Implemented domain options: Apache vhost.

This commit is contained in:
Michael Hierweck 2012-09-21 12:46:54 +02:00
parent ac49567fb4
commit 9f568eef06
3 changed files with 86 additions and 64 deletions

View File

@ -125,6 +125,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
new TemplateProcessor("/de/hsadmin/mods/dom/zonefile.jtpl", templateVars, zonefileTargetPath, false);
Processor zonefileACLProcessor =
new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath);
// TODO Use templates and regenerate the file.
Processor prizonesFileProcessor =
new ShellProcessor("echo 'zone \"" + domName + "\" { type master; file \"pri." + domName + "\"; };' >>/etc/bind/named.pri-zones" +
" && sort /etc/bind/named.pri-zones | uniq >/etc/bind/named.pri-zones.tmp" +
@ -176,8 +177,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
}
private Processor createDNSServerRemoveProcessor(String domName) {
// TODO Use templates and regenerate the file.
return new ShellProcessor("grep -v '\"sec." + domName + "\"' /etc/bind/named-hsh.conf >/etc/bind/named-hsh.conf.tmp" +
// TODO sed -e'/sec.abc.example.com/d' -i /etc/bind/named-hsh.conf
" && mv /etc/bind/named-hsh.conf.tmp /etc/bind/named-hsh.conf" +
" && rm /var/cache/bind/sec." + domName +
" && invoke-rc.d bind9 reload");
@ -302,18 +303,53 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
String linkPrefix = Integer.toString(100 - level);
String pac = dom.getUser().getPac().getName();
Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
query.setParameter("option", "nohtdocsfallback");
query.setParameter("domname", dom.getName());
List<?> result = query.getResultList();
List<Map<String, String>> iterateMaps = new ArrayList<Map<String, String>>();
if (!result.isEmpty()) {
iterateMaps.add(new HashMap<String, String>());
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "indexes");
if (query.getResultList().isEmpty()) {
templateVars.put("INDEXES", "+Indexes");
} else {
templateVars.put("INDEXES", "-Indexes");
}
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "includes");
if (query.getResultList().isEmpty()) {
templateVars.put("INCLUDES", "+IncludesNoExec");
} else {
templateVars.put("INCLUDES", "-Includes");
}
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "multiviews");
if (query.getResultList().isEmpty()) {
templateVars.put("MULTIVIEWS", "+MultiViews");
} else {
templateVars.put("MULTIVIEWS", "-MultiViews");
}
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "htdocsfallback");
if (query.getResultList().isEmpty()) {
templateVars.put("HTDOCSFALLBACKHTTP",
" RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
" RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
" RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:80)?$ [novary]\n" +
" RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d\n" +
" RewriteRule ^(.*) - [redirect=404,last]");
templateVars.put("HTDOCSFALLBACKHTTPS",
" RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
" RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
" RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:443)?$ [novary]\n" +
" RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d\n" +
" RewriteRule ^(.*) - [redirect=404,last]");
} else {
templateVars.put("HTDOCSFALLBACKHTTP", "\n");
templateVars.put("HTDOCSFALLBACKHTTPS", "\n");
}
Processor domSetupProcessor = new CompoundProcessor(
createDomainDirectoriesProcessor(dom, templateVars),
new CreateFileProcessor(selectVHostTemplate(dom), templateVars, iterateMaps.iterator(), "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1 " +
"&& sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
new CreateFileProcessor(selectVHostTemplate(dom), templateVars, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
" && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
" && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" +
" || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
new ShellProcessor(

View File

@ -17,40 +17,34 @@
Alias /fastcgi-bin/ /home/doms/{DOM_HOSTNAME}/fastcgi/
<Directory />
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/>
AllowOverride AuthConfig FileInfo Indexes Limit
AllowOverride AuthConfig FileInfo Indexes Limit
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/>
<Location /cgi-bin/>
SetHandler cgi-script
Options +ExecCGI -Indexes -MultiViews
</Directory>
Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location>
<Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/>
<Location /fastcgi-bin/>
SetHandler fcgid-script
Options +ExecCGI -Indexes -MultiViews
</Directory>
Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location>
RewriteEngine On
RewriteOptions Inherit
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last]
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: iterate -->
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
{HTDOCSFALLBACKHTTP}
<!-- END: iterate -->
AddType application/x-httpd-php .php .php5 .php4 .php3
Action application/x-httpd-php /fastcgi-bin/phpstub
@ -77,7 +71,7 @@
<Directory />
SSLRequireSSL On
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/>
@ -86,31 +80,25 @@
<Location /cgi-bin/>
SetHandler cgi-script
Options +ExecCGI -Indexes -MultiViews
Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location>
<Location /fastcgi-bin/>
SetHandler fcgid-script
Options +ExecCGI -Indexes -MultiViews
Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location>
RewriteEngine On
RewriteOptions Inherit
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: nosubdomainfallbackforhttps -->
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: nosubdomainfallbackforhttps -->
{HTDOCSFALLBACKHTTPS}
AddType application/x-httpd-php .php .php5 .php4 .php3
Action application/x-httpd-php /fastcgi-bin/phpstub

View File

@ -14,33 +14,32 @@
DocumentRoot /home/doms/{DOM_HOSTNAME}/htdocs
<Directory />
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/>
AllowOverride AuthConfig FileInfo Indexes Limit
AllowOverride AuthConfig FileInfo Indexes Limit
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/>
<Location /cgi-bin/>
Redirect 501 /
</Directory>
</Location>
<Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/>
<Location /fastcgi-bin/>
Redirect 501 /
</Directory>
</Location>
RewriteEngine On
RewriteOptions Inherit
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last]
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: iterate --> RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: iterate -->
{HTDOCSFALLBACKHTTP}
</VirtualHost>
<VirtualHost {DOM_IPNUMBER}:443 {DOM_IPNUMBEREX}:443>
@ -61,7 +60,7 @@
<Directory />
SSLRequireSSL On
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch
Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory>
<Directory /home/doms/{DOM_HOSTNAME}/>
@ -74,19 +73,18 @@
<Location /fastcgi-bin/>
Redirect 501 /
</Location>
</Location>
RewriteEngine On
RewriteOptions Inherit
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: nosubdomainfallbackforhttps --> RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: nosubdomainfallbackforhttps -->
{HTDOCSFALLBACKHTTPS}
</VirtualHost>
<!-- END: main -->