Implemented domain options: Apache vhost.

This commit is contained in:
Michael Hierweck 2012-09-21 12:46:54 +02:00
parent ac49567fb4
commit 9f568eef06
3 changed files with 86 additions and 64 deletions

View File

@ -125,6 +125,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
new TemplateProcessor("/de/hsadmin/mods/dom/zonefile.jtpl", templateVars, zonefileTargetPath, false); new TemplateProcessor("/de/hsadmin/mods/dom/zonefile.jtpl", templateVars, zonefileTargetPath, false);
Processor zonefileACLProcessor = Processor zonefileACLProcessor =
new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath); new ShellProcessor("chown root:bind " + zonefileTargetPath + " && chmod 644 " + zonefileTargetPath);
// TODO Use templates and regenerate the file.
Processor prizonesFileProcessor = Processor prizonesFileProcessor =
new ShellProcessor("echo 'zone \"" + domName + "\" { type master; file \"pri." + domName + "\"; };' >>/etc/bind/named.pri-zones" + new ShellProcessor("echo 'zone \"" + domName + "\" { type master; file \"pri." + domName + "\"; };' >>/etc/bind/named.pri-zones" +
" && sort /etc/bind/named.pri-zones | uniq >/etc/bind/named.pri-zones.tmp" + " && sort /etc/bind/named.pri-zones | uniq >/etc/bind/named.pri-zones.tmp" +
@ -176,8 +177,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
} }
private Processor createDNSServerRemoveProcessor(String domName) { private Processor createDNSServerRemoveProcessor(String domName) {
// TODO Use templates and regenerate the file.
return new ShellProcessor("grep -v '\"sec." + domName + "\"' /etc/bind/named-hsh.conf >/etc/bind/named-hsh.conf.tmp" + return new ShellProcessor("grep -v '\"sec." + domName + "\"' /etc/bind/named-hsh.conf >/etc/bind/named-hsh.conf.tmp" +
// TODO sed -e'/sec.abc.example.com/d' -i /etc/bind/named-hsh.conf
" && mv /etc/bind/named-hsh.conf.tmp /etc/bind/named-hsh.conf" + " && mv /etc/bind/named-hsh.conf.tmp /etc/bind/named-hsh.conf" +
" && rm /var/cache/bind/sec." + domName + " && rm /var/cache/bind/sec." + domName +
" && invoke-rc.d bind9 reload"); " && invoke-rc.d bind9 reload");
@ -302,18 +303,53 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
String linkPrefix = Integer.toString(100 - level); String linkPrefix = Integer.toString(100 - level);
String pac = dom.getUser().getPac().getName(); String pac = dom.getUser().getPac().getName();
Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname"); Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
query.setParameter("option", "nohtdocsfallback");
query.setParameter("domname", dom.getName()); query.setParameter("domname", dom.getName());
List<?> result = query.getResultList(); // TODO: This code should be cleaned up after switching to the velocity template engine.
List<Map<String, String>> iterateMaps = new ArrayList<Map<String, String>>(); query.setParameter("option", "indexes");
if (!result.isEmpty()) { if (query.getResultList().isEmpty()) {
iterateMaps.add(new HashMap<String, String>()); templateVars.put("INDEXES", "+Indexes");
} else {
templateVars.put("INDEXES", "-Indexes");
} }
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "includes");
if (query.getResultList().isEmpty()) {
templateVars.put("INCLUDES", "+IncludesNoExec");
} else {
templateVars.put("INCLUDES", "-Includes");
}
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "multiviews");
if (query.getResultList().isEmpty()) {
templateVars.put("MULTIVIEWS", "+MultiViews");
} else {
templateVars.put("MULTIVIEWS", "-MultiViews");
}
// TODO: This code should be cleaned up after switching to the velocity template engine.
query.setParameter("option", "htdocsfallback");
if (query.getResultList().isEmpty()) {
templateVars.put("HTDOCSFALLBACKHTTP",
" RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
" RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
" RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:80)?$ [novary]\n" +
" RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d\n" +
" RewriteRule ^(.*) - [redirect=404,last]");
templateVars.put("HTDOCSFALLBACKHTTPS",
" RewriteCond %{REQUEST_URI} !^/cgi-bin/\n" +
" RewriteCond %{REQUEST_URI} !^/fastcgi-bin/\n" +
" RewriteCond %{HTTP_HOST} ^(.+)\\.{DOM_HOSTNAME}\\.?(:443)?$ [novary]\n" +
" RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d\n" +
" RewriteRule ^(.*) - [redirect=404,last]");
} else {
templateVars.put("HTDOCSFALLBACKHTTP", "\n");
templateVars.put("HTDOCSFALLBACKHTTPS", "\n");
}
Processor domSetupProcessor = new CompoundProcessor( Processor domSetupProcessor = new CompoundProcessor(
createDomainDirectoriesProcessor(dom, templateVars), createDomainDirectoriesProcessor(dom, templateVars),
new CreateFileProcessor(selectVHostTemplate(dom), templateVars, iterateMaps.iterator(), "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true), new CreateFileProcessor(selectVHostTemplate(dom), templateVars, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1 " + new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
"&& sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" + " && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
" && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" + " && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" +
" || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"), " || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
new ShellProcessor( new ShellProcessor(

View File

@ -17,40 +17,34 @@
Alias /fastcgi-bin/ /home/doms/{DOM_HOSTNAME}/fastcgi/ Alias /fastcgi-bin/ /home/doms/{DOM_HOSTNAME}/fastcgi/
<Directory /> <Directory />
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/> <Directory /home/doms/{DOM_HOSTNAME}/>
AllowOverride AuthConfig FileInfo Indexes Limit AllowOverride AuthConfig FileInfo Indexes Limit
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/> <Location /cgi-bin/>
SetHandler cgi-script SetHandler cgi-script
Options +ExecCGI -Indexes -MultiViews Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Directory> </Location>
<Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/> <Location /fastcgi-bin/>
SetHandler fcgid-script SetHandler fcgid-script
Options +ExecCGI -Indexes -MultiViews Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Directory> </Location>
RewriteEngine On RewriteEngine On
RewriteOptions Inherit RewriteOptions Inherit
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last] RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: iterate --> {HTDOCSFALLBACKHTTP}
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: iterate -->
AddType application/x-httpd-php .php .php5 .php4 .php3 AddType application/x-httpd-php .php .php5 .php4 .php3
Action application/x-httpd-php /fastcgi-bin/phpstub Action application/x-httpd-php /fastcgi-bin/phpstub
@ -77,7 +71,7 @@
<Directory /> <Directory />
SSLRequireSSL On SSLRequireSSL On
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/> <Directory /home/doms/{DOM_HOSTNAME}/>
@ -86,31 +80,25 @@
<Location /cgi-bin/> <Location /cgi-bin/>
SetHandler cgi-script SetHandler cgi-script
Options +ExecCGI -Indexes -MultiViews Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
<Location /fastcgi-bin/> <Location /fastcgi-bin/>
SetHandler fcgid-script SetHandler fcgid-script
Options +ExecCGI -Indexes -MultiViews Options +ExecCGI {INCLUDES} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
RewriteEngine On RewriteEngine On
RewriteOptions Inherit RewriteOptions Inherit
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last] RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: nosubdomainfallbackforhttps --> {HTDOCSFALLBACKHTTPS}
RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: nosubdomainfallbackforhttps -->
AddType application/x-httpd-php .php .php5 .php4 .php3 AddType application/x-httpd-php .php .php5 .php4 .php3
Action application/x-httpd-php /fastcgi-bin/phpstub Action application/x-httpd-php /fastcgi-bin/phpstub

View File

@ -14,33 +14,32 @@
DocumentRoot /home/doms/{DOM_HOSTNAME}/htdocs DocumentRoot /home/doms/{DOM_HOSTNAME}/htdocs
<Directory /> <Directory />
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/> <Directory /home/doms/{DOM_HOSTNAME}/>
AllowOverride AuthConfig FileInfo Indexes Limit AllowOverride AuthConfig FileInfo Indexes Limit
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/cgi-bin/> <Location /cgi-bin/>
Redirect 501 / Redirect 501 /
</Directory> </Location>
<Directory /home/doms/{DOM_HOSTNAME}/fastcgi-bin/> <Location /fastcgi-bin/>
Redirect 501 / Redirect 501 /
</Directory> </Location>
RewriteEngine On RewriteEngine On
RewriteOptions Inherit RewriteOptions Inherit
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} -d RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1}$1 [last] RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: iterate --> RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:80)?$ [novary] {HTDOCSFALLBACKHTTP}
RewriteCond /home/doms/{DOM_HOSTNAME}/subs/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: iterate -->
</VirtualHost> </VirtualHost>
<VirtualHost {DOM_IPNUMBER}:443 {DOM_IPNUMBEREX}:443> <VirtualHost {DOM_IPNUMBER}:443 {DOM_IPNUMBEREX}:443>
@ -61,7 +60,7 @@
<Directory /> <Directory />
SSLRequireSSL On SSLRequireSSL On
Options -ExecCGI +IncludesNOEXEC +Indexes +MultiViews +SymLinksIfOwnerMatch Options -ExecCGI {INCLUDES} {INDEXES} {MULTIVIEWS} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/{DOM_HOSTNAME}/> <Directory /home/doms/{DOM_HOSTNAME}/>
@ -74,19 +73,18 @@
<Location /fastcgi-bin/> <Location /fastcgi-bin/>
Redirect 501 / Redirect 501 /
</Location> </Location>
RewriteEngine On RewriteEngine On
RewriteOptions Inherit RewriteOptions Inherit
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary] RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} -d
RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last] RewriteRule ^(.*) /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1}$1 [last]
<!-- BEGIN: nosubdomainfallbackforhttps --> RewriteCond %{HTTP_HOST} ^(.+)\.{DOM_HOSTNAME}\.?(:443)?$ [novary]
RewriteCond /home/doms/{DOM_HOSTNAME}/subs-ssl/${tolower:%1} !-d
RewriteRule ^(.*) - [redirect=404,last]
<!-- END: nosubdomainfallbackforhttps --> {HTDOCSFALLBACKHTTPS}
</VirtualHost> </VirtualHost>
<!-- END: main --> <!-- END: main -->