public function ApacheVhostCreate($DomainName, $FarmID, $FarmRoleID, $DocumentRootDir, $EnableSSL, $SSLPrivateKey = null, $SSLCertificate = null)
{
$this->restrictAccess(Acl::RESOURCE_SERVICES_APACHE);
$validator = new Scalr_Validator();
if ($validator->validateDomain($DomainName) !== true) {
$err[] = _("Domain name is incorrect");
}
$DBFarm = DBFarm::LoadByID($FarmID);
if ($DBFarm->EnvID != $this->Environment->id) {
throw new Exception(sprintf("Farm #%s not found", $FarmID));
}
$this->user->getPermissions()->validate($DBFarm);
$DBFarmRole = DBFarmRole::LoadByID($FarmRoleID);
if ($DBFarm->ID != $DBFarmRole->FarmID) {
throw new Exception(sprintf("FarmRole #%s not found on Farm #%s", $FarmRoleID, $FarmID));
}
if (!$DocumentRootDir) {
throw new Exception(_("DocumentRootDir required"));
}
$options = serialize(array("document_root" => trim($DocumentRootDir), "logs_dir" => "/var/log", "server_admin" => $this->user->getEmail()));
$httpConfigTemplateSSL = @file_get_contents(dirname(__FILE__) . "/../../templates/services/apache/ssl.vhost.tpl");
$httpConfigTemplate = @file_get_contents(dirname(__FILE__) . "/../../templates/services/apache/nonssl.vhost.tpl");
$vHost = Scalr_Service_Apache_Vhost::init();
$vHost->envId = (int) $this->Environment->id;
$vHost->clientId = $this->user->getAccountId();
$vHost->domainName = $DomainName;
$vHost->isSslEnabled = $EnableSSL ? true : false;
$vHost->farmId = $FarmID;
$vHost->farmRoleId = $FarmRoleID;
$vHost->httpdConf = $httpConfigTemplate;
$vHost->templateOptions = $options;
//SSL stuff
if ($vHost->isSslEnabled) {
$cert = new Scalr_Service_Ssl_Certificate();
$cert->envId = $DBFarm->EnvID;
$cert->name = $DomainName;
$cert->privateKey = base64_decode($SSLPrivateKey);
$cert->certificate = base64_decode($SSLCertificate);
$cert->save();
$vHost->sslCertId = $cert->id;
$vHost->httpdConfSsl = $httpConfigTemplateSSL;
} else {
$vHost->sslCertId = 0;
}
$vHost->save();
$servers = $DBFarm->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
foreach ($servers as $DBServer) {
if ($DBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::NGINX) || $DBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::APACHE)) {
$DBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
}
}
$response = $this->CreateInitialResponse();
$response->Result = 1;
return $response;
}
public function xSaveAction()
{
$this->request->restrictAccess(Acl::RESOURCE_SERVICES_APACHE, Acl::PERM_SERVICES_APACHE_MANAGE);
$validator = new Scalr_Validator();
try {
if ($validator->validateDomain($this->getParam('domainName')) !== true) {
$err['domainName'] = _("Domain name is incorrect");
}
if (!$this->getParam('farmId')) {
$err['farmId'] = _("Farm required");
} else {
$dbFarm = DBFarm::LoadByID($this->getParam('farmId'));
$this->user->getPermissions()->validate($dbFarm);
}
if (!$this->getParam('farmRoleId')) {
$err['farmRoleId'] = _("Role required");
} else {
$dbFarmRole = DBFarmRole::LoadByID($this->getParam('farmRoleId'));
if ($dbFarmRole->FarmID != $dbFarm->ID) {
$err['farmRoleId'] = _("Role not found");
}
}
if ($validator->validateEmail($this->getParam('serverAdmin'), null, true) !== true) {
$err['serverAdmin'] = _("Server admin's email is incorrect or empty ");
}
if (!$this->getParam('documentRoot')) {
$err['documentRoot'] = _("Document root required");
}
if (!$this->getParam('logsDir')) {
$err['logsDir'] = _("Logs directory required");
}
if ($this->db->GetOne("SELECT id FROM apache_vhosts WHERE env_id=? AND `name` = ? AND id != ? AND farm_id = ? AND farm_roleid = ? LIMIT 1", array($this->getEnvironmentId(), $this->getParam('domainName'), $this->getParam('vhostId'), $this->getParam('farmId'), $this->getParam('farmRoleId')))) {
$err['domainName'] = "'{$this->getParam('domainName')}' virtualhost already exists";
}
} catch (Exception $e) {
$err[] = $e->getMessage();
}
if (count($err) == 0) {
$vHost = Scalr_Service_Apache_Vhost::init();
if ($this->getParam('vhostId')) {
$vHost->loadById($this->getParam('vhostId'));
$this->user->getPermissions()->validate($vHost);
} else {
$vHost->envId = $this->getEnvironmentId();
$vHost->clientId = $this->user->getAccountId();
}
$vHost->domainName = $this->getParam('domainName');
$isSslEnabled = $this->getParam('isSslEnabled') == 'on' ? true : false;
if ($vHost->farmRoleId && $vHost->farmRoleId != $this->getParam('farmRoleId')) {
$oldFarmRoleId = $vHost->farmRoleId;
}
$vHost->farmId = $this->getParam('farmId');
$vHost->farmRoleId = $this->getParam('farmRoleId');
$vHost->isSslEnabled = $isSslEnabled ? 1 : 0;
$vHost->httpdConf = $this->getParam("nonSslTemplate", true);
$vHost->templateOptions = serialize(array("document_root" => trim($this->getParam('documentRoot')), "logs_dir" => trim($this->getParam('logsDir')), "server_admin" => trim($this->getParam('serverAdmin')), "server_alias" => trim($this->getParam('serverAlias'))));
//SSL stuff
if ($isSslEnabled) {
$cert = Entity\SslCertificate::findPk($this->getParam('sslCertId'));
$this->user->getPermissions()->validate($cert);
$vHost->sslCertId = $cert->id;
$vHost->httpdConfSsl = $this->getParam("sslTemplate", true);
} else {
$vHost->sslCertId = 0;
$vHost->httpdConfSsl = "";
}
$vHost->save();
$servers = $dbFarm->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
foreach ($servers as $dBServer) {
if ($dBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::NGINX) || $dBServer->GetFarmRoleObject()->GetRoleObject()->hasBehavior(ROLE_BEHAVIORS::APACHE) && $dBServer->farmRoleId == $vHost->farmRoleId) {
$dBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
}
}
if ($oldFarmRoleId) {
$oldFarmRole = DBFarmRole::LoadByID($oldFarmRoleId);
$servers = $oldFarmRole->GetServersByFilter(array('status' => array(SERVER_STATUS::INIT, SERVER_STATUS::RUNNING)));
foreach ($servers as $dBServer) {
$dBServer->SendMessage(new Scalr_Messaging_Msg_VhostReconfigure());
}
}
$this->response->success(_('Virtualhost successfully saved'));
} else {
$this->response->failure();
$this->response->data(array('errors' => $err));
}
}
public function DNSZoneCreate($DomainName, $FarmID = null, $FarmRoleID = null)
{
$this->restrictAccess(Acl::RESOURCE_DNS_ZONES);
if (!Scalr::config('scalr.dns.global.enabled')) {
throw new Exception("DNS functionality is not enabled. Please contact your Scalr administrator.");
}
$DomainName = trim($DomainName);
$Validator = new Scalr_Validator();
if ($Validator->validateDomain($DomainName) !== true) {
throw new Exception(_("Invalid domain name"));
}
$domain_chunks = explode(".", $DomainName);
$chk_dmn = '';
while (count($domain_chunks) > 0) {
$chk_dmn = trim(array_pop($domain_chunks) . ".{$chk_dmn}", ".");
if ($this->DB->GetOne("SELECT id FROM dns_zones WHERE zone_name=? AND client_id != ? LIMIT 1", array($chk_dmn, $this->user->getAccountId()))) {
if ($chk_dmn == $DomainName) {
throw new Exception(sprintf(_("%s already exists on scalr nameservers"), $DomainName));
} else {
throw new Exception(sprintf(_("You cannot use %s domain name because top level domain %s does not belong to you"), $DomainName, $chk_dmn));
}
}
}
if ($FarmID) {
$DBFarm = DBFarm::LoadByID($FarmID);
if ($DBFarm->EnvID != $this->Environment->id) {
throw new Exception(sprintf("Farm #%s not found", $FarmID));
}
$this->user->getPermissions()->validate($DBFarm);
}
if ($FarmRoleID) {
$DBFarmRole = DBFarmRole::LoadByID($FarmRoleID);
if ($DBFarm->ID != $DBFarmRole->FarmID) {
throw new Exception(sprintf("FarmRole #%s not found on Farm #%s", $FarmRoleID, $FarmID));
}
}
$response = $this->CreateInitialResponse();
$DBDNSZone = DBDNSZone::create($DomainName, 14400, 86400, str_replace('@', '.', $this->user->getEmail()));
$DBDNSZone->farmRoleId = (int) $FarmRoleID;
$DBDNSZone->farmId = (int) $FarmID;
$DBDNSZone->clientId = $this->user->getAccountId();
$DBDNSZone->envId = $this->Environment->id;
$def_records = $this->DB->GetAll("SELECT * FROM default_records WHERE clientid=?", array($this->user->getAccountId()));
foreach ($def_records as $record) {
$record["name"] = str_replace(array("%hostname%", "%zonename%"), array("{$DomainName}.", "{$DomainName}."), $record["name"]);
$record["value"] = str_replace(array("%hostname%", "%zonename%"), array("{$DomainName}.", "{$DomainName}."), $record["value"]);
$records[] = $record;
}
$nameservers = Scalr::config('scalr.dns.global.nameservers');
foreach ($nameservers as $ns) {
$records[] = array("id" => "c" . rand(10000, 999999), "type" => "NS", "ttl" => 14400, "value" => "{$ns}.", "name" => "{$DomainName}.", "issystem" => 0);
}
$DBDNSZone->setRecords($records);
$DBDNSZone->save(true);
$response->Result = 1;
return $response;
}
public function xSaveAction()
{
$this->request->defineParams(array('domainId' => array('type' => 'int'), 'domainName', 'domainType', 'domainFarm' => array('type' => 'int'), 'domainFarmRole' => array('type' => 'int'), 'soaRefresh' => array('type' => 'int'), 'soaExpire' => array('type' => 'int'), 'soaRetry' => array('type' => 'int'), 'records' => array('type' => 'json')));
$errors = array();
// validate farmId, farmRoleId
$farmId = 0;
$farmRoleId = 0;
if ($this->getParam('domainFarm')) {
$DBFarm = DBFarm::LoadByID($this->getParam('domainFarm'));
if (!$this->user->getPermissions()->check($DBFarm)) {
$errors['domainFarm'] = _('Farm not found');
} else {
$farmId = $DBFarm->ID;
if ($this->getParam('domainFarmRole')) {
$DBFarmRole = DBFarmRole::LoadByID($this->getParam('domainFarmRole'));
if ($DBFarmRole->FarmID != $DBFarm->ID) {
$errors['domainFarmRole'] = _('Role not found');
} else {
$farmRoleId = $DBFarmRole->ID;
}
}
}
}
$domainName = trim($this->getParam('domainName'), ".");
// validate domain name
if (!$this->getParam('domainId')) {
if ($this->getParam('domainType') == 'own') {
$validator = new Scalr_Validator();
if ($validator->validateDomain($domainName) !== true) {
$errors['domainName'] = _("Invalid domain name");
} else {
$domainChunks = explode(".", $domainName);
$chkDmn = '';
while (count($domainChunks) > 0) {
$chkDmn = trim(array_pop($domainChunks) . ".{$chkDmn}", ".");
if (in_array($chkDmn, array('scalr.net', 'scalr.com', 'scalr-dns.net', 'scalr-dns.com'))) {
$errors['domainName'] = sprintf(_("You cannot use %s domain name because top level domain %s does not belong to you"), $domainName, $chkDmn);
} else {
$chkDomainId = $this->db->GetOne("SELECT id FROM dns_zones WHERE zone_name=? AND client_id != ? LIMIT 1", array($chkDmn, $this->user->getAccountId()));
if ($chkDomainId) {
if ($chkDmn == $domainName) {
$errors['domainName'] = sprintf(_("%s already exists on scalr nameservers"), $domainName);
} else {
$chkDnsZone = DBDNSZone::loadById($chkDomainId);
$access = false;
foreach (explode(";", $chkDnsZone->allowedAccounts) as $email) {
if ($email == $this->user->getEmail()) {
$access = true;
}
}
if (!$access) {
$errors['domainName'] = sprintf(_("You cannot use %s domain name because top level domain %s does not belong to you"), $domainName, $chkDmn);
}
}
}
}
}
}
} else {
$domainName = Scalr::GenerateUID() . '.' . \Scalr::config('scalr.dns.global.default_domain_name');
}
// check in DB
$rez = $this->db->GetOne("SELECT id FROM dns_zones WHERE zone_name = ? LIMIT 1", array($domainName));
if ($rez) {
$errors['domainName'] = 'Domain name already exist in database';
}
}
$records = array();
foreach ($this->getParam('records') as $key => $r) {
if (($r['name'] || $r['value']) && $r['issystem'] == 0) {
$r['name'] = str_replace(array("%hostname%", "%zonename%"), array("{$domainName}", "{$domainName}"), $r['name']);
$r['value'] = str_replace(array("%hostname%", "%zonename%"), array("{$domainName}", "{$domainName}"), $r['value']);
$records[$key] = $r;
}
}
$recordsValidation = Scalr_Net_Dns_Zone::validateRecords($records);
if ($recordsValidation !== true) {
$errors = array_merge($errors, $recordsValidation);
}
$soaOwner = $this->getParam('soaOwner');
if (!$soaOwner) {
$soaOwner = $this->user->getEmail();
}
if (count($errors) == 0) {
if ($this->getParam('domainId')) {
$DBDNSZone = DBDNSZone::loadById($this->getParam('domainId'));
$this->user->getPermissions()->validate($DBDNSZone);
$DBDNSZone->soaRefresh = $this->getParam('soaRefresh');
$DBDNSZone->soaExpire = $this->getParam('soaExpire');
$DBDNSZone->soaRetry = $this->getParam('soaRetry');
$DBDNSZone->soaOwner = str_replace('@', '.', $soaOwner);
$this->response->success("DNS zone successfully updated. It could take up to 5 minutes to update it on NS servers.");
} else {
$DBDNSZone = DBDNSZone::create($domainName, $this->getParam('soaRefresh'), $this->getParam('soaExpire'), str_replace('@', '.', $soaOwner), $this->getParam('soaRetry'));
$DBDNSZone->clientId = $this->user->getAccountId();
$DBDNSZone->envId = $this->getEnvironmentId();
$this->response->success("DNS zone successfully added to database. Please allow up to 5 minutes for it to be configured on your NS servers.");
}
if ($DBDNSZone->farmRoleId != $farmRoleId || $DBDNSZone->farmId != $farmId) {
$DBDNSZone->farmId = 0;
$DBDNSZone->updateSystemRecords();
}
$DBDNSZone->farmRoleId = $farmRoleId;
$DBDNSZone->farmId = $farmId;
$DBDNSZone->privateRootRecords = $this->getParam('privateRootRecords') == 'on' ? 1 : 0;
$DBDNSZone->setRecords($records);
$DBDNSZone->save(true);
} else {
$this->response->failure();
$this->response->data(array('errors' => $errors));
}
}
/**
* Return true if $domain is valid domain name
* @var string $domain Domain name
* @return bool
*/
function isDomain($domain)
{
return $domain == "*" || $this->validator->validateDomain($domain) === true;
}
