apache template

This commit is contained in:
Peter Hormanns 2017-06-21 18:46:35 +02:00
parent 0e59e02ef0
commit bf2b3535b9
3 changed files with 45 additions and 6 deletions

View File

@ -62,6 +62,7 @@ public class Domain extends AbstractEntity {
inverseJoinColumns={@JoinColumn(name="domain_option_id", referencedColumnName="domain_option_id")}) inverseJoinColumns={@JoinColumn(name="domain_option_id", referencedColumnName="domain_option_id")})
private Set<DomainOption> domainoptions; private Set<DomainOption> domainoptions;
@AnnFieldIO(validation="([a-z0-9\\-]+\\,)*[a-z0-9\\-]+|\\*", rw=ReadWriteAccess.READWRITE)
@Column(name = "valid_subdomain_names", columnDefinition = "character varying(512)") @Column(name = "valid_subdomain_names", columnDefinition = "character varying(512)")
private String validSubdomainNames; private String validSubdomainNames;
@ -190,4 +191,15 @@ public class Domain extends AbstractEntity {
this.validSubdomainNames = validSubdomainNames; this.validSubdomainNames = validSubdomainNames;
} }
public String getServeraliases() {
String[] subs = validSubdomainNames.split(",");
StringBuffer aliases = new StringBuffer();
for (String sub : subs) {
aliases.append(' ');
aliases.append(sub.trim());
aliases.append('.');
aliases.append(name);
}
return aliases.toString();
}
} }

View File

@ -267,6 +267,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes"); ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews"); ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE); ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
ifOption(templateVars, query, "letsencrypt", Boolean.TRUE, Boolean.FALSE);
final Processor domSetupProcessor = new CompoundProcessor( final Processor domSetupProcessor = new CompoundProcessor(
new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.vm", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true), new CreateFileProcessor("/de/hsadmin/mods/dom/openssl-sna.vm", templateVars, dom, "/tmp/openssl-sna.cnf", "root", "root", "644", true),
new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && " new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-generated && "

View File

@ -5,12 +5,12 @@
<VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80> <VirtualHost ${pac.curINetAddr.inetAddr}:80 ${pac.oldINetAddr.inetAddr}:80>
ServerName ${dom.name} ServerName ${dom.name}
ServerAlias *.${dom.name} ServerAlias ${dom.serveraliases}
ServerAdmin webmaster@${dom.name} ServerAdmin webmaster@${dom.name}
SuexecUserGroup ${dom.user.name} ${pac.name} SuexecUserGroup ${dom.user.name} ${pac.name}
PassengerEnabled on PassengerEnabled Off
PassengerUser ${dom.user.name} PassengerUser ${dom.user.name}
PassengerGroup ${pac.name} PassengerGroup ${pac.name}
PassengerAppRoot /home/doms/${dom.name}/app/ PassengerAppRoot /home/doms/${dom.name}/app/
@ -19,21 +19,28 @@
Alias /cgi-bin/ /home/doms/${dom.name}/cgi/ Alias /cgi-bin/ /home/doms/${dom.name}/cgi/
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/ Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi/
#if( ${letsencrypt} )
Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
#end
<Directory /> <Directory />
PassengerEnabled Off
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/${dom.name}/> <Directory /home/doms/${dom.name}/>
PassengerEnabled On
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
</Directory> </Directory>
<Location /cgi-bin/> <Location /cgi-bin/>
PassengerEnabled Off
SetHandler cgi-script SetHandler cgi-script
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
<Location /fastcgi-bin/> <Location /fastcgi-bin/>
PassengerEnabled Off
SetHandler fcgid-script SetHandler fcgid-script
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
@ -42,7 +49,10 @@
RewriteOptions Inherit RewriteOptions Inherit
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# -d
RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last] RewriteRule ^(.*) /home/doms/${dom.name}/subs/#[[${tolower:%1}$1 ]]# [last]
@ -50,6 +60,9 @@
#if( !${htdocsfallback} ) #if( !${htdocsfallback} )
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:80)?$ [novary]
RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d RewriteCond /home/doms/${dom.name}/subs/#[[${tolower:%1} ]]# !-d
RewriteRule ^(.*) - [redirect=404,last] RewriteRule ^(.*) - [redirect=404,last]
@ -61,12 +74,12 @@
<VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443> <VirtualHost ${pac.curINetAddr.inetAddr}:443 ${pac.oldINetAddr.inetAddr}:443>
ServerName ${dom.name} ServerName ${dom.name}
ServerAlias *.${dom.name} ServerAlias ${dom.serveraliases}
ServerAdmin ${dom.user.name}@${dom.name} ServerAdmin ${dom.user.name}@${dom.name}
SuexecUserGroup ${dom.user.name} ${pac.name} SuexecUserGroup ${dom.user.name} ${pac.name}
PassengerEnabled on PassengerEnabled Off
PassengerUser ${dom.user.name} PassengerUser ${dom.user.name}
PassengerGroup ${pac.name} PassengerGroup ${pac.name}
PassengerAppRoot /home/doms/${dom.name}/app-ssl/ PassengerAppRoot /home/doms/${dom.name}/app-ssl/
@ -80,22 +93,29 @@
Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/ Alias /cgi-bin/ /home/doms/${dom.name}/cgi-ssl/
Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/ Alias /fastcgi-bin/ /home/doms/${dom.name}/fastcgi-ssl/
#if( ${letsencrypt} )
Alias /.well-known/acme-challenge/ /var/lib/letsencrypt/webroot/${dom.name}/.well-known/acme-challenge/
#end
<Directory /> <Directory />
SSLRequireSSL On SSLRequireSSL Off
PassengerEnabled On
Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch Options -ExecCGI ${includes} ${indexes} ${multiviews} +SymLinksIfOwnerMatch
</Directory> </Directory>
<Directory /home/doms/${dom.name}/> <Directory /home/doms/${dom.name}/>
SSLRequireSSL On
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,Indexes,MultiViews,PassengerNodejs,PassengerPython,PassengerRuby,PassengerAppEnv
</Directory> </Directory>
<Location /cgi-bin/> <Location /cgi-bin/>
PassengerEnabled Off
SetHandler cgi-script SetHandler cgi-script
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
<Location /fastcgi-bin/> <Location /fastcgi-bin/>
PassengerEnabled Off
SetHandler fcgid-script SetHandler fcgid-script
Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch Options +ExecCGI ${includes} -Indexes -MultiViews +SymLinksIfOwnerMatch
</Location> </Location>
@ -105,6 +125,9 @@
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:[0-9]+)?$ [novary]
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# -d
RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last] RewriteRule ^(.*) /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1}$1 ]]# [last]
@ -112,6 +135,9 @@
#if( !${htdocsfallback} ) #if( !${htdocsfallback} )
RewriteCond %{REQUEST_URI} !^/cgi-bin/ RewriteCond %{REQUEST_URI} !^/cgi-bin/
RewriteCond %{REQUEST_URI} !^/fastcgi-bin/ RewriteCond %{REQUEST_URI} !^/fastcgi-bin/
#if( ${letsencrypt} )
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
#end
RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary] RewriteCond %{HTTP_HOST} ^(.+)\.${dom.name}\.?(:443)?$ [novary]
RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d RewriteCond /home/doms/${dom.name}/subs-ssl/#[[${tolower:%1} ]]# !-d
RewriteRule ^(.*) - [redirect=404,last] RewriteRule ^(.*) - [redirect=404,last]