plugins->registerEvent('web_domain_insert', $this->plugin_name, 'ssl'); $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'ssl'); $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'ssl'); $app->plugins->registerEvent('web_domain_insert', $this->plugin_name, 'insert'); $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'update'); $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'delete'); // $app->plugins->registerEvent('proxy_reverse_insert',$this->plugin_name,'rewrite_insert'); // $app->plugins->registerEvent('proxy_reverse_update',$this->plugin_name,'rewrite_update'); // $app->plugins->registerEvent('proxy_reverse_delete',$this->plugin_name,'rewrite_delete'); } function insert($event_name, $data) { global $app, $conf; // just run the update function $this->update($event_name, $data); } function update($event_name, $data) { global $app, $conf; if($this->action != 'insert') $this->action = 'update'; if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['type'] != 'vhostalias' && $data['new']['parent_domain_id'] > 0) { $old_parent_domain_id = intval($data['old']['parent_domain_id']); $new_parent_domain_id = intval($data['new']['parent_domain_id']); // If the parent_domain_id has been chenged, we will have to update the old site as well. if($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) { $tmp = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ? AND active = 'y'", $old_parent_domain_id); $data['new'] = $tmp; $data['old'] = $tmp; $this->action = 'update'; $this->update($event_name, $data); } // This is not a vhost, so we need to update the parent record instead. $tmp = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ? AND active = 'y'", $new_parent_domain_id); $data['new'] = $tmp; $data['old'] = $tmp; $this->action = 'update'; } // load the server configuration options $app->uses('getconf'); $nginx_config = $app->getconf->get_server_config($conf['server_id'], 'web'); // Create group and user, if not exist $app->uses('system'); //* Create the vhost config file $app->load('tpl'); $tpl = new tpl(); $tpl->newTemplate('nginx_reverseproxy_vhost.conf.master'); $vhost_data = $data['new']; $vhost_data['config_dir'] = $config['nginx']['config_dir']; $vhost_data['ssl_domain'] = $data['new']['ssl_domain']; // Check if a SSL cert exists $ssl_dir = $config['nginx']['config_dir'].'/ssl'; $domain = $data['new']['ssl_domain']; $key_file = $ssl_dir.'/'.$domain.'.key'; $crt_file = $ssl_dir.'/'.$domain.'.crt'; $bundle_file = $ssl_dir.'/'.$domain.'.bundle'; $vhost_data['nginx_directives'] = preg_replace("/\[IP\]/", $vhost_data['ip_address'], $vhost_data['nginx_directives']); if($data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file)) { $vhost_data['ssl_enabled'] = 1; $app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG); } else { $vhost_data['ssl_enabled'] = 0; $app->log('Disable SSL for: '.$domain, LOGLEVEL_DEBUG); } if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1; $tpl->setVar($vhost_data); // get alias domains (co-domains and subdomains) $aliases = $app->dbmaster->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND (type != 'vhostsubdomain' OR type != 'vhostalias') AND active = 'y'", $data['new']['domain_id']); $server_alias = array(); switch($data['new']['subdomain']) { case 'www': $server_alias[] .= 'www.'.$data['new']['domain'].' '; break; case '*': $server_alias[] .= '*.'.$data['new']['domain'].' '; break; } if(is_array($aliases)) { foreach($aliases as $alias) { switch($alias['subdomain']) { case 'www': $server_alias[] .= 'www.'.$alias['domain'].' '.$alias['domain'].' '; break; case '*': $server_alias[] .= '*.'.$alias['domain'].' '.$alias['domain'].' '; break; default: $server_alias[] .= $alias['domain'].' '; break; } $app->log('Add server alias: '.$alias['domain'], LOGLEVEL_DEBUG); } } //* If we have some alias records if(count($server_alias) > 0) { $server_alias_str = ''; $n = 0; // begin a new ServerAlias line after 30 alias domains foreach($server_alias as $tmp_alias) { if($n % 30 == 0) $server_alias_str .= " "; $server_alias_str .= $tmp_alias; } unset($tmp_alias); $tpl->setVar('alias', trim($server_alias_str)); } else { $tpl->setVar('alias', ''); } $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost'); //* Make a backup copy of vhost file copy($vhost_file, $vhost_file.'~'); //* Write vhost file file_put_contents($vhost_file, $tpl->grab()); $app->log('Writing the vhost file: '.$vhost_file, LOGLEVEL_DEBUG); unset($tpl); // Set the symlink to enable the vhost $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost'); if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) { symlink($vhost_file, $vhost_symlink); $app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } // Remove the symlink, if site is inactive if($data['new']['active'] == 'n' && is_link($vhost_symlink)) { unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); } if(!is_dir('/var/log/ispconfig/nginx/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/nginx/'.$data['new']['domain']); // remove old symlink and vhost file, if domain name of the site has changed if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) { $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); unlink($vhost_file); $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG); if(is_dir('/var/log/ispconfig/nginx/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/nginx/'.$data['old']['domain']); } // request a httpd reload when all records have been processed $app->services->restartServiceDelayed('nginx', 'restart'); // Remove the backup copy of the config file. if(@is_file($vhost_file.'~')) unlink($vhost_file.'~'); //* Unset action to clean it for next processed vhost. $this->action = ''; } // Handle the creation of SSL certificates function ssl($event_name, $data) { global $app, $conf; if(!is_dir($conf['nginx']['config_dir'].'/ssl')) exec('mkdir -p '.$conf['nginx']['config_dir'].'/ssl'); $ssl_dir = $conf['nginx']['config_dir'].'/ssl'; $domain = $data['new']['ssl_domain']; $key_file = $ssl_dir.'/'.$domain.'.key.org'; $key_file2 = $ssl_dir.'/'.$domain.'.key'; $csr_file = $ssl_dir.'/'.$domain.'.csr'; $crt_file = $ssl_dir.'/'.$domain.'.crt'; //* Save a SSL certificate to disk if($data["new"]["ssl_action"] == 'save') { $web = $app->masterdb->queryOneRecord("select wd.document_root, sp.ip_address from web_domain wd INNER JOIN server_ip sp USING(server_id) WHERE domain = ?", $data['new']['domain']); $src_ssl_dir = $web["document_root"]."/ssl"; //$domain = $data["new"]["ssl_domain"]; //$csr_file = $ssl_dir.'/'.$domain.".csr"; //$crt_file = $ssl_dir.'/'.$domain.".crt"; //$bundle_file = $ssl_dir.'/'.$domain.".bundle"; $this->_exec('rsync -v -e ssh root@'.$web['ip_address'].':~/$src_ssl_dir '.$ssl_dir); $app->log('Syncing SSL Cert for: '.$domain, LOGLEVEL_DEBUG); } //* Delete a SSL certificate if($data['new']['ssl_action'] == 'del') { //$ssl_dir = $data['new']['document_root'].'/ssl'; $domain = $data['new']['ssl_domain']; $csr_file = $ssl_dir.'/'.$domain.'.csr'; $crt_file = $ssl_dir.'/'.$domain.'.crt'; $bundle_file = $ssl_dir.'/'.$domain.'.bundle'; unlink($csr_file); unlink($crt_file); unlink($bundle_file); $app->log('Deleting SSL Cert for: '.$domain, LOGLEVEL_DEBUG); } } function delete($event_name, $data) { global $app, $conf; // load the server configuration options $app->uses('getconf'); $nginx_config = $app->getconf->get_server_config($conf['server_id'], 'web'); if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') { //* This is a website // Deleting the vhost file, symlink and the data directory $vhost_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost'); unlink($vhost_symlink); $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG); $vhost_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost'); unlink($vhost_file); $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG); // Delete the log file directory $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/nginx/'.$data['old']['domain']); if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir); $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG); } } //* Wrapper for exec function for easier debugging private function _exec($command) { global $app; $app->log('exec: '.$command, LOGLEVEL_DEBUG); exec($command); } function rewrite_insert($event_name, $data) { global $app, $conf; // just run the update function $this->update($event_name, $data); } function rewrite_update($event_name, $data) { global $app, $conf; $rules = $this->_getRewriteRules($app); $app->uses('getconf'); $nginx_config = $app->getconf->get_server_config($conf['server_id'], 'web'); $app->load('tpl'); $tpl = new tpl(); $tpl->newTemplate("nginx_reverseproxy_rewrites.conf.master"); if (!empty($rules))$tpl->setLoop('nginx_rewrite_rules', $rules); $rewrites_file = escapeshellcmd($nginx_config['nginx_vhost_conf_dir'].'/default.rewrites.conf'); //* Make a backup copy of vhost file copy($rewrites_file, $rewrites_file.'~'); //* Write vhost file file_put_contents($rewrites_file, $tpl->grab()); $app->log('Writing the nginx rewrites file: '.$rewrites_file, LOGLEVEL_DEBUG); unset($tpl); // Set the symlink to enable the vhost $rewrite_symlink = escapeshellcmd($nginx_config['nginx_vhost_conf_enabled_dir'].'/default.rewrites.conf'); if(!is_link($rewrite_symlink)) { symlink($rewrites_file, $rewrite_symlink); $app->log('Creating symlink for nginx rewrites: '.$rewrite_symlink.'->'.$rewrites_file, LOGLEVEL_DEBUG); } } function rewrite_delete($event_name, $data) { global $app, $conf; // just run the update function $this->rewrite_update($event_name, $data); } function _getRewriteRules($app) { $rules = array(); $rules = $app->db->queryAllRecords("SELECT rewrite_url_src, rewrite_url_dst FROM proxy_reverse ORDER BY rewrite_id ASC"); return $rules; } } // end class ?>