# i-MSCP Listener::Named::SlaveProvisioning listener file# Copyright (C) 2015

1. # i-MSCP Listener::Named::SlaveProvisioning listener file
2. # Copyright (C) 2015 UncleJ, Arthur Mayer <mayer.arthur@gmail.com>
3. # Copyright (C) 2016 Laurent Declercq <l.declercq@nuxwin.com>
4. #
5. # This library is free software; you can redistribute it and/or
6. # modify it under the terms of the GNU Lesser General Public
7. # License as published by the Free Software Foundation; either
8. # version 2.1 of the License, or (at your option) any later version.
9. #
10. # This library is distributed in the hope that it will be useful,
11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13. # Lesser General Public License for more details.
14. #
15. # You should have received a copy of the GNU Lesser General Public
16. # License along with this library; if not, write to the Free Software
17. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301 USA
18.  
19. #
20. ## i-MSCP listener file that provides output for slave DNS server provisioning
21. ## Slave provisioning service will be available at:
22. ##   - http://<panel.domain.tld>:8080/provisioning/slave_provisioning.php
23. ##   - https://<panel.domain.tld>:4443/provisioning/slave_provisioning.php (if you use ssl)
24. #
25.  
26. package Listener::Named::SlaveProvisioning;
27.  
28. use iMSCP::Bootstrapper;
29. use iMSCP::Config;
30. use iMSCP::Debug;
31. use iMSCP::Dir;
32. use iMSCP::EventManager;
33. use iMSCP::Execute;
34. use iMSCP::File;
35. use iMSCP::TemplateParser;
36. use File::Basename;
37.  
38. #
39. ## HTTP (Basic) authentication parameters
40. ## Those parameters are used to protect access to the provisioning script which is
41. ## available through HTTP
42. #
43.  
44. # Authentication username
45. # Leave empty to disable authentication
46. my $authUsername = '';
47.  
48. # Authentication password
49. # Either an encrypted or plain password
50. my $authPassword = '';
51.  
52. # Tells whether or not the provided authentication password is encrypted or not
53. my $isAuthPasswordEncrypted = 0;
54.  
55. # Protected area identifier
56. my $realm = 'Provisioning service for slave DNS servers';
57.  
58. # Nginx configuration directory
59. my $nginxConfDir = '/etc/nginx';
60.  
61. #
62. ## Subroutines
63. #
64.  
65. sub createHtpasswdFile
66. {
67.     my $htpasswdFilePath = "$main::imscpConfig{'GUI_PUBLIC_DIR'}/provisioning/.htpasswd";
68.     my @cmd = (
69.         'htpasswd',
70.         -f $htpasswdFilePath ? '' : '-c',
71.         '-b',
72.         $isAuthPasswordEncrypted ? '-p' : '',
73.         escapeShell($htpasswdFilePath),
74.         escapeShell($authUsername),
75.         escapeShell($authPassword)
76.     );
77.  
78.     my $rs = execute("@cmd", \my $stdout, \my $stderr);
79.     error($stderr) if $rs && $stderr;
80.     return $rs if $rs;
81.  
82.     my $htpasswdFile = iMSCP::File->new( filename => $htpasswdFilePath );
83.     my $rs = $htpasswdFile->mode(0640);
84.     $rs ||= $htpasswdFile->owner(
85.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
86.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
87.     );
88. }
89.  
90. #
91. ## Event listeners
92. #
93.  
94. my $eventManager = iMSCP::EventManager->getInstance();
95.  
96. # Listener that is responsible to create provisioning script
97. $eventManager->register('afterInstall', sub {
98.     my $fileContent = <<'EOF';
99. <?php
100.  
101. require '../../library/imscp-lib.php';
102.  
103. $config = iMSCP_Registry::get('config');
104. $filter = iMSCP_Registry::get('bufferFilter');
105. $filter->compressionInformation = false;
106.  
107. echo "// CONFIGURATION FOR MAIN DOMAIN\n";
108. echo "zone \"$config->BASE_SERVER_VHOST\" {\n";
109. echo "\ttype slave;\n";
110. echo "\tfile \"/var/cache/bind/$config->BASE_SERVER_VHOST.db\";\n";
111. echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
112. echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
113. echo "};\n";
114. echo "// END CONFIGURATION FOR MAIN DOMAIN\n\n";
115.  
116. $stmt = exec_query('SELECT domain_id, domain_name FROM domain');
117. $rowCount = $stmt->rowCount();
118.  
119. if ($rowCount > 0) {
120.     echo "// $rowCount HOSTED DOMAINS LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
121.  
122.     while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
123.         echo "zone \"{$row['domain_name']}\" {\n";
124.         echo "\ttype slave;\n";
125.         echo "\tfile \"/var/cache/bind/{$row['domain_name']}.db\";\n";
126.         echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
127.         echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
128.         echo "};\n";
129.     }
130.  
131.     echo "// END DOMAINS LIST\n\n";
132. }
133.  
134. $stmt = exec_query('SELECT alias_id, alias_name FROM domain_aliasses');
135. $rowCount = $stmt->rowCount();
136.  
137. if ($rowCount > 0) {
138.     echo "// $rowCount HOSTED ALIASSES LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
139.  
140.     while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
141.         echo "zone \"{$row['alias_name']}\" {\n";
142.         echo "\ttype slave;\n";
143.         echo "\tfile \"/var/cache/bind/{$row['alias_name']}.db\";\n";
144.         echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
145.         echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
146.         echo "};\n";
147.     }
148.  
149.     echo "// END ALIASSES LIST\n";
150. }
151. EOF
152.  
153.     my $provisioningScriptFile = iMSCP::File->new(
154.         filename => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/provisioning/slave_provisioning.php"
155.     );
156.     my $rs = $provisioningScriptFile->set($fileContent);
157.     $rs ||= $provisioningScriptFile->save();
158.     $rs ||= $provisioningScriptFile->mode(0640);
159.     $rs ||= $provisioningScriptFile->owner(
160.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
161.         "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
162.     );
163. });
164.  
165. # Listener that is responsible to add authentication configuration
166. $eventManager->register('afterFrontEndBuildConfFile', sub {
167.     my ($tplContent, $tplName) = @_;
168.  
169.     unless(-d "$main::imscpConfig{'GUI_PUBLIC_DIR'}/provisioning") {
170.         my $rs = iMSCP::Dir->new( dirname => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/provisioning" )->make({
171.             user => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
172.             group => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
173.             mode => 0550
174.         });
175.  
176.         $rs = createHtpasswdFile();
177.         return $rs if $rs;
178.     }
179.  
180.     if($tplName eq '00_master.conf' || $tplName eq '00_master_ssl.conf') {
181.         my $locationSnippet = <<EOF;
182. location /provisioning {
183.         root /var/www/imscp/gui/public;
184.  
185.         location ~ \.php\$ {
186.             include imscp_fastcgi.conf;
187.             satisfy all;
188.             allow all;
189.             auth_basic "$realm";
190.             auth_basic_user_file $main::imscpConfig{'GUI_PUBLIC_DIR'}/provisioning/.htpasswd;
191.         }
192.     }
193. EOF
194.         $$tplContent = replaceBloc(
195.             "# SECTION custom BEGIN.\n",
196.             "# SECTION custom END.\n",
197.             "    # SECTION custom BEGIN.\n" .
198.             getBloc(
199.                 "# SECTION custom BEGIN.\n",
200.                 "# SECTION custom END.\n",
201.                 $$tplContent
202.             ) .
203.             "    $locationSnippet\n" .
204.             "    # SECTION custom END.\n",
205.             $$tplContent
206.         );
207.     }
208.  
209.     0;
210. }) if $authUsername;
211.  
212. 1;
213. __END__