diff --git a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java index 4d2d023..7d81a72 100644 --- a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java +++ b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java @@ -13,6 +13,7 @@ import de.hsadmin.core.qserv.CompoundProcessor; import de.hsadmin.core.qserv.CopyFileProcessor; import de.hsadmin.core.qserv.CreateFileProcessor; import de.hsadmin.core.qserv.EntityProcessorFactory; +import de.hsadmin.core.qserv.NullProcessor; import de.hsadmin.core.qserv.Processor; import de.hsadmin.core.qserv.ProcessorException; import de.hsadmin.core.qserv.ShellProcessor; @@ -47,30 +48,33 @@ public class DomainProcessorFactory implements EntityProcessorFactory { mainProcessor.appendProcessor(hiveName, createDomainDirectoriesProcessor(dom), "Setup Domain Directories"); mainProcessor.appendProcessor(hiveName, createApacheVHostSetupProcessor(em, dom), "Setup Apache VHost"); mainProcessor.appendProcessor(hiveName, createACMEBotProcessor(em, dom), "Setup ACMEBot"); + mainProcessor.appendProcessor(hiveName, createTriggerAcmebotProcessor(em, dom), "Trigger ACMEBot"); return mainProcessor; } - public Processor createUpdateProcessor(EntityManager em, T entity) throws ProcessorException { - Domain dom = (Domain) entity; - UnixUser domUser = dom.getUser(); - Pac pac = domUser.getPac(); + public Processor createUpdateProcessor(final EntityManager em, final T entity) throws ProcessorException { + final Domain dom = (Domain) entity; + final UnixUser domUser = dom.getUser(); + final Pac pac = domUser.getPac(); final Processor apacheVHostSetupProcessor = createApacheVHostSetupProcessor(em, dom); - final Processor letencryptSetupProcessor = createACMEBotProcessor(em, dom); - WaitingTasksProcessor processor = new WaitingTasksProcessor(new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor)); - Config config = Config.getInstance(); + final Processor letencryptSetupProcessor = createACMEBotProcessor(em, dom); + final Processor triggerAcmebotProcessor = createTriggerAcmebotProcessor(em, dom); + final WaitingTasksProcessor processor = new WaitingTasksProcessor( + new CompoundProcessor(apacheVHostSetupProcessor, letencryptSetupProcessor, triggerAcmebotProcessor)); + final Config config = Config.getInstance(); for (String queueName : config.getProperty("queues.mail").split(",")) { processor.appendProcessor(queueName, createMailinSetupProcessor(em, dom, pac), queueName + ".hostsharing.net"); } return processor; } - public Processor createDeleteProcessor(EntityManager em, T entity) throws ProcessorException { - Domain dom = (Domain) entity; - String domName = dom.getName(); - WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor( + public Processor createDeleteProcessor(final EntityManager em, final T entity) throws ProcessorException { + final Domain dom = (Domain) entity; + final String domName = dom.getName(); + final WaitingTasksProcessor mainProcessor = new WaitingTasksProcessor( createHiveDNSRemoveProcessor(domName) ); - Config config = Config.getInstance(); + final Config config = Config.getInstance(); for (String queueName : config.getProperty("queues.dns").split(",")) { mainProcessor.appendProcessor(queueName, createDNSServerConfigProcessor(em), queueName + ".hostsharing.net"); } @@ -83,8 +87,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private Processor createDNSServerConfigProcessor(EntityManager em) { - Query query = em.createQuery("SELECT d FROM Domains d"); - HashMap templateVars = new HashMap(); + final Query query = em.createQuery("SELECT d FROM Domains d"); + final HashMap templateVars = new HashMap(); templateVars.put("domains", query.getResultList()); return new CompoundProcessor( new VelocityProcessor("/de/hsadmin/mods/dom/named-hsh-conf.vm", @@ -95,25 +99,25 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private Processor createHiveDNSSetupProcessor(EntityManager em, Domain dom) throws ProcessorException { - Map templateVars = new HashMap(); - templateVars.put("sio", Long.toString(System.currentTimeMillis()/1000L)); - String domName = dom.getName(); - String zonefileTargetPath = "/etc/bind/pri." + domName; - Processor zonefileTemplateProcessor = - new VelocityProcessor("/de/hsadmin/mods/dom/zonefile.vm", templateVars, dom, zonefileTargetPath, false); - Processor zonefileACLProcessor = + final Map zonefileTemplateVars = new HashMap(); + zonefileTemplateVars.put("sio", Long.toString(System.currentTimeMillis()/1000L)); + final String domName = dom.getName(); + final String zonefileTargetPath = "/etc/bind/pri." + domName; + final Processor zonefileTemplateProcessor = + new VelocityProcessor("/de/hsadmin/mods/dom/zonefile.vm", zonefileTemplateVars, dom, zonefileTargetPath, false); + final Processor zonefileACLProcessor = new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath); - Query query = em.createQuery("SELECT d FROM Domains d WHERE d.user.pac.hive.name = :hivename"); + final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.user.pac.hive.name = :hivename"); query.setParameter("hivename", dom.getUser().getHiveName()); - templateVars = new HashMap(); - templateVars.put("domains", query.getResultList()); - Processor prizonesFileProcessor = new CompoundProcessor( + final Map namedZonesTemplateVars = new HashMap(); + namedZonesTemplateVars.put("domains", query.getResultList()); + final Processor prizonesFileProcessor = new CompoundProcessor( new VelocityProcessor("/de/hsadmin/mods/dom/named-pri-zones.vm", - templateVars, dom, "/etc/bind/named.pri-zones.tmp", true), + namedZonesTemplateVars, dom, "/etc/bind/named.pri-zones.tmp", true), new ShellProcessor(" ( diff -q /etc/bind/named.pri-zones.tmp /etc/bind/named.pri-zones && rm /etc/bind/named.pri-zones.tmp ) " + "|| ( mv /etc/bind/named.pri-zones.tmp /etc/bind/named.pri-zones && invoke-rc.d bind9 reload )") ); - Processor dnsSetupProcessor = + final Processor dnsSetupProcessor = new CompoundProcessor(zonefileTemplateProcessor, zonefileACLProcessor, prizonesFileProcessor); return dnsSetupProcessor; } @@ -126,28 +130,28 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private CompoundProcessor createHiveEMailSetupProcessor(EntityManager em, Domain dom) { - EMailAddressProcessorFactory eMailAddressProcessorFactory = new EMailAddressProcessorFactory(); - CompoundProcessor emailAdrProcessor = new CompoundProcessor(); - Query query = em.createQuery( + final EMailAddressProcessorFactory eMailAddressProcessorFactory = new EMailAddressProcessorFactory(); + final CompoundProcessor emailAdrProcessor = new CompoundProcessor(); + final Query query = em.createQuery( "SELECT adr FROM " + EMailAddress.class.getAnnotation(javax.persistence.Entity.class).name() + " adr " + "WHERE adr.domain.name='" + dom.getName() + "'"); - List resultList = query.getResultList(); - for (Object obj : resultList) { - EMailAddress eMailAddress = (EMailAddress) obj; + final List resultList = query.getResultList(); + for (final Object obj : resultList) { + final EMailAddress eMailAddress = (EMailAddress) obj; emailAdrProcessor.appendProcessor(eMailAddressProcessorFactory.createCreateProcessor(em, eMailAddress)); } return emailAdrProcessor; } private Processor createMailinSetupProcessor(EntityManager em, Domain dom, Pac pac) throws ProcessorException { - String inetAddr = pac.getCurINetAddr().getInetAddr(); - CompoundProcessor cp = new CompoundProcessor( + final String inetAddr = pac.getCurINetAddr().getInetAddr(); + final CompoundProcessor cp = new CompoundProcessor( createPostgreyConfiguration(em), new ShellProcessor("postmap -r -i /etc/postfix-mailin/relaydomains", dom.getName() + " anything\n" + "." + dom.getName() + " anything\n")); - Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname"); + final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname"); query.setParameter("domname", dom.getName()); query.setParameter("option", "backupmxforexternalmx"); if (query.getResultList().isEmpty()) { @@ -167,19 +171,19 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private Processor createPostgreyConfiguration(EntityManager em) throws ProcessorException { - List whitelistDoms = new ArrayList(); - Query query = em.createQuery("SELECT DISTINCT dom FROM Domains dom WHERE NOT EXISTS " + + final List whitelistDoms = new ArrayList(); + final Query query = em.createQuery("SELECT DISTINCT dom FROM Domains dom WHERE NOT EXISTS " + "( SELECT postgreyDom FROM Domains postgreyDom " + " WHERE postgreyDom.domainoptions.name = :option" + " AND postgreyDom.name = dom.name )"); query.setParameter("option", "greylisting"); - List result = query.getResultList(); + final List result = query.getResultList(); for (Object dom : result) { if (dom instanceof Domain) { whitelistDoms.add((Domain) dom); } } - HashMap templateVars = new HashMap(); + final HashMap templateVars = new HashMap(); templateVars.put("whitelist", whitelistDoms); return new CompoundProcessor( new VelocityProcessor("/de/hsadmin/mods/dom/postgrey-whitelist-recipients.vm", @@ -201,15 +205,15 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private CompoundProcessor createDomainDirectoriesProcessor(Domain dom) throws ProcessorException { - Map templateVars = new HashMap(); - UnixUser domUser = dom.getUser(); - String domName = dom.getName(); - Pac pac = domUser.getPac(); - String pacName = pac.getName(); - String homeDir = domUser.getHomedir(); - String domsDir = homeDir + "/doms"; - String userName = domUser.getName(); - String domainDir = domsDir + "/" + dom.getName(); + final Map templateVars = new HashMap(); + final UnixUser domUser = dom.getUser(); + final String domName = dom.getName(); + final Pac pac = domUser.getPac(); + final String pacName = pac.getName(); + final String homeDir = domUser.getHomedir(); + final String domsDir = homeDir + "/doms"; + final String userName = domUser.getName(); + final String domainDir = domsDir + "/" + dom.getName(); String httpdRights = ""; if (pacName != userName) { httpdRights = @@ -308,24 +312,43 @@ public class DomainProcessorFactory implements EntityProcessorFactory { } private Processor createApacheVHostDeleteProcessor(Domain dom) { - String domName = dom.getName(); - int level = domName.split("\\.").length; - String linkPrefix = Integer.toString(100 - level); - Processor vhostDelProcessor = + final String domName = dom.getName(); + final int level = domName.split("\\.").length; + final String linkPrefix = Integer.toString(100 - level); + final Processor vhostDelProcessor = new ShellProcessor("rm -f /home/doms/" + domName + " && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName + " && rm -f /etc/apache2/sites-available/" + domName + " && rm -f /etc/apache2/pems-enabled/" + domName + ".crt" + " && rm -f /etc/apache2/pems-enabled/" + domName + ".key" + " && rm -f /etc/apache2/pems-enabled/" + domName + ".chain" + - " && rm -f /etc/apache2/pems-generated/_." + domName + ".crt" + - " && rm -f /etc/apache2/pems-generated/_." + domName + ".key" + - " && rm -f /etc/apache2/pems-generated/_." + domName + ".chain" + + " && rm -f /etc/apache2/pems-generated/" + domName + ".crt" + + " && rm -f /etc/apache2/pems-generated/" + domName + ".key" + + " && rm -f /etc/apache2/pems-generated/" + domName + ".chain" + " && rm -rf " + dom.getUser().getHomedir() + "/doms/" + domName + " && invoke-rc.d apache2 reload >/dev/null 2>&1"); return vhostDelProcessor; } + private Processor createTriggerAcmebotProcessor(final EntityManager em, final Domain dom) { + final String domName = dom.getName(); + final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname"); + query.setParameter("domname", domName); + query.setParameter("option", "letsencrypt"); + if (query.getResultList().isEmpty()) { + return new NullProcessor(); + } else { + return new ShellProcessor( + "rm -f /etc/apache2/pems-enabled/" + domName + ".crt" + + " && rm -f /etc/apache2/pems-enabled/" + domName + ".key" + + " && rm -f /etc/apache2/pems-enabled/" + domName + ".chain" + + " && ln -s /etc/apache2/pems-generated/" + domName + ".key /etc/apache2/pems-enabled/" + domName + ".key" + + " && ln -s /etc/apache2/pems-generated/" + domName + ".crt /etc/apache2/pems-enabled/" + domName + ".crt" + + " && ln -s /etc/apache2/pems-generated/" + domName + ".chain /etc/apache2/pems-enabled/" + domName + ".chain" + + " && sudo -u acmebot /usr/sbin/acmebot -d " + domName); + } + } + private Processor createACMEBotProcessor(final EntityManager em, final Domain dom) throws ProcessorException { final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.user.pac.hive.name = :hivename"); final String hiveName = dom.getHiveName();