2015-08-25 16:54:13 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
#
|
2017-08-23 14:19:48 +02:00
|
|
|
# Gestion des comptes web et des hôtes virtuels pour Apache et Nginx
|
2015-08-25 16:54:13 +02:00
|
|
|
#
|
2017-08-23 14:19:48 +02:00
|
|
|
# Copyright (c) 2009-2017 Evolix - Tous droits reserves
|
2015-08-25 16:54:13 +02:00
|
|
|
#
|
|
|
|
|
|
|
|
# TODO
|
|
|
|
# - Gestion des quota
|
|
|
|
# - Possibilité de créer un compte FTP-only
|
|
|
|
# - Pouvoir spécifier le CONTACT_MAIL dans un fichier de conf
|
|
|
|
# - Traduire usage() en francais, ou l'inverse ??
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
HOME="/root"
|
2015-08-31 15:17:10 +02:00
|
|
|
CONTACT_MAIL="jdoe@example.org"
|
|
|
|
WWWBOUNCE_MAIL="jdoe@example.org"
|
2015-11-28 22:59:36 +01:00
|
|
|
SCRIPTS_PATH="/usr/share/scripts/evoadmin"
|
|
|
|
LOCAL_SCRIPT="$SCRIPTS_PATH/web-add.local.sh"
|
|
|
|
PRE_LOCAL_SCRIPT="$SCRIPTS_PATH/web-add.pre-local.sh"
|
|
|
|
TPL_AWSTATS="$SCRIPTS_PATH/awstats.XXX.conf"
|
2018-04-20 11:20:06 +02:00
|
|
|
SSH_GROUP="evolinux-ssh"
|
2017-08-23 14:19:48 +02:00
|
|
|
|
|
|
|
# Set to nginx if you use nginx and not apache
|
|
|
|
WEB_SERVER="apache"
|
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2018-11-22 16:28:24 +01:00
|
|
|
VHOST_PATH="/etc/apache2/sites-available"
|
2017-08-23 14:19:48 +02:00
|
|
|
TPL_VHOST="$SCRIPTS_PATH/vhost"
|
|
|
|
TPL_MAIL="$SCRIPTS_PATH/web-mail.tpl"
|
|
|
|
|
|
|
|
elif [ "$WEB_SERVER" == "nginx" ]; then
|
|
|
|
VHOST_PATH="/etc/nginx/sites-available"
|
|
|
|
TPL_VHOST="$SCRIPTS_PATH/vhost-nginx.tpl"
|
|
|
|
TPL_MAIL="$SCRIPTS_PATH/web-mail-nginx.tpl"
|
|
|
|
else
|
|
|
|
echo "$WEB_SERVER is not apache nor nginx, exiting..."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# FPM
|
|
|
|
FPM_PATH="/etc/php/7.0/fpm/pool.d"
|
|
|
|
FPM_SERVICE_NAME="php7.0-fpm"
|
|
|
|
TPL_FPM="$SCRIPTS_PATH/fpm.conf.tpl"
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
MAX_LOGIN_CHAR=16
|
|
|
|
HOME_DIR="/home"
|
|
|
|
MYSQL_CREATE_DB_OPTS=""
|
2017-08-22 23:19:51 +02:00
|
|
|
MYSQL_OPTS=""
|
|
|
|
PHP_VERSIONS=()
|
2015-08-25 16:54:13 +02:00
|
|
|
|
|
|
|
# Utiliser ce fichier pour redefinir la valeur des variables ci-dessus
|
2015-12-23 15:39:50 +01:00
|
|
|
config_file="/etc/evolinux/web-add.conf"
|
2018-10-16 20:10:02 +02:00
|
|
|
# shellcheck source=/etc/evolinux/web-add.conf
|
2015-08-25 16:54:13 +02:00
|
|
|
[ -r $config_file ] && . $config_file
|
|
|
|
|
|
|
|
usage() {
|
2017-08-20 04:31:00 +02:00
|
|
|
cat <<EOT >&2
|
2015-08-25 16:54:13 +02:00
|
|
|
|
|
|
|
Usage: $0 COMMAND [ARG]
|
|
|
|
|
|
|
|
add [ [OPTIONS] LOGIN WWWDOMAIN ]
|
|
|
|
|
|
|
|
Create web account LOGIN.
|
|
|
|
No arguments starts interactive mode.
|
|
|
|
|
|
|
|
-p PASSWD
|
|
|
|
FTP and SFTP password (default : random)
|
|
|
|
|
|
|
|
-m DBNAME
|
|
|
|
Name of MySQL database (default : same as account)
|
|
|
|
|
|
|
|
-P DBPASSWD
|
|
|
|
MySQL password (default : random)
|
|
|
|
|
|
|
|
-l MAIL
|
|
|
|
Send summary email to MAIL
|
|
|
|
|
|
|
|
-k SSHKEY
|
|
|
|
Use this SSH key
|
|
|
|
|
|
|
|
-u UID
|
|
|
|
Force account UID (only in command line)
|
|
|
|
|
|
|
|
-g GID
|
|
|
|
Force account GID (only in command line)
|
|
|
|
|
|
|
|
-U UID
|
|
|
|
Force www-account UID (only in command line)
|
|
|
|
|
|
|
|
-y
|
|
|
|
Don't ask for confirmation
|
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
-r
|
|
|
|
PHP version (without dot)
|
|
|
|
|
|
|
|
-q
|
|
|
|
Filesystem quota in GiB, in the form <quota soft>:<quota hard>
|
|
|
|
|
|
|
|
Example : web-add.sh add -m testdb -r 56 testlogin testdomain.com
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-04-05 10:49:23 +02:00
|
|
|
del [ [OPTIONS] LOGIN [DBNAME] ]
|
2015-08-25 16:54:13 +02:00
|
|
|
|
|
|
|
Delete account and all files related (Apache, Awstats, etc)
|
|
|
|
Archive home directory.
|
|
|
|
Remove MySQL database only if DBNAME is specified.
|
|
|
|
|
2019-04-05 10:49:23 +02:00
|
|
|
-y
|
|
|
|
Don't ask for confirmation
|
|
|
|
|
|
|
|
Example : web-add.sh del -y testlogin testdatabase
|
|
|
|
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
list-vhost LOGIN
|
|
|
|
|
|
|
|
List Apache vhost for user LOGIN
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2018-12-04 17:25:45 +01:00
|
|
|
check-vhosts -f
|
2019-03-22 15:00:44 +01:00
|
|
|
|
2018-12-04 17:25:45 +01:00
|
|
|
List suggested changes to vhosts, apply fixes with -f
|
2015-08-25 16:54:13 +02:00
|
|
|
|
|
|
|
add-alias VHOST ALIAS
|
|
|
|
|
|
|
|
Add a ServerAlias to an Apache vhost
|
|
|
|
|
|
|
|
del-alias VHOST ALIAS
|
|
|
|
|
|
|
|
Del a ServerAlias from an Apache vhost
|
|
|
|
|
2019-03-22 15:00:44 +01:00
|
|
|
update-servername VHOST SERVERNAME OLD_SERVERNAME
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2019-03-22 15:00:44 +01:00
|
|
|
Replace the OLD_SERVERNAME with the SERVERNAME for an Apache vhost
|
2019-05-16 14:40:30 +02:00
|
|
|
Also apply to rewrite rules
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2019-03-25 11:34:03 +01:00
|
|
|
check-occurence NAME
|
|
|
|
|
|
|
|
List all occurences of NAME in vhosts
|
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
list-user-itk LOGIN
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
List the assigned ITK user for the LOGIN specified
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
enable-user-itk LOGIN
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
Enable the assigned ITK user for the LOGIN specified
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
disable-user-itk LOGIN
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 14:40:30 +02:00
|
|
|
Disable the assigned ITK user for the LOGIN specified
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
setphpversion LOGIN VERSION
|
|
|
|
|
|
|
|
Change PHP version for LOGIN
|
|
|
|
|
|
|
|
setquota LOGIN QUOTA_SOFT:QUOTA_HARD
|
|
|
|
|
|
|
|
Change quotas for LOGIN
|
2019-06-07 14:10:07 +02:00
|
|
|
|
|
|
|
manage-http-challenge-file [CREATE | DELETE]
|
|
|
|
|
|
|
|
Create or delete a dummy file for the Let's Encrypt HTTP challenge
|
|
|
|
The default directory is /var/lib/letsencrypt/.well-known/
|
2019-07-10 16:56:50 +02:00
|
|
|
|
|
|
|
generate-csr LOGIN DOMAINS
|
|
|
|
|
|
|
|
Generate the request for the Let's Encrypt certificate
|
|
|
|
|
|
|
|
generate-ssl-certificate LOGIN [TRUE | FALSE]
|
|
|
|
|
|
|
|
Generate the Let's Encrypt certificate
|
|
|
|
Run in TEST mode if TRUE
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
EOT
|
|
|
|
}
|
|
|
|
|
|
|
|
#
|
|
|
|
# Affiche un message d'erreur de validation
|
|
|
|
#
|
|
|
|
in_error() {
|
2017-08-20 04:31:00 +02:00
|
|
|
msg=$1
|
|
|
|
cat >&2 <<EOT
|
2015-08-25 16:54:13 +02:00
|
|
|
***
|
|
|
|
Erreur : $msg
|
|
|
|
***
|
|
|
|
EOT
|
|
|
|
}
|
|
|
|
|
|
|
|
gen_random_passwd() {
|
2017-08-20 04:31:00 +02:00
|
|
|
apg -c /dev/urandom -n1 -E oOlL10\&\\\/\"\'
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
validate_login() {
|
2017-08-20 04:31:00 +02:00
|
|
|
login=$1
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
length=${#login}
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
if [ "$length" -lt 3 ]; then
|
2017-08-20 04:31:00 +02:00
|
|
|
in_error "Le login doit contenir plus de 2 caracteres"
|
|
|
|
return 1
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
if [ "$length" -gt $MAX_LOGIN_CHAR ]; then
|
2017-08-20 04:31:00 +02:00
|
|
|
in_error "Le login ne doit pas contenir plus de $MAX_LOGIN_CHAR caracteres"
|
|
|
|
return 1
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
validate_passwd() {
|
2017-08-20 04:31:00 +02:00
|
|
|
passwd=$1
|
|
|
|
length=${#passwd}
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
if [ "$length" -lt 6 ] && [ "$length" -gt 0 ]; then
|
2017-08-20 04:31:00 +02:00
|
|
|
in_error "Le mot de passe doit avoir au moins 6 caracteres"
|
|
|
|
return 1
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
validate_dbname() {
|
2017-08-20 04:31:00 +02:00
|
|
|
dbname=$1
|
2017-08-22 23:19:51 +02:00
|
|
|
if mysql $MYSQL_OPTS -ss -e "show databases" | grep "^$dbname$" >/dev/null; then
|
2017-08-20 04:31:00 +02:00
|
|
|
in_error "Base de données déjà existante"
|
|
|
|
return 1
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
validate_wwwdomain() {
|
2017-08-20 04:31:00 +02:00
|
|
|
wwwdomain=$1
|
|
|
|
if [ -z "$wwwdomain" ]; then
|
|
|
|
in_error "Le nom de domaine est obligatoire"
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
return 0
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
validate_mail() {
|
2017-08-20 04:31:00 +02:00
|
|
|
return 0
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
validate_phpversion() {
|
|
|
|
php_version="$1"
|
2018-10-16 20:32:47 +02:00
|
|
|
if [[ ! " ${PHP_VERSIONS[*]} " =~ ${php_version} ]]; then
|
2017-08-22 23:19:51 +02:00
|
|
|
in_error "Version de PHP incorrecte."
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
validate_quota() {
|
2018-10-16 20:25:23 +02:00
|
|
|
quota_soft=$(echo "$1" |cut -f 1 -d:)
|
|
|
|
quota_hard=$(echo "$1" |cut -f 2 -d:)
|
2017-08-22 23:19:51 +02:00
|
|
|
if [ -z "$quota_soft" ] || [ -z "$quota_hard" ]; then
|
|
|
|
in_error "Le quota soft et le quota hard doivent être spécifiés sous la forme <quota soft>:<quota hard>."
|
|
|
|
return 1
|
2018-10-16 20:25:23 +02:00
|
|
|
elif [ "$quota_soft" -gt "$quota_hard" ]; then
|
2017-08-22 23:19:51 +02:00
|
|
|
in_error "Le quota hard doit être plus grand que le quota soft."
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
step_ok() {
|
2017-08-20 04:31:00 +02:00
|
|
|
msg=$1
|
|
|
|
echo "[OK] $msg"
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
create_www_account() {
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
# Vérifications
|
|
|
|
for filetocheck in $TPL_VHOST $TPL_AWSTATS $TPL_MAIL; do
|
|
|
|
if [ ! -f $filetocheck ]; then
|
|
|
|
in_error "Fichier inexistant : $filetocheck"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
|
|
|
if [ -f $PRE_LOCAL_SCRIPT ]; then
|
2018-10-16 20:10:02 +02:00
|
|
|
# shellcheck source=/usr/share/scripts/evoadmin/web-add.pre-local.sh
|
2017-08-20 04:31:00 +02:00
|
|
|
source $PRE_LOCAL_SCRIPT
|
|
|
|
fi
|
|
|
|
|
|
|
|
step_ok "Exécution du pre-script spécifique"
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
|
|
|
if [ -z "$HOME_DIR_USER" ]; then
|
|
|
|
HOME_DIR_USER="$HOME_DIR/$in_login"
|
|
|
|
fi
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
|
|
|
if [ -d "$HOME_DIR_USER" ]; then
|
|
|
|
in_error "Ce compte existe deja (ou il a mal été effacé)"
|
|
|
|
return 1
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-17 21:03:15 +02:00
|
|
|
# Create user and force UID / GID if specified
|
2018-10-17 21:03:15 +02:00
|
|
|
/usr/sbin/adduser \
|
|
|
|
--gecos "User $in_login" \
|
|
|
|
--disabled-password \
|
|
|
|
"$in_login" \
|
|
|
|
--shell /bin/bash \
|
|
|
|
${in_uid:+'--uid' "$in_uid"} \
|
|
|
|
${in_gid:+'--gid' "$in_gid"} \
|
|
|
|
--force-badname \
|
|
|
|
--home "$HOME_DIR_USER" >/dev/null
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2018-10-17 21:03:15 +02:00
|
|
|
[ -z "$in_sshkey" ] \
|
2019-02-28 16:19:54 +01:00
|
|
|
&& echo "$in_login:$in_passwd" | chpasswd
|
|
|
|
|
2018-10-17 21:03:15 +02:00
|
|
|
[ -z "$in_sshkey" ] \
|
|
|
|
|| [ -n "$HOME_DIR_USER" ] \
|
|
|
|
&& mkdir "$HOME_DIR_USER/.ssh" \
|
|
|
|
&& echo "$in_sshkey" > "$HOME_DIR_USER/.ssh/authorized_keys" \
|
|
|
|
&& chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" \
|
|
|
|
&& chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh"
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2019-03-19 11:46:41 +01:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2018-10-17 21:03:15 +02:00
|
|
|
# Create www user and force UID if specified
|
2018-10-17 21:03:15 +02:00
|
|
|
/usr/sbin/adduser \
|
|
|
|
--gecos "WWW $in_login" \
|
|
|
|
--disabled-password \
|
|
|
|
www-"$in_login" \
|
|
|
|
--shell /bin/false \
|
|
|
|
${in_wwwuid:+'--uid' "$in_wwwuid"} \
|
|
|
|
--ingroup "$in_login" \
|
|
|
|
--force-badname \
|
|
|
|
--home "$HOME_DIR_USER"/www \
|
|
|
|
--no-create-home > /dev/null
|
2017-08-23 14:19:48 +02:00
|
|
|
elif [ "$WEB_SERVER" == "nginx" ]; then
|
|
|
|
# Adding user www-data to group $in_login.
|
|
|
|
# And primary group www-data for $in_login.
|
2018-10-16 20:25:23 +02:00
|
|
|
adduser www-data "$in_login"
|
|
|
|
usermod -g www-data "$in_login"
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2017-08-25 22:56:30 +02:00
|
|
|
# Get uid/gid for newly created accounts
|
2018-10-16 20:25:23 +02:00
|
|
|
uid=$(id -u "$in_login")
|
|
|
|
gid=$(id -g "$in_login")
|
|
|
|
www_uid=$(id -u www-"$in_login")
|
2017-08-25 22:56:30 +02:00
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
# Create users inside all containers
|
2018-10-16 20:25:23 +02:00
|
|
|
for php_version in "${PHP_VERSIONS[@]}"; do
|
|
|
|
lxc-attach -n php"${php_version}" -- /usr/sbin/addgroup "$in_login" --gid "$gid" --force-badname >/dev/null
|
|
|
|
lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --gecos "User $in_login" --disabled-password "$in_login" --shell /bin/bash --uid "$uid" --gid "$gid" --force-badname --home "$HOME_DIR_USER" >/dev/null
|
2019-02-28 16:19:54 +01:00
|
|
|
lxc-attach -n php"${php_version}" -- [ -z "$in_sshkey" ] && echo "$in_login:$in_passwd" | chpasswd
|
2018-10-16 20:25:23 +02:00
|
|
|
lxc-attach -n php"${php_version}" -- /usr/sbin/adduser --disabled-password --home "$HOME_DIR_USER"/www --no-create-home --shell /bin/false --gecos "WWW $in_login" www-"$in_login" --uid "$www_uid" --ingroup "$in_login" --force-badname >/dev/null
|
2017-08-22 23:19:51 +02:00
|
|
|
done
|
|
|
|
|
2018-04-19 22:41:42 +02:00
|
|
|
if grep -qE '^AllowGroups' /etc/ssh/sshd_config; then
|
2018-10-16 20:39:23 +02:00
|
|
|
if ! grep -qE "^AllowGroups(\\s+\\S+)*(\\s+$SSH_GROUP)" /etc/ssh/sshd_config; then
|
2018-04-20 11:20:06 +02:00
|
|
|
sed -i "s/^AllowGroups .*/& $SSH_GROUP/" /etc/ssh/sshd_config
|
|
|
|
groupadd --force $SSH_GROUP
|
2018-04-19 22:41:42 +02:00
|
|
|
fi
|
2018-04-20 11:20:06 +02:00
|
|
|
usermod -a -G $SSH_GROUP "$in_login"
|
|
|
|
elif grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
|
|
|
|
sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
|
2018-04-19 22:41:42 +02:00
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
/etc/init.d/ssh reload
|
|
|
|
|
|
|
|
step_ok "Création des utilisateurs"
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
|
|
|
echo "www-$login: $login" >> /etc/aliases
|
|
|
|
echo "$login: $WWWBOUNCE_MAIL" >> /etc/aliases
|
|
|
|
elif [ "$WEB_SERVER" == "nginx" ]; then
|
|
|
|
echo "$login: $WWWBOUNCE_MAIL" >> /etc/aliases
|
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
newaliases
|
|
|
|
|
|
|
|
step_ok "Alias mail"
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
chmod 750 "$HOME_DIR_USER"/
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
# Répertoires par défaut
|
2018-10-16 20:25:23 +02:00
|
|
|
mkdir -p "$HOME_DIR_USER"/{log,www,awstats}
|
|
|
|
chown "$in_login":"$in_login" "$HOME_DIR_USER"/www
|
|
|
|
chgrp "$in_login" "$HOME_DIR_USER"/{log,awstats}
|
|
|
|
chmod 750 "$HOME_DIR_USER"/{log,www,awstats}
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
# Ajout des logs par defaut
|
2018-10-16 20:25:23 +02:00
|
|
|
touch "$HOME_DIR_USER"/log/access.log
|
|
|
|
touch "$HOME_DIR_USER"/log/error.log
|
|
|
|
touch "$HOME_DIR_USER"/log/php.log
|
|
|
|
chgrp "$in_login" "$HOME_DIR_USER"/log/access.log
|
|
|
|
chgrp "$in_login" "$HOME_DIR_USER"/log/error.log
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
chown www-"$in_login":"$in_login" "$HOME_DIR_USER"/log/php.log
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
|
|
|
# There is no php.log for nginx ATM, it will go in error.log.
|
2018-10-16 20:25:23 +02:00
|
|
|
chmod 640 "$HOME_DIR_USER"/log/access.log
|
|
|
|
chmod 640 "$HOME_DIR_USER"/log/error.log
|
|
|
|
chmod 640 "$HOME_DIR_USER"/log/php.log
|
2017-08-20 04:31:00 +02:00
|
|
|
|
|
|
|
step_ok "Création du répertoire personnel"
|
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
############################################################################
|
|
|
|
|
|
|
|
if [ -n "$in_quota" ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
quota_soft=$(($(echo "$in_quota" |cut -f 1 -d:) * 1024 * 1024))
|
|
|
|
quota_hard=$(($(echo "$in_quota" |cut -f 2 -d:) * 1024 * 1024))
|
|
|
|
setquota --remote --user "$in_login" $quota_soft $quota_hard 0 0 /home
|
2017-08-22 23:19:51 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
|
|
|
# Create FPM pool on all containers.
|
2018-10-16 20:25:23 +02:00
|
|
|
for php_version in "${PHP_VERSIONS[@]}"; do
|
2017-08-22 23:19:51 +02:00
|
|
|
if [ "$php_version" = "70" ]; then
|
|
|
|
pool_path="/etc/php/7.0/fpm/pool.d/"
|
2019-03-15 16:44:42 +01:00
|
|
|
elif [ "$php_version" = "73" ]; then
|
|
|
|
pool_path="/etc/php/7.3/fpm/pool.d/"
|
2017-08-22 23:19:51 +02:00
|
|
|
else
|
|
|
|
pool_path="/etc/php5/fpm/pool.d/"
|
|
|
|
fi
|
2017-08-25 22:57:38 +02:00
|
|
|
phpfpm_socket_path="/home/${in_login}/php-fpm${php_version}.sock"
|
2018-10-16 20:25:23 +02:00
|
|
|
cat <<EOT >/var/lib/lxc/php"${php_version}"/rootfs/${pool_path}/"${in_login}".conf
|
2017-08-22 23:19:51 +02:00
|
|
|
[${in_login}]
|
2019-04-02 15:15:51 +02:00
|
|
|
user = www-${in_login}
|
2017-08-22 23:19:51 +02:00
|
|
|
group = ${in_login}
|
|
|
|
|
2017-08-25 22:57:38 +02:00
|
|
|
listen = ${phpfpm_socket_path}
|
|
|
|
listen.owner = ${in_login}
|
|
|
|
listen.group = ${in_login}
|
2017-08-22 23:19:51 +02:00
|
|
|
pm = ondemand
|
|
|
|
pm.max_children = 10
|
|
|
|
pm.process_idle_timeout = 10s
|
|
|
|
php_admin_value[error_log] = /home/${in_login}/log/php.log
|
|
|
|
EOT
|
2017-08-25 22:57:38 +02:00
|
|
|
step_ok "Création du pool FPM ${php_version}"
|
2017-08-22 23:19:51 +02:00
|
|
|
done
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
############################################################################
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
random=$RANDOM
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2019-08-21 12:05:37 +02:00
|
|
|
# On s'assure que /etc/apache2/ssl pour le IncludeOptional de la conf
|
|
|
|
mkdir -p /etc/apache2/ssl
|
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
vhostfile="/etc/apache2/sites-available/${in_login}.conf"
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e "s/XXX/$in_login/g ; s/SERVERNAME/$in_wwwdomain/ ; s/RANDOM/$random/ ; s#HOME_DIR#$HOME_DIR#" < $TPL_VHOST > "$vhostfile"
|
2017-08-23 14:19:48 +02:00
|
|
|
|
|
|
|
if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then
|
2017-08-25 22:57:38 +02:00
|
|
|
phpfpm_socket_path="/home/${in_login}/php-fpm${in_phpversion}.sock"
|
2018-10-16 20:25:23 +02:00
|
|
|
cat <<EOT >>"$vhostfile"
|
2017-08-25 22:57:38 +02:00
|
|
|
<Proxy "unix:${phpfpm_socket_path}|fcgi://localhost/" timeout=300>
|
2017-08-22 23:19:51 +02:00
|
|
|
</Proxy>
|
2018-10-16 20:39:23 +02:00
|
|
|
<FilesMatch "\\.php$">
|
2017-08-25 22:57:38 +02:00
|
|
|
SetHandler proxy:unix:${phpfpm_socket_path}|fcgi://localhost/
|
2017-08-22 23:19:51 +02:00
|
|
|
</FilesMatch>
|
|
|
|
</VirtualHost>
|
|
|
|
EOT
|
2017-08-23 14:19:48 +02:00
|
|
|
else
|
2018-10-16 20:25:23 +02:00
|
|
|
cat <<EOT >>"$vhostfile"
|
2017-08-22 23:19:51 +02:00
|
|
|
</VirtualHost>
|
|
|
|
EOT
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
# On active aussi example.com si domaine commence par "www." comme www.example
|
2018-10-16 20:39:23 +02:00
|
|
|
if echo "$in_wwwdomain" | grep '^www.' > /dev/null; then
|
|
|
|
subweb="${in_wwwdomain#www.}"
|
|
|
|
sed -i -e "s/^\\(.*\\)#\\(ServerAlias\\).*$/\\1\\2 $subweb/" "$vhostfile"
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
a2ensite "$in_login" >/dev/null
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
step_ok "Configuration d'Apache"
|
|
|
|
|
|
|
|
elif [ "$WEB_SERVER" == "nginx" ]; then
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e \
|
|
|
|
"s/DOMAIN/${in_wwwdomain}/g; s/LOGIN/${in_login}/g;" \
|
|
|
|
< "$TPL_VHOST" \
|
|
|
|
> ${VHOST_PATH}/"$in_login"
|
|
|
|
ln -s /etc/nginx/sites-available/"$in_login" \
|
|
|
|
/etc/nginx/sites-enabled/"$in_login"
|
2017-08-23 14:19:48 +02:00
|
|
|
|
|
|
|
/etc/init.d/nginx restart
|
|
|
|
|
|
|
|
step_ok "Configuration de Nginx + restart"
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e "s/SED_LOGIN/${in_login}/g;" \
|
|
|
|
< $TPL_FPM > ${FPM_PATH}/"${in_login}".conf
|
2017-08-23 14:19:48 +02:00
|
|
|
step_ok "Creation du pool PHP-FPM"
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2017-08-25 14:47:42 +02:00
|
|
|
############################################################################
|
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e "s/XXX/$in_login/ ; s/SERVERNAME/$in_wwwdomain/ ; s#HOME_DIR#$HOME_DIR#" \
|
|
|
|
< $TPL_AWSTATS > /etc/awstats/awstats."$in_login".conf
|
|
|
|
chmod 644 /etc/awstats/awstats."$in_login".conf
|
2017-08-23 14:19:48 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
VAR=$(grep -v "^#" /etc/cron.d/awstats |tail -1 | cut -d " " -f1)
|
|
|
|
if [ "$VAR" = "" ] || [ "$VAR" -ge 59 ]; then
|
2017-08-20 04:31:00 +02:00
|
|
|
VAR=1
|
|
|
|
else
|
2018-10-16 20:46:16 +02:00
|
|
|
VAR=$((VAR +1))
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
echo "$VAR * * * * root umask 033; [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.$in_login.conf -a -r $HOME_DIR_USER/log/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=$in_login -update >/dev/null" >> /etc/cron.d/awstats
|
|
|
|
|
|
|
|
step_ok "Activation d'Awstats"
|
|
|
|
|
|
|
|
############################################################################
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ "$in_dbname" ]; then
|
2017-08-22 23:19:51 +02:00
|
|
|
echo "CREATE DATABASE \`$in_dbname\` $MYSQL_CREATE_DB_OPTS;" | mysql $MYSQL_OPTS
|
|
|
|
echo "GRANT ALL PRIVILEGES ON \`$in_dbname\`.* TO \`$in_login\`@localhost IDENTIFIED BY '$in_dbpasswd';" | mysql $MYSQL_OPTS
|
|
|
|
echo "FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS
|
2017-08-20 04:31:00 +02:00
|
|
|
|
|
|
|
my_cnf_file="$HOME_DIR_USER/.my.cnf"
|
2018-10-16 20:25:23 +02:00
|
|
|
cat > "$my_cnf_file" <<-EOT
|
2017-10-17 10:44:58 +02:00
|
|
|
[client]
|
|
|
|
user = $in_login
|
|
|
|
password = "$in_dbpasswd"
|
|
|
|
|
|
|
|
[mysql]
|
|
|
|
database = $in_dbname
|
2017-08-23 14:19:48 +02:00
|
|
|
EOT
|
2018-10-16 20:25:23 +02:00
|
|
|
chown "$in_login" "$my_cnf_file"
|
|
|
|
chmod 600 "$my_cnf_file"
|
2017-08-20 04:31:00 +02:00
|
|
|
|
|
|
|
step_ok "Création base de données et compte MySQL"
|
|
|
|
fi
|
|
|
|
|
|
|
|
############################################################################
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
if [ "$in_dbname" ]; then
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e "
|
2019-03-19 11:46:41 +01:00
|
|
|
s/LOGIN/$in_login/g ;
|
|
|
|
s/SERVERNAME/$in_wwwdomain/ ;
|
|
|
|
s/PASSE1/$in_passwd/ ;
|
|
|
|
s/PASSE2/$in_dbpasswd/ ;
|
|
|
|
s/RANDOM/$random/ ;
|
|
|
|
s/QUOTA/$quota/ ;
|
|
|
|
s/RCPTTO/$in_mail/ ;
|
|
|
|
s/DBNAME/$in_dbname/ ;
|
2018-10-16 20:43:26 +02:00
|
|
|
s#HOME_DIR#$HOME_DIR#" \
|
|
|
|
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
|
2017-08-22 23:19:51 +02:00
|
|
|
else
|
2018-10-16 20:43:26 +02:00
|
|
|
sed -e "
|
2019-03-19 11:46:41 +01:00
|
|
|
s/LOGIN/$in_login/g ;
|
|
|
|
s/SERVERNAME/$in_wwwdomain/ ;
|
|
|
|
s/PASSE1/$in_passwd/ ;
|
|
|
|
s/RANDOM/$random/ ;
|
|
|
|
s/QUOTA/$quota/ ;
|
|
|
|
s/RCPTTO/$in_mail/ ;
|
|
|
|
s#HOME_DIR#$HOME_DIR# ;
|
2018-10-16 20:43:26 +02:00
|
|
|
39,58d" \
|
|
|
|
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
|
2017-08-22 23:19:51 +02:00
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
|
|
|
|
step_ok "Envoi du mail récapitulatif"
|
|
|
|
|
|
|
|
############################################################################
|
|
|
|
|
|
|
|
if [ -f $LOCAL_SCRIPT ]; then
|
2018-10-16 20:10:02 +02:00
|
|
|
# shellcheck source=/usr/share/scripts/evoadmin/web-add.local.sh
|
2017-08-20 04:31:00 +02:00
|
|
|
source $LOCAL_SCRIPT
|
|
|
|
fi
|
|
|
|
|
|
|
|
step_ok "Exécution du script spécifique"
|
|
|
|
|
|
|
|
############################################################################
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
|
|
|
apache2ctl configtest 2>/dev/null
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
2018-10-16 20:25:23 +02:00
|
|
|
for php_version in "${PHP_VERSIONS[@]}"; do
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$php_version" = "70" ]; then
|
|
|
|
initscript_path="/etc/init.d/php7.0-fpm"
|
|
|
|
binary="php-fpm7.0"
|
2019-03-15 16:44:42 +01:00
|
|
|
elif [ "$php_version" = "73" ]; then
|
|
|
|
initscript_path="/etc/init.d/php7.3-fpm"
|
|
|
|
binary="php-fpm7.3"
|
2017-08-23 14:19:48 +02:00
|
|
|
else
|
|
|
|
initscript_path="/etc/init.d/php5-fpm"
|
|
|
|
binary="php5-fpm"
|
|
|
|
fi
|
2018-10-16 20:25:23 +02:00
|
|
|
lxc-attach -n php"${php_version}" -- $binary --test >/dev/null
|
|
|
|
lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null
|
2017-08-25 22:57:38 +02:00
|
|
|
step_ok "Rechargement de php-fpm dans php${php_version}"
|
2017-08-23 14:19:48 +02:00
|
|
|
done
|
|
|
|
|
2017-08-25 22:57:38 +02:00
|
|
|
step_ok "Rechargement d'Apache"
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
############################################################################
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "nginx" ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
fpm_status=$(echo -n "$in_login" | md5sum | cut -d' ' -f1)
|
|
|
|
cat <<EOT> /etc/munin/plugin-conf.d/phpfpm_"${in_login}"_
|
2017-08-23 14:19:48 +02:00
|
|
|
|
|
|
|
[phpfpm_${in_login}_*]
|
|
|
|
env.url http://munin:%d/fpm_status_$fpm_status
|
|
|
|
env.ports 80
|
|
|
|
env.phpbin php-fpm
|
|
|
|
env.phppool $in_login
|
|
|
|
EOT
|
|
|
|
for name in average connections memory processes status; do
|
|
|
|
ln -s /usr/local/share/munin/plugins/phpfpm_${name} \
|
2018-10-16 20:25:23 +02:00
|
|
|
/etc/munin/plugins/phpfpm_"${in_login}"_${name}
|
2017-08-23 14:19:48 +02:00
|
|
|
done
|
|
|
|
cat <<EOT>> /etc/nginx/evolinux.d/munin-plugins.conf
|
|
|
|
|
|
|
|
# $in_login FPM Status page. Secret part is md5 of pool name.
|
|
|
|
location ~ ^/fpm_status_${fpm_status}$ {
|
|
|
|
include fastcgi_params;
|
|
|
|
fastcgi_pass unix:/var/run/php-fpm-${in_login}.sock;
|
|
|
|
fastcgi_param SCRIPT_FILENAME \$fastcgi_script_name;
|
|
|
|
allow 127.0.0.1;
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
EOT
|
|
|
|
sed -i "s#SED_STATUS#/fpm_status_${fpm_status}#" \
|
2018-10-16 20:25:23 +02:00
|
|
|
${FPM_PATH}/"${in_login}".conf
|
2017-08-23 14:19:48 +02:00
|
|
|
/etc/init.d/nginx reload
|
|
|
|
/etc/init.d/${FPM_SERVICE_NAME} reload
|
|
|
|
/etc/init.d/munin-node restart
|
|
|
|
|
|
|
|
step_ok "Configuration plugin php-fpm pour munin"
|
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
############################################################################
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
DATE=$(date +"%Y-%m-%d")
|
|
|
|
echo "$DATE [web-add.sh] Ajout $in_login" >> /var/log/evolix.log
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
op_del() {
|
2019-04-04 11:52:18 +02:00
|
|
|
|
|
|
|
#
|
|
|
|
# Mode interactif
|
|
|
|
#
|
|
|
|
|
|
|
|
if [ $# -eq 0 ]; then
|
|
|
|
echo
|
|
|
|
echo "Suppression d'un compte WEB"
|
|
|
|
echo
|
|
|
|
|
|
|
|
until [ "$login" ]; do
|
|
|
|
echo -n "Entrez le login du compte à supprimer : "
|
|
|
|
read -r tmp
|
|
|
|
login="$tmp"
|
|
|
|
done
|
|
|
|
|
|
|
|
echo -n "Voulez-vous aussi supprimer un compte/base MySQL ? [y|N]"
|
|
|
|
read -r confirm
|
|
|
|
|
|
|
|
if [ "$confirm" = "y" ] || [ "$confirm" = "Y" ]; then
|
|
|
|
echo -n "Entrez le nom de la base de donnees ($login par defaut) : "
|
|
|
|
read -r tmp
|
|
|
|
|
|
|
|
if [ -z "$tmp" ]; then
|
|
|
|
dbname=$login
|
|
|
|
else
|
|
|
|
dbname="$tmp"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-04-05 10:49:23 +02:00
|
|
|
#
|
|
|
|
# Mode non interactif
|
|
|
|
#
|
|
|
|
|
|
|
|
else
|
|
|
|
while getopts hy opt; do
|
|
|
|
case "$opt" in
|
|
|
|
y)
|
|
|
|
force_confirm=1
|
|
|
|
;;
|
|
|
|
h)
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
?)
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
|
|
|
|
|
|
|
shift $((OPTIND - 1))
|
|
|
|
if [ $# -gt 0 ] && [ $# -le 2 ]; then
|
|
|
|
login=$1
|
|
|
|
if [ $# -eq 2 ]; then
|
|
|
|
dbname=$2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo
|
|
|
|
echo "----------------------------------------------"
|
|
|
|
echo "Nom du compte : $login"
|
|
|
|
if [ "$dbname" ]; then
|
|
|
|
echo "Base de données MySQL : $dbname"
|
|
|
|
fi
|
|
|
|
echo "----------------------------------------------"
|
|
|
|
echo
|
|
|
|
|
|
|
|
if [ -z "$force_confirm" ]; then
|
|
|
|
echo -n "Confirmer la suppression ? [y/N] : "
|
2019-04-04 11:52:18 +02:00
|
|
|
read -r tmp
|
|
|
|
echo
|
|
|
|
if [ "$tmp" != "y" ] && [ "$tmp" != "Y" ]; then
|
|
|
|
echo "Annulation..."
|
|
|
|
echo
|
|
|
|
exit 1
|
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
set -x
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
userdel www-"$login"
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2018-11-14 21:43:45 +01:00
|
|
|
userdel "$login"
|
2018-10-16 20:25:23 +02:00
|
|
|
for php_version in "${PHP_VERSIONS[@]}"; do
|
|
|
|
lxc-attach -n php"${php_version}" -- userdel -f www-"$login"
|
2018-11-14 21:43:45 +01:00
|
|
|
lxc-attach -n php"${php_version}" -- userdel -f "$login"
|
2017-08-22 23:19:51 +02:00
|
|
|
done
|
2017-08-20 04:31:00 +02:00
|
|
|
sed -i.bak "/^$login:/d" /etc/aliases
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
|
|
|
sed -i.bak "/^www-$login:/d" /etc/aliases
|
|
|
|
fi
|
2017-08-20 04:31:00 +02:00
|
|
|
|
2018-04-19 22:41:42 +02:00
|
|
|
if grep -qE '^AllowUsers' /etc/ssh/sshd_config; then
|
|
|
|
sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
|
|
|
|
/etc/init.d/ssh reload
|
|
|
|
fi
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -d "$HOME_DIR/$login" ]; then
|
2018-10-16 20:51:50 +02:00
|
|
|
mv -i $HOME_DIR/"$login" $HOME_DIR/"$login"."$(date '+%Y%m%d-%H%M%S')".bak
|
2017-08-20 04:31:00 +02:00
|
|
|
else
|
|
|
|
echo "warning : $HOME_DIR/$login does not exist"
|
|
|
|
fi
|
|
|
|
|
2017-08-23 14:19:48 +02:00
|
|
|
if [ "$WEB_SERVER" == "apache" ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
a2dissite "$login"
|
|
|
|
rm /etc/apache2/sites-available/"$login.conf"
|
|
|
|
rm /etc/awstats/awstats."$login.conf"
|
2017-08-23 14:19:48 +02:00
|
|
|
sed -i.bak "/-config=$login /d" /etc/cron.d/awstats
|
|
|
|
apache2ctl configtest
|
2018-10-16 20:25:23 +02:00
|
|
|
for php_version in "${PHP_VERSIONS[@]}"; do
|
2017-08-25 22:58:04 +02:00
|
|
|
if [ "$php_version" = "70" ]; then
|
2019-03-15 16:42:13 +01:00
|
|
|
phpfpm_dir="/etc/php/7.0/fpm/pool.d/"
|
2017-08-25 22:58:04 +02:00
|
|
|
initscript_path="/etc/init.d/php7.0-fpm"
|
2019-03-15 16:44:42 +01:00
|
|
|
elif [ "$php_version" = "73" ]; then
|
|
|
|
phpfpm_dir="/etc/php/7.3/fpm/pool.d/"
|
|
|
|
initscript_path="/etc/init.d/php7.3-fpm"
|
2017-08-25 22:58:04 +02:00
|
|
|
else
|
2019-03-15 16:42:13 +01:00
|
|
|
phpfpm_dir="/etc/php5/fpm/pool.d/"
|
2017-08-25 22:58:04 +02:00
|
|
|
initscript_path="/etc/init.d/php5-fpm"
|
|
|
|
fi
|
2018-10-16 20:25:23 +02:00
|
|
|
rm /var/lib/lxc/php"${php_version}"/rootfs/${phpfpm_dir}/"${login}".conf
|
|
|
|
lxc-attach -n php"${php_version}" -- $initscript_path restart >/dev/null
|
2017-08-23 14:19:48 +02:00
|
|
|
done
|
|
|
|
elif [ "$WEB_SERVER" == "nginx" ]; then
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
rm /etc/nginx/sites-{available,enabled}/"$login"
|
|
|
|
rm /etc/awstats/awstats."$login.conf"
|
|
|
|
rm /etc/munin/plugins/phpfpm_"${in_login}"*
|
2017-08-23 14:19:48 +02:00
|
|
|
sed -i.bak "/-config=$login/d" /etc/cron.d/awstats
|
|
|
|
nginx -t
|
|
|
|
fi
|
2019-07-24 16:25:16 +02:00
|
|
|
|
|
|
|
if [ -d /etc/letsencrypt/"$login" ]; then
|
|
|
|
rm -r /etc/letsencrypt/"$login"
|
|
|
|
fi
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
set +x
|
|
|
|
|
|
|
|
if [ -n "$dbname" ]; then
|
|
|
|
set -x
|
2017-08-22 23:19:51 +02:00
|
|
|
echo "DROP DATABASE $dbname; delete from mysql.user where user='$login' ; FLUSH PRIVILEGES;" | mysql $MYSQL_OPTS
|
2017-08-20 04:31:00 +02:00
|
|
|
set +x
|
2017-08-23 14:19:48 +02:00
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
2017-08-22 23:19:51 +02:00
|
|
|
op_setphpversion() {
|
|
|
|
if [ $# -ne 2 ]; then
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
login="$1"
|
|
|
|
phpversion="$2"
|
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
validate_phpversion "$phpversion"
|
2017-08-22 23:19:51 +02:00
|
|
|
|
2019-03-21 10:59:59 +01:00
|
|
|
sed -i "s#^\\(\s*SetHandler proxy:unix:/home/.*/php-fpm\\)..\\(\\.sock\\)#\\1${phpversion}\\2#" /etc/apache2/sites-available/"${login}".conf
|
|
|
|
sed -i "s#^\\(\s*<Proxy .*unix:/home/.*/php-fpm\\)..\\(\\.sock\\)#\\1${phpversion}\\2#" /etc/apache2/sites-available/"${login}".conf
|
2017-08-22 23:19:51 +02:00
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
|
|
|
|
DATE=$(date +"%Y-%m-%d")
|
|
|
|
echo "$DATE [web-add.sh] PHP version set to $phpversion for $login" >> /var/log/evolix.log
|
|
|
|
}
|
|
|
|
|
|
|
|
op_setquota() {
|
|
|
|
if [ $# -ne 2 ]; then
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
login="$1"
|
|
|
|
quota="$2"
|
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
validate_quota "$quota"
|
2017-08-22 23:19:51 +02:00
|
|
|
|
2018-10-16 20:25:23 +02:00
|
|
|
quota_soft=$(($(echo "$quota" |cut -f 1 -d:) * 1024 * 1024))
|
|
|
|
quota_hard=$(($(echo "$quota" |cut -f 2 -d:) * 1024 * 1024))
|
|
|
|
setquota --remote --user "$login" $quota_soft $quota_hard 0 0 /home
|
2017-08-22 23:19:51 +02:00
|
|
|
|
|
|
|
DATE=$(date +"%Y-%m-%d")
|
|
|
|
echo "$DATE [web-add.sh] quota set to $quota for $login" >> /var/log/evolix.log
|
|
|
|
}
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
arg_processing() {
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
# Détermination de la commande
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ $# -lt 1 ]; then
|
|
|
|
usage
|
|
|
|
else
|
|
|
|
commandname=$1
|
|
|
|
shift
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
case "$commandname" in
|
|
|
|
add)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_add "$@"
|
2017-08-20 04:31:00 +02:00
|
|
|
;;
|
|
|
|
del)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_del "$@"
|
2017-08-20 04:31:00 +02:00
|
|
|
;;
|
|
|
|
list-vhost)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_listvhost "$@"
|
2019-03-19 11:46:41 +01:00
|
|
|
;;
|
2018-12-04 17:25:45 +01:00
|
|
|
check-vhosts)
|
|
|
|
op_checkvhosts "$@"
|
2017-08-20 04:31:00 +02:00
|
|
|
;;
|
2015-08-25 16:54:13 +02:00
|
|
|
add-alias)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_aliasadd "$@"
|
2015-08-25 16:54:13 +02:00
|
|
|
;;
|
|
|
|
del-alias)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_aliasdel "$@"
|
2015-08-25 16:54:13 +02:00
|
|
|
;;
|
2019-03-19 11:46:41 +01:00
|
|
|
update-servername)
|
|
|
|
op_servernameupdate "$@"
|
|
|
|
;;
|
2019-03-25 11:34:03 +01:00
|
|
|
check-occurence)
|
|
|
|
op_checkoccurencename "$@"
|
|
|
|
;;
|
2019-03-25 18:05:37 +01:00
|
|
|
list-user-itk)
|
|
|
|
op_listuseritk "$@"
|
|
|
|
;;
|
|
|
|
enable-user-itk)
|
|
|
|
op_enableuseritk "$@"
|
|
|
|
;;
|
|
|
|
disable-user-itk)
|
|
|
|
op_disableuseritk "$@"
|
|
|
|
;;
|
2017-08-22 23:19:51 +02:00
|
|
|
setphpversion)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_setphpversion "$@"
|
2017-08-22 23:19:51 +02:00
|
|
|
;;
|
|
|
|
setquota)
|
2018-10-16 20:32:47 +02:00
|
|
|
op_setquota "$@"
|
2017-08-22 23:19:51 +02:00
|
|
|
;;
|
2019-06-07 14:10:07 +02:00
|
|
|
manage-http-challenge-file)
|
|
|
|
op_managehttpchallengefile "$@"
|
|
|
|
;;
|
2019-07-09 18:07:47 +02:00
|
|
|
generate-csr)
|
|
|
|
op_makecsr "$@"
|
|
|
|
;;
|
2019-07-10 16:56:50 +02:00
|
|
|
generate-ssl-certificate)
|
|
|
|
op_generatesslcertificate "$@"
|
|
|
|
;;
|
2017-08-20 04:31:00 +02:00
|
|
|
*)
|
|
|
|
usage
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
2019-07-09 18:07:47 +02:00
|
|
|
op_makecsr() {
|
|
|
|
if [ $# -gt 1 ]; then
|
|
|
|
vhost="$1"
|
|
|
|
domains=""
|
|
|
|
|
|
|
|
# remove the first argument to keep only the domains
|
|
|
|
shift 1
|
|
|
|
|
|
|
|
for domain in "$@"; do
|
|
|
|
domains="${domains:+${domains} }${domain}"
|
|
|
|
done
|
|
|
|
|
|
|
|
# pipe the domains to make-csr because we don't have STDIN
|
|
|
|
echo "$domains" | make-csr "$vhost"
|
|
|
|
else usage
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2019-07-10 16:56:50 +02:00
|
|
|
op_generatesslcertificate() {
|
|
|
|
if [ $# -gt 1 ]; then
|
|
|
|
vhost="$1"
|
|
|
|
test_mode="$2"
|
|
|
|
|
|
|
|
if [ "$test_mode" = "false" ]; then
|
2019-07-17 15:38:59 +02:00
|
|
|
if [ -L /etc/letsencrypt/$vhost/live ]; then
|
|
|
|
rm /etc/letsencrypt/$vhost/live
|
|
|
|
fi
|
2019-07-10 16:56:50 +02:00
|
|
|
evoacme "$vhost"
|
|
|
|
else
|
2019-07-15 17:06:50 +02:00
|
|
|
DRY_RUN=1 evoacme "$vhost"
|
2019-07-10 16:56:50 +02:00
|
|
|
fi
|
|
|
|
else usage
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2019-06-07 14:10:07 +02:00
|
|
|
op_managehttpchallengefile() {
|
|
|
|
if [ $# -eq 1 ]; then
|
2019-07-11 16:54:21 +02:00
|
|
|
folder="/var/lib/letsencrypt/.well-known"
|
2019-07-09 18:07:47 +02:00
|
|
|
file="testfile"
|
|
|
|
|
2019-06-07 14:10:07 +02:00
|
|
|
action=${1};
|
|
|
|
|
|
|
|
if [ "$action" = "create" ]; then
|
2019-07-09 18:07:47 +02:00
|
|
|
if [ ! -d "$folder" ]; then
|
2019-07-11 16:54:21 +02:00
|
|
|
mkdir -p "$folder/acme-challenge"
|
2019-07-09 18:07:47 +02:00
|
|
|
fi
|
2019-07-11 16:54:21 +02:00
|
|
|
if [ ! -f "$folder/acme-challenge/$file" ]; then
|
|
|
|
touch "$folder/acme-challenge/$file"
|
2019-07-09 18:07:47 +02:00
|
|
|
fi
|
|
|
|
chmod -R 755 "$folder"
|
2019-06-07 14:10:07 +02:00
|
|
|
elif [ "$action" = "delete" ]; then
|
2019-07-09 18:07:47 +02:00
|
|
|
rm -r "$folder"
|
2019-06-07 14:10:07 +02:00
|
|
|
else usage
|
|
|
|
fi
|
|
|
|
else usage
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
op_listvhost() {
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ $# -eq 1 ]; then
|
2017-08-22 23:19:51 +02:00
|
|
|
configlist="$VHOST_PATH/${1}.conf";
|
2017-08-20 04:31:00 +02:00
|
|
|
else
|
|
|
|
configlist="$VHOST_PATH/*";
|
|
|
|
fi
|
|
|
|
|
|
|
|
for configfile in $configlist; do
|
2018-12-11 15:30:06 +01:00
|
|
|
if [ -r "$configfile" ] && echo "$configfile" |grep -qvE "/(000-default|default-ssl|evoadmin)\\.conf$"; then
|
2018-10-16 20:51:50 +02:00
|
|
|
servername="$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | head -n 1)"
|
|
|
|
serveraliases="$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1)"
|
2019-02-28 18:01:46 +01:00
|
|
|
serveraliases="$(echo $serveraliases | sed 's/ \+/,/g')"
|
2018-10-16 20:51:50 +02:00
|
|
|
userid="$(awk '/^[[:space:]]*AssignUserID.*/ { print $3 }' "$configfile" | head -n 1)"
|
2017-08-25 23:22:26 +02:00
|
|
|
if [ -x /usr/bin/quota ]; then
|
2018-10-16 20:25:23 +02:00
|
|
|
size=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $2}')
|
|
|
|
quota_soft=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $3}')
|
|
|
|
quota_hard=$(quota --no-wrap --human-readable "$userid" |grep /home |awk '{print $4}')
|
2017-08-25 23:22:26 +02:00
|
|
|
fi
|
2019-02-21 02:31:04 +01:00
|
|
|
phpversion=$(perl -lne 'print $1 if (m!^\s+SetHandler proxy:unix:/home/.*/php-fpm(\d{2})\.sock!)' "$configfile" | head -n 1)
|
2018-10-16 20:25:23 +02:00
|
|
|
if [ -e /etc/apache2/sites-enabled/"${userid}".conf ]; then
|
2017-08-22 23:19:51 +02:00
|
|
|
is_enabled=1
|
|
|
|
else
|
|
|
|
is_enabled=0
|
|
|
|
fi
|
2019-05-17 11:53:21 +02:00
|
|
|
|
|
|
|
count_virtualhosts="$(grep "<VirtualHost" "$configfile" | wc -l)"
|
|
|
|
if [ "$count_virtualhosts" -eq 1 ]; then
|
|
|
|
is_standard=1
|
|
|
|
else
|
|
|
|
is_standard=0
|
|
|
|
fi
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ "$servername" ] && [ "$userid" ]; then
|
2018-10-16 20:51:50 +02:00
|
|
|
configid=$(basename "$configfile")
|
2019-05-17 11:53:21 +02:00
|
|
|
echo "$userid:$configid:$servername:$serveraliases:$size:$quota_soft:$quota_hard:$phpversion:$is_enabled:$is_standard"
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
op_aliasadd() {
|
|
|
|
if [ $# -eq 2 ]; then
|
2016-04-19 17:52:05 +02:00
|
|
|
vhost="${1}.conf"
|
2015-08-25 16:54:13 +02:00
|
|
|
alias=$2
|
2019-05-16 12:06:35 +02:00
|
|
|
vhost_file="${VHOST_PATH}/${vhost}"
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-05-16 12:06:35 +02:00
|
|
|
if [ -f "${vhost_file}" ]; then
|
|
|
|
sed -i "/ServerName .*/a \\\tServerAlias $alias" "${vhost_file}" --follow-symlinks
|
|
|
|
else
|
|
|
|
echo "VHost file \`${vhost_file}' not found'" >&2
|
|
|
|
return 1
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-05-16 12:06:35 +02:00
|
|
|
configtest_out=$(apache2ctl configtest)
|
|
|
|
configtest_rc=$?
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-05-16 12:06:35 +02:00
|
|
|
if [ "$configtest_rc" = "0" ]; then
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
else
|
|
|
|
echo $configtest_out >&2
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
else usage
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
op_aliasdel() {
|
|
|
|
if [ $# -eq 2 ]; then
|
2016-04-19 17:52:05 +02:00
|
|
|
vhost="${1}.conf"
|
2015-08-25 16:54:13 +02:00
|
|
|
alias=$2
|
2019-03-27 15:33:57 +01:00
|
|
|
vhost_file="${VHOST_PATH}/${vhost}"
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ -f "${vhost_file}" ]; then
|
|
|
|
sed -i -e "/ServerAlias $alias/d" "${vhost_file}" --follow-symlinks
|
|
|
|
else
|
|
|
|
echo "VHost file \`${vhost_file}' not found'" >&2
|
|
|
|
return 1
|
|
|
|
fi
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
configtest_out=$(apache2ctl configtest)
|
|
|
|
configtest_rc=$?
|
2015-08-25 16:54:13 +02:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ "$configtest_rc" = "0" ]; then
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
else
|
|
|
|
echo $configtest_out >&2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
usage
|
2015-08-25 16:54:13 +02:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2019-03-19 11:46:41 +01:00
|
|
|
op_servernameupdate() {
|
2019-03-22 15:00:44 +01:00
|
|
|
if [ $# -eq 3 ]; then
|
2019-03-19 11:46:41 +01:00
|
|
|
vhost="${1}.conf"
|
|
|
|
servername=$2
|
2019-03-22 15:00:44 +01:00
|
|
|
old_servername=$3
|
2019-03-27 15:33:57 +01:00
|
|
|
vhost_file="${VHOST_PATH}/${vhost}"
|
2019-03-22 15:00:44 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ -f "${vhost_file}" ]; then
|
|
|
|
sed -i "/^ *ServerName/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks
|
|
|
|
sed -i "/^ *RewriteCond/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks
|
|
|
|
fi
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
configtest_out=$(apache2ctl configtest)
|
|
|
|
configtest_rc=$?
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ "$configtest_rc" = "0" ]; then
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
else
|
|
|
|
echo $configtest_out >&2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
usage
|
2019-03-19 11:46:41 +01:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2019-03-25 11:34:03 +01:00
|
|
|
op_checkoccurencename() {
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ $# -eq 1 ]; then
|
|
|
|
name=${1}
|
|
|
|
configlist="$VHOST_PATH/*";
|
|
|
|
servernames=''
|
|
|
|
aliases=''
|
|
|
|
|
|
|
|
for configfile in $configlist; do
|
|
|
|
if [ -r "$configfile" ]; then
|
|
|
|
alias=$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1)
|
|
|
|
aliases="$aliases $alias"
|
2019-04-04 11:52:18 +02:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
servername=$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | uniq)
|
|
|
|
servernames="$servernames $servername"
|
|
|
|
fi
|
|
|
|
done
|
2019-03-25 11:34:03 +01:00
|
|
|
|
2019-10-14 10:21:05 +02:00
|
|
|
echo "$servernames" "$aliases" | grep -E "(^|\s)$name(\s|$)"
|
2019-03-27 15:33:57 +01:00
|
|
|
else
|
|
|
|
usage
|
|
|
|
fi
|
2019-03-25 11:34:03 +01:00
|
|
|
}
|
|
|
|
|
2019-03-25 18:05:37 +01:00
|
|
|
op_listuseritk() {
|
2019-05-16 11:55:52 +02:00
|
|
|
if [ $# -eq 1 ]; then
|
|
|
|
configfile="$VHOST_PATH/${1}.conf"
|
2019-04-04 11:52:18 +02:00
|
|
|
|
2019-05-16 11:55:52 +02:00
|
|
|
awk '/AssignUserID/ {print $2}' "$configfile" | uniq
|
2019-03-27 15:33:57 +01:00
|
|
|
else
|
|
|
|
usage
|
|
|
|
fi
|
2019-03-25 18:05:37 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
op_enableuseritk() {
|
2019-05-16 11:55:52 +02:00
|
|
|
if [ $# -eq 1 ]; then
|
|
|
|
configfile="$VHOST_PATH/${1}.conf"
|
|
|
|
group=$(awk '/AssignUserID/ {print $3}' "$configfile" | uniq)
|
2019-03-25 18:05:37 +01:00
|
|
|
|
2019-05-16 11:55:52 +02:00
|
|
|
sed -i "s/^ *AssignUserID $group/ AssignUserID www-$group/" "$configfile" --follow-symlinks
|
2019-03-26 12:06:07 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
configtest_out=$(apache2ctl configtest)
|
|
|
|
configtest_rc=$?
|
2019-03-26 12:06:07 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ "$configtest_rc" = "0" ]; then
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
else
|
|
|
|
echo $configtest_out >&2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
usage
|
|
|
|
fi
|
2019-03-25 18:05:37 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
op_disableuseritk() {
|
2019-05-16 11:55:52 +02:00
|
|
|
if [ $# -eq 1 ]; then
|
|
|
|
configfile="$VHOST_PATH"/"${1}".conf
|
|
|
|
group=$(awk '/AssignUserID/ {print $3}' "$configfile" | uniq)
|
2019-03-26 12:06:07 +01:00
|
|
|
|
2019-05-16 11:55:52 +02:00
|
|
|
sed -i "s/^ *AssignUserID www-$group/ AssignUserID ${group}/" "$configfile" --follow-symlinks
|
2019-03-26 12:06:07 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
configtest_out=$(apache2ctl configtest)
|
|
|
|
configtest_rc=$?
|
2019-03-26 12:06:07 +01:00
|
|
|
|
2019-03-27 15:33:57 +01:00
|
|
|
if [ "$configtest_rc" = "0" ]; then
|
|
|
|
/etc/init.d/apache2 force-reload >/dev/null
|
|
|
|
else
|
|
|
|
echo $configtest_out >&2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
usage
|
|
|
|
fi
|
2019-03-25 18:05:37 +01:00
|
|
|
}
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
op_add() {
|
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
#
|
|
|
|
# Mode interactif
|
|
|
|
#
|
|
|
|
if [ $# -eq 0 ]; then
|
|
|
|
echo
|
|
|
|
echo "Ajout d'un compte WEB"
|
|
|
|
echo
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
until [ "$in_login" ]; do
|
|
|
|
echo -n "Entrez le login du nouveau compte : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
if validate_login "$tmp"; then
|
|
|
|
in_login="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
until [ "$in_passwd" ]; do
|
|
|
|
echo -n "Entrez le mot de passe FTP/SFTP/SSH (ou vide pour aleatoire) : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -rs tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
echo
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -z "$tmp" ]; then
|
2018-10-16 20:51:50 +02:00
|
|
|
tmp=$(gen_random_passwd)
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if validate_passwd "$tmp"; then
|
|
|
|
in_passwd="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
echo -n "Voulez-vous aussi un compte/base MySQL ? [Y|n] "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r confirm
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ "$confirm" != "n" ] && [ "$confirm" != "N" ]; then
|
|
|
|
until [ "$in_dbname" ]; do
|
|
|
|
echo -n "Entrez le nom de la base de donnees ($in_login par defaut) : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r tmp
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -z "$tmp" ]; then
|
|
|
|
tmp=$in_login
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if validate_dbname "$tmp"; then
|
|
|
|
in_dbname="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
until [ "$in_dbpasswd" ]; do
|
|
|
|
echo -n "Entrez le mot de passe MySQL (ou vide pour aleatoire) : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -rs tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
echo
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -z "$tmp" ]; then
|
2018-10-16 20:51:50 +02:00
|
|
|
tmp=$(gen_random_passwd)
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if validate_passwd "$tmp"; then
|
|
|
|
in_dbpasswd="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
until [ "$in_wwwdomain" ]; do
|
|
|
|
echo -n "Entrez le nom de domaine web (ex: foo.example.com) : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
if validate_wwwdomain "$tmp"; then
|
|
|
|
in_wwwdomain="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
2017-08-22 23:19:51 +02:00
|
|
|
|
|
|
|
if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then
|
|
|
|
until [ "$in_phpversion" ]; do
|
2018-10-16 20:49:43 +02:00
|
|
|
echo -n "Entrez la version de PHP désirée parmis ${PHP_VERSIONS[*]} : "
|
|
|
|
read -r tmp
|
2017-08-22 23:19:51 +02:00
|
|
|
if validate_phpversion "$tmp"; then
|
|
|
|
in_phpversion="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
until [ "$in_mail" ]; do
|
|
|
|
echo -n "Entrez votre adresse mail pour recevoir le mail de creation ($CONTACT_MAIL par défaut) : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -z "$tmp" ]; then
|
|
|
|
tmp="$CONTACT_MAIL"
|
|
|
|
fi
|
|
|
|
if validate_mail "$tmp"; then
|
|
|
|
in_mail="$tmp"
|
|
|
|
fi
|
|
|
|
done
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
#
|
|
|
|
# Mode non interactif
|
|
|
|
#
|
|
|
|
else
|
2017-08-22 23:19:51 +02:00
|
|
|
while getopts hyp:m:P:w:l:k:u:g:U:r:q: opt; do
|
2017-08-20 04:31:00 +02:00
|
|
|
case "$opt" in
|
|
|
|
p)
|
|
|
|
in_passwd=$OPTARG
|
|
|
|
;;
|
|
|
|
m)
|
|
|
|
in_dbname=$OPTARG
|
|
|
|
;;
|
|
|
|
P)
|
|
|
|
in_dbpasswd=$OPTARG
|
|
|
|
;;
|
|
|
|
l)
|
|
|
|
in_mail=$OPTARG
|
|
|
|
;;
|
|
|
|
k)
|
|
|
|
in_sshkey=$OPTARG
|
|
|
|
;;
|
|
|
|
y)
|
|
|
|
force_confirm=1
|
|
|
|
;;
|
|
|
|
u)
|
|
|
|
in_uid=$OPTARG
|
|
|
|
;;
|
|
|
|
g)
|
|
|
|
in_gid=$OPTARG
|
|
|
|
;;
|
|
|
|
U)
|
|
|
|
in_wwwuid=$OPTARG
|
|
|
|
;;
|
2017-08-22 23:19:51 +02:00
|
|
|
r)
|
|
|
|
in_phpversion=$OPTARG
|
|
|
|
;;
|
|
|
|
q)
|
|
|
|
in_quota=$OPTARG
|
|
|
|
;;
|
2017-08-20 04:31:00 +02:00
|
|
|
h)
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
?)
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2018-10-16 20:46:16 +02:00
|
|
|
shift $((OPTIND - 1))
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ $# -ne 2 ]; then
|
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
else
|
|
|
|
in_login=$1
|
|
|
|
in_wwwdomain=$2
|
2018-10-16 20:51:50 +02:00
|
|
|
validate_login "$in_login" || exit 1
|
|
|
|
[ -z "$in_passwd" ] && [ -z "$in_sshkey" ] && in_passwd=$(gen_random_passwd)
|
|
|
|
[ -z "$in_sshkey" ] && ( validate_passwd "$in_passwd" || exit 1 )
|
|
|
|
[ -n "$in_dbname" ] && ( validate_dbname "$in_dbname" || exit 1 )
|
|
|
|
[ -z "$in_dbpasswd" ] && [ -n "$in_dbname" ] && in_dbpasswd=$(gen_random_passwd)
|
|
|
|
[ -n "$in_dbname" ] && ( validate_passwd "$in_dbpasswd" || exit 1 )
|
|
|
|
validate_wwwdomain "$in_wwwdomain" || exit 1
|
2017-08-20 04:31:00 +02:00
|
|
|
[ -z "$in_mail" ] && in_mail=$CONTACT_MAIL
|
|
|
|
validate_mail $in_mail || exit 1
|
2018-10-16 20:25:23 +02:00
|
|
|
[ -n "$in_phpversion" ] && (validate_phpversion "$in_phpversion" || exit 1)
|
|
|
|
[ -n "$in_quota" ] && (validate_quota "$in_quota" || exit 1)
|
2017-08-20 04:31:00 +02:00
|
|
|
fi
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
echo
|
|
|
|
echo "----------------------------------------------"
|
|
|
|
echo "Nom du compte : $in_login"
|
|
|
|
echo "Mot de passe : $in_passwd"
|
|
|
|
if [ "$in_dbname" ]; then
|
|
|
|
echo "Base de données MySQL : $in_dbname"
|
|
|
|
echo "Mot de passe MySQL : $in_dbpasswd"
|
|
|
|
fi
|
|
|
|
echo "Nom de domaine : $in_wwwdomain"
|
2017-08-22 23:19:51 +02:00
|
|
|
if [ ${#PHP_VERSIONS[@]} -gt 0 ]; then
|
|
|
|
echo "version de PHP : $in_phpversion"
|
|
|
|
fi
|
|
|
|
echo "Quota : $in_quota"
|
2017-08-20 04:31:00 +02:00
|
|
|
echo "Envoi du mail récapitulatif à : $in_mail"
|
|
|
|
echo "----------------------------------------------"
|
|
|
|
echo
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
if [ -z "$force_confirm" ]; then
|
|
|
|
echo -n "Confirmer la création ? [y/N] : "
|
2018-10-16 20:49:43 +02:00
|
|
|
read -r tmp
|
2017-08-20 04:31:00 +02:00
|
|
|
echo
|
|
|
|
if [ "$tmp" != "y" ] && [ "$tmp" != "Y" ]; then
|
|
|
|
echo "Annulation..."
|
|
|
|
echo
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
2018-04-19 22:41:58 +02:00
|
|
|
|
2017-08-20 04:31:00 +02:00
|
|
|
create_www_account
|
|
|
|
echo
|
|
|
|
echo " => Compte $in_login créé avec succès"
|
|
|
|
echo
|
2015-08-25 16:54:13 +02:00
|
|
|
}
|
|
|
|
|
2018-11-22 20:15:06 +01:00
|
|
|
# Some people forget to use the --follow-symlinks flag with sed(1),
|
|
|
|
# thus not carrying changes over to /etc/sites-available.
|
2018-12-04 17:25:45 +01:00
|
|
|
op_checkvhosts() {
|
2018-11-29 18:42:20 +01:00
|
|
|
ln_vhosts_dir="$(sed 's/available/enabled/' <<< "$VHOST_PATH")"
|
2018-11-22 20:15:06 +01:00
|
|
|
non_ln_vhosts="$(find "$ln_vhosts_dir"/* ! -type l)"
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2018-12-13 19:21:13 +01:00
|
|
|
while getopts f opt; do
|
2018-12-04 17:25:45 +01:00
|
|
|
case "$opt" in
|
|
|
|
f)
|
|
|
|
apply=1
|
|
|
|
;;
|
2018-12-13 19:21:13 +01:00
|
|
|
?)
|
2018-12-04 17:25:45 +01:00
|
|
|
usage
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
done
|
2019-03-19 11:46:41 +01:00
|
|
|
|
2018-12-04 17:25:45 +01:00
|
|
|
for ln_path in $non_ln_vhosts
|
2018-11-22 20:15:06 +01:00
|
|
|
do
|
2018-12-04 17:25:45 +01:00
|
|
|
vhost_name=$(basename "$ln_path")
|
|
|
|
fix_conf="mv $ln_path $VHOST_PATH/$vhost_name"
|
|
|
|
fix_ln="a2ensite $vhost_name"
|
|
|
|
|
|
|
|
if [[ -z "$apply" ]]; then
|
|
|
|
echo "Suggested fixes for $vhost_name:"
|
|
|
|
echo "diff $ln_path $VHOST_PATH/$vhost_name"
|
|
|
|
echo "$fix_conf"
|
|
|
|
echo "$fix_ln"
|
|
|
|
else
|
|
|
|
$fix_conf
|
|
|
|
$fix_ln
|
|
|
|
fi
|
|
|
|
done
|
2018-11-22 20:15:06 +01:00
|
|
|
}
|
|
|
|
|
2015-08-25 16:54:13 +02:00
|
|
|
# Point d'entrée
|
2018-10-17 21:03:15 +02:00
|
|
|
arg_processing "$@"
|