From 527f2a5869706b3e5429666b857437a4e1e8ce1d Mon Sep 17 00:00:00 2001 From: Michael Hierweck Date: Thu, 20 Sep 2012 14:41:28 +0200 Subject: [PATCH 1/5] Some configuration files are managed by HSAdmin and therefore shoudn't be changed. Warning: This file is managed by HSAdmin. Do not edit manually. Changes will be overwritten. --- .../hsadmin/mods/dom/httpd-vhost-dynamic.jtpl | 19 ++++++++++++------- .../hsadmin/mods/dom/httpd-vhost-static.jtpl | 12 ++++++++---- .../dom/postgrey-whitelist-recipients.jtpl | 8 +++++--- hsarback/src/de/hsadmin/mods/pac/hosts.jtpl | 7 ++++++- .../src/de/hsadmin/mods/pac/interfaces.jtpl | 7 ++++++- .../src/de/hsadmin/mods/pac/proftpd-conf.jtpl | 9 ++++++--- hsarback/src/de/hsadmin/mods/pac/sudoers.jtpl | 8 +++++--- 7 files changed, 48 insertions(+), 22 deletions(-) diff --git a/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl b/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl index 3598247..7ff5764 100644 --- a/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl +++ b/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-dynamic.jtpl @@ -1,4 +1,9 @@ - +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# + + ServerName {DOM_HOSTNAME} ServerAlias *.{DOM_HOSTNAME} @@ -37,8 +42,8 @@ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last] - - RewriteCond %{REQUEST_URI} !^/cgi-bin/ + + RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d @@ -95,14 +100,14 @@ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last] - - RewriteCond %{REQUEST_URI} !^/cgi-bin/ + + RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d RewriteRule ^(.*) - [redirect=404,last] - - AddType application/x-httpd-php .php .php5 .php4 .php3 + + AddType application/x-httpd-php .php .php5 .php4 .php3 Action application/x-httpd-php /fastcgi-bin/phpstub diff --git a/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl b/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl index c6982a4..0f0cc6e 100644 --- a/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl +++ b/hsarback/src/de/hsadmin/mods/dom/httpd-vhost-static.jtpl @@ -1,4 +1,9 @@ - +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# + + ServerName {DOM_HOSTNAME} ServerAlias *.{DOM_HOSTNAME} @@ -30,7 +35,6 @@ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last] - RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d RewriteRule ^(.*) - [redirect=404,last] @@ -80,6 +84,6 @@ RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary] RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d RewriteRule ^(.*) - [redirect=404,last] - - + + \ No newline at end of file diff --git a/hsarback/src/de/hsadmin/mods/dom/postgrey-whitelist-recipients.jtpl b/hsarback/src/de/hsadmin/mods/dom/postgrey-whitelist-recipients.jtpl index e787e1c..d948b97 100644 --- a/hsarback/src/de/hsadmin/mods/dom/postgrey-whitelist-recipients.jtpl +++ b/hsarback/src/de/hsadmin/mods/dom/postgrey-whitelist-recipients.jtpl @@ -1,10 +1,12 @@ -### Do not edit this file manually -### Generated by HSAdmin Queue Server +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# abuse@ postmaster@ -################################################################################ +#################################################### {DOM} diff --git a/hsarback/src/de/hsadmin/mods/pac/hosts.jtpl b/hsarback/src/de/hsadmin/mods/pac/hosts.jtpl index 3e296da..40f7ee2 100644 --- a/hsarback/src/de/hsadmin/mods/pac/hosts.jtpl +++ b/hsarback/src/de/hsadmin/mods/pac/hosts.jtpl @@ -1,4 +1,9 @@ -127.0.0.1 localhost +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# + +127.0.0.1 localhost ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet diff --git a/hsarback/src/de/hsadmin/mods/pac/interfaces.jtpl b/hsarback/src/de/hsadmin/mods/pac/interfaces.jtpl index 80aafea..8a3810c 100644 --- a/hsarback/src/de/hsadmin/mods/pac/interfaces.jtpl +++ b/hsarback/src/de/hsadmin/mods/pac/interfaces.jtpl @@ -1,4 +1,9 @@ -auto lo +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# + +auto lo iface lo inet loopback auto eth0 diff --git a/hsarback/src/de/hsadmin/mods/pac/proftpd-conf.jtpl b/hsarback/src/de/hsadmin/mods/pac/proftpd-conf.jtpl index 608493e..b52113e 100644 --- a/hsarback/src/de/hsadmin/mods/pac/proftpd-conf.jtpl +++ b/hsarback/src/de/hsadmin/mods/pac/proftpd-conf.jtpl @@ -1,4 +1,7 @@ -# This proftpd config file is generated by hsadmin. +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# Include /etc/proftpd/modules.conf @@ -56,8 +59,8 @@ PassivePorts 60000 65534 -#---------------------------------------------------------------------- -# {PAC}.hostsharing.net +#################################################### + DefaultRoot ~ {PAC} ServerName "Hostsharing eG" diff --git a/hsarback/src/de/hsadmin/mods/pac/sudoers.jtpl b/hsarback/src/de/hsadmin/mods/pac/sudoers.jtpl index 89bf1a2..86600f0 100644 --- a/hsarback/src/de/hsadmin/mods/pac/sudoers.jtpl +++ b/hsarback/src/de/hsadmin/mods/pac/sudoers.jtpl @@ -1,5 +1,7 @@ -### Do not edit this file manually -### Generated by HSAdmin Queue Server +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# # Host alias specification @@ -18,7 +20,7 @@ Defaults listpw=all # siehe sudoers(5) root ALL=(ALL) ALL %adm ALL=NOPASSWD: ALL -################################################################################ +#################################################### {PAC} ALL = (%{PAC}) NOPASSWD: ALL From a16c082ba1b4dbc5a2251313b184bcc183cddcbb Mon Sep 17 00:00:00 2001 From: Michael Hierweck Date: Thu, 20 Sep 2012 14:44:35 +0200 Subject: [PATCH 2/5] Removed obsolete template for welcome message (email) to new pac admins. --- .../mods/pac/email_new_pac_account.jtpl | 71 ------------------- 1 file changed, 71 deletions(-) delete mode 100644 hsarback/src/de/hsadmin/mods/pac/email_new_pac_account.jtpl diff --git a/hsarback/src/de/hsadmin/mods/pac/email_new_pac_account.jtpl b/hsarback/src/de/hsadmin/mods/pac/email_new_pac_account.jtpl deleted file mode 100644 index 3d8396f..0000000 --- a/hsarback/src/de/hsadmin/mods/pac/email_new_pac_account.jtpl +++ /dev/null @@ -1,71 +0,0 @@ -Das neue Hostsharing Paket {PAC} ist eingerichtet. -Die Zugangsdaten sind: - - Hostname (HTTP, FTP, SSH, POP3, IMAP): {PAC}.hostsharing.net - Benutzernamen (Paket-Admin-Account): {PAC} - Passwort: {PASSWORD} - -Wir bitten zu beruecksichtigen, dass man mit diesem Passwort sehr viel -Macht ueber das Paket hat. Bitte daher die u.g. Sicherheitshinweise -beachten und den Paketadmin-Account {PAC} nicht mit unsicheren -(unverschluesselten) Protokollen wie POP3 oder FTP ohne TLS verwenden! - -E-Mail-Benachrichtigungen fuer den Paket-Admin gehen direkt an den -o.g. Account. Ueber den E-Mail-Alias {PAC} koennen diese E-Mails -an externe E-Mail-Adressen weitergeleitet werden. Initial ist -eine Weiterleitung an {CUST_EMAIL} eingetragen. - -Wir empfehlen, Domains nicht unter dem Paketadmin {PAC} sondern z.B. -unter einem User "{PAC}-doms" anzulegen, um die Paket- und Domain- -Verwaltung zu trennen. Dies gilt insbesondere, wenn die Domain-Inhalte -per FTP gepflegt werden sollen. - -Weitere Accounts (neben dem Paketadmin-Account {PAC}) koennen nach einem -Login per SSH mit dem Kommandozeilen-Programm hsadmin eingerichtet -oder mit dem Web-Client unter http://admin.hostsharing.net -Dokumentation finden Sie unter: - - - -Der Webspace des Paketes ist theoretisch ab sofort unter - erreichbar, allerdings kann es durch -DNS-Caches Verzoegerungen geben. Das DocumentRoot ist - ~{PAC}/doms/{PAC}.hostsharing.net/htdocs/ -In SW Paketen darf diese Domain nur fuer administrative Zwecke verwendet -werden. - -Die vorgenannte Paket-Domain ist zum Testen und Ausprobieren gedacht. -Das Verfahren zum Bestellen weiterer Domains ist auf unserer Website unter -https://wiki.hostsharing.net/index.php?title=Domains -beschrieben. - -Bei evtl. auftretenden Problemen mit dem Server bitte zunaechst auf -unserer Status-Website nachsehen, -insbesondere auch auf der dortigen Seite "Aktionen", ob die Hostmaster -bereits aktiv sind. Falls nicht, koennen die Hostmaster bei dringenden -Problemen ueber die Rufnummer +49 40 209331331 erreicht werden. -Bitte ggf. lange klingeln lassen, aber nicht mehr anrufen, -wenn die Hostmaster laut Status-Seite "Aktionen" bereits dabei sind, -das Problem zu beheben, da dies die Arbeiten dann nur verzoegern wuerde. -Auch ist diese Rufnummer keine Support-Rufnummer, telefonische -Support-Anfragen koennen grundsaetzlich nicht beantwortet werden. - -Weitere Fragen beantworten wir gerne per E-Mail, am liebsten auf der -passenden oeffentlichen Mailingliste (in den meisten Faellen wohl -support@). Einen Ueberblick ueber unsere Mailinglisten bietet die Website: -https://www.hostsharing.net/gemeinschaft - -Viel Erfolg mit dem neuen Paket bei Hostsharing! - - die Hostsharing Hostmaster - -P.S. Diese E-Mail wurde automatisch erstellt und ist daher allgemein -formuliert. - --- -Hostsharing Service | http://www.hostsharing.net -Telefon: +49 40 209331311 | Fax: +49 40 209331312 -Hostsharing eG | Glockengiesserwall 17 | D-20095 Hamburg -Registergericht Hamburg, GnR 1007 | USt.-ID-Nr.: DE218602793 -vertretungsberechtigter Vorstand: Michael Hierweck, Uwe Mueller - \ No newline at end of file From fea9a5a083215f48f7e94eaabc3a005a08ee93cb Mon Sep 17 00:00:00 2001 From: Michael Hierweck Date: Thu, 20 Sep 2012 15:24:04 +0200 Subject: [PATCH 3/5] Add template file for default virtual host configuration. (refs: #111) --- .../de/hsadmin/mods/pac/httpd-virtual.jtpl | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl diff --git a/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl b/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl new file mode 100644 index 0000000..9dba391 --- /dev/null +++ b/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl @@ -0,0 +1,28 @@ +# +# This file is managed by HSAdmin. +# Do not edit manually. Changes will be overwritten. +# + +NameVirtualHost {PAC_IPNUMBER}:80 +NameVirtualHost {PAC_IPNUMBER_EX}:80 +NameVirtualHost {PAC_IPNUMBER}:443 +NameVirtualHost {PAC_IPNUMBER_EX}:443 + + + + Redirect 404 / + + + + + + SSLEngine On + SSLCertificateFile /etc/apache2/pems/default.pem + SSLCertificateChainFile /etc/apache2/pems/default.chain.pem + SSLCertificateFile /etc/apache2/pems/{PAC}.pem + SSLCertificateChainFile /etc/apache2/pems/{PAC}.chain.pem + + Redirect 404 / + + + \ No newline at end of file From fba68a65ee50a76493f49c95826c5a373b4ced7f Mon Sep 17 00:00:00 2001 From: Purodha Blissenbach Date: Thu, 20 Sep 2012 17:09:51 +0200 Subject: [PATCH 4/5] Tests added for domain options: Nogreylisting, Nohtdocsfallback --- .../test/de/hsadmin/remote/DomainTest.java | 117 ++++++++++++++++++ 1 file changed, 117 insertions(+) diff --git a/hsarback/test/de/hsadmin/remote/DomainTest.java b/hsarback/test/de/hsadmin/remote/DomainTest.java index f72e591..c84540b 100644 --- a/hsarback/test/de/hsadmin/remote/DomainTest.java +++ b/hsarback/test/de/hsadmin/remote/DomainTest.java @@ -6,6 +6,13 @@ import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.io.PrintWriter; +import java.net.Socket; +import java.net.UnknownHostException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -122,6 +129,7 @@ public class DomainTest { @Test public void testDomainOption() { // these tests build upon each other + testZeroOptions(); testOneValidOption(); testTwoValidOptions(); testZeroOptions(); @@ -212,6 +220,68 @@ public class DomainTest { } } + @Test + public void testNogreylisting() throws UnknownHostException, IOException { + testNogreylistingOnOff(true, "Nogreylisting zuerst an"); + testNogreylistingOnOff(false, "Nogreylisting als zweites aus"); + testNogreylistingOnOff(true, "Nogreylisting zuletzt wieder an"); + } + + public void testNogreylistingOnOff(boolean onoff, String message) throws UnknownHostException, IOException { + String user = "aaa00"; + String domain = "example01.org"; + String grantingTicketURL = cas.getGrantingTicketURL(user); + Map setParams = new HashMap(); + Map whereParams = new HashMap(); + List optionslist = new ArrayList(); + if(onoff) { + optionslist.add("nogreylisting"); + } + setParams.put("domainoptions", optionslist); + whereParams.put("name", domain); + Object[] params = new Object[] { user, + cas.getServiceTicket(grantingTicketURL, RemoteTestHelper.getBackendURL()), + setParams, whereParams }; + try { + Object execute = client.execute(MODULE + ".update", params); + assertNotNull(execute); + assertEquals(message, onoff, getNogreylisting(domain)); + } catch (XmlRpcException e) { + } + } + + @Test + public void testNohtdocsfallback() throws UnknownHostException, IOException { + testNohtdocsfallbackOnOff(false, "Nothdocsfallback zuerst aus"); + testNohtdocsfallbackOnOff(true, "Nothdocsfallback als zweites an"); + testNohtdocsfallbackOnOff(false, "Nothdocsfallback zuletzt wieder aus"); + } + + @Test + public void testNohtdocsfallbackOnOff( boolean onoff, String message) throws UnknownHostException, IOException { + String user = "aaa00"; + String domain = "example01.org"; + String grantingTicketURL = cas.getGrantingTicketURL(user); + Map setParams = new HashMap(); + Map whereParams = new HashMap(); + List optionslist = new ArrayList(); + if(onoff) { + optionslist.add("nohtdocsfallback"); + } + setParams.put("domainoptions", optionslist); + whereParams.put("name", domain); + Object[] params = new Object[] { user, + cas.getServiceTicket(grantingTicketURL, RemoteTestHelper.getBackendURL()), + setParams, whereParams }; + try { + Object execute = client.execute(MODULE + ".update", params); + assertNotNull(execute); + assertEquals(message, onoff, getNohtdocsfallback(domain)); + } catch (XmlRpcException e) { + } + } + + private int getDomsCount() { int count = 0; String user = "aaa00"; @@ -258,4 +328,51 @@ public class DomainTest { return count; } + private boolean getNogreylisting(String domain) throws UnknownHostException, IOException { + String host = "test-h99.hostsharing.net"; + String answer = socketQuery( host, 25, + "HELO " + domain + "\n" + + "MAIl FROM: hsadmin-testing@" + domain + "\n" + + "RCPT TO: postmaster@" + domain + "\n" + + "DATA\n" + + ".\n") ; + return answer.contains("450") && answer.contains("reylisting"); + } + + private boolean getNohtdocsfallback(String domain) throws UnknownHostException, IOException { + String host = "test-h99.hostsharing.net"; + String answer = socketQuery( host, 80, + "GET / HTTP/1.1\n" + + "Host: x.y.z." + domain + + "User-Agent: hsAdmin Test\n" + + "Connection: close\n"); + answer = answer.substring(0, answer.indexOf("\n")); + return answer.contains("404"); + } + + private String socketQuery( String host, int port, String query) throws UnknownHostException, IOException{ + Socket socket = new Socket( host, port ); + socketQueryWriter( socket, query ); + return socketQueryReader(socket); + } + + private void socketQueryWriter( Socket socket, String buffer) throws IOException{ + PrintWriter printWriter = + new PrintWriter( + new OutputStreamWriter( + socket.getOutputStream())); + printWriter.print(buffer); + printWriter.flush(); + } + + private String socketQueryReader( Socket socket ) throws IOException{ + int maxbufferbytecount = 4099; + BufferedReader bufferedReader = + new BufferedReader( + new InputStreamReader( + socket.getInputStream())); + char[] buffer = new char[maxbufferbytecount]; + int bufferbytecount = bufferedReader.read(buffer, 0, maxbufferbytecount); // blocks til end of transmission + return new String(buffer, 0, bufferbytecount); + } } From 9a219290a4b5a81fb2e7e24ba83980606caf3a89 Mon Sep 17 00:00:00 2001 From: Michael Hierweck Date: Thu, 20 Sep 2012 17:12:52 +0200 Subject: [PATCH 5/5] (Re)generate /etc/apache2/virtual.conf on pac.add and pac.delete. --- .../mods/dom/DomainProcessorFactory.java | 10 ++++----- .../hsadmin/mods/pac/PacProcessorFactory.java | 21 +++++++++++++++++-- .../de/hsadmin/mods/pac/httpd-virtual.jtpl | 12 +++++------ 3 files changed, 30 insertions(+), 13 deletions(-) diff --git a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java index 5214daa..58e1bef 100644 --- a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java +++ b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java @@ -313,15 +313,15 @@ public class DomainProcessorFactory implements EntityProcessorFactory { createDomainDirectoriesProcessor(dom, templateVars), new CreateFileProcessor(selectVHostTemplate(dom), templateVars, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true), new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1 " + - "&& sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" + - " && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ")" + + " && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" + + " && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp)" + " || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"), new ShellProcessor( - " ( diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " + - " || ( mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + + " (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " + + " || (mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName + " && ln -sf /etc/apache2/sites-available/" + domName + " /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName + - " && invoke-rc.d apache2 reload >/dev/null 2>&1 ) ") + " && invoke-rc.d apache2 reload >/dev/null 2>&1)") ); return domSetupProcessor; } diff --git a/hsarback/src/de/hsadmin/mods/pac/PacProcessorFactory.java b/hsarback/src/de/hsadmin/mods/pac/PacProcessorFactory.java index 9ded029..d729873 100644 --- a/hsarback/src/de/hsadmin/mods/pac/PacProcessorFactory.java +++ b/hsarback/src/de/hsadmin/mods/pac/PacProcessorFactory.java @@ -16,6 +16,7 @@ import de.hsadmin.core.qserv.Processor; import de.hsadmin.core.qserv.ProcessorException; import de.hsadmin.core.qserv.ShellProcessor; import de.hsadmin.core.qserv.TemplateProcessor; +import de.hsadmin.core.qserv.CreateFileProcessor; import de.hsadmin.core.qserv.WaitingTasksProcessor; import de.hsadmin.core.util.Config; import de.hsadmin.core.util.PasswordTool; @@ -44,12 +45,27 @@ public class PacProcessorFactory implements EntityProcessorFactory { createSudouersProc(hiveValues, pacValuesList), createProftpdConfProc(hiveValues, pacValuesList), createMakePacDirectoryStructure(unixUser), - createIfUp(pacName)); + createIfUp(pacName), + createHttpdVirtualProc(pacName, pacValuesList)); WaitingTasksProcessor secProcessor = new WaitingTasksProcessor(priProcessor); // secProcessor.appendProcessor(pac.getHiveName(), createSendEMailProc(pacName, customerEMail, emailVars), "send email to customer"); return secProcessor; } + private Processor createHttpdVirtualProc( + String pacName, List> pacValuesList) throws ProcessorException { + Processor domSetupProcessor = new CompoundProcessor( + new CreateFileProcessor("/de/hsadmin/mods/pac/httpd-virtual.jtpl", new HashMap(), pacValuesList.iterator(), "/etc/apache2/virtual.conf.tmp", "root", "root", "644", true), + new ShellProcessor("ls /etc/apache2/pems/" + pacName + ".pem >/dev/null 2>&1 " + "&& sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/apache.conf.tmp" + + " && (ls /etc/apache2/pems/" + pacName + ".chain.pem >/dev/null 2>&1" + + " || sed -i '/SSLCertificateChain.*" + pacName + "/d' "/etc/apache2/virtual.conf.tmp)" + + " || sed -i '/SSLCertificate.*" + pacName"/d' " + "/etc/apache2/virtual.conf.tmp"), + new ShellProcessor("(diff -q /etc/apache2/apache.conf.tmp /etc/apache2/apache.conf" + + " && rm /etc/apache2/apache.conf.tmp)" + + " || invoke-rc.d apache2 reload >/dev/null 2>&1")); + return domSetupProcessor; + } + @Override public Processor createUpdateProcessor(EntityManager em, T entity) throws ProcessorException { @@ -68,7 +84,8 @@ public class PacProcessorFactory implements EntityProcessorFactory { createEtcHostsProc(hiveValues, pacValuesList), createNetworkInterfacesProc(hiveValues, pacValuesList), createSudouersProc(hiveValues, pacValuesList), - createProftpdConfProc(hiveValues, pacValuesList))); + createProftpdConfProc(hiveValues, pacValuesList), + createHttpdVirtualProc(pac.getName(), pacValuesList))); waitingProcessor.appendProcessor(pac.getHiveName(), createDelUserProc(pac.getName()), "remove packet"); return waitingProcessor; } diff --git a/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl b/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl index 9dba391..719f1db 100644 --- a/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl +++ b/hsarback/src/de/hsadmin/mods/pac/httpd-virtual.jtpl @@ -3,18 +3,17 @@ # Do not edit manually. Changes will be overwritten. # -NameVirtualHost {PAC_IPNUMBER}:80 -NameVirtualHost {PAC_IPNUMBER_EX}:80 -NameVirtualHost {PAC_IPNUMBER}:443 -NameVirtualHost {PAC_IPNUMBER_EX}:443 + +NameVirtualHost {PAC_IP}:80 +NameVirtualHost {PAC_IP}:443 - + Redirect 404 / - + SSLEngine On SSLCertificateFile /etc/apache2/pems/default.pem @@ -25,4 +24,5 @@ NameVirtualHost {PAC_IPNUMBER_EX}:443 Redirect 404 / + \ No newline at end of file