diff --git a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
index feab37b..0bd881e 100644
--- a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
+++ b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
@@ -269,11 +269,20 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
final Processor domSetupProcessor = new CompoundProcessor(
- new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-enabled/" + dom.getUser().getName() + " && "
- + "mkdir -p $PEMS_DIR/ && "
+ new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.cnf", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true),
+ new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && "
+ + "mkdir -p $PEMS_DIR && "
+ "cd $PEMS_DIR && "
- + "( ls " + domName + ".crt || ( echo \"\" > " + domName + ".chain && "
- + "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -sha256 -subj '/CN=" + domName + "' ) ) &&"
+ + "( ls " + domName + ".crt || ( echo \"\" > _." + domName + ".chain && "
+ + "openssl req -x509 -newkey rsa:2048 -keyout _." + domName + ".key -out _." + domName + ".crt -days 1100 -nodes -sha256 -config /tmp/openssl-sna.cnf ) ) &&"
+ + "chmod 400 _." + domName + "*"),
+ new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-enabled && "
+ + "mkdir -p $PEMS_DIR && "
+ + "cd $PEMS_DIR && "
+ + "( ls " + domName + ".crt ||"
+ + " ( ln -s ../pems-generated/_." + domName + ".key " + domName + ".key"
+ + " && ln -s ../pems-generated/_." + domName + ".crt " + domName + ".crt"
+ + " && ln -s ../pems-generated/_." + domName + ".chain " + domName + ".chain ) ) && "
+ "chmod 400 " + domName + "*"),
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
new ShellProcessor(
diff --git a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
index e4fdd2d..320e786 100644
--- a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
+++ b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
@@ -90,9 +90,9 @@
#end
SSLEngine On
- SSLCertificateFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.crt
- SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.key
- SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.chain
+ SSLCertificateFile /etc/apache2/pems-enabled/${dom.name}.crt
+ SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.name}.key
+ SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.name}.chain
DocumentRoot /home/doms/${dom.name}/htdocs-ssl
diff --git a/hsarback/src/de/hsadmin/mods/dom/openssl-sna.cnf b/hsarback/src/de/hsadmin/mods/dom/openssl-sna.cnf
new file mode 100644
index 0000000..b5cd207
--- /dev/null
+++ b/hsarback/src/de/hsadmin/mods/dom/openssl-sna.cnf
@@ -0,0 +1,12 @@
+[req]
+prompt = no
+distinguished_name = req_dn
+x509_extensions = v3_ca
+
+[req_dn]
+commonName = *.${dom.name}
+
+[v3_ca]
+basicConstraints = CA:FALSE
+extendedKeyUsage=serverAuth
+subjectAltName=DNS:*.${dom.name},DNS:${dom.name}
diff --git a/hsarjcli/.classpath b/hsarjcli/.classpath
deleted file mode 100644
index 883126c..0000000
--- a/hsarjcli/.classpath
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/hsarjcli/.gitignore b/hsarjcli/.gitignore
deleted file mode 100644
index 2f230b7..0000000
--- a/hsarjcli/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/build
-/bin
\ No newline at end of file
diff --git a/hsarjcli/.project b/hsarjcli/.project
deleted file mode 100644
index 528bfcc..0000000
--- a/hsarjcli/.project
+++ /dev/null
@@ -1,17 +0,0 @@
-
-
- hsarjcli
-
-
-
-
-
- org.eclipse.jdt.core.javabuilder
-
-
-
-
-
- org.eclipse.jdt.core.javanature
-
-
diff --git a/hsarjcli/.settings/org.eclipse.jdt.core.prefs b/hsarjcli/.settings/org.eclipse.jdt.core.prefs
deleted file mode 100644
index bca7901..0000000
--- a/hsarjcli/.settings/org.eclipse.jdt.core.prefs
+++ /dev/null
@@ -1,12 +0,0 @@
-#Mon May 16 15:05:41 CEST 2011
-eclipse.preferences.version=1
-org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
-org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
-org.eclipse.jdt.core.compiler.compliance=1.6
-org.eclipse.jdt.core.compiler.debug.lineNumber=generate
-org.eclipse.jdt.core.compiler.debug.localVariable=generate
-org.eclipse.jdt.core.compiler.debug.sourceFile=generate
-org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
-org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
-org.eclipse.jdt.core.compiler.source=1.6
diff --git a/hsarjcli/build.xml b/hsarjcli/build.xml
deleted file mode 100644
index 66e5e4f..0000000
--- a/hsarjcli/build.xml
+++ /dev/null
@@ -1,60 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/hsarjcli/scripting/package_dump.js b/hsarjcli/scripting/package_dump.js
deleted file mode 100644
index 6d5556c..0000000
--- a/hsarjcli/scripting/package_dump.js
+++ /dev/null
@@ -1,213 +0,0 @@
-var pacs = pac.search();
-var hive = 'h99';
-var password = 'p!' + (new String(Math.random())).substring(2,16) + '!';
-function runbash(cmd) {
- var runtime = java.lang.Runtime.getRuntime();
- runtime.exec(["bash", "-c", cmd]);
-}
-function mysqldump(pac, db) {
- var dump = "/home/pacs/" + pac + "/.bak/mysql-" + db + ".dmp.gz";
- var cmd = "mysqldump --create-options --flush-logs --force --quote-names --quick --single-transaction "
- + db + "|gzip --best|secat --user=" + pac + " --group=" + pac + " --umask=007 --output=" + dump;
- runbash(cmd);
-}
-function pgsqldump(pac, db) {
- var dump = "/home/pacs/" + pac + "/.bak/pgsql-" + db + ".dmp.gz";
- var cmd = "export PGUSER=postgres; pg_dump --disable-triggers --oids --compress=0 --format=c "
- + db + "|gzip --best|secat --user=" + pac + " --group=" + pac + " --umask=007 --output=" + dump;
- runbash(cmd);
-}
-function crontabdump(pac, user) {
- var dump = "/home/pacs/" + pac + "/.bak/crontab-" + user + ".gz";
- var cmd = "crontab -u " + user + " -l"
- + "|gzip --best|secat --user=" + pac + " --group=" + pac + " --umask=007 --output=" + dump;
- runbash(cmd);
-}
-function shadowdump(pac) {
- var dump = "/home/pacs/" + pac + "/.bak/shadow.gz";
- var cmd = "grep -e '^" + pac + "' /etc/shadow|cut -f1-2 -d':' "
- + "|gzip --best|secat --user=" + pac + " --group=" + pac + " --umask=007 --output=" + dump;
- runbash(cmd);
-}
-function mysqlaclsdump(pac) {
- var dump = "/home/pacs/" + pac + "/.bak/mysql_passwd";
- var cmd = "mysqldump --no-create-db --skip-opt --no-create-info --replace --where=\"user like '" + pac + "%'\" mysql --tables user > " + dump
- + " && mysqldump --no-create-db --skip-opt --no-create-info --replace --where=\"db like '" + pac + "%'\" mysql --tables db tables_priv proc >>" + dump
- + " && chown " + pac + ":" + pac + " " + dump;
- runbash(cmd);
-}
-function pgsqlpasswddump(pac) {
- var dump = "/home/pacs/" + pac + "/.bak/pgsql_passwd.gz";
- var cmd = "export PGUSER=postgres; pg_dumpall -r | grep ^ALTER | grep " + pac
- + "|gzip --best|secat --user=" + pac + " --group=" + pac + " --umask=007 --output=" + dump;
- runbash(cmd);
-}
-if (pacs.length == 1 && hive != 'undef') {
- var pacname = pacs[0]['name'];
- var file = new java.io.FileWriter(pacname + '_dump.js');
- // Pac
- file.write('pac.add({set:{\n');
- file.write('name: "' + pacs[0]['name'] + '",\n');
- file.write('curinetaddr: "' + pacs[0]['curinetaddr'] + '",\n');
- file.write('customer: "' + pacs[0]['customer'] + '",\n');
- file.write('basepac: "' + pacs[0]['basepac'] + '",\n');
- file.write('hive: "' + hive + '",\n');
- file.write('password: "' + password + '"\n');
- file.write('}});\n');
- file.write('pac.update({where:{\n');
- file.write('name: "' + pacs[0]['name'] + '"\n');
- file.write('},set:{\n');
- file.write('components: {\n');
- for (var opt in pacs[0]['components']) {
- file.write(' ' + opt + ': "' + pacs[0]['components'][opt] + '",\n');
- }
- file.write('}}});\n');
- // User
- var unixusers = user.search();
- for (idx=0; idx 5) {
- file.write('user.add({set:{\n');
- file.write('name: "' + unixusers[idx]['name'] + '",\n');
- file.write('shell: "' + unixusers[idx]['shell'] + '",\n');
- file.write('userid: "' + unixusers[idx]['userid'] + '",\n');
- file.write('comment: "' + unixusers[idx]['comment'] + '",\n');
- file.write('homedir: "' + unixusers[idx]['homedir'] + '",\n');
- file.write('quota_hardlimit: "' + unixusers[idx]['quota_hardlimit'] + '",\n');
- file.write('quota_softlimit: "' + unixusers[idx]['quota_softlimit'] + '",\n');
- file.write('password: "' + password + '"\n');
- file.write('}});\n');
- }
- crontabdump(pacname, unixusers[idx]['name']);
- }
- // Domain
- var domains = domain.search();
- for (idx=0; idx ");
- final String user = cmdParser.getUser();
- final ScriptClient scriptClient = new ScriptClient(console, user, runAs, cmdParser.getArgs());
- final String file = cmdParser.getFile();
- if (file != null && file.length() > 0) {
- if ("-".equals(file)) {
- scriptClient.execute(new InputStreamReader(System.in));
- console.println(formatter.format(scriptClient.getLastRpcResult()));
- } else {
- BufferedReader bufferedReader = null;
- try {
- bufferedReader = new BufferedReader(new FileReader(file));
- String inputLine = bufferedReader.readLine();
- boolean isFirstLine = true;
- final StringBuffer scriptFromFile = new StringBuffer();
- while (inputLine != null) {
- if (isFirstLine && inputLine.startsWith("#!")) {
- scriptFromFile.append("//");
- scriptFromFile.append(inputLine.substring(2));
- } else {
- scriptFromFile.append(inputLine);
- }
- scriptFromFile.append("\n");
- isFirstLine = false;
- inputLine = bufferedReader.readLine();
- }
- scriptClient.execute(scriptFromFile.toString());
- } catch (FileNotFoundException e) {
- System.err.println("File not found: " + file);
- } finally {
- if (bufferedReader != null) {
- bufferedReader.close();
- }
- }
- }
- }
- final String expr = cmdParser.getExpression();
- if (expr != null && expr.length() > 0) {
- scriptClient.execute(expr);
- console.println(formatter.format(scriptClient.getLastRpcResult()));
- }
- if (cmdParser.isInteractive()) {
- String command = console.readInput();
- while (!("bye".equals(command.trim()) || "exit".equals(command.trim()) || "quit".equals(command.trim()))) {
- try {
- scriptClient.execute(command);
- console.println(formatter.format(scriptClient.getLastRpcResult()));
- } catch (Exception e) {
- console.println("Error: " + e.getLocalizedMessage() + "\n");
- }
- command = console.readInput();
- }
- }
- } catch (Exception e) {
- System.err.println(e.getMessage());
- System.exit(-1);
- }
- }
-
-}
diff --git a/hsarjcli/src/de/hsadmin/jscli/RpcClient.java b/hsarjcli/src/de/hsadmin/jscli/RpcClient.java
deleted file mode 100644
index b193b54..0000000
--- a/hsarjcli/src/de/hsadmin/jscli/RpcClient.java
+++ /dev/null
@@ -1,92 +0,0 @@
-package de.hsadmin.jscli;
-
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.xmlrpc.XmlRpcException;
-import org.apache.xmlrpc.client.XmlRpcClient;
-import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;
-
-import de.hsadmin.jscli.cas.CASTicketProvider;
-import de.hsadmin.jscli.conf.Config;
-import de.hsadmin.jscli.exception.JSCliException;
-
-public class RpcClient {
-
- private static final String XMLRPC_URL = "https://config.hostsharing.net:443/hsar/xmlrpc/hsadmin";
-
- private final List clientList;
- private final Map clientMap;
-
- public RpcClient(final CASTicketProvider tgt) throws JSCliException {
- clientList = new ArrayList();
- clientMap = new HashMap();
- try {
- final String xmlrpcURLsString = Config.getInstance().getProperty("xmlrpcURL", XMLRPC_URL);
- final String[] xmlrpcURLsArray = xmlrpcURLsString.split(",");
- for (final String xmlrpcURL : xmlrpcURLsArray) {
- final XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl();
- config.setServerURL(new URL(xmlrpcURL));
- config.setEnabledForExtensions(true);
- final XmlRpcClient client = new XmlRpcClient();
- client.setConfig(config);
- clientList.add(client);
- }
- } catch (MalformedURLException e) {
- throw new JSCliException(e);
- }
- }
-
- public List listMethods() throws JSCliException {
- final List methodList = new ArrayList();
- for (final XmlRpcClient client : clientList) {
- final List