Untitled

# i-MSCP Listener::Named::SlaveProvisioning listener file
# Copyright (C) 2015 UncleJ, Arthur Mayer <mayer.arthur@gmail.com>
# Copyright (C) 2016 Laurent Declercq <l.declercq@nuxwin.com>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301 USA

#
## i-MSCP listener file that provides output for slave DNS server provisioning
## Slave provisioning service will be available at:
##   - http://<panel.domain.tld>:8080/domain/slave_provisioning.php
##   - https://<panel.domain.tld>:4443/domain/slave_provisioning.php (if you use ssl)
#

package Listener::Named::SlaveProvisioning;

use iMSCP::Bootstrapper;
use iMSCP::Config;
use iMSCP::Debug;
use iMSCP::Dir;
use iMSCP::EventManager;
use iMSCP::Execute;
use iMSCP::File;
use File::Basename;

#
## HTTP (Basic) authentication parameters
## Those parameters are used to protect access to the provisioning script which is
## available through HTTP
#

# Authentication username
# Leave empty to disable authentication
my $authUsername = '';

# Authentication password
# Either an encrypted or plain password
my $authPassword = '';

# Tells whether or not the provided authentication password is encrypted or not
my $isAuthPasswordEncrypted = 0;

# Protected area identifier
my $realm = 'Provisioning service for slave DNS servers';

# Nginx configuration directory
my $nginxConfDir = '/etc/nginx';

#
## Subroutines
#

sub createHtpasswdFile
{
    my $htpasswdFilePath = "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htpasswd";
    my @cmd = (
        'htpasswd',
        -f $htpasswdFilePath ? '-c' : '',
        '-b',
        $isAuthPasswordEncrypted ? '' : '-p',
        escapeShell($htpasswdFilePath),
        escapeShell($authUsername),
        escapeShell($authPassword)
    );
    my $rs = execute("@cmd", \my $stdout, \my $stderr);
    error($stderr) if $rs && $stderr;
    return $rs if $rs;

    my $htpasswdFile = iMSCP::File->new( filename => $htpasswdFilePath );
    my $rs = $htpasswdFile->mode(0640);
    $rs ||= $htpasswdFile->owner(
        "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
        "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
    );
}

#
## Event listeners
#

my $eventManager = iMSCP::EventManager->getInstance();

# Listener that is responsible to create provisioning script
$eventManager->register('afterInstall', sub {
    my $fileContent = <<'EOF';
<?php

require '../../library/imscp-lib.php';

$config = iMSCP_Registry::get('config');
$filter = iMSCP_Registry::get('bufferFilter');
$filter->compressionInformation = false;

echo "// CONFIGURATION FOR MAIN DOMAIN\n";
echo "zone \"$config->BASE_SERVER_VHOST\" {\n";
echo "\ttype slave;\n";
echo "\tfile \"/var/cache/bind/$config->BASE_SERVER_VHOST.db\";\n";
echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
echo "};\n";
echo "// END CONFIGURATION FOR MAIN DOMAIN\n\n";

$stmt = exec_query('SELECT domain_id, domain_name FROM domain');
$rowCount = $stmt->rowCount();

if ($rowCount > 0) {
    echo "// $rowCount HOSTED DOMAINS LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";

    while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
        echo "zone \"{$row['domain_name']}\" {\n";
        echo "\ttype slave;\n";
        echo "\tfile \"/var/cache/bind/{$row['domain_name']}.db\";\n";
        echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
        echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
        echo "};\n";
    }

    echo "// END DOMAINS LIST\n\n";
}

$stmt = exec_query('SELECT alias_id, alias_name FROM domain_aliasses');
$rowCount = $stmt->rowCount();

if ($rowCount > 0) {
    echo "// $rowCount HOSTED ALIASSES LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";

    while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
        echo "zone \"{$row['alias_name']}\" {\n";
        echo "\ttype slave;\n";
        echo "\tfile \"/var/cache/bind/{$row['alias_name']}.db\";\n";
        echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
        echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
        echo "};\n";
    }

    echo "// END ALIASSES LIST\n";
}
EOF

    my $provisioningScriptFile = iMSCP::File->new(
        filename => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/slave_provisioning.php"
    );
    my $rs = $provisioningScriptFile->set($fileContent);
    $rs ||= $provisioningScriptFile->save();
    $rs ||= $provisioningScriptFile->mode(0640);
    $rs ||= $provisioningScriptFile->owner(
        "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
        "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
    );
});

# Listener that is responsible to add authentication configuration
$eventManager->register('onAfterFrontEndBuildConf', sub {
    my ($tplContent, $tplName) = @_;

    unless(-d "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain") {
        my $rs = iMSCP::Dir->new( dirname => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain" )->make({
            user => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
            group => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
            mode => 0550
        });

        $rs = createHtpasswdFile();
        return $rs if $rs;
    }

    if($tplName eq '00_master.conf' || $tplName eq '00_master_ssl.conf') {
        (my $vhostName = $tplName) =~ /(.*)\.conf$/;
        my $includeFileName = $vhostName . '_protected_location.conf';
        $$tplContent = replaceBloc(
            "# SECTION custom BEGIN.\n",
            "# SECTION custom END.\n",
            "    # SECTION custom BEGIN.\n" .
            getBloc(
                "# SECTION custom BEGIN.\n",
                "# SECTION custom END.\n",
                $$tplContent
            ) .
            "    include $includeFileName;\n" .
            "    # SECTION custom END.\n",
            $$tplContent
        );

        my $fileContent = <<EOF;
location /domain {
    root /var/www/imscp/gui/public;

    location ~ \.php\$ {
        include imscp_fastcgi.conf;
        satisfy all;
        allow all;
        auth_basic $realm;
        auth_basic_user_file $main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htpasswd;
    }
}
EOF

        my $file = iMSCP::File->new( filename => "$nginxConfDir/$includeFileName" );
        $rs = file->set($$fileContent);
        $rs ||= file->save();
        $rs ||= file->mode(0644);
        $rs ||= file->owner($main::imscpConfig{'ROOT_USER'}, $main::imscpConfig{'ROOT_GROUP'});
        return $rs if $rs;
    }

    0;
}) if $authUsername;

1;
__END__