HSAdmin Backend Domains, E-Mail, Datenbanken
Peter Hormanns
2017-06-21 bf2b3535b97659ff7fb6d28ff3e546ca7585a3e5
apache template
3 files modified
51 ■■■■ changed files
hsarback/src/de/hsadmin/mods/dom/Domain.java 12 ●●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java 1 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm 38 ●●●● patch | view | raw | blame | history
hsarback/src/de/hsadmin/mods/dom/Domain.java
@@ -62,6 +62,7 @@
        inverseJoinColumns={@JoinColumn(name="domain_option_id", referencedColumnName="domain_option_id")})
    private Set<DomainOption> domainoptions;
    @AnnFieldIO(validation="([a-z0-9\\-]+\\,)*[a-z0-9\\-]+|\\*", rw=ReadWriteAccess.READWRITE)
    @Column(name = "valid_subdomain_names", columnDefinition = "character varying(512)")
    private String validSubdomainNames;
    
@@ -190,4 +191,15 @@
        this.validSubdomainNames = validSubdomainNames;
    }
    public String getServeraliases() {
        String[] subs = validSubdomainNames.split(",");
        StringBuffer aliases = new StringBuffer();
        for (String sub : subs) {
            aliases.append(' ');
            aliases.append(sub.trim());
            aliases.append('.');
            aliases.append(name);
        }
        return aliases.toString();
    }
}
hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
@@ -267,6 +267,7 @@
        ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
        ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
        ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
        ifOption(templateVars, query, "letsencrypt", Boolean.TRUE, Boolean.FALSE);
        final Processor domSetupProcessor = new CompoundProcessor(
            new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.vm", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true),
            new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && "
hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
@@ -5,12 +5,12 @@
<VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80>
    ServerName ${dom.name}
    ServerAlias *.${dom.name}
    ServerAlias ${dom.serveraliases}
    ServerAdmin webmaster@${dom.name}
    SuexecUserGroup ${dom.user.name} ${pac.name}
    PassengerEnabled on
    PassengerEnabled Off
    PassengerUser ${dom.user.name}
    PassengerGroup ${pac.name}
    PassengerAppRoot /home/doms/${dom.name}/app/
@@ -19,21 +19,28 @@
    Alias /cgi-bin/ /home/doms/${dom.name}/cgi/
    Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/
#if( ${letsencrypt} )
    Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
#end
    <Directory />
        PassengerEnabled Off
        Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/${dom.name}/>
        PassengerEnabled On
        AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
    </Directory>
    <Location /cgi-bin/>
        PassengerEnabled Off
        SetHandler cgi-script
        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    <Location /fastcgi-bin/>
        PassengerEnabled Off
        SetHandler fcgid-script
        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
@@ -42,7 +49,10 @@
    RewriteOptions Inherit
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
    RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d
    RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]     
@@ -50,6 +60,9 @@
#if( !${htdocsfallback} )
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
    RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary]
    RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d
    RewriteRule ^(.*) - [redirect=404,last]
@@ -61,12 +74,12 @@
<VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443>
    ServerName ${dom.name}
    ServerAlias *.${dom.name}
    ServerAlias ${dom.serveraliases}
    ServerAdmin ${dom.user.name}@${dom.name}
    SuexecUserGroup ${dom.user.name} ${pac.name}
    
    PassengerEnabled on
    PassengerEnabled Off
    PassengerUser ${dom.user.name}
    PassengerGroup ${pac.name}
    PassengerAppRoot /home/doms/${dom.name}/app-ssl/
@@ -80,22 +93,29 @@
    Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/
    Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/
#if( ${letsencrypt} )
    Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
#end
    <Directory />
        SSLRequireSSL On
        SSLRequireSSL Off
        PassengerEnabled On
        Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
    </Directory>
    <Directory /home/doms/${dom.name}/>
        SSLRequireSSL On
        AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
    </Directory>
    <Location /cgi-bin/>
        PassengerEnabled Off
        SetHandler cgi-script
        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
    <Location /fastcgi-bin/>
        PassengerEnabled Off
        SetHandler fcgid-script
        Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
    </Location>
@@ -105,6 +125,9 @@
    
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/    
#if( ${letsencrypt} )
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
    RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
    RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d
    RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]    
@@ -112,6 +135,9 @@
#if( !${htdocsfallback} )
    RewriteCond %{REQUEST_URI} !^/cgi-bin/
    RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
    RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary]
    RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d
    RewriteRule ^(.*) - [redirect=404,last]