# i-MSCP Listener::Named::SlaveProvisioning listener file# Copyright (C) 2015

1. # i-MSCP Listener::Named::SlaveProvisioning listener file
2. # Copyright (C) 2015 UncleJ, Arthur Mayer <mayer.arthur@gmail.com>
3. # Copyright (C) 2016 Laurent Declercq <l.declercq@nuxwin.com>
4. #
5. # This library is free software; you can redistribute it and/or
6. # modify it under the terms of the GNU Lesser General Public
7. # License as published by the Free Software Foundation; either
8. # version 2.1 of the License, or (at your option) any later version.
9. #
10. # This library is distributed in the hope that it will be useful,
11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13. # Lesser General Public License for more details.
14. #
15. # You should have received a copy of the GNU Lesser General Public
16. # License along with this library; if not, write to the Free Software
17. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301 USA
18.  
19. #
20. ## i-MSCP listener file that provides output for slave DNS server provisioning
21. ## Slave provisioning service will be available at:
22. ##   - http://<panel.domain.tld>:8080/domain/slave_provisioning.php
23. ##   - https://<panel.domain.tld>:4443/domain/slave_provisioning.php (if you use ssl)
24. #
25.  
26. package Listener::Named::SlaveProvisioning;
27.  
28. use iMSCP::Config;
29. use iMSCP::Debug;
30. use iMSCP::Dir;
31. use iMSCP::EventManager;
32. use iMSCP::Execute;
33. use iMSCP::File;
34. use File::Basename;
35.  
36. #
37. ## HTTP (Basic) authentication parameters
38. ## Those parameters are used to protect access to the provisioning script which is
39. ## available through HTTP
40. #
41.  
42. # Authentication username
43. # Leave empty to disable authentication
44. my $authUsername = '';
45.  
46. # Authentication password
47. # Either an encrypted or plain password
48. my $authPassword = '';
49.  
50. # Tells whether or not the provided authentication password is encrypted or not
51. my $isAuthPasswordEncrypted = 0;
52.  
53. # Protected area identifier
54. my $realm = 'Provisioning service for slave DNS servers';
55.  
56. #
57. ### Subroutines
58. #
59.  
60. sub createHtpasswdFile
61. {
62.     my $htpasswdFilePath = "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htpasswd";
63.     my @cmd = (
64.         'htpasswd',
65.         -f $htpasswdFilePath ? '-c' : '',
66.         '-b',
67.         $isAuthPasswordEncrypted ? '' : '-p',
68.         escapeShell($htpasswdFilePath),
69.         escapeShell($authUsername),
70.         escapeShell($authPassword)
71.     );
72.     my $rs = execute("@cmd", \my $stdout, \my $stderr);
73.     error($stderr) if $rs && $stderr;
74.     return $rs if $rs;
75.  
76.     my $htpasswdFile = iMSCP::File->new( filename => $htpasswdFilePath );
77.     my $rs = $htpasswdFile->mode(0640);
78.     $rs ||= $htpasswdFile->owner(
79.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
80.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
81.     );
82. }
83.  
84. sub createHtaccessFile
85. {
86.     my $htaccessFile = iMSCP::File->new( filename => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htaccess" );
87.     my $htaccessFileContent = "<Files slave_provisioning.php>\n";
88.     $htaccessFileContent .= "\tAuthType Basic\n";
89.     $htaccessFileContent .= ($realm) ? "\tAuthName \"$realm\"\n" : "\tAuthName \"slave_provisioning.php\"\n";
90.     $htaccessFileContent .= "\tAuthUserFile $htpasswdFilePath\n";
91.     $htaccessFileContent .= "\tRequire user $authUsername\n";
92.     $htaccessFileContent .= "\tSatisfy all\n</Files>\n";
93.  
94.     my $rs = $htaccessFile->save();
95.     $rs ||= $htaccessFile->mode(0640);
96.     $rs ||= $htaccessFile->owner(
97.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
98.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
99.     );
100. }
101.  
102. sub writeProvisioningScript
103. {
104.     my $fileContent = <<'EOF';
105. <?php
106.  
107. require '../../library/imscp-lib.php';
108.  
109. $config = iMSCP_Registry::get('config');
110. $filter = iMSCP_Registry::get('bufferFilter');
111. $filter->compressionInformation = false;
112.  
113. echo "// CONFIGURATION FOR MAIN DOMAIN\n";
114. echo "zone \"$config->BASE_SERVER_VHOST\" {\n";
115. echo "\ttype slave;\n";
116. echo "\tfile \"/var/cache/bind/$config->BASE_SERVER_VHOST.db\";\n";
117. echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
118. echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
119. echo "};\n";
120. echo "// END CONFIGURATION FOR MAIN DOMAIN\n\n";
121.  
122. $stmt = exec_query('SELECT domain_id, domain_name FROM domain');
123. $rowCount = $stmt->rowCount();
124.  
125. if ($rowCount > 0) {
126.     echo "// $rowCount HOSTED DOMAINS LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
127.  
128.     while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
129.         echo "zone \"{$row['domain_name']}\" {\n";
130.         echo "\ttype slave;\n";
131.         echo "\tfile \"/var/cache/bind/{$row['domain_name']}.db\";\n";
132.         echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
133.         echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
134.         echo "};\n";
135.     }
136.  
137.     echo "// END DOMAINS LIST\n\n";
138. }
139.  
140. $stmt = exec_query('SELECT alias_id, alias_name FROM domain_aliasses');
141. $rowCount = $stmt->rowCount();
142.  
143. if ($rowCount > 0) {
144.     echo "// $rowCount HOSTED ALIASSES LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
145.  
146.     while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
147.         echo "zone \"{$row['alias_name']}\" {\n";
148.         echo "\ttype slave;\n";
149.         echo "\tfile \"/var/cache/bind/{$row['alias_name']}.db\";\n";
150.         echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
151.         echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
152.         echo "};\n";
153.     }
154.  
155.     echo "// END ALIASSES LIST\n";
156. }
157. EOF
158.  
159.     my $provisioningScriptFile = iMSCP::File->new(
160.         filename => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/slave_provisioning.php"
161.     );
162.     my $rs = $provisioningScriptFile->set($fileContent);
163.     $rs ||= $provisioningScriptFile->save();
164.     $rs ||= $provisioningScriptFile->mode(0640);
165.     $rs ||= $provisioningScriptFile->owner(
166.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
167.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
168.     );
169. }
170.  
171. iMSCP::EventManager->getInstance()->register('afterInstall', sub {
172.     my $rs = iMSCP::Dir->new( dirname => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain" )->make({
173.         user => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
174.         group => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
175.         mode => 0550
176.     });
177.  
178.     if($authUsername) {
179.         my $rs = createHtpasswdFile();
180.         $rs ||= createHtaccessFile()
181.     }
182.  
183.     $rs ||= writeProvisioningScript();
184. });
185.  
186. iMSCP::EventManager->getInstance()->trigger('afterInstall');
187.  
188. 1;
189. __END__