merge changes for sni
This commit is contained in:
parent
f5e82b4ecc
commit
a4d23a58ef
@ -6,7 +6,6 @@
|
|||||||
<class>de.hsadmin.core.qserv.QueueTask</class>
|
<class>de.hsadmin.core.qserv.QueueTask</class>
|
||||||
<class>de.hsadmin.mods.cust.Customer</class>
|
<class>de.hsadmin.mods.cust.Customer</class>
|
||||||
<class>de.hsadmin.mods.cust.Contact</class>
|
<class>de.hsadmin.mods.cust.Contact</class>
|
||||||
<class>de.hsadmin.mods.cust.BankAccount</class>
|
|
||||||
<class>de.hsadmin.mods.pac.Pac</class>
|
<class>de.hsadmin.mods.pac.Pac</class>
|
||||||
<class>de.hsadmin.mods.pac.BasePac</class>
|
<class>de.hsadmin.mods.pac.BasePac</class>
|
||||||
<class>de.hsadmin.mods.pac.BaseComponent</class>
|
<class>de.hsadmin.mods.pac.BaseComponent</class>
|
||||||
|
@ -6,7 +6,6 @@
|
|||||||
<class>de.hsadmin.core.qserv.QueueTask</class>
|
<class>de.hsadmin.core.qserv.QueueTask</class>
|
||||||
<class>de.hsadmin.mods.cust.Customer</class>
|
<class>de.hsadmin.mods.cust.Customer</class>
|
||||||
<class>de.hsadmin.mods.cust.Contact</class>
|
<class>de.hsadmin.mods.cust.Contact</class>
|
||||||
<class>de.hsadmin.mods.cust.BankAccount</class>
|
|
||||||
<class>de.hsadmin.mods.pac.Pac</class>
|
<class>de.hsadmin.mods.pac.Pac</class>
|
||||||
<class>de.hsadmin.mods.pac.BasePac</class>
|
<class>de.hsadmin.mods.pac.BasePac</class>
|
||||||
<class>de.hsadmin.mods.pac.BaseComponent</class>
|
<class>de.hsadmin.mods.pac.BaseComponent</class>
|
||||||
|
@ -11,6 +11,14 @@
|
|||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>Queue Status Servlet</servlet-name>
|
<servlet-name>Queue Status Servlet</servlet-name>
|
||||||
<servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
|
<servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
|
||||||
|
<init-param>
|
||||||
|
<param-name>proxyValidateUrl</param-name>
|
||||||
|
<param-value>https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate</param-value>
|
||||||
|
</init-param>
|
||||||
|
<init-param>
|
||||||
|
<param-name>proxyServiceUrl</param-name>
|
||||||
|
<param-value>https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend</param-value>
|
||||||
|
</init-param>
|
||||||
<load-on-startup>1</load-on-startup>
|
<load-on-startup>1</load-on-startup>
|
||||||
</servlet>
|
</servlet>
|
||||||
|
|
||||||
@ -28,11 +36,6 @@
|
|||||||
<url-pattern>/queueStatus</url-pattern>
|
<url-pattern>/queueStatus</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>CLI Client Connector</servlet-name>
|
|
||||||
<url-pattern>/hsadmin/cli-interface/</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>XmlRpcServlet</servlet-name>
|
<servlet-name>XmlRpcServlet</servlet-name>
|
||||||
<url-pattern>/xmlrpc/*</url-pattern>
|
<url-pattern>/xmlrpc/*</url-pattern>
|
||||||
|
@ -11,6 +11,14 @@
|
|||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>Queue Status Servlet</servlet-name>
|
<servlet-name>Queue Status Servlet</servlet-name>
|
||||||
<servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
|
<servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
|
||||||
|
<init-param>
|
||||||
|
<param-name>proxyValidateUrl</param-name>
|
||||||
|
<param-value>https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate</param-value>
|
||||||
|
</init-param>
|
||||||
|
<init-param>
|
||||||
|
<param-name>proxyServiceUrl</param-name>
|
||||||
|
<param-value>https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend</param-value>
|
||||||
|
</init-param>
|
||||||
<load-on-startup>1</load-on-startup>
|
<load-on-startup>1</load-on-startup>
|
||||||
</servlet>
|
</servlet>
|
||||||
|
|
||||||
@ -28,11 +36,6 @@
|
|||||||
<url-pattern>/queueStatus</url-pattern>
|
<url-pattern>/queueStatus</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>CLI Client Connector</servlet-name>
|
|
||||||
<url-pattern>/hsadmin/cli-interface/</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
|
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>XmlRpcServlet</servlet-name>
|
<servlet-name>XmlRpcServlet</servlet-name>
|
||||||
<url-pattern>/xmlrpc/*</url-pattern>
|
<url-pattern>/xmlrpc/*</url-pattern>
|
||||||
|
@ -18,12 +18,14 @@ import javax.naming.Context;
|
|||||||
import javax.naming.InitialContext;
|
import javax.naming.InitialContext;
|
||||||
import javax.naming.NamingException;
|
import javax.naming.NamingException;
|
||||||
import javax.persistence.EntityManager;
|
import javax.persistence.EntityManager;
|
||||||
|
import javax.servlet.ServletConfig;
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
import javax.servlet.http.HttpServlet;
|
import javax.servlet.http.HttpServlet;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
import de.hsadmin.core.model.TechnicalException;
|
import de.hsadmin.core.model.TechnicalException;
|
||||||
|
import de.hsadmin.core.model.TicketValidator;
|
||||||
import de.hsadmin.core.model.Transaction;
|
import de.hsadmin.core.model.Transaction;
|
||||||
import de.hsadmin.core.util.Config;
|
import de.hsadmin.core.util.Config;
|
||||||
|
|
||||||
@ -43,6 +45,10 @@ public class QueueStatusReceiverServlet extends HttpServlet
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void init() throws ServletException {
|
public void init() throws ServletException {
|
||||||
|
final ServletConfig cfg = getServletConfig();
|
||||||
|
final String validateURL = cfg.getInitParameter("proxyValidateUrl");
|
||||||
|
final String serviceURL = cfg.getInitParameter("proxyServiceUrl");
|
||||||
|
TicketValidator.getInstance().initialize(validateURL, serviceURL);
|
||||||
isConnected = false;
|
isConnected = false;
|
||||||
messageCount = 0;
|
messageCount = 0;
|
||||||
errorCount = 0;
|
errorCount = 0;
|
||||||
|
@ -256,25 +256,26 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
|
|||||||
return domDirsProcessor;
|
return domDirsProcessor;
|
||||||
}
|
}
|
||||||
|
|
||||||
private Processor createApacheVHostSetupProcessor(EntityManager em, Domain dom) throws ProcessorException {
|
private Processor createApacheVHostSetupProcessor(final EntityManager em, final Domain dom) throws ProcessorException {
|
||||||
Map<String, Object> templateVars = new HashMap<String, Object>();
|
final Map<String, Object> templateVars = new HashMap<String, Object>();
|
||||||
templateVars.put("dynamicWeb", new Boolean(dom.isDynamic()));
|
templateVars.put("dynamicWeb", new Boolean(dom.isDynamic()));
|
||||||
String domName = dom.getName();
|
final String domName = dom.getName();
|
||||||
int level = domName.split("\\.").length;
|
int level = domName.split("\\.").length;
|
||||||
String linkPrefix = Integer.toString(100 - level);
|
final String linkPrefix = Integer.toString(100 - level);
|
||||||
String pac = dom.getUser().getPac().getName();
|
final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
|
||||||
Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
|
|
||||||
query.setParameter("domname", dom.getName());
|
query.setParameter("domname", dom.getName());
|
||||||
ifOption(templateVars, query, "indexes", "+Indexes", "-Indexes");
|
ifOption(templateVars, query, "indexes", "+Indexes", "-Indexes");
|
||||||
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
|
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
|
||||||
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
|
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
|
||||||
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
|
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
|
||||||
Processor domSetupProcessor = new CompoundProcessor(
|
final Processor domSetupProcessor = new CompoundProcessor(
|
||||||
|
new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-enabled/" + dom.getUser().getName() + " && "
|
||||||
|
+ "mkdir -p $PEMS_DIR/ && "
|
||||||
|
+ "cd $PEMS_DIR && "
|
||||||
|
+ "( ls " + domName + ".crt || ( echo \"\" > " + domName + ".chain && "
|
||||||
|
+ "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -sha256 -subj '/CN=" + domName + "' ) ) &&"
|
||||||
|
+ "chmod 400 " + domName + "*"),
|
||||||
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
|
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
|
||||||
new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
|
|
||||||
" && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
|
|
||||||
" && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" +
|
|
||||||
" || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
|
|
||||||
new ShellProcessor(
|
new ShellProcessor(
|
||||||
" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
|
" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
|
||||||
" || (mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName +
|
" || (mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName +
|
||||||
@ -302,6 +303,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
|
|||||||
new ShellProcessor("rm -f /home/doms/" + domName +
|
new ShellProcessor("rm -f /home/doms/" + domName +
|
||||||
" && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName +
|
" && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName +
|
||||||
" && rm -f /etc/apache2/sites-available/" + domName +
|
" && rm -f /etc/apache2/sites-available/" + domName +
|
||||||
|
" && rm -f /etc/apache2/pems-enabled/" + dom.getUser().getName() + "/" + domName + ".*" +
|
||||||
" && rm -rf " + dom.getUser().getHomedir() + "/doms/" + domName +
|
" && rm -rf " + dom.getUser().getHomedir() + "/doms/" + domName +
|
||||||
" && invoke-rc.d apache2 reload >/dev/null 2>&1");
|
" && invoke-rc.d apache2 reload >/dev/null 2>&1");
|
||||||
return vhostDelProcessor;
|
return vhostDelProcessor;
|
||||||
|
@ -90,10 +90,9 @@
|
|||||||
#end
|
#end
|
||||||
|
|
||||||
SSLEngine On
|
SSLEngine On
|
||||||
SSLCertificateFile /etc/apache2/pems/default.pem
|
SSLCertificateFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.crt
|
||||||
SSLCertificateChainFile /etc/apache2/pems/default.chain.pem
|
SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.key
|
||||||
SSLCertificateFile /etc/apache2/pems/${pac.name}.pem
|
SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.chain
|
||||||
SSLCertificateChainFile /etc/apache2/pems/${pac.name}.chain.pem
|
|
||||||
|
|
||||||
DocumentRoot /home/doms/${dom.name}/htdocs-ssl
|
DocumentRoot /home/doms/${dom.name}/htdocs-ssl
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user