HSAdmin Backend Domains, E-Mail, Datenbanken
Michael Hierweck
2012-09-21 9f568eef068da175a783f96e33b18098ca99d32c
Implemented domain options: Apache vhost.
3 files modified
150 ■■■■■ changed files
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java 54 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl 54 ●●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl 42 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
@@ -125,6 +125,7 @@
            new TemplateProcessor("/de/hsadmin/mods/dom/zonefile.jtpl", templateVars, zonefileTargetPath, false);
        Processor zonefileACLProcessor = 
            new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath);
        // TODO Use templates and regenerate the file.
        Processor prizonesFileProcessor = 
            new ShellProcessor("echo 'zone \"" + domName + "\" { type master; file \"pri." + domName + "\"; };' >>/etc/bind/named.pri-zones" +
                " && sort /etc/bind/named.pri-zones | uniq >/etc/bind/named.pri-zones.tmp" +
@@ -176,8 +177,8 @@
    }
    private Processor createDNSServerRemoveProcessor(String domName) {
        // TODO Use templates and regenerate the file.
        return new ShellProcessor("grep -v '\"sec." + domName + "\"' /etc/bind/named-hsh.conf >/etc/bind/named-hsh.conf.tmp" +
    // TODO sed -e'/sec.abc.example.com/d' -i /etc/bind/named-hsh.conf
                " && mv /etc/bind/named-hsh.conf.tmp /etc/bind/named-hsh.conf" +
                " && rm /var/cache/bind/sec." + domName + 
                " && invoke-rc.d bind9 reload");
@@ -302,18 +303,53 @@
        String linkPrefix = Integer.toString(100 - level);
        String pac = dom.getUser().getPac().getName();
        Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
        query.setParameter("option", "nohtdocsfallback");
        query.setParameter("domname", dom.getName());
        List<?> result = query.getResultList();
        List<Map<String, String>> iterateMaps = new ArrayList<Map<String, String>>();
        if (!result.isEmpty()) {
            iterateMaps.add(new HashMap<String, String>());
        // TODO: This code should be cleaned up after switching to the velocity template engine.
        query.setParameter("option", "indexes");
        if (query.getResultList().isEmpty()) {
            templateVars.put("INDEXES", "+Indexes");
        } else {
            templateVars.put("INDEXES", "-Indexes");
        }
        // TODO: This code should be cleaned up after switching to the velocity template engine.
        query.setParameter("option", "includes");
        if (query.getResultList().isEmpty()) {
            templateVars.put("INCLUDES", "+IncludesNoExec");
        } else {
            templateVars.put("INCLUDES", "-Includes");
        }
        // TODO: This code should be cleaned up after switching to the velocity template engine.
        query.setParameter("option", "multiviews");
        if (query.getResultList().isEmpty()) {
            templateVars.put("MULTIVIEWS", "+MultiViews");
        } else {
            templateVars.put("MULTIVIEWS", "-MultiViews");
        }
        // TODO: This code should be cleaned up after switching to the velocity template engine.
        query.setParameter("option", "htdocsfallback");
        if (query.getResultList().isEmpty()) {
            templateVars.put("HTDOCSFALLBACKHTTP",
            "    RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
            "    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
            "    RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:80)?$ [novary]\n" +
            "    RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d\n" +
            "    RewriteRule ^(.*) - [redirect=404,last]");
            templateVars.put("HTDOCSFALLBACKHTTPS",
            "    RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
            "    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
            "    RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:443)?$ [novary]\n" +
            "    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d\n" +
            "    RewriteRule ^(.*) - [redirect=404,last]");
        } else {
            templateVars.put("HTDOCSFALLBACKHTTP", "\n");
            templateVars.put("HTDOCSFALLBACKHTTPS", "\n");
        }
        Processor domSetupProcessor = new CompoundProcessor(
            createDomainDirectoriesProcessor(dom, templateVars),
            new CreateFileProcessor(selectVHostTemplate(dom), templateVars, iterateMaps.iterator(), "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
            new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1 " +
                    "&& sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
            new CreateFileProcessor(selectVHostTemplate(dom), templateVars, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
            new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
                    " && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
                    " && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" + 
                    " || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
            new ShellProcessor(
hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl
@@ -17,40 +17,34 @@
    Alias /fastcgi-bin/ /home/doms/{DOM_HOSTNAME}/fastcgi/
    <Directory />
        Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
        Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/>
       AllowOverride AuthConfig FileInfo Indexes Limit
        AllowOverride AuthConfig FileInfo Indexes Limit
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/>
    <Location /cgi-bin/>
        SetHandler cgi-script
        Options +ExecCGI -Indexes -MultiViews
    </Directory>
        Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    <Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/>
    <Location /fastcgi-bin/>
        SetHandler fcgid-script
        Options +ExecCGI -Indexes -MultiViews
    </Directory>
        Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    RewriteEngine On
    RewriteOptions Inherit
    
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last]
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
    
<!-- BEGIN: iterate -->
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
    RewriteRule ^(.*) - [redirect=404,last]
    {HTDOCSFALLBACKHTTP}
<!-- END: iterate -->
    AddType application/x-httpd-php .php .php5 .php4 .php3
    Action application/x-httpd-php /fastcgi-bin/phpstub
@@ -77,7 +71,7 @@
    <Directory />
        SSLRequireSSL On
        Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
        Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/>
@@ -86,31 +80,25 @@
    <Location /cgi-bin/>
        SetHandler cgi-script
        Options +ExecCGI -Indexes -MultiViews
        Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    <Location /fastcgi-bin/>
        SetHandler fcgid-script
        Options +ExecCGI -Indexes -MultiViews
        Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    
    RewriteEngine On
    RewriteOptions Inherit
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
    
<!-- BEGIN: nosubdomainfallbackforhttps -->
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
    RewriteRule ^(.*) - [redirect=404,last]
<!-- END: nosubdomainfallbackforhttps -->
    {HTDOCSFALLBACKHTTPS}
    AddType application/x-httpd-php .php .php5 .php4 .php3
    Action application/x-httpd-php /fastcgi-bin/phpstub
hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl
@@ -14,33 +14,32 @@
    DocumentRoot /home/doms/{DOM_HOSTNAME}/htdocs
    <Directory />
        Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
        Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/>
       AllowOverride AuthConfig FileInfo Indexes Limit
        AllowOverride AuthConfig FileInfo Indexes Limit
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/>
    <Location /cgi-bin/>
        Redirect 501 /
    </Directory>
    </Location>
    <Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/>
    <Location /fastcgi-bin/>
        Redirect 501 /
    </Directory>
    </Location>
    RewriteEngine On
    RewriteOptions Inherit
    
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last]
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
    
<!-- BEGIN: iterate -->    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
    RewriteRule ^(.*) - [redirect=404,last]
<!-- END: iterate -->
    {HTDOCSFALLBACKHTTP}
</VirtualHost>
<VirtualHost {DOM_IPNUMBER}:443 {DOM_IPNUMBEREX}:443>
@@ -61,7 +60,7 @@
    <Directory />
        SSLRequireSSL On
        Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
        Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/{DOM_HOSTNAME}/>
@@ -74,19 +73,18 @@
    <Location /fastcgi-bin/>
        Redirect 501 /
    </Location>
    </Location>
    
    RewriteEngine On
    RewriteOptions Inherit
    
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
    RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: nosubdomainfallbackforhttps -->    RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
    RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
    RewriteRule ^(.*) - [redirect=404,last]
    
<!-- END: nosubdomainfallbackforhttps -->
    {HTDOCSFALLBACKHTTPS}
</VirtualHost>
<!-- END: main -->