_ratio = 0;
}
if ($used_ratio >= 0.8) {
$sites[$i]['display_colour'] = '#fd934f';
}
if ($used_ratio >= 1) {
$sites[$i]['display_colour'] = '#cc0000';
}
if ($sites[$i]['used'] > 1024) {
$sites[$i]['used'] = round($sites[$i]['used'] / 1024, 2) . ' MB';
} else {
if ($sites[$i]['used'] != '') {
$sites[$i]['used'] .= ' KB';
}
}
if ($sites[$i]['soft'] > 1024) {
$sites[$i]['soft'] = round($sites[$i]['soft'] / 1024, 2) . ' MB';
} else {
$sites[$i]['soft'] .= ' KB';
}
if ($sites[$i]['hard'] > 1024) {
$sites[$i]['hard'] = round($sites[$i]['hard'] / 1024, 2) . ' MB';
} else {
$sites[$i]['hard'] .= ' KB';
}
if ($sites[$i]['soft'] == " KB") {
$sites[$i]['soft'] = $app->lng('unlimited');
}
if ($sites[$i]['hard'] == " KB") {
$sites[$i]['hard'] = $app->lng('unlimited');
}
/*
if(!strstr($sites[$i]['used'],'M') && !strstr($sites[$i]['used'],'K')) $sites[$i]['used'].= ' B';
if(!strstr($sites[$i]['soft'],'M') && !strstr($sites[$i]['soft'],'K')) $sites[$i]['soft'].= ' B';
if(!strstr($sites[$i]['hard'],'M') && !strstr($sites[$i]['hard'],'K')) $sites[$i]['hard'].= ' B';
*/
if ($sites[$i]['soft'] == '0 B' || $sites[$i]['soft'] == '0 KB' || $sites[$i]['soft'] == '0') {
$sites[$i]['soft'] = $app->lng('unlimited');
}
if ($sites[$i]['hard'] == '0 B' || $sites[$i]['hard'] == '0 KB' || $sites[$i]['hard'] == '0') {
$sites[$i]['hard'] = $app->lng('unlimited');
}
}
$has_quota = true;
$tpl->setloop('quota', $sites);
}
//print_r($sites);
$tpl->setVar('has_quota', $has_quota);
return $tpl->grab();
}
/**
* ISPConfig update hook.
*
* Called every time a site gets updated from within ISPConfig.
*
* @see insert()
* @see delete()
*
* @param string $event_name the event/action name
* @param array $data the vhost data
*/
function update($event_name, $data)
{
global $app, $conf;
//* $VAR: command to run after vhost insert/update/delete
$final_command = '/etc/init.d/nginx reload';
if ($this->action != 'insert') {
$this->action = 'update';
}
$app->uses('getconf');
$app->uses('system');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('nginx_reverse_proxy_plugin.vhost.conf.master');
$web_folder = 'web';
if ($data['new']['type'] == 'vhostsubdomain') {
$tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ' . intval($data['new']['parent_domain_id']));
$subdomain_host = preg_replace('/^(.*)\\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['new']['domain']);
if ($subdomain_host == '') {
$subdomain_host = 'web' . $data['new']['domain_id'];
}
$web_folder = $data['new']['web_folder'];
unset($tmp);
}
$vhost_data = $data['new'];
$vhost_data['web_document_root'] = $data['new']['document_root'] . '/' . $web_folder;
$vhost_data['web_document_root_www'] = $web_config['website_basedir'] . '/' . $data['new']['domain'] . '/' . $web_folder;
$vhost_data['web_basedir'] = $web_config['website_basedir'];
$vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
/* __ VHOST & VHOSTSUBDOMAIN - section for vhosts and vhostsubdomains //////////////*/
if ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') {
if ($data['new']['ipv6_address'] != '') {
$tpl->setVar('ipv6_enabled', 1);
}
$server_alias = array();
switch ($data['new']['subdomain']) {
case 'www':
// if seo-redirect is enabled, this should be placed in separate server block
// to prevent if statement in server/request!
$server_alias[] .= 'www.' . $data['new']['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $data['new']['domain'] . ' ';
break;
}
$alias_result = array();
$alias_result = $app->dbmaster->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = ' . $data['new']['domain_id'] . " AND active = 'y' AND type != 'vhostsubdomain'");
if (count($alias_result) > 0) {
// if alias is redirect type, put in server block with seo-redirect to prevent
// if statement in server/request!
foreach ($alias_result as $alias) {
switch ($alias['subdomain']) {
case 'www':
$server_alias[] .= 'www.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
default:
$server_alias[] .= $alias['domain'] . ' ';
}
$app->log('Add server alias: ' . $alias['domain'], LOGLEVEL_DEBUG);
}
unset($alias);
}
if (count($server_alias) > 0) {
$server_alias_str = '';
foreach ($server_alias as $tmp_alias) {
$server_alias_str .= $tmp_alias;
}
unset($tmp_alias);
$tpl->setVar('alias', $server_alias_str);
} else {
$tpl->setVar('alias', '');
}
if (!isset($rewrite_rules)) {
$rewrite_rules = array();
}
if ($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
if (substr($data['new']['redirect_path'], -1) != '/') {
$data['new']['redirect_path'] .= '/';
}
if (substr($data['new']['redirect_path'], 0, 8) == '[scheme]') {
$rewrite_target = 'http' . substr($data['new']['redirect_path'], 8);
$rewrite_target_ssl = 'https' . substr($data['new']['redirect_path'], 8);
} else {
$rewrite_target = $data['new']['redirect_path'];
$rewrite_target_ssl = $data['new']['redirect_path'];
}
if (substr($data['new']['redirect_path'], 0, 4) == 'http') {
$data['new']['redirect_type'] = 'permanent';
} else {
switch ($data['new']['redirect_type']) {
case 'no':
$data['new']['redirect_type'] = 'break';
break;
case 'L':
$data['new']['redirect_type'] = 'break';
break;
default:
$data['new']['redirect_type'] = 'permanent';
}
}
switch ($data['new']['subdomain']) {
case 'www':
$rewrite_rules[] = array('rewrite_domain' => '^' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : $data['new']['redirect_type'], 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
$rewrite_rules[] = array('rewrite_domain' => '^www.' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : $data['new']['redirect_type'], 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
$rewrite_rules[] = array('rewrite_domain' => '(^|\\.)' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : $data['new']['redirect_type'], 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
default:
$rewrite_rules[] = array('rewrite_domain' => '^' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : $data['new']['redirect_type'], 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
}
}
if ($data['new']['seo_redirect'] != '' && ($data['new']['subdomain'] == 'www' || $data['new']['subdomain'] == '*')) {
$vhost_data['seo_redirect_enabled'] = 1;
if ($data['new']['seo_redirect'] == 'non_www_to_www') {
$vhost_data['seo_redirect_origin_domain'] = $data['new']['domain'];
$vhost_data['seo_redirect_target_domain'] = 'www.' . $data['new']['domain'];
}
if ($data['new']['seo_redirect'] == 'www_to_non_www') {
$vhost_data['seo_redirect_origin_domain'] = 'www.' . $data['new']['domain'];
$vhost_data['seo_redirect_target_domain'] = $data['new']['domain'];
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
$errordocs = !$data['new']['errordocs'];
$nginx_directives = $data['new']['nginx_directives'];
$nginx_directives = str_replace("\r\n", "\n", $nginx_directives);
$nginx_directives = str_replace("\r", "\n", $nginx_directives);
$crt_file = escapeshellcmd($data['new']['document_root'] . '/ssl/' . $data['new']['ssl_domain'] . '.crt');
$key_file = escapeshellcmd($data['new']['document_root'] . '/ssl/' . $data['new']['ssl_domain'] . '.key');
if ($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && is_file($crt_file) && is_file($key_file) && filesize($crt_file) > 0 && filesize($key_file) > 0) {
$http_to_https = 1;
} else {
$http_to_https = 0;
}
// non-ssl vhost loop
if (count($rewrite_rules) > 0) {
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ipv6_address' => $data['new']['ipv6_address'], 'ssl_enabled' => 0, 'http_to_https' => $http_to_https, 'nginx_directives' => $nginx_directives, 'errordocs' => $errordocs, 'port' => 80, 'apache2_port' => 82);
} else {
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ipv6_address' => $data['new']['ipv6_address'], 'ssl_enabled' => 0, 'http_to_https' => $http_to_https, 'nginx_directives' => $nginx_directives, 'errordocs' => $errordocs, 'port' => 80, 'apache2_port' => 82);
}
// ssl vhost loop
if ($http_to_https == 1) {
$vhost_data['web_document_root_ssl'] = $data['new']['document_root'] . '/ssl';
if (count($rewrite_rules) > 0) {
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ipv6_address' => $data['new']['ipv6_address'], 'ssl_enabled' => 1, 'http_to_https' => 0, 'rewrite_enabled' => 1, 'nginx_directives' => $nginx_directives, 'errordocs' => $errordocs, 'port' => 443, 'apache2_port' => 82);
} else {
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ipv6_address' => $data['new']['ipv6_address'], 'ssl_enabled' => 1, 'http_to_https' => 0, 'rewrite_enabled' => 0, 'nginx_directives' => $nginx_directives, 'errordocs' => $errordocs, 'port' => 443, 'apache2_port' => 82);
}
}
$tpl->setLoop('vhosts', $vhosts);
$tpl->setVar($vhost_data);
if ($this->action == 'insert') {
$this->vhost_helper('insert', $data, $tpl->grab());
}
if ($this->action == 'update') {
$vhost_backup = $this->vhost_helper('update', $data, $tpl->grab());
}
}
/**
* Section for aliasdomains.
*
* This section is used for aliasdomains.
*/
if ($data['new']['type'] == 'alias') {
$parent_domain = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . intval($data['new']['parent_domain_id']) . '');
$parent_domain['parent_domain_id'] = $data['new']['parent_domain_id'];
$data['old'] = $parent_domain;
$data['new'] = $parent_domain;
$this->update($event_name, $data);
}
/**
* Section for classic subdomains.
*
* This section is used for classic subdomains (non vhost subdomains).
*/
if ($data['new']['type'] == 'subdomain') {
$parent_domain = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . intval($data['new']['parent_domain_id']) . '');
$parent_domain['parent_domain_id'] = $data['new']['parent_domain_id'];
$data['old'] = $parent_domain;
$data['new'] = $parent_domain;
$this->update($event_name, $data);
}
exec($final_command);
if (isset($vhost_backup)) {
$app->system->unlink($vhost_backup['file_new'] . '~');
}
unset($vhost_backup);
$this->action = '';
}
function update($event_name, $data)
{
global $app, $conf;
// get the config
$app->uses('getconf');
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
//* Configure the debian network card settings.
//* Dont configure
if ($server_config['auto_network_configuration'] == 'y' && $data['mirrored'] == false && $server_config['ip_address'] != '0.0.0.0' && $server_config['gateway'] != '0.0.0.0') {
if (is_file('/etc/debian_version')) {
copy('/etc/network/interfaces', '/etc/network/interfaces~');
$app->load('tpl');
$network_tpl = new tpl();
$network_tpl->newTemplate('debian_network_interfaces.master');
$network_tpl->setVar('ip_address', $server_config['ip_address']);
$network_tpl->setVar('netmask', $server_config['netmask']);
$network_tpl->setVar('gateway', $server_config['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$network_tpl->setVar('network', $this->network($server_config['ip_address'], $server_config['netmask']));
$records = $app->db->queryAllRecords("SELECT ip_address FROM server_ip WHERE server_id = " . intval($conf['server_id']) . ' ORDER BY server_ip_id ASC');
$ip_records = array();
$additionl_ip_records = 0;
$n = 0;
if (is_array($records)) {
foreach ($records as $rec) {
/*
* don't insert the main-ip again!
*/
if ($rec['ip_address'] != $server_config['ip_address']) {
$ip_records[$n] = array('id' => $n, 'ip_address' => $rec['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($rec['ip_address'], $server_config['netmask']), 'network' => $this->network($rec['ip_address'], $server_config['netmask']));
$additionl_ip_records = 1;
$n++;
}
}
}
/*
* If we have more than 1 IP we have to add the main-ip at the end
* of the network-ip-list. If we don't do so, there may be problems
* in multi-server-settings (with the acces from other server to the
* main-server) because the LAST IP in the list is the IP mysql uses
* to determine the host, the user is logging in from.
*/
/*
// Disabled this part as it causes problems on multiserver setups
if ($additionl_ip_records != 0)
{
$swap['ip_address'] = $ip_records[$n-1]['ip_address'];
$swap['netmask'] = $ip_records[$n-1]['netmask'];
$swap['gateway'] = $ip_records[$n-1]['gateway'];
$ip_records[$n-1] = array(
'id' => $n-1,
'ip_address' => $server_config['ip_address'],
'netmask' => $server_config['netmask'],
'gateway' => $server_config['gateway'],
'broadcast' => $this->broadcast($server_config['ip_address'],$server_config['netmask']),
'network' => $this->network($server_config['ip_address'],$server_config['netmask'])
);
$network_tpl->setVar('ip_address',$swap['ip_address']);
$network_tpl->setVar('netmask',$swap['netmask']);
$network_tpl->setVar('gateway',$swap['gateway']);
$network_tpl->setVar('broadcast',$this->broadcast($swap['ip_address'],$swap['netmask']));
$network_tpl->setVar('network',$this->network($swap['ip_address'],$swap['netmask']));
}
*/
$network_tpl->setVar('additionl_ip_records', $additionl_ip_records);
$network_tpl->setLoop('interfaces', $ip_records);
file_put_contents('/etc/network/interfaces', $network_tpl->grab());
unset($network_tpl);
$app->log('Changed Network settings', LOGLEVEL_DEBUG);
exec($conf['init_scripts'] . '/' . 'networking force-reload');
} elseif (is_file('/etc/gentoo-release')) {
copy('/etc/conf.d/net', '/etc/conf.d/net~');
$app->load('tpl');
$network_tpl = new tpl();
$network_tpl->newTemplate('gentoo_network_interfaces.master');
$network_tpl->setVar('ip_address', $server_config['ip_address']);
$network_tpl->setVar('netmask', $server_config['netmask']);
$network_tpl->setVar('gateway', $server_config['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$records = $app->db->queryAllRecords("SELECT ip_address FROM server_ip WHERE server_id = " . intval($conf['server_id']) . " order by ip_address");
$ip_records = array();
$additionl_ip_records = 0;
$n = 0;
if (is_array($records)) {
foreach ($records as $rec) {
/*
* don't insert the main-ip again!
*/
if ($rec['ip_address'] != $server_config['ip_address']) {
$ip_records[$n] = array('id' => $n, 'ip_address' => $rec['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($rec['ip_address'], $server_config['netmask']));
$additionl_ip_records = 1;
$n++;
}
}
}
/*
* If we have more than 1 IP we have to add the main-ip at the end
* of the network-ip-list. If we don't do so, there may be problems
* in multi-server-settings (with the acces from other server to the
* main-server) because the LAST IP in the list is the IP mysql uses
* to determine the host, the user is logging in from.
*/
if ($additionl_ip_records != 0) {
$swap['ip_address'] = $ip_records[$n - 1]['ip_address'];
$swap['netmask'] = $ip_records[$n - 1]['netmask'];
$swap['gateway'] = $ip_records[$n - 1]['gateway'];
$ip_records[$n - 1] = array('id' => $n - 1, 'ip_address' => $server_config['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$network_tpl->setVar('ip_address', $swap['ip_address']);
$network_tpl->setVar('netmask', $swap['netmask']);
$network_tpl->setVar('gateway', $swap['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($swap['ip_address'], $swap['netmask']));
}
$network_tpl->setVar('additionl_ip_records', $additionl_ip_records);
$network_tpl->setLoop('interfaces', $ip_records);
file_put_contents('/etc/conf.d/net', $network_tpl->grab());
unset($network_tpl);
$app->log('Changed Network settings', LOGLEVEL_DEBUG);
exec($conf['init_scripts'] . '/' . 'net.eth0 restart');
} else {
$app->log('Network configuration not available for this Linux distribution.', LOGLEVEL_DEBUG);
}
} else {
if ($data['mirrored'] == true) {
$app->log('Skipping network config request. IP addresses from master are not configured on the mirror.', LOGLEVEL_DEBUG);
}
if ($server_config['auto_network_configuration'] == 'n') {
$app->log('Network configuration disabled in server settings.', LOGLEVEL_DEBUG);
}
}
//* Configure hostname
if ($event_name == 'server_update' && $data['mirrored'] == false) {
//* get old server config
$tmp = $app->ini_parser->parse_ini_string(stripslashes($data['old']['config']));
$old_server_config = $tmp['server'];
unset($tmp);
$new_hostname = trim($server_config['hostname']);
$old_hostname = trim($old_server_config['hostname']);
if ($new_hostname != '' && $old_hostname != $new_hostname) {
if (is_file('/etc/hostname')) {
$app->system->file_put_contents('/etc/hostname', $new_hostname);
$app->log('Changed /etc/hostname to ' . $new_hostname, LOGLEVEL_DEBUG);
}
if (is_file('/etc/mailname')) {
$app->system->file_put_contents('/etc/mailname', $new_hostname);
$app->log('Changed /etc/mailname to ' . $new_hostname, LOGLEVEL_DEBUG);
}
$postconf_commands = array('myhostname = ' . $new_hostname, 'mydestination = ' . $new_hostname . ', localhost, localhost.localdomain');
//* Executing the postconf commands
foreach ($postconf_commands as $cmd) {
$command = "postconf -e '{$cmd}'";
exec($command);
}
$app->log('Changed changed myhostname and mydestination in postfix main.cf to ' . $new_hostname, LOGLEVEL_DEBUG);
//* change /etc/hosts
$hosts = file_get_contents('/etc/hosts');
$hosts = str_replace($old_hostname, $new_hostname, $hosts);
$app->system->file_put_contents('/etc/hosts', $hosts);
exec($app->system->getinitcommand('postfix', 'restart') . ' 2>&1');
exec($app->system->getinitcommand('networking', 'restart') . ' 2>&1');
}
}
}
private function bastille_update($event_name, $data)
{
global $app, $conf;
$app->uses('system');
$tcp_ports = $this->clean_ports($data['new']['tcp_port'], ' ');
$udp_ports = $this->clean_ports($data['new']['udp_port'], ' ');
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('bastille-firewall.cfg.master');
$tpl->setVar('TCP_PUBLIC_SERVICES', $tcp_ports);
$tpl->setVar('UDP_PUBLIC_SERVICES', $udp_ports);
file_put_contents('/etc/Bastille/bastille-firewall.cfg', $tpl->grab());
$app->log('Writing firewall configuration /etc/Bastille/bastille-firewall.cfg', LOGLEVEL_DEBUG);
unset($tpl);
if ($data['new']['active'] == 'y') {
//* ensure that ufw firewall is disabled in case both firewalls are installed
if ($app->system->is_installed('ufw')) {
exec('ufw disable');
}
exec($conf['init_scripts'] . '/' . 'bastille-firewall restart 2>/dev/null');
if (@is_file('/etc/debian_version')) {
exec('update-rc.d bastille-firewall defaults');
}
$app->log('Restarting the firewall', LOGLEVEL_DEBUG);
} else {
exec($conf['init_scripts'] . '/' . 'bastille-firewall stop 2>/dev/null');
if (@is_file('/etc/debian_version')) {
exec('update-rc.d -f bastille-firewall remove');
}
$app->log('Stopping the firewall', LOGLEVEL_DEBUG);
}
}
private function php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir)
{
global $app, $conf;
//$reload = false;
if ($data['new']['php'] == 'no') {
if (@is_file($pool_dir . $pool_name . '.conf')) {
unlink($pool_dir . $pool_name . '.conf');
//$reload = true;
}
//if($reload == true) $app->services->restartService('php-fpm','reload');
return;
}
$app->uses("getconf");
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('php_fpm_pool.conf.master');
if ($data['new']['php_fpm_use_socket'] == 'y') {
$use_tcp = 0;
$use_socket = 1;
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
} else {
$use_tcp = 1;
$use_socket = 0;
}
$tpl->setVar('use_tcp', $use_tcp);
$tpl->setVar('use_socket', $use_socket);
$fpm_socket = $socket_dir . $pool_name . '.sock';
$tpl->setVar('fpm_socket', $fpm_socket);
$tpl->setVar('fpm_pool', $pool_name);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
$tpl->setVar('fpm_user', $data['new']['system_user']);
$tpl->setVar('fpm_group', $data['new']['system_group']);
$tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
$tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);
$tpl->setVar('pm_min_spare_servers', $data['new']['pm_min_spare_servers']);
$tpl->setVar('pm_max_spare_servers', $data['new']['pm_max_spare_servers']);
$tpl->setVar('document_root', $data['new']['document_root']);
$tpl->setVar('security_level', $web_config['security_level']);
$php_open_basedir = $data['new']['php_open_basedir'] == '' ? escapeshellcmd($data['new']['document_root']) : escapeshellcmd($data['new']['php_open_basedir']);
$tpl->setVar('php_open_basedir', $php_open_basedir);
if ($php_open_basedir != '') {
$tpl->setVar('enable_php_open_basedir', '');
} else {
$tpl->setVar('enable_php_open_basedir', ';');
}
// Custom php.ini settings
$final_php_ini_settings = array();
$custom_php_ini_settings = trim($data['new']['custom_php_ini']);
if ($custom_php_ini_settings != '') {
// Make sure we only have Unix linebreaks
$custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
$custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
$ini_settings = explode("\n", $custom_php_ini_settings);
if (is_array($ini_settings) && !empty($ini_settings)) {
foreach ($ini_settings as $ini_setting) {
list($key, $value) = explode('=', $ini_setting);
if ($value) {
$value = escapeshellcmd(trim($value));
$key = escapeshellcmd(trim($key));
switch (strtolower($value)) {
case 'on':
case 'off':
case '1':
case '0':
// PHP-FPM might complain about invalid boolean value if you use 0
$value = 'off';
case 'true':
case 'false':
case 'yes':
case 'no':
$final_php_ini_settings[] = array('ini_setting' => 'php_admin_flag[' . $key . '] = ' . $value);
break;
default:
$final_php_ini_settings[] = array('ini_setting' => 'php_admin_value[' . $key . '] = ' . $value);
}
}
}
}
}
$tpl->setLoop('custom_php_ini_settings', $final_php_ini_settings);
file_put_contents($pool_dir . $pool_name . '.conf', $tpl->grab());
$app->log('Writing the PHP-FPM config file: ' . $pool_dir . $pool_name . '.conf', LOGLEVEL_DEBUG);
unset($tpl);
//$reload = true;
//if($reload == true) $app->services->restartService('php-fpm','reload');
}
function onShow()
{
global $app;
$app->uses('listform');
$app->listform->loadListDef($this->options["listdef"]);
//$app->listform->SQLExtWhere = "type = 'alias'";
$listTpl = new tpl();
$listTpl->newTemplate('templates/' . $app->listform->listDef["name"] . '_list.htm');
//die(print_r($app->tform_actions));
// Changing some of the list values to reflect that the list is called within a tform page
$app->listform->listDef["file"] = $app->tform->formDef["action"];
// $app->listform->listDef["page_params"] = "&id=".$app->tform_actions->id."&next_tab=".$_SESSION["s"]["form"]["tab"];
$app->listform->listDef["page_params"] = "&id=" . $this->form->id . "&next_tab=" . $_SESSION["s"]["form"]["tab"];
$listTpl->setVar('parent_id', $this->form->id);
$listTpl->setVar('theme', $_SESSION['s']['theme']);
// Generate the SQL for searching
$sql_where = "";
if ($app->listform->listDef["auth"] != 'no') {
if ($_SESSION["s"]["user"]["typ"] != "admin") {
$sql_where = $app->tform->getAuthSQL('r') . " and";
}
}
if ($this->options["sqlextwhere"] != '') {
$sql_where .= " " . $this->options["sqlextwhere"] . " and";
}
$sql_where = $app->listform->getSearchSQL($sql_where);
$listTpl->setVar($app->listform->searchValues);
// Generate SQL for paging
$limit_sql = $app->listform->getPagingSQL($sql_where);
$listTpl->setVar("paging", $app->listform->pagingHTML);
$sql_order_by = '';
if (isset($this->options["sql_order_by"])) {
$sql_order_by = $this->options["sql_order_by"];
}
//* Limit each page
$limits = array('5' => '5', '15' => '15', '25' => '25', '50' => '50', '100' => '100', '999999999' => 'all');
//* create options and set selected, if default -> 15 is selected
$options = '';
foreach ($limits as $key => $val) {
$options .= '<option value="' . $key . '" ' . (isset($_SESSION['search']['limit']) && $_SESSION['search']['limit'] == $key ? 'selected="selected"' : '') . (!isset($_SESSION['search']['limit']) && $key == '15' ? 'selected="selected"' : '') . '>' . $val . '</option>';
}
$listTpl->setVar('search_limit', '<select name="search_limit" style="width:50px">' . $options . '</select>');
//Sorting
if (!isset($_SESSION['search'][$app->listform->listDef["name"]]['order'])) {
$_SESSION['search'][$app->listform->listDef["name"]]['order'] = '';
}
if (!empty($_GET['orderby'])) {
$order = str_replace('tbl_col_', '', $_GET['orderby']);
//* Check the css class submited value
if (preg_match("/^[a-z\\_]{1,}\$/", $order)) {
if ($_SESSION['search'][$app->listform->listDef["name"]]['order'] == $order) {
$_SESSION['search'][$app->listform->listDef["name"]]['order'] = $order . ' DESC';
} else {
$_SESSION['search'][$app->listform->listDef["name"]]['order'] = $order;
}
}
}
// If a manuel oder by like customers isset the sorting will be infront
if (!empty($_SESSION['search'][$app->listform->listDef["name"]]['order'])) {
if (empty($sql_order_by)) {
$sql_order_by = "ORDER BY " . $_SESSION['search'][$app->listform->listDef["name"]]['order'];
} else {
$sql_order_by = str_replace("ORDER BY ", "ORDER BY " . $_SESSION['search'][$app->listform->listDef["name"]]['order'] . ', ', $sql_order_by);
}
}
// Loading language field
$lng_file = "lib/lang/" . $_SESSION["s"]["language"] . "_" . $app->listform->listDef['name'] . "_list.lng";
include $lng_file;
$listTpl->setVar($wb);
// Get the data
$records = $app->db->queryAllRecords("SELECT * FROM " . $app->listform->listDef["table"] . " WHERE {$sql_where} {$sql_order_by} {$limit_sql}");
$bgcolor = "#FFFFFF";
if (is_array($records)) {
$idx_key = $app->listform->listDef["table_idx"];
foreach ($records as $rec) {
$rec = $app->listform->decode($rec);
// Change of color
$bgcolor = $bgcolor == "#FFFFFF" ? "#EEEEEE" : "#FFFFFF";
$rec["bgcolor"] = $bgcolor;
// substitute value for select fields
foreach ($app->listform->listDef["item"] as $field) {
$key = $field["field"];
if ($field['formtype'] == "SELECT") {
if (strtolower($rec[$key]) == 'y' or strtolower($rec[$key]) == 'n') {
// Set a additional image variable for bolean fields
$rec['_' . $key . '_'] = strtolower($rec[$key]) == 'y' ? 'x16/tick_circle.png' : 'x16/cross_circle.png';
}
//* substitute value for select field
@($rec[$key] = $field['value'][$rec[$key]]);
}
// Create a lowercase version of every item
$rec[$key . '_lowercase'] = strtolower($rec[$key]);
}
// The variable "id" contains always the index field
$rec["id"] = $rec[$idx_key];
$rec["delete_confirmation"] = $wb['delete_confirmation'];
$records_new[] = $rec;
}
}
$listTpl->setLoop('records', @$records_new);
// Setting Returnto information in the session
$list_name = $app->listform->listDef["name"];
// $_SESSION["s"]["list"][$list_name]["parent_id"] = $app->tform_actions->id;
$_SESSION["s"]["list"][$list_name]["parent_id"] = $this->form->id;
$_SESSION["s"]["list"][$list_name]["parent_name"] = $app->tform->formDef["name"];
$_SESSION["s"]["list"][$list_name]["parent_tab"] = $_SESSION["s"]["form"]["tab"];
$_SESSION["s"]["list"][$list_name]["parent_script"] = $app->tform->formDef["action"];
$_SESSION["s"]["form"]["return_to"] = $list_name;
//die(print_r($_SESSION["s"]["list"][$list_name]));
return $listTpl->grab();
}
function onShow()
{
global $app;
$app->uses('listform');
$app->listform->loadListDef($this->options["listdef"]);
//$app->listform->SQLExtWhere = "type = 'alias'";
$listTpl = new tpl();
$listTpl->newTemplate('templates/' . $app->listform->listDef["name"] . '_list.htm');
//die(print_r($app->tform_actions));
// Changing some of the list values to reflect that the list is called within a tform page
$app->listform->listDef["file"] = $app->tform->formDef["action"];
// $app->listform->listDef["page_params"] = "&id=".$app->tform_actions->id."&next_tab=".$_SESSION["s"]["form"]["tab"];
$app->listform->listDef["page_params"] = "&id=" . $this->form->id . "&next_tab=" . $_SESSION["s"]["form"]["tab"];
$listTpl->setVar('parent_id', $this->form->id);
$listTpl->setVar('theme', $_SESSION['s']['theme']);
// Generate the SQL for searching
if ($app->listform->listDef["auth"] != 'no') {
if ($_SESSION["s"]["user"]["typ"] == "admin") {
$sql_where = "";
} else {
$sql_where = $app->tform->getAuthSQL('r') . " and";
}
}
if ($this->options["sqlextwhere"] != '') {
$sql_where .= " " . $this->options["sqlextwhere"] . " and";
}
$sql_where = $app->listform->getSearchSQL($sql_where);
$listTpl->setVar($app->listform->searchValues);
// Generate SQL for paging
$limit_sql = $app->listform->getPagingSQL($sql_where);
$listTpl->setVar("paging", $app->listform->pagingHTML);
$sql_order_by = '';
if (isset($this->options["sql_order_by"])) {
$sql_order_by = $this->options["sql_order_by"];
}
// Loading language field
$lng_file = "lib/lang/" . $_SESSION["s"]["language"] . "_" . $app->listform->listDef['name'] . "_list.lng";
include $lng_file;
$listTpl->setVar($wb);
// Get the data
$records = $app->db->queryAllRecords("SELECT * FROM " . $app->listform->listDef["table"] . " WHERE {$sql_where} {$sql_order_by} {$limit_sql}");
$bgcolor = "#FFFFFF";
if (is_array($records)) {
$idx_key = $app->listform->listDef["table_idx"];
foreach ($records as $rec) {
$rec = $app->listform->decode($rec);
// Change of color
$bgcolor = $bgcolor == "#FFFFFF" ? "#EEEEEE" : "#FFFFFF";
$rec["bgcolor"] = $bgcolor;
// substitute value for select fields
foreach ($app->listform->listDef["item"] as $field) {
$key = $field["field"];
if ($field['formtype'] == "SELECT") {
if (strtolower($rec[$key]) == 'y' or strtolower($rec[$key]) == 'n') {
// Set a additional image variable for bolean fields
$rec['_' . $key . '_'] = strtolower($rec[$key]) == 'y' ? 'x16/tick_circle.png' : 'x16/cross_circle.png';
}
//* substitute value for select field
@($rec[$key] = $field['value'][$rec[$key]]);
}
// Create a lowercase version of every item
$rec[$key . '_lowercase'] = strtolower($rec[$key]);
}
// The variable "id" contains always the index field
$rec["id"] = $rec[$idx_key];
$rec["delete_confirmation"] = $wb['delete_confirmation'];
$records_new[] = $rec;
}
}
$listTpl->setLoop('records', @$records_new);
// Setting Returnto information in the session
$list_name = $app->listform->listDef["name"];
// $_SESSION["s"]["list"][$list_name]["parent_id"] = $app->tform_actions->id;
$_SESSION["s"]["list"][$list_name]["parent_id"] = $this->form->id;
$_SESSION["s"]["list"][$list_name]["parent_name"] = $app->tform->formDef["name"];
$_SESSION["s"]["list"][$list_name]["parent_tab"] = $_SESSION["s"]["form"]["tab"];
$_SESSION["s"]["list"][$list_name]["parent_script"] = $app->tform->formDef["action"];
$_SESSION["s"]["form"]["return_to"] = $list_name;
//die(print_r($_SESSION["s"]["list"][$list_name]));
return $listTpl->grab();
}
public function configure_apache()
{
global $conf;
if ($conf['apache']['installed'] == false) {
return;
}
//* Create the logging directory for the vhost logfiles
if (!is_dir($conf['ispconfig_log_dir'] . '/httpd')) {
mkdir($conf['ispconfig_log_dir'] . '/httpd', 0755, true);
}
if (is_file($conf['suphp']['config_file'])) {
$content = rf($conf['suphp']['config_file']);
if (!preg_match('|^x-httpd-suphp=php:/usr/bin/php-cgi$|m', $content)) {
$content = preg_replace('/;Handler for php-scripts/', ";Handler for php-scripts\nx-httpd-suphp=php:/usr/bin/php-cgi", $content);
$content = preg_replace('/;?umask=\\d+/', 'umask=0022', $content);
}
$this->write_config_file($conf['suphp']['config_file'], $content);
}
//* Enable ISPConfig default vhost settings
$default_vhost_path = $conf['apache']['vhost_conf_dir'] . '/' . $conf['apache']['vhost_default'];
if (is_file($default_vhost_path)) {
$content = rf($default_vhost_path);
$content = preg_replace('/^#?\\s*NameVirtualHost.*$/m', 'NameVirtualHost *:80', $content);
$content = preg_replace('/<VirtualHost[^>]+>/', '<VirtualHost *:80>', $content);
$this->write_config_file($default_vhost_path, $content);
}
//* Generate default ssl certificates
if (!is_dir($conf['apache']['ssl_dir'])) {
mkdir($conf['apache']['ssl_dir']);
}
if ($conf['services']['mail'] == true) {
copy($conf['postfix']['config_dir'] . "/smtpd.key", $conf['apache']['ssl_dir'] . "/server.key");
copy($conf['postfix']['config_dir'] . "/smtpd.cert", $conf['apache']['ssl_dir'] . "/server.crt");
} else {
if (!is_file($conf['apache']['ssl_dir'] . '/server.crt')) {
exec("openssl req -new -outform PEM -out {$conf['apache']['ssl_dir']}/server.crt -newkey rsa:2048 -nodes -keyout {$conf['apache']['ssl_dir']}/server.key -keyform PEM -days 365 -x509");
}
}
//* Copy the ISPConfig configuration include
/*
$content = $this->get_template_file('apache_ispconfig.conf', true);
$records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
if(is_array($records) && count($records) > 0)
{
foreach($records as $rec) {
$content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
$content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
}
}
$this->write_config_file($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $content);
*/
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version', getapacheversion());
$records = $this->db->queryAllRecords('SELECT * FROM ' . $conf['mysql']['master_database'] . '.server_ip WHERE server_id = ' . $conf['server_id'] . " AND virtualhost = 'y'");
$ip_addresses = array();
if (is_array($records) && count($records) > 0) {
foreach ($records as $rec) {
if ($rec['ip_type'] == 'IPv6') {
$ip_address = '[' . $rec['ip_address'] . ']';
} else {
$ip_address = $rec['ip_address'];
}
$ports = explode(',', $rec['virtualhost_port']);
if (is_array($ports)) {
foreach ($ports as $port) {
$port = intval($port);
if ($port > 0 && $port < 65536 && $ip_address != '') {
$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
}
}
}
}
}
if (count($ip_addresses) > 0) {
$tpl->setLoop('ip_adresses', $ip_addresses);
}
wf($conf['apache']['vhost_conf_dir'] . '/000-ispconfig.conf', $tpl->grab());
unset($tpl);
//* Gentoo by default does not include .vhost files. Add include line to config file.
$content = rf($conf['apache']['config_file']);
if (strpos($content, 'Include /etc/apache2/vhosts.d/*.vhost') === false) {
$content = preg_replace('|(Include /etc/apache2/vhosts.d/\\*.conf)|', "\$1\nInclude /etc/apache2/vhosts.d/*.vhost", $content);
}
$this->write_config_file($conf['apache']['config_file'], $content);
//* make sure that webalizer finds its config file when it is directly in /etc
if (is_file('/etc/webalizer.conf') && !is_dir('/etc/webalizer')) {
mkdir('/etc/webalizer', 0755);
symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
}
if (is_file('/etc/webalizer/webalizer.conf')) {
replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
}
//* add a sshusers group
if (!is_group('sshusers')) {
$command = 'groupadd sshusers';
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
function update($event_name, $data)
{
global $app, $conf;
// get the config
$app->uses('getconf');
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
//* Configure the debian network card settings.
//* Dont configure
if ($server_config['auto_network_configuration'] == 'y' && $data['mirrored'] == false && $server_config['ip_address'] != '0.0.0.0' && $server_config['gateway'] != '0.0.0.0') {
if (is_file('/etc/debian_version')) {
copy('/etc/network/interfaces', '/etc/network/interfaces~');
$app->load('tpl');
$network_tpl = new tpl();
$network_tpl->newTemplate('debian_network_interfaces.master');
$network_tpl->setVar('ip_address', $server_config['ip_address']);
$network_tpl->setVar('netmask', $server_config['netmask']);
$network_tpl->setVar('gateway', $server_config['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$network_tpl->setVar('network', $this->network($server_config['ip_address'], $server_config['netmask']));
$records = $app->db->queryAllRecords("SELECT ip_address FROM server_ip WHERE server_id = " . intval($conf['server_id']) . ' ORDER BY server_ip_id ASC');
$ip_records = array();
$additionl_ip_records = 0;
$n = 0;
if (is_array($records)) {
foreach ($records as $rec) {
/*
* don't insert the main-ip again!
*/
if ($rec['ip_address'] != $server_config['ip_address']) {
$ip_records[$n] = array('id' => $n, 'ip_address' => $rec['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($rec['ip_address'], $server_config['netmask']), 'network' => $this->network($rec['ip_address'], $server_config['netmask']));
$additionl_ip_records = 1;
$n++;
}
}
}
/*
* If we have more than 1 IP we have to add the main-ip at the end
* of the network-ip-list. If we don't do so, there may be problems
* in multi-server-settings (with the acces from other server to the
* main-server) because the LAST IP in the list is the IP mysql uses
* to determine the host, the user is logging in from.
*/
/*
// Disabled this part as it causes problems on multiserver setups
if ($additionl_ip_records != 0)
{
$swap['ip_address'] = $ip_records[$n-1]['ip_address'];
$swap['netmask'] = $ip_records[$n-1]['netmask'];
$swap['gateway'] = $ip_records[$n-1]['gateway'];
$ip_records[$n-1] = array(
'id' => $n-1,
'ip_address' => $server_config['ip_address'],
'netmask' => $server_config['netmask'],
'gateway' => $server_config['gateway'],
'broadcast' => $this->broadcast($server_config['ip_address'],$server_config['netmask']),
'network' => $this->network($server_config['ip_address'],$server_config['netmask'])
);
$network_tpl->setVar('ip_address',$swap['ip_address']);
$network_tpl->setVar('netmask',$swap['netmask']);
$network_tpl->setVar('gateway',$swap['gateway']);
$network_tpl->setVar('broadcast',$this->broadcast($swap['ip_address'],$swap['netmask']));
$network_tpl->setVar('network',$this->network($swap['ip_address'],$swap['netmask']));
}
*/
$network_tpl->setVar('additionl_ip_records', $additionl_ip_records);
$network_tpl->setLoop('interfaces', $ip_records);
file_put_contents('/etc/network/interfaces', $network_tpl->grab());
unset($network_tpl);
$app->log('Changed Network settings', LOGLEVEL_DEBUG);
exec($conf['init_scripts'] . '/' . 'networking force-reload');
} elseif (is_file('/etc/gentoo-release')) {
copy('/etc/conf.d/net', '/etc/conf.d/net~');
$app->load('tpl');
$network_tpl = new tpl();
$network_tpl->newTemplate('gentoo_network_interfaces.master');
$network_tpl->setVar('ip_address', $server_config['ip_address']);
$network_tpl->setVar('netmask', $server_config['netmask']);
$network_tpl->setVar('gateway', $server_config['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$records = $app->db->queryAllRecords("SELECT ip_address FROM server_ip WHERE server_id = " . intval($conf['server_id']) . " order by ip_address");
$ip_records = array();
$additionl_ip_records = 0;
$n = 0;
if (is_array($records)) {
foreach ($records as $rec) {
/*
* don't insert the main-ip again!
*/
if ($rec['ip_address'] != $server_config['ip_address']) {
$ip_records[$n] = array('id' => $n, 'ip_address' => $rec['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($rec['ip_address'], $server_config['netmask']));
$additionl_ip_records = 1;
$n++;
}
}
}
/*
* If we have more than 1 IP we have to add the main-ip at the end
* of the network-ip-list. If we don't do so, there may be problems
* in multi-server-settings (with the acces from other server to the
* main-server) because the LAST IP in the list is the IP mysql uses
* to determine the host, the user is logging in from.
*/
if ($additionl_ip_records != 0) {
$swap['ip_address'] = $ip_records[$n - 1]['ip_address'];
$swap['netmask'] = $ip_records[$n - 1]['netmask'];
$swap['gateway'] = $ip_records[$n - 1]['gateway'];
$ip_records[$n - 1] = array('id' => $n - 1, 'ip_address' => $server_config['ip_address'], 'netmask' => $server_config['netmask'], 'gateway' => $server_config['gateway'], 'broadcast' => $this->broadcast($server_config['ip_address'], $server_config['netmask']));
$network_tpl->setVar('ip_address', $swap['ip_address']);
$network_tpl->setVar('netmask', $swap['netmask']);
$network_tpl->setVar('gateway', $swap['gateway']);
$network_tpl->setVar('broadcast', $this->broadcast($swap['ip_address'], $swap['netmask']));
}
$network_tpl->setVar('additionl_ip_records', $additionl_ip_records);
$network_tpl->setLoop('interfaces', $ip_records);
file_put_contents('/etc/conf.d/net', $network_tpl->grab());
unset($network_tpl);
$app->log('Changed Network settings', LOGLEVEL_DEBUG);
exec($conf['init_scripts'] . '/' . 'net.eth0 restart');
} else {
$app->log('Network configuration not available for this Linux distribution.', LOGLEVEL_DEBUG);
}
} else {
if ($data['mirrored'] == true) {
$app->log('Skipping network config request. IP addresses from amster are not configured on the mirror.', LOGLEVEL_DEBUG);
}
if ($server_config['auto_network_configuration'] == 'n') {
$app->log('Network configuration disabled in server settings.', LOGLEVEL_DEBUG);
}
}
}
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir("{$install_dir}")) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = "useradd -g ispconfig -d {$install_dir} ispconfig";
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = "cp -rf ../interface {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = "cp -rf ../server {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make a backup of the security settings
if (is_file('/usr/local/ispconfig/security/security_settings.ini')) {
copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~');
}
//* copy the ISPConfig security part
$command = 'cp -rf ../security ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Apply changed security_settings.ini values to new security_settings.ini file
if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if (is_array($security_settings_new) && is_array($security_settings_old)) {
foreach ($security_settings_new as $section => $sval) {
if (is_array($sval)) {
foreach ($sval as $key => $val) {
if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new));
}
}
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/interface/lib/{$configfile}", $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/server/lib/{$configfile}", $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
// chown install dir to root and chmod 755
$command = 'chown root:root ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 755 ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Chmod the files and directories in the install dir
$command = 'chmod -R 750 ' . $install_dir . '/*';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the interface files to the ispconfig user and group
$command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the server files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/server';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security directory and security_settings.ini to root:ispconfig
$command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
exec("chmod -R 770 {$install_dir}/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 {$install_dir}/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/config.inc.php', 0600);
chown($install_dir . '/server/lib/config.inc.php', 'root');
chgrp($install_dir . '/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir . '/interface/lib/config.inc.php', 0600);
chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf");
exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf");
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
$command = 'usermod -a -G ispconfig ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
$command = 'usermod -a -G ispapps ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
$command = 'usermod -a -G ispconfig ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
$command = 'usermod -a -G ispapps ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
// add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody
$command = 'usermod -a -G www nobody';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl('apache_ispconfig.vhost.master');
$tpl->setVar('vhost_port', $conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$tpl->setVar('vhost_port_listen', '#');
} else {
$tpl->setVar('vhost_port_listen', '');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment', '');
} else {
$tpl->setVar('ssl_comment', '#');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) {
$tpl->setVar('ssl_bundle_comment', '');
} else {
$tpl->setVar('ssl_bundle_comment', '#');
}
$tpl->setVar('apache_version', getapacheversion());
$content = $tpl->grab();
$content = str_replace('/var/www/', '/srv/www/', $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
//if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
//}
//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
//* and create the symlink
if ($this->is_update == false) {
if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) {
unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost");
}
if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) {
exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost");
}
}
// Fix a setting in vhost master file for suse
replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
}
if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', ' on', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', ' off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) {
symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
}
if (!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) {
symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
}
}
// Make the Clamav log files readable by ISPConfig
//exec('chmod +r /var/log/clamav/clamav.log');
//exec('chmod +r /var/log/clamav/freshclam.log');
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
}
//set the fast cgi starter script to executable
//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/mail.log')) {
exec('chmod +r /var/log/mail.log');
}
if (@is_file('/var/log/mail.warn')) {
exec('chmod +r /var/log/mail.warn');
}
if (@is_file('/var/log/mail.err')) {
exec('chmod +r /var/log/mail.err');
}
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
//To enable apache to read the directories
exec('chmod a+rx /usr/local/ispconfig');
exec('chmod -R 751 /usr/local/ispconfig/interface');
exec('chmod a+rx /usr/local/ispconfig/interface/web');
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log');
}
if (is_user('getmail')) {
exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
exec('chown getmail /usr/local/bin/run-getmail.sh');
exec('chmod 744 /usr/local/bin/run-getmail.sh');
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
//* Create the ispconfig auth log file and set uid/gid
if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) {
touch($conf['ispconfig_log_dir'] . '/auth.log');
}
exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log');
exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log');
//* Remove Domain module as its functions are available in the client module now
if (@is_dir('/usr/local/ispconfig/interface/web/domain')) {
exec('rm -rf /usr/local/ispconfig/interface/web/domain');
}
// Add symlink for patch tool
if (!is_link('/usr/local/bin/ispconfig_patch')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
}
}
private function makeOpenVZConfig()
{
global $app, $conf;
$vm = $app->db->queryOneRecord("SELECT * FROM openvz_vm WHERE vm_id = " . $app->functions->intval($this->id));
$vm_template = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = " . $app->functions->intval($vm['template_id']));
$burst_ram = $vm['ram_burst'] * 256;
$guar_ram = $vm['ram'] * 256;
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('../vm/templates/openvz.conf.tpl');
$onboot = $vm['start_boot'] == 'y' ? 'yes' : 'no';
$tpl->setVar('onboot', $onboot);
$tpl->setVar('kmemsize', $vm_template['kmemsize']);
$tpl->setVar('lockedpages', $vm_template['lockedpages']);
$tpl->setVar('privvmpages', $burst_ram . ':' . $burst_ram);
$tpl->setVar('shmpages', $guar_ram . ':' . $guar_ram);
$tpl->setVar('numproc', $vm_template['numproc']);
$tpl->setVar('physpages', $vm_template['physpages']);
$tpl->setVar('vmguarpages', $guar_ram . ':' . $guar_ram);
$tpl->setVar('oomguarpages', $guar_ram . ':' . $guar_ram);
$tpl->setVar('numtcpsock', $vm_template['numtcpsock']);
$tpl->setVar('numflock', $vm_template['numflock']);
$tpl->setVar('numpty', $vm_template['numpty']);
$tpl->setVar('numsiginfo', $vm_template['numsiginfo']);
$tpl->setVar('tcpsndbuf', $vm_template['tcpsndbuf']);
$tpl->setVar('tcprcvbuf', $vm_template['tcprcvbuf']);
$tpl->setVar('othersockbuf', $vm_template['othersockbuf']);
$tpl->setVar('dgramrcvbuf', $vm_template['dgramrcvbuf']);
$tpl->setVar('numothersock', $vm_template['numothersock']);
$tpl->setVar('dcachesize', $vm_template['dcachesize']);
$tpl->setVar('numfile', $vm_template['numfile']);
$tpl->setVar('avnumproc', $vm_template['avnumproc']);
$tpl->setVar('numiptent', $vm_template['numiptent']);
$tpl->setVar('swappages', $vm_template['swappages']);
$diskspace = $vm['diskspace'] * 1048576;
$diskinodes = $vm['diskspace'] * 524288;
$tpl->setVar('diskspace', $diskspace . ":" . $diskspace);
$tpl->setVar('diskinodes', $diskinodes . ":" . $diskinodes);
$tpl->setVar('io_priority', $vm['io_priority']);
$tpl->setVar('cpu_num', $vm['cpu_num']);
$tpl->setVar('cpu_units', $vm['cpu_units']);
$tpl->setVar('cpu_limit', $vm['cpu_limit']);
$hostname = str_replace('{VEID}', $vm['veid'], $vm['hostname']);
$tpl->setVar('hostname', $hostname);
$tpl->setVar('ip_address', $vm['ip_address']);
$tpl->setVar('nameserver', $vm['nameserver']);
$tpl->setVar('capability', $vm['capability']);
$tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = " . $app->functions->intval($vm['ostemplate_id']));
$tpl->setVar('ostemplate', $tmp['template_file']);
unset($tmp);
$openvz_config = $app->db->quote($tpl->grab());
$app->db->query("UPDATE openvz_vm SET config = '" . $openvz_config . "' WHERE vm_id = " . $app->functions->intval($this->id));
unset($tpl);
}
function _setup_jailkit_chroot()
{
global $app;
//check if the chroot environment is created yet if not create it with a list of program sections from the config
if (!is_dir($this->parent_domain['document_root'] . '/etc/jailkit')) {
$command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh';
$command .= ' ' . escapeshellcmd($this->parent_domain['document_root']);
$command .= ' \'' . $this->jailkit_config['jailkit_chroot_app_sections'] . '\'';
exec($command . ' 2>/dev/null');
$this->app->log("Added jailkit chroot with command: " . $command, LOGLEVEL_DEBUG);
//$this->_add_jailkit_programs(); // done later on
$this->app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate("bash.bashrc.master");
$tpl->setVar('jailkit_chroot', true);
$tpl->setVar('domain', $this->parent_domain['domain']);
$tpl->setVar('home_dir', $this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->parent_domain['document_root']) . '/etc/bash.bashrc';
if (@is_file($bashrc) || @is_link($bashrc)) {
unlink($bashrc);
}
$app->system->file_put_contents($bashrc, $tpl->grab());
unset($tpl);
$this->app->log('Added bashrc script: ' . $bashrc, LOGLEVEL_DEBUG);
$tpl = new tpl();
$tpl->newTemplate('motd.master');
$tpl->setVar('domain', $this->parent_domain['domain']);
$motd = escapeshellcmd($this->parent_domain['document_root']) . '/var/run/motd';
if (@is_file($motd) || @is_link($motd)) {
unlink($motd);
}
$app->system->file_put_contents($motd, $tpl->grab());
}
$this->_add_jailkit_programs();
}
function soa_update($event_name, $data)
{
global $app, $conf;
//* Load libraries
$app->uses("getconf,tpl");
//* load the server configuration options
$dns_config = $app->getconf->get_server_config($conf["server_id"], 'dns');
//* Write the domain file
if (!empty($data['new']['id'])) {
$tpl = new tpl();
$tpl->newTemplate("bind_pri.domain.master");
$zone = $data['new'];
$tpl->setVar($zone);
$records = $app->db->queryAllRecords("SELECT * FROM dns_rr WHERE zone = " . $zone['id'] . " AND active = 'Y'");
if (is_array($records) && !empty($records)) {
for ($i = 0; $i < sizeof($records); $i++) {
if ($records[$i]['ttl'] == 0) {
$records[$i]['ttl'] = '';
}
if ($records[$i]['name'] == '') {
$records[$i]['name'] = '@';
}
//* Split TXT records, if nescessary
if ($records[$i]['type'] == 'TXT' && strlen($records[$i]['data']) > 255) {
$records[$i]['data'] = implode('" "', str_split($records[$i]['data'], 255));
}
}
}
$tpl->setLoop('zones', $records);
//TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'] . '/pri.' . str_replace("/", "_", substr($zone['origin'], 0, -1)));
} else {
$filename = escapeshellcmd($dns_config['bind_zonefiles_dir'] . '/pri.' . str_replace("/", "_", substr($zone['origin'], 0, -1)));
}
file_put_contents($filename, $tpl->grab());
chown($filename, escapeshellcmd($dns_config['bind_user']));
chgrp($filename, escapeshellcmd($dns_config['bind_group']));
//* Check the zonefile
if (is_file($filename . '.err')) {
unlink($filename . '.err');
}
exec('named-checkzone ' . escapeshellarg($zone['origin']) . ' ' . escapeshellarg($filename), $out, $return_status);
if ($return_status === 0) {
$app->log("Writing BIND domain file: " . $filename, LOGLEVEL_DEBUG);
} else {
$app->log("Writing BIND domain file failed: " . $filename . " " . implode(' ', $out), LOGLEVEL_WARN);
rename($filename, $filename . '.err');
}
unset($tpl);
unset($records);
unset($records_out);
unset($zone);
}
//* rebuild the named.conf file if the origin has changed or when the origin is inserted.
//if($this->action == 'insert' || $data['old']['origin'] != $data['new']['origin']) {
$this->write_named_conf($data, $dns_config);
//}
//* Delete old domain file, if domain name has been changed
if ($data['old']['origin'] != $data['new']['origin']) {
//TODO : change this when distribution information has been integrated into server record
if (file_exists('/etc/gentoo-release')) {
$filename = $dns_config['bind_zonefiles_dir'] . '/pri.' . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
} else {
$filename = $dns_config['bind_zonefiles_dir'] . '/pri.' . str_replace("/", "_", substr($data['old']['origin'], 0, -1));
}
if (is_file($filename)) {
unlink($filename);
}
if (is_file($filename . '.err')) {
unlink($filename . '.err');
}
}
//* Restart bind nameserver if update_acl is not empty, otherwise reload it
if ($data['new']['update_acl'] != '') {
$app->services->restartServiceDelayed('bind', 'restart');
} else {
$app->services->restartServiceDelayed('bind', 'reload');
}
}
function update($event_name, $data)
{
global $app, $conf;
if ($this->action != 'insert') {
$this->action = 'update';
}
if ($data['new']['type'] != 'vhost' && $data['new']['parent_domain_id'] > 0) {
$old_parent_domain_id = intval($data['old']['parent_domain_id']);
$new_parent_domain_id = intval($data['new']['parent_domain_id']);
// If the parent_domain_id has been chenged, we will have to update the old site as well.
if ($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
$tmp = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . $old_parent_domain_id . " AND active = 'y'");
$data['new'] = $tmp;
$data['old'] = $tmp;
$this->action = 'update';
$this->update($event_name, $data);
}
// This is not a vhost, so we need to update the parent record instead.
$tmp = $app->dbmaster->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . $new_parent_domain_id . " AND active = 'y'");
$data['new'] = $tmp;
$data['old'] = $tmp;
$this->action = 'update';
}
// load the server configuration options
$app->uses('getconf');
$nginx_config = $app->getconf->get_server_config($conf['server_id'], 'web');
// Create group and user, if not exist
$app->uses('system');
//* Create the vhost config file
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('nginx_reverseproxy_vhost.conf.master');
$vhost_data = $data['new'];
$vhost_data['config_dir'] = $config['nginx']['config_dir'];
$vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
// Check if a SSL cert exists
$ssl_dir = $config['nginx']['config_dir'] . '/ssl';
$domain = $data['new']['ssl_domain'];
$key_file = $ssl_dir . '/' . $domain . '.key';
$crt_file = $ssl_dir . '/' . $domain . '.crt';
$bundle_file = $ssl_dir . '/' . $domain . '.bundle';
$vhost_data['nginx_directives'] = preg_replace("/\\[IP\\]/", $vhost_data['ip_address'], $vhost_data['nginx_directives']);
if ($data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file)) {
$vhost_data['ssl_enabled'] = 1;
$app->log('Enable SSL for: ' . $domain, LOGLEVEL_DEBUG);
} else {
$vhost_data['ssl_enabled'] = 0;
$app->log('Disable SSL for: ' . $domain, LOGLEVEL_DEBUG);
}
if (@is_file($bundle_file)) {
$vhost_data['has_bundle_cert'] = 1;
}
$tpl->setVar($vhost_data);
// get alias domains (co-domains and subdomains)
$aliases = $app->dbmaster->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = ' . $data['new']['domain_id'] . " AND active = 'y'");
$server_alias = array();
switch ($data['new']['subdomain']) {
case 'www':
$server_alias[] .= 'www.' . $data['new']['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $data['new']['domain'] . ' ';
break;
}
if (is_array($aliases)) {
foreach ($aliases as $alias) {
switch ($alias['subdomain']) {
case 'www':
$server_alias[] .= 'www.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
default:
$server_alias[] .= $alias['domain'] . ' ';
break;
}
$app->log('Add server alias: ' . $alias['domain'], LOGLEVEL_DEBUG);
}
}
//* If we have some alias records
if (count($server_alias) > 0) {
$server_alias_str = '';
$n = 0;
// begin a new ServerAlias line after 30 alias domains
foreach ($server_alias as $tmp_alias) {
if ($n % 30 == 0) {
$server_alias_str .= " ";
}
$server_alias_str .= $tmp_alias;
}
unset($tmp_alias);
$tpl->setVar('alias', trim($server_alias_str));
} else {
$tpl->setVar('alias', '');
}
$vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'] . '/' . $data['new']['domain'] . '.vhost');
//* Make a backup copy of vhost file
copy($vhost_file, $vhost_file . '~');
//* Write vhost file
file_put_contents($vhost_file, $tpl->grab());
$app->log('Writing the vhost file: ' . $vhost_file, LOGLEVEL_DEBUG);
unset($tpl);
// Set the symlink to enable the vhost
$vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'] . '/' . $data['new']['domain'] . '.vhost');
if ($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
symlink($vhost_file, $vhost_symlink);
$app->log('Creating symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
// Remove the symlink, if site is inactive
if ($data['new']['active'] == 'n' && is_link($vhost_symlink)) {
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
if (!is_dir('/var/log/ispconfig/nginx/' . $data['new']['domain'])) {
exec('mkdir -p /var/log/ispconfig/nginx/' . $data['new']['domain']);
}
// remove old symlink and vhost file, if domain name of the site has changed
if ($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
$vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'] . '/' . $data['old']['domain'] . '.vhost');
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
$vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'] . '/' . $data['old']['domain'] . '.vhost');
unlink($vhost_file);
$app->log('Removing file: ' . $vhost_file, LOGLEVEL_DEBUG);
if (is_dir('/var/log/ispconfig/nginx/' . $data['old']['domain'])) {
exec('rm -rf /var/log/ispconfig/nginx/' . $data['old']['domain']);
}
}
// request a httpd reload when all records have been processed
$app->services->restartServiceDelayed('nginx', 'restart');
// Remove the backup copy of the config file.
if (@is_file($vhost_file . '~')) {
unlink($vhost_file . '~');
}
//* Unset action to clean it for next processed vhost.
$this->action = '';
}
function update($event_name, $data)
{
global $app, $conf;
$tcp_ports = '';
$udp_ports = '';
$ports = explode(',', $data['new']['tcp_port']);
if (is_array($ports)) {
foreach ($ports as $p) {
if (strstr($p, ':')) {
$p_parts = explode(':', $p);
$p_clean = intval($p_parts[0]) . ':' . intval($p_parts[1]);
} else {
$p_clean = intval($p);
}
$tcp_ports .= $p_clean . ' ';
}
}
$tcp_ports = trim($tcp_ports);
$ports = explode(',', $data['new']['udp_port']);
if (is_array($ports)) {
foreach ($ports as $p) {
if (strstr($p, ':')) {
$p_parts = explode(':', $p);
$p_clean = intval($p_parts[0]) . ':' . intval($p_parts[1]);
} else {
$p_clean = intval($p);
}
$udp_ports .= $p_clean . ' ';
}
}
$udp_ports = trim($udp_ports);
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('bastille-firewall.cfg.master');
$tpl->setVar('TCP_PUBLIC_SERVICES', $tcp_ports);
$tpl->setVar('UDP_PUBLIC_SERVICES', $udp_ports);
file_put_contents('/etc/Bastille/bastille-firewall.cfg', $tpl->grab());
$app->log('Writing firewall configuration /etc/Bastille/bastille-firewall.cfg', LOGLEVEL_DEBUG);
unset($tpl);
if ($data['new']['active'] == 'y') {
exec($conf['init_scripts'] . '/' . 'bastille-firewall restart');
if (@is_file('/etc/debian_version')) {
exec('update-rc.d bastille-firewall defaults');
}
$app->log('Restarting the firewall', LOGLEVEL_DEBUG);
} else {
exec($conf['init_scripts'] . '/' . 'bastille-firewall stop');
if (@is_file('/etc/debian_version')) {
exec('update-rc.d -f bastille-firewall remove');
}
$app->log('Stopping the firewall', LOGLEVEL_DEBUG);
}
}
private function php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir)
{
global $app, $conf;
/*
if(trim($data['new']['fastcgi_php_version']) != ''){
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
if(substr($custom_php_fpm_ini_dir,-1) != '/') $custom_php_fpm_ini_dir .= '/';
} else {
$default_php_fpm = true;
}
*/
if ($data['new']['php'] != 'no') {
if (trim($data['new']['fastcgi_php_version']) != '') {
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
if (substr($custom_php_fpm_ini_dir, -1) != '/') {
$custom_php_fpm_ini_dir .= '/';
}
} else {
$default_php_fpm = true;
}
} else {
if (trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] != 'no') {
$default_php_fpm = false;
list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
if (substr($custom_php_fpm_ini_dir, -1) != '/') {
$custom_php_fpm_ini_dir .= '/';
}
} else {
$default_php_fpm = true;
}
}
$app->uses("getconf");
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
if ($data['new']['php'] == 'no') {
if (@is_file($pool_dir . $pool_name . '.conf')) {
$app->system->unlink($pool_dir . $pool_name . '.conf');
//$reload = true;
}
if ($data['old']['php'] != 'no') {
if (!$default_php_fpm) {
$app->services->restartService('php-fpm', 'reload:' . $custom_php_fpm_init_script);
} else {
$app->services->restartService('php-fpm', 'reload:' . $conf['init_scripts'] . '/' . $web_config['php_fpm_init_script']);
}
}
return;
}
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('php_fpm_pool.conf.master');
if ($data['new']['php_fpm_use_socket'] == 'y') {
$use_tcp = 0;
$use_socket = 1;
if (!is_dir($socket_dir)) {
$app->system->mkdirpath($socket_dir);
}
} else {
$use_tcp = 1;
$use_socket = 0;
}
$tpl->setVar('use_tcp', $use_tcp);
$tpl->setVar('use_socket', $use_socket);
$fpm_socket = $socket_dir . $pool_name . '.sock';
$tpl->setVar('fpm_socket', $fpm_socket);
$tpl->setVar('fpm_listen_mode', '0660');
$tpl->setVar('fpm_pool', $pool_name);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
$tpl->setVar('fpm_user', $data['new']['system_user']);
$tpl->setVar('fpm_group', $data['new']['system_group']);
$tpl->setVar('pm', $data['new']['pm']);
$tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
$tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);
$tpl->setVar('pm_min_spare_servers', $data['new']['pm_min_spare_servers']);
$tpl->setVar('pm_max_spare_servers', $data['new']['pm_max_spare_servers']);
$tpl->setVar('pm_process_idle_timeout', $data['new']['pm_process_idle_timeout']);
$tpl->setVar('pm_max_requests', $data['new']['pm_max_requests']);
$tpl->setVar('document_root', $data['new']['document_root']);
$tpl->setVar('security_level', $web_config['security_level']);
$tpl->setVar('domain', $data['new']['domain']);
$php_open_basedir = $data['new']['php_open_basedir'] == '' ? escapeshellcmd($data['new']['document_root']) : escapeshellcmd($data['new']['php_open_basedir']);
$tpl->setVar('php_open_basedir', $php_open_basedir);
if ($php_open_basedir != '') {
$tpl->setVar('enable_php_open_basedir', '');
} else {
$tpl->setVar('enable_php_open_basedir', ';');
}
// Custom php.ini settings
$final_php_ini_settings = array();
$custom_php_ini_settings = trim($data['new']['custom_php_ini']);
if ($custom_php_ini_settings != '') {
// Make sure we only have Unix linebreaks
$custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
$custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
$ini_settings = explode("\n", $custom_php_ini_settings);
if (is_array($ini_settings) && !empty($ini_settings)) {
foreach ($ini_settings as $ini_setting) {
$ini_setting = trim($ini_setting);
if (substr($ini_setting, 0, 1) == ';') {
continue;
}
if (substr($ini_setting, 0, 1) == '#') {
continue;
}
if (substr($ini_setting, 0, 2) == '//') {
continue;
}
list($key, $value) = explode('=', $ini_setting, 2);
$value = trim($value);
if ($value != '') {
$key = trim($key);
switch (strtolower($value)) {
case '0':
// PHP-FPM might complain about invalid boolean value if you use 0
$value = 'off';
case '1':
case 'on':
case 'off':
case 'true':
case 'false':
case 'yes':
case 'no':
$final_php_ini_settings[] = array('ini_setting' => 'php_admin_flag[' . $key . '] = ' . $value);
break;
default:
$final_php_ini_settings[] = array('ini_setting' => 'php_admin_value[' . $key . '] = ' . $value);
}
}
}
}
}
$tpl->setLoop('custom_php_ini_settings', $final_php_ini_settings);
$app->system->file_put_contents($pool_dir . $pool_name . '.conf', $tpl->grab());
$app->log('Writing the PHP-FPM config file: ' . $pool_dir . $pool_name . '.conf', LOGLEVEL_DEBUG);
unset($tpl);
// delete pool in all other PHP versions
$default_pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
if (substr($default_pool_dir, -1) != '/') {
$default_pool_dir .= '/';
}
if ($default_pool_dir != $pool_dir) {
if (@is_file($default_pool_dir . $pool_name . '.conf')) {
$app->system->unlink($default_pool_dir . $pool_name . '.conf');
$app->log('Removed PHP-FPM config file: ' . $default_pool_dir . $pool_name . '.conf', LOGLEVEL_DEBUG);
$app->services->restartService('php-fpm', 'reload:' . $conf['init_scripts'] . '/' . $web_config['php_fpm_init_script']);
}
}
$php_versions = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = " . $conf["server_id"]);
if (is_array($php_versions) && !empty($php_versions)) {
foreach ($php_versions as $php_version) {
if (substr($php_version['php_fpm_pool_dir'], -1) != '/') {
$php_version['php_fpm_pool_dir'] .= '/';
}
if ($php_version['php_fpm_pool_dir'] != $pool_dir) {
if (@is_file($php_version['php_fpm_pool_dir'] . $pool_name . '.conf')) {
$app->system->unlink($php_version['php_fpm_pool_dir'] . $pool_name . '.conf');
$app->log('Removed PHP-FPM config file: ' . $php_version['php_fpm_pool_dir'] . $pool_name . '.conf', LOGLEVEL_DEBUG);
$app->services->restartService('php-fpm', 'reload:' . $php_version['php_fpm_init_script']);
}
}
}
}
// Reload current PHP-FPM after all others
sleep(1);
if (!$default_php_fpm) {
$app->services->restartService('php-fpm', 'reload:' . $custom_php_fpm_init_script);
} else {
$app->services->restartService('php-fpm', 'reload:' . $conf['init_scripts'] . '/' . $web_config['php_fpm_init_script']);
}
}
function _setup_jailkit_chroot()
{
global $app;
//check if the chroot environment is created yet if not create it with a list of program sections from the config
if (!is_dir($this->data['new']['dir'] . '/etc/jailkit')) {
$command = '/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh';
$command .= ' ' . escapeshellcmd($this->data['new']['dir']);
$command .= ' \'' . $this->jailkit_config['jailkit_chroot_app_sections'] . '\'';
exec($command . ' 2>/dev/null');
$this->app->log("Added jailkit chroot with command: " . $command, LOGLEVEL_DEBUG);
$this->_add_jailkit_programs();
//add bash.bashrc script
//we need to collect the domain name to be used as the HOSTNAME in the bashrc script
$web = $this->app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id = " . intval($this->data['new']["parent_domain_id"]));
$this->app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate("bash.bashrc.master");
$tpl->setVar('jailkit_chroot', true);
$tpl->setVar('domain', $web['domain']);
$tpl->setVar('home_dir', $this->_get_home_dir(""));
$bashrc = escapeshellcmd($this->data['new']['dir']) . '/etc/bash.bashrc';
if (@is_file($bashrc) || @is_link($bashrc)) {
unlink($bashrc);
}
file_put_contents($bashrc, $tpl->grab());
unset($tpl);
$this->app->log("Added bashrc script : " . $bashrc, LOGLEVEL_DEBUG);
$tpl = new tpl();
$tpl->newTemplate("motd.master");
$tpl->setVar('domain', $web['domain']);
$motd = escapeshellcmd($this->data['new']['dir']) . '/var/run/motd';
if (@is_file($motd) || @is_link($motd)) {
unlink($motd);
}
$app->system->file_put_contents($motd, $tpl->grab());
}
}
function show()
{
global $app, $conf;
//* Loading Template
$app->uses('tpl');
$tpl = new tpl();
$tpl->newTemplate("dashlets/templates/mailquota.htm");
$wb = array();
$lng_file = 'lib/lang/' . $_SESSION['s']['language'] . '_dashlet_mailquota.lng';
if (is_file($lng_file)) {
include $lng_file;
}
$tpl->setVar($wb);
$tmp_rec = $app->db->queryAllRecords("SELECT data from monitor_data WHERE type = 'email_quota' ORDER BY created DESC");
$monitor_data = array();
if (is_array($tmp_rec)) {
foreach ($tmp_rec as $tmp_mon) {
//$monitor_data = array_merge_recursive($monitor_data,unserialize($app->db->unquote($tmp_mon['data'])));
$tmp_array = unserialize($app->db->unquote($tmp_mon['data']));
if (is_array($tmp_array)) {
foreach ($tmp_array as $username => $data) {
if (!$monitor_data[$username]['used']) {
$monitor_data[$username]['used'] = $data['used'];
}
}
}
}
}
//print_r($monitor_data);
if ($_SESSION["s"]["user"]["typ"] != 'admin') {
$sql_where = " AND sys_groupid = " . intval($_SESSION['s']['user']['default_group']);
}
$has_mailquota = false;
// select email accounts belonging to client
$emails = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE 1" . $sql_where);
//print_r($emails);
if (is_array($emails) && !empty($emails)) {
for ($i = 0; $i < sizeof($emails); $i++) {
$email = $emails[$i]['email'];
$emails[$i]['used'] = isset($monitor_data[$email]['used']) ? $monitor_data[$email]['used'] : array(1 => 0);
if (!is_numeric($emails[$i]['used'])) {
$emails[$i]['used'] = $emails[$i]['used'][1];
}
// colours
$emails[$i]['display_colour'] = '#000000';
if ($emails[$i]['quota'] > 0) {
$used_ratio = $emails[$i]['used'] / $emails[$i]['quota'];
} else {
$used_ratio = 0;
}
if ($used_ratio >= 0.8) {
$emails[$i]['display_colour'] = '#fd934f';
}
if ($used_ratio >= 1) {
$emails[$i]['display_colour'] = '#cc0000';
}
if ($emails[$i]['quota'] == 0) {
$emails[$i]['quota'] = $app->lng('unlimited');
} else {
$emails[$i]['quota'] = round($emails[$i]['quota'] / 1048576, 4) . ' MB';
}
if ($emails[$i]['used'] < 1544000) {
$emails[$i]['used'] = round($emails[$i]['used'] / 1024, 4) . ' KB';
} else {
$emails[$i]['used'] = round($emails[$i]['used'] / 1048576, 4) . ' MB';
}
}
$has_mailquota = true;
$tpl->setloop('mailquota', $emails);
}
//print_r($sites);
$tpl->setVar('has_mailquota', $has_mailquota);
return $tpl->grab();
}
function onShow()
{
global $app;
$listTpl = new tpl();
$listTpl->newTemplate('templates/web_backup_list.htm');
//* Loading language file
$lng_file = "lib/lang/" . $_SESSION["s"]["language"] . "_web_backup_list.lng";
include $lng_file;
$listTpl->setVar($wb);
$message = '';
$error = '';
if (isset($_GET['backup_action'])) {
$backup_id = $app->functions->intval($_GET['backup_id']);
if ($_GET['backup_action'] == 'download' && $backup_id > 0) {
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_download' AND action_param = '{$backup_id}'";
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] == 0) {
$message .= $wb['download_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . "VALUES (" . (int) $this->form->dataRecord['server_id'] . ", " . time() . ", " . "'backup_download', " . "'" . $backup_id . "', " . "'pending', " . "''" . ")";
$app->db->query($sql);
} else {
$error .= $wb['download_pending_txt'];
}
}
if ($_GET['backup_action'] == 'restore' && $backup_id > 0) {
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = '{$backup_id}'";
$tmp = $app->db->queryOneRecord($sql);
if ($tmp['number'] == 0) {
$message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " . "VALUES (" . (int) $this->form->dataRecord['server_id'] . ", " . time() . ", " . "'backup_restore', " . "'" . $backup_id . "', " . "'pending', " . "''" . ")";
$app->db->query($sql);
} else {
$error .= $wb['restore_pending_txt'];
}
}
}
//* Get the data
$sql = "SELECT * FROM web_backup WHERE parent_domain_id = " . $this->form->id . " ORDER BY tstamp DESC, backup_type ASC";
$records = $app->db->queryAllRecords($sql);
$bgcolor = "#FFFFFF";
if (is_array($records)) {
foreach ($records as $rec) {
// Change of color
$bgcolor = $bgcolor == "#FFFFFF" ? "#EEEEEE" : "#FFFFFF";
$rec["bgcolor"] = $bgcolor;
$rec['date'] = date($app->lng('conf_format_datetime'), $rec['tstamp']);
$rec['backup_type'] = $wb['backup_type_' . $rec['backup_type']];
$records_new[] = $rec;
}
}
$listTpl->setLoop('records', @$records_new);
$listTpl->setVar('parent_id', $this->form->id);
$listTpl->setVar('msg', $message);
$listTpl->setVar('error', $error);
// Setting Returnto information in the session
$list_name = 'backup_list';
// $_SESSION["s"]["list"][$list_name]["parent_id"] = $app->tform_actions->id;
$_SESSION["s"]["list"][$list_name]["parent_id"] = $this->form->id;
$_SESSION["s"]["list"][$list_name]["parent_name"] = $app->tform->formDef["name"];
$_SESSION["s"]["list"][$list_name]["parent_tab"] = $_SESSION["s"]["form"]["tab"];
$_SESSION["s"]["list"][$list_name]["parent_script"] = $app->tform->formDef["action"];
$_SESSION["s"]["form"]["return_to"] = $list_name;
return $listTpl->grab();
}
function update($event_name, $data)
{
global $app, $conf;
// get the config
$app->uses("getconf");
$web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
if ($web_config['server_type'] == 'apache') {
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('apache_apps.vhost.master');
$tpl->setVar('apache_version', $app->system->getapacheversion());
$vhost_conf_dir = $web_config['vhost_conf_dir'];
$vhost_conf_enabled_dir = $web_config['vhost_conf_enabled_dir'];
$apps_vhost_servername = $web_config['apps_vhost_servername'] == '' ? '' : 'ServerName ' . $web_config['apps_vhost_servername'];
$web_config['apps_vhost_port'] = empty($web_config['apps_vhost_port']) ? 8081 : $web_config['apps_vhost_port'];
$web_config['apps_vhost_ip'] = empty($web_config['apps_vhost_ip']) ? '_default_' : $web_config['apps_vhost_ip'];
$tpl->setVar('apps_vhost_ip', $web_config['apps_vhost_ip']);
$tpl->setVar('apps_vhost_port', $web_config['apps_vhost_port']);
$tpl->setVar('apps_vhost_dir', $web_config['website_basedir'] . '/apps');
$tpl->setVar('apps_vhost_servername', $apps_vhost_servername);
$tpl->setVar('apps_vhost_basedir', $web_config['website_basedir']);
$vhost_port_listen = '';
// comment out the listen directive if port is 80 or 443
if ($web_config['apps_vhost_port'] == 80 or $web_config['apps_vhost_port'] == 443) {
$vhost_port_listen = '#';
}
$tpl->setVar('vhost_port_listen', $vhost_port_listen);
$content = $tpl->grab();
/* for backwards compatibility we replace the old syntax by hand now */
$content = str_replace('{apps_vhost_ip}', $web_config['apps_vhost_ip'], $content);
$content = str_replace('{apps_vhost_port}', $web_config['apps_vhost_port'], $content);
$content = str_replace('{apps_vhost_dir}', $web_config['website_basedir'] . '/apps', $content);
$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
$content = str_replace('{apps_vhost_basedir}', $web_config['website_basedir'], $content);
$content = str_replace('{vhost_port_listen}', $vhost_port_listen, $content);
/* end of backwards compatibility section */
$app->system->file_put_contents("{$vhost_conf_dir}/apps.vhost", $content);
$app->services->restartServiceDelayed('httpd', 'restart');
}
if ($web_config['server_type'] == 'nginx') {
// Dont just copy over the virtualhost template but add some custom settings
if (file_exists($conf["rootpath"] . "/conf-custom/nginx_apps.vhost.master")) {
$content = file_get_contents($conf["rootpath"] . "/conf-custom/nginx_apps.vhost.master");
} else {
$content = file_get_contents($conf["rootpath"] . "/conf/nginx_apps.vhost.master");
}
$vhost_conf_dir = $web_config['nginx_vhost_conf_dir'];
$vhost_conf_enabled_dir = $web_config['nginx_vhost_conf_enabled_dir'];
$apps_vhost_servername = $web_config['apps_vhost_servername'] == '' ? '_' : $web_config['apps_vhost_servername'];
$apps_vhost_user = '******';
$apps_vhost_group = 'ispapps';
$web_config['apps_vhost_port'] = empty($web_config['apps_vhost_port']) ? 8081 : $web_config['apps_vhost_port'];
$web_config['apps_vhost_ip'] = empty($web_config['apps_vhost_ip']) ? '_default_' : $web_config['apps_vhost_ip'];
if ($web_config['apps_vhost_ip'] == '_default_') {
$apps_vhost_ip = '';
} else {
$apps_vhost_ip = $web_config['apps_vhost_ip'] . ':';
}
$socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'apps.sock';
$cgi_socket = escapeshellcmd($web_config['nginx_cgi_socket']);
$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
$content = str_replace('{apps_vhost_port}', $web_config['apps_vhost_port'], $content);
$content = str_replace('{apps_vhost_dir}', $web_config['website_basedir'] . '/apps', $content);
$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
//$content = str_replace('{fpm_port}', $web_config['php_fpm_start_port']+1, $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{cgi_socket}', $cgi_socket, $content);
if (file_exists('/var/run/php5-fpm.sock')) {
$use_tcp = '#';
$use_socket = '';
} else {
$use_tcp = '';
$use_socket = '#';
}
$content = str_replace('{use_tcp}', $use_tcp, $content);
$content = str_replace('{use_socket}', $use_socket, $content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
if (file_exists($conf["rootpath"] . "/conf-custom/apps_php_fpm_pool.conf.master")) {
$fpm_content = file_get_contents($conf["rootpath"] . "/conf-custom/apps_php_fpm_pool.conf.master");
} else {
$fpm_content = file_get_contents($conf["rootpath"] . "/conf/apps_php_fpm_pool.conf.master");
}
$fpm_content = str_replace('{fpm_pool}', 'apps', $fpm_content);
//$fpm_content = str_replace('{fpm_port}', $web_config['php_fpm_start_port']+1, $fpm_content);
$fpm_content = str_replace('{fpm_socket}', $fpm_socket, $fpm_content);
$fpm_content = str_replace('{fpm_user}', $apps_vhost_user, $fpm_content);
$fpm_content = str_replace('{fpm_group}', $apps_vhost_group, $fpm_content);
file_put_contents($web_config['php_fpm_pool_dir'] . '/apps.conf', $fpm_content);
file_put_contents("{$vhost_conf_dir}/apps.vhost", $content);
$app->services->restartServiceDelayed('httpd', 'reload');
}
}
function update($event_name, $data)
{
global $app, $conf;
if ($this->action != 'insert') {
$this->action = 'update';
}
if ($data['new']['type'] != 'vhost' && $data['new']['parent_domain_id'] > 0) {
$old_parent_domain_id = intval($data['old']['parent_domain_id']);
$new_parent_domain_id = intval($data['new']['parent_domain_id']);
// If the parent_domain_id has been changed, we will have to update the old site as well.
if ($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
$tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . $old_parent_domain_id . " AND active = 'y'");
$data['new'] = $tmp;
$data['old'] = $tmp;
$this->action = 'update';
$this->update($event_name, $data);
}
// This is not a vhost, so we need to update the parent record instead.
$tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ' . $new_parent_domain_id . " AND active = 'y'");
$data['new'] = $tmp;
$data['old'] = $tmp;
$this->action = 'update';
}
// load the server configuration options
$app->uses('getconf');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
//* Check if this is a chrooted setup
if ($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'] . '/etc/passwd')) {
$apache_chrooted = true;
$app->log('Info: Apache is chrooted.', LOGLEVEL_DEBUG);
} else {
$apache_chrooted = false;
}
if ($data['new']['document_root'] == '') {
$app->log('document_root not set', LOGLEVEL_WARN);
return 0;
}
if ($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
$app->log('Websites cannot be owned by the root user or group.', LOGLEVEL_WARN);
return 0;
}
// Create group and user, if not exist
$app->uses('system');
$groupname = escapeshellcmd($data['new']['system_group']);
if ($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
exec('groupadd ' . $groupname);
if ($apache_chrooted) {
$this->_exec('chroot ' . escapeshellcmd($web_config['website_basedir']) . ' groupadd ' . $groupname);
}
$app->log('Adding the group: ' . $groupname, LOGLEVEL_DEBUG);
}
$username = escapeshellcmd($data['new']['system_user']);
if ($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
exec('useradd -d ' . escapeshellcmd($data['new']['document_root']) . " -g {$groupname} -G sshusers {$username} -s /bin/false");
if ($apache_chrooted) {
$this->_exec('chroot ' . escapeshellcmd($web_config['website_basedir']) . ' useradd -d ' . escapeshellcmd($data['new']['document_root']) . " -g {$groupname} -G sshusers {$username} -s /bin/false");
}
$app->log('Adding the user: '******'update' && $data['new']['document_root'] != $data['old']['document_root']) {
//* Get the old client ID
$old_client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = ' . intval($data['old']['sys_groupid']));
$old_client_id = intval($old_client['client_id']);
unset($old_client);
//* Remove the old symlinks
$tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
if (is_array($tmp_symlinks_array)) {
foreach ($tmp_symlinks_array as $tmp_symlink) {
$tmp_symlink = str_replace('[client_id]', $old_client_id, $tmp_symlink);
$tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
// Remove trailing slash
if (substr($tmp_symlink, -1, 1) == '/') {
$tmp_symlink = substr($tmp_symlink, 0, -1);
}
// create the symlinks, if not exist
if (is_link($tmp_symlink)) {
exec('rm -f ' . escapeshellcmd($tmp_symlink));
$app->log('Removed symlink: rm -f ' . $tmp_symlink, LOGLEVEL_DEBUG);
}
}
}
//* Move the site data
$tmp_docroot = explode('/', $data['new']['document_root']);
unset($tmp_docroot[count($tmp_docroot) - 1]);
$new_dir = implode('/', $tmp_docroot);
$tmp_docroot = explode('/', $data['old']['document_root']);
unset($tmp_docroot[count($tmp_docroot) - 1]);
$old_dir = implode('/', $tmp_docroot);
exec('rm -rf ' . $data['new']['document_root']);
if (!is_dir($new_dir)) {
exec('mkdir -p ' . $new_dir);
}
exec('mv ' . $data['old']['document_root'] . ' ' . $new_dir);
$app->log('Moving site to new document root: mv ' . $data['old']['document_root'] . ' ' . $new_dir, LOGLEVEL_DEBUG);
// Handle the change in php_open_basedir
$data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']);
//* Change the owner of the website files to the new website owner
exec('chown --recursive --from=' . escapeshellcmd($data['old']['system_user']) . ':' . escapeshellcmd($data['old']['system_group']) . ' ' . escapeshellcmd($data['new']['system_user']) . ':' . escapeshellcmd($data['new']['system_group']) . ' ' . $new_dir);
//* Change the home directory and group of the website user
$command = 'usermod';
$command .= ' --home ' . escapeshellcmd($data['new']['document_root']);
$command .= ' --gid ' . escapeshellcmd($data['new']['system_group']);
$command .= ' ' . escapeshellcmd($data['new']['system_user']);
exec($command);
if ($apache_chrooted) {
$this->_exec('chroot ' . escapeshellcmd($web_config['website_basedir']) . ' ' . $command);
}
}
//print_r($data);
// Check if the directories are there and create them if necessary.
if (!is_dir($data['new']['document_root'] . '/web')) {
exec('mkdir -p ' . $data['new']['document_root'] . '/web');
}
if (!is_dir($data['new']['document_root'] . '/web/error') and $data['new']['errordocs']) {
exec('mkdir -p ' . $data['new']['document_root'] . '/web/error');
}
//if(!is_dir($data['new']['document_root'].'/log')) exec('mkdir -p '.$data['new']['document_root'].'/log');
if (!is_dir($data['new']['document_root'] . '/ssl')) {
exec('mkdir -p ' . $data['new']['document_root'] . '/ssl');
}
if (!is_dir($data['new']['document_root'] . '/cgi-bin')) {
exec('mkdir -p ' . $data['new']['document_root'] . '/cgi-bin');
}
if (!is_dir($data['new']['document_root'] . '/tmp')) {
exec('mkdir -p ' . $data['new']['document_root'] . '/tmp');
}
// Remove the symlink for the site, if site is renamed
if ($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
if (is_dir('/var/log/ispconfig/httpd/' . $data['old']['domain'])) {
exec('rm -rf /var/log/ispconfig/httpd/' . $data['old']['domain']);
}
if (is_link($data['old']['document_root'] . '/log')) {
unlink($data['old']['document_root'] . '/log');
}
}
// Create the symlink for the logfiles
if (!is_dir('/var/log/ispconfig/httpd/' . $data['new']['domain'])) {
exec('mkdir -p /var/log/ispconfig/httpd/' . $data['new']['domain']);
}
if (!is_link($data['new']['document_root'] . '/log')) {
// exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
if ($web_config["website_symlinks_rel"] == 'y') {
$this->create_relative_link("/var/log/ispconfig/httpd/" . $data["new"]["domain"], $data["new"]["document_root"] . "/log");
} else {
exec("ln -s /var/log/ispconfig/httpd/" . $data["new"]["domain"] . " " . $data["new"]["document_root"] . "/log");
}
$app->log('Creating symlink: ln -s /var/log/ispconfig/httpd/' . $data['new']['domain'] . ' ' . $data['new']['document_root'] . '/log', LOGLEVEL_DEBUG);
}
/*
// Create the symlink for the logfiles
// This does not work as vlogger cannot log trough symlinks.
if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
if(is_dir($data['old']['document_root'].'/log')) exec('rm -rf '.$data['old']['document_root'].'/log');
if(is_link('/var/log/ispconfig/httpd/'.$data['old']['domain'])) unlink('/var/log/ispconfig/httpd/'.$data['old']['domain']);
}
// Create the symlink for the logfiles
if(!is_dir($data['new']['document_root'].'/log')) exec('mkdir -p '.$data['new']['document_root'].'/log');
if(!is_link('/var/log/ispconfig/httpd/'.$data['new']['domain'])) {
exec('ln -s '.$data['new']['document_root'].'/log /var/log/ispconfig/httpd/'.$data['new']['domain']);
$app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/log /var/log/ispconfig/httpd/'.$data['new']['domain'],LOGLEVEL_DEBUG);
}
*/
// Get the client ID
$client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = ' . intval($data['new']['sys_groupid']));
$client_id = intval($client['client_id']);
unset($client);
// Remove old symlinks, if site is renamed
if ($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
$tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
if (is_array($tmp_symlinks_array)) {
foreach ($tmp_symlinks_array as $tmp_symlink) {
$tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
$tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
// Remove trailing slash
if (substr($tmp_symlink, -1, 1) == '/') {
$tmp_symlink = substr($tmp_symlink, 0, -1);
}
// remove the symlinks, if not exist
if (is_link($tmp_symlink)) {
exec('rm -f ' . escapeshellcmd($tmp_symlink));
$app->log('Removed symlink: rm -f ' . $tmp_symlink, LOGLEVEL_DEBUG);
}
}
}
}
// Create the symlinks for the sites
$tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
if (is_array($tmp_symlinks_array)) {
foreach ($tmp_symlinks_array as $tmp_symlink) {
$tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
$tmp_symlink = str_replace('[website_domain]', $data['new']['domain'], $tmp_symlink);
// Remove trailing slash
if (substr($tmp_symlink, -1, 1) == '/') {
$tmp_symlink = substr($tmp_symlink, 0, -1);
}
//* Remove symlink if target folder has been changed.
if ($data['old']['document_root'] != '' && $data['old']['document_root'] != $data['new']['document_root'] && is_link($tmp_symlink)) {
unlink($tmp_symlink);
}
// create the symlinks, if not exist
if (!is_link($tmp_symlink)) {
// exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
if ($web_config["website_symlinks_rel"] == 'y') {
$this->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink));
} else {
exec("ln -s " . escapeshellcmd($data["new"]["document_root"]) . "/ " . escapeshellcmd($tmp_symlink));
}
$app->log('Creating symlink: ln -s ' . $data['new']['document_root'] . '/ ' . $tmp_symlink, LOGLEVEL_DEBUG);
}
}
}
// Install the Standard or Custom Error, Index and other related files
// /usr/local/ispconfig/server/conf is for the standard files
// /usr/local/ispconfig/server/conf-custom is for the custom files
// setting a local var here
// normally $conf['templates'] = "/usr/local/ispconfig/server/conf";
if ($this->action == 'insert' && $data['new']['type'] == 'vhost') {
// Copy the error pages
if ($data['new']['errordocs']) {
$error_page_path = escapeshellcmd($data['new']['document_root']) . '/web/error/';
if (file_exists($conf['rootpath'] . '/conf-custom/error/' . substr(escapeshellcmd($conf['language']), 0, 2))) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/error/' . substr(escapeshellcmd($conf['language']), 0, 2) . '/* ' . $error_page_path);
} else {
if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html ' . $error_page_path);
} else {
exec('cp ' . $conf['rootpath'] . '/conf/error/' . substr(escapeshellcmd($conf['language']), 0, 2) . '/* ' . $error_page_path);
}
}
exec('chmod -R a+r ' . $error_page_path);
}
if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_' . substr(escapeshellcmd($conf['language']), 0, 2))) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_' . substr(escapeshellcmd($conf['language']), 0, 2) . ' ' . escapeshellcmd($data['new']['document_root']) . '/web/index.html');
if (is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
if (is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
if (is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
} else {
if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html ' . escapeshellcmd($data['new']['document_root']) . '/web/index.html');
} else {
exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_' . substr(escapeshellcmd($conf['language']), 0, 2) . ' ' . escapeshellcmd($data['new']['document_root']) . '/web/index.html');
if (is_file($conf['rootpath'] . '/conf/index/favicon.ico')) {
exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
if (is_file($conf['rootpath'] . '/conf/index/robots.txt')) {
exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
if (is_file($conf['rootpath'] . '/conf/index/.htaccess')) {
exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess ' . escapeshellcmd($data['new']['document_root']) . '/web/');
}
}
}
exec('chmod -R a+r ' . escapeshellcmd($data['new']['document_root']) . '/web/');
//** Copy the error documents on update when the error document checkbox has been activated and was deactivated before
} elseif ($this->action == 'update' && $data['new']['type'] == 'vhost' && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
$error_page_path = escapeshellcmd($data['new']['document_root']) . '/web/error/';
if (file_exists($conf['rootpath'] . '/conf-custom/error/' . substr(escapeshellcmd($conf['language']), 0, 2))) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/error/' . substr(escapeshellcmd($conf['language']), 0, 2) . '/* ' . $error_page_path);
} else {
if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html ' . $error_page_path);
} else {
exec('cp ' . $conf['rootpath'] . '/conf/error/' . substr(escapeshellcmd($conf['language']), 0, 2) . '/* ' . $error_page_path);
}
}
exec('chmod -R a+r ' . $error_page_path);
exec('chown -R ' . $data['new']['system_user'] . ':' . $data['new']['system_group'] . ' ' . $error_page_path);
}
// end copy error docs
// Set the quota for the user
if ($username != '' && $app->system->is_user($username)) {
if ($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$blocks_hard = $blocks_soft + 1024;
} else {
$blocks_soft = $blocks_hard = 0;
}
exec("setquota -u {$username} {$blocks_soft} {$blocks_hard} 0 0 -a &> /dev/null");
exec('setquota -T -u ' . $username . ' 604800 604800 -a &> /dev/null');
}
if ($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
// Chown and chmod the directories below the document root
$this->_exec('chown -R ' . $username . ':' . $groupname . ' ' . escapeshellcmd($data['new']['document_root']));
// The document root itself has to be owned by root in normal level and by the web owner in security level 20
if ($web_config['security_level'] == 20) {
$this->_exec('chown ' . $username . ':' . $groupname . ' ' . escapeshellcmd($data['new']['document_root']));
} else {
$this->_exec('chown root:root ' . escapeshellcmd($data['new']['document_root']));
}
}
//* If the security level is set to high
if ($web_config['security_level'] == 20) {
$this->_exec('chmod 751 ' . escapeshellcmd($data['new']['document_root']));
$this->_exec('chmod 751 ' . escapeshellcmd($data['new']['document_root']) . '/*');
$this->_exec('chmod 710 ' . escapeshellcmd($data['new']['document_root'] . '/web'));
// make tmp directory writable for Apache and the website users
$this->_exec('chmod 777 ' . escapeshellcmd($data['new']['document_root'] . '/tmp'));
// Set Log symlink to 755 to make the logs accessible by the FTP user
$this->_exec("chmod 755 " . escapeshellcmd($data["new"]["document_root"]) . "/log");
$command = 'usermod';
$command .= ' --groups sshusers';
$command .= ' ' . escapeshellcmd($data['new']['system_user']);
$this->_exec($command);
//* if we have a chrooted Apache environment
if ($apache_chrooted) {
$this->_exec('chroot ' . escapeshellcmd($web_config['website_basedir']) . ' ' . $command);
//* add the apache user to the client group in the chroot environment
$tmp_groupfile = $app->system->server_conf['group_datei'];
$app->system->server_conf['group_datei'] = $web_config['website_basedir'] . '/etc/group';
$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
$app->system->server_conf['group_datei'] = $tmp_groupfile;
unset($tmp_groupfile);
}
//* add the Apache user to the client group
$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
$this->_exec('chown ' . $username . ':' . $groupname . ' ' . escapeshellcmd($data['new']['document_root']));
/*
* Workaround for jailkit: If jailkit is enabled for the site, the
* website root has to be owned by the root user and we have to chmod it to 755 then
*/
//* Check if there is a jailkit user for this site
$tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = ' . $data['new']['domain_id'] . " AND chroot = 'jailkit'");
if ($tmp['number'] > 0) {
$this->_exec('chmod 755 ' . escapeshellcmd($data['new']['document_root']));
$this->_exec('chown root:root ' . escapeshellcmd($data['new']['document_root']));
}
unset($tmp);
// If the security Level is set to medium
} else {
$this->_exec('chmod 755 ' . escapeshellcmd($data['new']['document_root']));
$this->_exec('chmod 755 ' . escapeshellcmd($data['new']['document_root'] . '/*'));
$this->_exec('chown root:root ' . escapeshellcmd($data['new']['document_root']));
// make temp directory writable for Apache and the website users
$this->_exec('chmod 777 ' . escapeshellcmd($data['new']['document_root'] . '/tmp'));
}
// Change the ownership of the error log to the owner of the website
if (!@is_file($data['new']['document_root'] . '/log/error.log')) {
exec('touch ' . escapeshellcmd($data['new']['document_root']) . '/log/error.log');
}
$this->_exec('chown ' . $username . ':' . $groupname . ' ' . escapeshellcmd($data['new']['document_root']) . '/log/error.log');
//* Write the custom php.ini file, if custom_php_ini filed is not empty
$custom_php_ini_dir = $web_config['website_basedir'] . '/conf/' . $data['new']['system_user'];
if (!is_dir($web_config['website_basedir'] . '/conf')) {
mkdir($web_config['website_basedir'] . '/conf');
}
if (trim($data['new']['custom_php_ini']) != '') {
$has_custom_php_ini = true;
if (!is_dir($custom_php_ini_dir)) {
mkdir($custom_php_ini_dir);
}
$php_ini_content = '';
if ($data['new']['php'] == 'mod') {
$master_php_ini_path = $web_config['php_ini_path_apache'];
} else {
if ($data["new"]['php'] == 'fast-cgi' && file_exists($fastcgi_config["fastcgi_phpini_path"])) {
$master_php_ini_path = $fastcgi_config["fastcgi_phpini_path"];
} else {
$master_php_ini_path = $web_config['php_ini_path_cgi'];
}
}
if ($master_php_ini_path != '' && substr($master_php_ini_path, -7) == 'php.ini' && is_file($master_php_ini_path)) {
$php_ini_content .= file_get_contents($master_php_ini_path) . "\n";
}
$php_ini_content .= trim($data['new']['custom_php_ini']);
file_put_contents($custom_php_ini_dir . '/php.ini', $php_ini_content);
} else {
$has_custom_php_ini = false;
if (is_file($custom_php_ini_dir . '/php.ini')) {
unlink($custom_php_ini_dir . '/php.ini');
}
}
//* Create the vhost config file
$app->load('tpl');
$tpl = new tpl();
$tpl->newTemplate('vhost.conf.master');
$vhost_data = $data['new'];
//unset($vhost_data['ip_address']);
$vhost_data['web_document_root'] = $data['new']['document_root'] . '/web';
$vhost_data['web_document_root_www'] = $web_config['website_basedir'] . '/' . $data['new']['domain'] . '/web';
$vhost_data['web_basedir'] = $web_config['website_basedir'];
$vhost_data['security_level'] = $web_config['security_level'];
$vhost_data['allow_override'] = $data['new']['allow_override'] == '' ? 'All' : $data['new']['allow_override'];
$vhost_data['php_open_basedir'] = $data['new']['php_open_basedir'] == '' ? $data['new']['document_root'] : $data['new']['php_open_basedir'];
$vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
$vhost_data['has_custom_php_ini'] = $has_custom_php_ini;
$vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir);
// Check if a SSL cert exists
$ssl_dir = $data['new']['document_root'] . '/ssl';
$domain = $data['new']['ssl_domain'];
$key_file = $ssl_dir . '/' . $domain . '.key';
$crt_file = $ssl_dir . '/' . $domain . '.crt';
$bundle_file = $ssl_dir . '/' . $domain . '.bundle';
/*
if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$vhost_data['ssl_enabled'] = 1;
$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
} else {
$vhost_data['ssl_enabled'] = 0;
$app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);
}
*/
if (@is_file($bundle_file)) {
$vhost_data['has_bundle_cert'] = 1;
}
//$vhost_data['document_root'] = $data['new']['document_root'].'/web';
// Set SEO Redirect
if ($data['new']['seo_redirect'] != '' && ($data['new']['subdomain'] == 'www' || $data['new']['subdomain'] == '*')) {
$vhost_data['seo_redirect_enabled'] = 1;
if ($data['new']['seo_redirect'] == 'non_www_to_www') {
$vhost_data['seo_redirect_origin_domain'] = $data['new']['domain'];
$vhost_data['seo_redirect_target_domain'] = 'www.' . $data['new']['domain'];
}
if ($data['new']['seo_redirect'] == 'www_to_non_www') {
$vhost_data['seo_redirect_origin_domain'] = 'www.' . $data['new']['domain'];
$vhost_data['seo_redirect_target_domain'] = $data['new']['domain'];
}
} else {
$vhost_data['seo_redirect_enabled'] = 0;
}
$tpl->setVar($vhost_data);
// Rewrite rules
$rewrite_rules = array();
if ($data['new']['redirect_type'] != '') {
if (substr($data['new']['redirect_path'], -1) != '/') {
$data['new']['redirect_path'] .= '/';
}
if (substr($data['new']['redirect_path'], 0, 8) == '[scheme]') {
$rewrite_target = 'http' . substr($data['new']['redirect_path'], 8);
$rewrite_target_ssl = 'https' . substr($data['new']['redirect_path'], 8);
} else {
$rewrite_target = $data['new']['redirect_path'];
$rewrite_target_ssl = $data['new']['redirect_path'];
}
/* Disabled path extension
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
}
*/
switch ($data['new']['subdomain']) {
case 'www':
$rewrite_rules[] = array('rewrite_domain' => '^' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : '[' . $data['new']['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
$rewrite_rules[] = array('rewrite_domain' => '^www.' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : '[' . $data['new']['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
$rewrite_rules[] = array('rewrite_domain' => $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : '[' . $data['new']['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
default:
$rewrite_rules[] = array('rewrite_domain' => '^' . $data['new']['domain'], 'rewrite_type' => $data['new']['redirect_type'] == 'no' ? '' : '[' . $data['new']['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
}
}
// get alias domains (co-domains and subdomains)
$aliases = $app->db->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = ' . $data['new']['domain_id'] . " AND active = 'y'");
$server_alias = array();
switch ($data['new']['subdomain']) {
case 'www':
$server_alias[] .= 'www.' . $data['new']['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $data['new']['domain'] . ' ';
break;
}
if (is_array($aliases)) {
foreach ($aliases as $alias) {
switch ($alias['subdomain']) {
case 'www':
$server_alias[] .= 'www.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
case '*':
$server_alias[] .= '*.' . $alias['domain'] . ' ' . $alias['domain'] . ' ';
break;
default:
$server_alias[] .= $alias['domain'] . ' ';
break;
}
$app->log('Add server alias: ' . $alias['domain'], LOGLEVEL_DEBUG);
// Rewriting
if ($alias['redirect_type'] != '') {
if (substr($alias['redirect_path'], -1) != '/') {
$alias['redirect_path'] .= '/';
}
if (substr($alias['redirect_path'], 0, 8) == '[scheme]') {
$rewrite_target = 'http' . substr($alias['redirect_path'], 8);
$rewrite_target_ssl = 'https' . substr($alias['redirect_path'], 8);
} else {
$rewrite_target = $alias['redirect_path'];
$rewrite_target_ssl = $alias['redirect_path'];
}
/* Disabled the path extension
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
}
*/
switch ($alias['subdomain']) {
case 'www':
$rewrite_rules[] = array('rewrite_domain' => '^' . $alias['domain'], 'rewrite_type' => $alias['redirect_type'] == 'no' ? '' : '[' . $alias['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
$rewrite_rules[] = array('rewrite_domain' => '^www.' . $alias['domain'], 'rewrite_type' => $alias['redirect_type'] == 'no' ? '' : '[' . $alias['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
$rewrite_rules[] = array('rewrite_domain' => $alias['domain'], 'rewrite_type' => $alias['redirect_type'] == 'no' ? '' : '[' . $alias['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
default:
$rewrite_rules[] = array('rewrite_domain' => '^' . $alias['domain'], 'rewrite_type' => $alias['redirect_type'] == 'no' ? '' : '[' . $alias['redirect_type'] . ']', 'rewrite_target' => $rewrite_target, 'rewrite_target_ssl' => $rewrite_target_ssl);
}
}
}
}
//* If we have some alias records
if (count($server_alias) > 0) {
$server_alias_str = '';
$n = 0;
// begin a new ServerAlias line after 30 alias domains
foreach ($server_alias as $tmp_alias) {
if ($n % 30 == 0) {
$server_alias_str .= "\n ServerAlias ";
}
$server_alias_str .= $tmp_alias;
}
unset($tmp_alias);
$tpl->setVar('alias', trim($server_alias_str));
} else {
$tpl->setVar('alias', '');
}
if (count($rewrite_rules) > 0) {
$tpl->setVar('rewrite_enabled', 1);
} else {
$tpl->setVar('rewrite_enabled', 0);
}
$tpl->setLoop('redirects', $rewrite_rules);
/**
* install fast-cgi starter script and add script aliasd config
* first we create the script directory if not already created, then copy over the starter script
* settings are copied over from the server ini config for now
* TODO: Create form for fastcgi configs per site.
*/
if ($data['new']['php'] == 'fast-cgi') {
$fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
$fastcgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $fastcgi_config['fastcgi_starter_path']);
$fastcgi_starter_path = str_replace('[client_id]', $client_id, $fastcgi_starter_path);
if (!is_dir($fastcgi_starter_path)) {
exec('mkdir -p ' . escapeshellcmd($fastcgi_starter_path));
//exec('chown '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path));
$app->log('Creating fastcgi starter script directory: ' . $fastcgi_starter_path, LOGLEVEL_DEBUG);
}
exec('chown -R ' . $data['new']['system_user'] . ':' . $data['new']['system_group'] . ' ' . escapeshellcmd($fastcgi_starter_path));
$fcgi_tpl = new tpl();
$fcgi_tpl->newTemplate('php-fcgi-starter.master');
if ($has_custom_php_ini) {
$fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir));
} else {
$fcgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path']));
}
$fcgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root']));
$fcgi_tpl->setVar('php_fcgi_children', escapeshellcmd($fastcgi_config['fastcgi_children']));
$fcgi_tpl->setVar('php_fcgi_max_requests', escapeshellcmd($fastcgi_config['fastcgi_max_requests']));
$fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($fastcgi_config['fastcgi_bin']));
$fcgi_tpl->setVar('security_level', intval($web_config['security_level']));
$php_open_basedir = $data['new']['php_open_basedir'] == '' ? $data['new']['document_root'] : $data['new']['php_open_basedir'];
$fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path . $fastcgi_config['fastcgi_starter_script']);
file_put_contents($fcgi_starter_script, $fcgi_tpl->grab());
unset($fcgi_tpl);
$app->log('Creating fastcgi starter script: ' . $fcgi_starter_script, LOGLEVEL_DEBUG);
exec('chmod 755 ' . $fcgi_starter_script);
exec('chown ' . $data['new']['system_user'] . ':' . $data['new']['system_group'] . ' ' . $fcgi_starter_script);
$tpl->setVar('fastcgi_alias', $fastcgi_config['fastcgi_alias']);
$tpl->setVar('fastcgi_starter_path', $fastcgi_starter_path);
$tpl->setVar('fastcgi_starter_script', $fastcgi_config['fastcgi_starter_script']);
$tpl->setVar('fastcgi_config_syntax', $fastcgi_config['fastcgi_config_syntax']);
}
/**
* install cgi starter script and add script alias to config.
* This is needed to allow cgi with suexec (to do so, we need a bin in the document-path!)
* first we create the script directory if not already created, then copy over the starter script.
* TODO: we have to fetch the data from the server-settings.
*/
if ($data['new']['php'] == 'cgi') {
//$cgi_config = $app->getconf->get_server_config($conf['server_id'], 'cgi');
$cgi_config['cgi_starter_path'] = $web_config['website_basedir'] . '/php-cgi-scripts/[system_user]/';
$cgi_config['cgi_starter_script'] = 'php-cgi-starter';
$cgi_config['cgi_bin'] = '/usr/bin/php-cgi';
$cgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $cgi_config['cgi_starter_path']);
$cgi_starter_path = str_replace('[client_id]', $client_id, $cgi_starter_path);
if (!is_dir($cgi_starter_path)) {
exec('mkdir -p ' . escapeshellcmd($cgi_starter_path));
exec('chown ' . $data['new']['system_user'] . ':' . $data['new']['system_group'] . ' ' . escapeshellcmd($cgi_starter_path));
$app->log('Creating cgi starter script directory: ' . $cgi_starter_path, LOGLEVEL_DEBUG);
}
$cgi_tpl = new tpl();
$cgi_tpl->newTemplate('php-cgi-starter.master');
// This works because PHP "rewrites" a symlink to the physical path
$php_open_basedir = $data['new']['php_open_basedir'] == '' ? $data['new']['document_root'] : $data['new']['php_open_basedir'];
$cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
$cgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root']));
// This will NOT work!
//$cgi_tpl->setVar('open_basedir', '/var/www/' . $data['new']['domain']);
$cgi_tpl->setVar('php_cgi_bin', $cgi_config['cgi_bin']);
$cgi_tpl->setVar('security_level', $web_config['security_level']);
$cgi_tpl->setVar('has_custom_php_ini', $has_custom_php_ini);
if ($has_custom_php_ini) {
$cgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir));
} else {
$cgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path']));
}
$cgi_starter_script = escapeshellcmd($cgi_starter_path . $cgi_config['cgi_starter_script']);
file_put_contents($cgi_starter_script, $cgi_tpl->grab());
unset($cgi_tpl);
$app->log('Creating cgi starter script: ' . $cgi_starter_script, LOGLEVEL_DEBUG);
exec('chmod 755 ' . $cgi_starter_script);
exec('chown ' . $data['new']['system_user'] . ':' . $data['new']['system_group'] . ' ' . $cgi_starter_script);
$tpl->setVar('cgi_starter_path', $cgi_starter_path);
$tpl->setVar('cgi_starter_script', $cgi_config['cgi_starter_script']);
}
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $data['new']['domain'] . '.vhost');
//* Make a backup copy of vhost file
if (file_exists($vhost_file)) {
copy($vhost_file, $vhost_file . '~');
}
//* create empty vhost array
$vhosts = array();
//* Add vhost for ipv4 IP
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80);
//* Add vhost for ipv4 IP with SSL
if ($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && @filesize($crt_file) > 0 && @filesize($key_file) > 0) {
$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
$app->log('Enable SSL for: ' . $domain, LOGLEVEL_DEBUG);
}
//* Add vhost for IPv6 IP
if ($data['new']['ipv6_address'] != '') {
$vhosts[] = array('ip_address' => '[' . $data['new']['ipv6_address'] . ']', 'ssl_enabled' => 0, 'port' => 80);
//* Add vhost for ipv6 IP with SSL
if ($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && @filesize($crt_file) > 0 && @filesize($key_file) > 0) {
$vhosts[] = array('ip_address' => '[' . $data['new']['ipv6_address'] . ']', 'ssl_enabled' => 1, 'port' => '443');
$app->log('Enable SSL for IPv6: ' . $domain, LOGLEVEL_DEBUG);
}
}
//* Set the vhost loop
$tpl->setLoop('vhosts', $vhosts);
//* Write vhost file
file_put_contents($vhost_file, $tpl->grab());
$app->log('Writing the vhost file: ' . $vhost_file, LOGLEVEL_DEBUG);
unset($tpl);
/*
* maybe we have some webdav - user. If so, add them...
*/
$this->_patchVhostWebdav($vhost_file, $data['new']['document_root'] . '/webdav');
//* Set the symlink to enable the vhost
//* First we check if there is a old type of symlink and remove it
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/' . $data['new']['domain'] . '.vhost');
if (is_link($vhost_symlink)) {
unlink($vhost_symlink);
}
//* Remove old or changed symlinks
if ($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') {
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/900-' . $data['new']['domain'] . '.vhost');
if (is_link($vhost_symlink)) {
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/100-' . $data['new']['domain'] . '.vhost');
if (is_link($vhost_symlink)) {
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
}
//* New symlink
if ($data['new']['subdomain'] == '*') {
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/900-' . $data['new']['domain'] . '.vhost');
} else {
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/100-' . $data['new']['domain'] . '.vhost');
}
if ($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
symlink($vhost_file, $vhost_symlink);
$app->log('Creating symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
// remove old symlink and vhost file, if domain name of the site has changed
if ($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/900-' . $data['old']['domain'] . '.vhost');
if (is_link($vhost_symlink)) {
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
$vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'] . '/100-' . $data['old']['domain'] . '.vhost');
if (is_link($vhost_symlink)) {
unlink($vhost_symlink);
$app->log('Removing symlink: ' . $vhost_symlink . '->' . $vhost_file, LOGLEVEL_DEBUG);
}
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $data['old']['domain'] . '.vhost');
unlink($vhost_file);
$app->log('Removing file: ' . $vhost_file, LOGLEVEL_DEBUG);
}
//* Create .htaccess and .htpasswd file for website statistics
if (!is_file($data['new']['document_root'] . '/web/stats/.htaccess') or $data['old']['document_root'] != $data['new']['document_root']) {
if (!is_dir($data['new']['document_root'] . '/web/stats')) {
mkdir($data['new']['document_root'] . '/web/stats');
}
$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile " . $data['new']['document_root'] . "/.htpasswd_stats\nrequire valid-user";
file_put_contents($data['new']['document_root'] . '/web/stats/.htaccess', $ht_file);
chmod($data['new']['document_root'] . '/web/stats/.htaccess', 0755);
unset($ht_file);
}
if (!is_file($data['new']['document_root'] . '/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
if (trim($data['new']['stats_password']) != '') {
$htp_file = 'admin:' . trim($data['new']['stats_password']);
file_put_contents($data['new']['document_root'] . '/.htpasswd_stats', $htp_file);
chmod($data['new']['document_root'] . '/.htpasswd_stats', 0755);
unset($htp_file);
}
}
//* Create awstats configuration
if ($data['new']['stats_type'] == 'awstats' && $data['new']['type'] == 'vhost') {
$this->awstats_update($data, $web_config);
}
if ($web_config['check_apache_config'] == 'y') {
//* Test if apache starts with the new configuration file
$apache_online_status_before_restart = $this->_checkTcp('localhost', 80);
$app->log('Apache status is: ' . $apache_online_status_before_restart, LOGLEVEL_DEBUG);
$app->services->restartService('httpd', 'restart');
// wait a few seconds, before we test the apache status again
sleep(2);
//* Check if apache restarted successfully if it was online before
$apache_online_status_after_restart = $this->_checkTcp('localhost', 80);
$app->log('Apache online status after restart is: ' . $apache_online_status_after_restart, LOGLEVEL_DEBUG);
if ($apache_online_status_before_restart && !$apache_online_status_after_restart) {
$app->log('Apache did not restart after the configuration change for website ' . $data['new']['domain'] . ' Reverting the configuration. Saved non-working config as ' . $vhost_file . '.err', LOGLEVEL_WARN);
copy($vhost_file, $vhost_file . '.err');
copy($vhost_file . '~', $vhost_file);
$app->services->restartService('httpd', 'restart');
}
} else {
//* We do not check the apache config after changes (is faster)
if ($apache_chrooted) {
$app->services->restartServiceDelayed('httpd', 'restart');
} else {
// request a httpd reload when all records have been processed
$app->services->restartServiceDelayed('httpd', 'reload');
}
}
// Remove the backup copy of the config file.
if (@is_file($vhost_file . '~')) {
unlink($vhost_file . '~');
}
//* Unset action to clean it for next processed vhost.
$this->action = '';
}
