Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # i-MSCP Listener::Named::SlaveProvisioning listener file
- # Copyright (C) 2015 UncleJ, Arthur Mayer <mayer.arthur@gmail.com>
- # Copyright (C) 2016 Laurent Declercq <l.declercq@nuxwin.com>
- #
- # This library is free software; you can redistribute it and/or
- # modify it under the terms of the GNU Lesser General Public
- # License as published by the Free Software Foundation; either
- # version 2.1 of the License, or (at your option) any later version.
- #
- # This library is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- # Lesser General Public License for more details.
- #
- # You should have received a copy of the GNU Lesser General Public
- # License along with this library; if not, write to the Free Software
- # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- #
- ## i-MSCP listener file that provides output for slave DNS server provisioning
- ## Slave provisioning service will be available at:
- ## - http://<panel.domain.tld>:8080/domain/slave_provisioning.php
- ## - https://<panel.domain.tld>:4443/domain/slave_provisioning.php (if you use ssl)
- #
- package Listener::Named::SlaveProvisioning;
- use lib '/var/www/imscp/engine/PerlLib';
- use iMSCP::Bootstrapper;
- use iMSCP::Config;
- use iMSCP::Debug;
- use iMSCP::Dir;
- use iMSCP::EventManager;
- use iMSCP::Execute;
- use iMSCP::File;
- use File::Basename;
- #
- ## HTTP (Basic) authentication parameters
- ## Those parameters are used to protect access to the provisioning script which is
- ## available through HTTP
- #
- # Authentication username
- # Leave empty to disable authentication
- my $authUsername = '';
- # Authentication password
- # Either an encrypted or plain password
- my $authPassword = '';
- # Tells whether or not the provided authentication password is encrypted or not
- my $isAuthPasswordEncrypted = 0;
- # Protected area identifier
- my $realm = 'Provisioning service for slave DNS servers';
- # Nginx configuration directory
- my $nginxConfDir = '/etc/nginx';
- #
- ## Subroutines
- #
- sub createHtpasswdFile
- {
- my $htpasswdFilePath = "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htpasswd";
- my @cmd = (
- 'htpasswd',
- -f $htpasswdFilePath ? '-c' : '',
- '-b',
- $isAuthPasswordEncrypted ? '' : '-p',
- escapeShell($htpasswdFilePath),
- escapeShell($authUsername),
- escapeShell($authPassword)
- );
- my $rs = execute("@cmd", \my $stdout, \my $stderr);
- error($stderr) if $rs && $stderr;
- return $rs if $rs;
- my $htpasswdFile = iMSCP::File->new( filename => $htpasswdFilePath );
- my $rs = $htpasswdFile->mode(0640);
- $rs ||= $htpasswdFile->owner(
- "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
- "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
- );
- }
- #
- ## Event listeners
- #
- my $eventManager = iMSCP::EventManager->getInstance();
- # Listener that is responsible to create provisioning script
- $eventManager->register('afterInstall',, sub writeProvisioningScript {
- my $fileContent = <<'EOF';
- <?php
- require '../../library/imscp-lib.php';
- $config = iMSCP_Registry::get('config');
- $filter = iMSCP_Registry::get('bufferFilter');
- $filter->compressionInformation = false;
- echo "// CONFIGURATION FOR MAIN DOMAIN\n";
- echo "zone \"$config->BASE_SERVER_VHOST\" {\n";
- echo "\ttype slave;\n";
- echo "\tfile \"/var/cache/bind/$config->BASE_SERVER_VHOST.db\";\n";
- echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "};\n";
- echo "// END CONFIGURATION FOR MAIN DOMAIN\n\n";
- $stmt = exec_query('SELECT domain_id, domain_name FROM domain');
- $rowCount = $stmt->rowCount();
- if ($rowCount > 0) {
- echo "// $rowCount HOSTED DOMAINS LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
- while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
- echo "zone \"{$row['domain_name']}\" {\n";
- echo "\ttype slave;\n";
- echo "\tfile \"/var/cache/bind/{$row['domain_name']}.db\";\n";
- echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "};\n";
- }
- echo "// END DOMAINS LIST\n\n";
- }
- $stmt = exec_query('SELECT alias_id, alias_name FROM domain_aliasses');
- $rowCount = $stmt->rowCount();
- if ($rowCount > 0) {
- echo "// $rowCount HOSTED ALIASSES LISTED ON $config->SERVER_HOSTNAME [$config->BASE_SERVER_PUBLIC_IP]\n";
- while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
- echo "zone \"{$row['alias_name']}\" {\n";
- echo "\ttype slave;\n";
- echo "\tfile \"/var/cache/bind/{$row['alias_name']}.db\";\n";
- echo "\tmasters { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "\tallow-notify { $config->BASE_SERVER_PUBLIC_IP; };\n";
- echo "};\n";
- }
- echo "// END ALIASSES LIST\n";
- }
- EOF
- my $provisioningScriptFile = iMSCP::File->new(
- filename => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/slave_provisioning.php"
- );
- my $rs = $provisioningScriptFile->set($fileContent);
- $rs ||= $provisioningScriptFile->save();
- $rs ||= $provisioningScriptFile->mode(0640);
- $rs ||= $provisioningScriptFile->owner(
- "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
- "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}"
- );
- });
- # Listener that is responsible to add authentication configuration
- $eventManager->register('onAfterFrontEndBuildConf', sub onAfterFrontEndBuildConf) {
- my ($tplContent, $tplName) = @_;
- unless(-d "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain") {
- my $rs = iMSCP::Dir->new( dirname => "$main::imscpConfig{'GUI_PUBLIC_DIR'}/domain" )->make({
- user => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
- group => "$main::imscpConfig{'SYSTEM_USER_PREFIX'}$main::imscpConfig{'SYSTEM_USER_MIN_UID'}",
- mode => 0550
- });
- $rs = createHtpasswdFile();
- return $rs if $rs;
- }
- if($tplName eq '00_master.conf' || $tplName eq '00_master_ssl.conf') {
- (my $vhostName = $tplName) =~ s/(.*)\.conf$/;
- my $includeFileName = $vhostName . "_protected_location.conf"
- $$tplContent = replaceBloc(
- "# SECTION custom BEGIN.\n",
- "# SECTION custom END.\n",
- " # SECTION custom BEGIN.\n" .
- getBloc(
- "# SECTION custom BEGIN.\n",
- "# SECTION custom END.\n",
- $$tplContent
- ) .
- " include $includeFileName;\n" .
- " # SECTION custom END.\n",
- $$tplContent
- );
- my $fileContent;
- $$fileContent = <<EOF;
- location /domain {
- root /var/www/imscp/gui/public;
- location ~ \.php\$ {
- include imscp_fastcgi.conf;
- satisfy all;
- allow all;
- auth_basic $realm;
- auth_basic_user_file $main::imscpConfig{'GUI_PUBLIC_DIR'}/domain/.htpasswd;
- }
- }
- EOF
- my $conffile = iMSCP::File->new( filename => "$nginxConfDir/$includeFileName" );
- $rs = $conffile->set($$fileContent);
- $rs ||= $conffile->save();
- $rs ||= $conffile->mode(0644);
- $rs ||= $conffile->owner($main::imscpConfig{'ROOT_USER'}, $main::imscpConfig{'ROOT_GROUP'});
- return $rs if $rs;
- }
- }) if $authUsername;
- 1;
- __END__
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement