+ * @version 1.0
+ */
+
+require_once EVOADMIN_BASE . '../lib/bdd.php';
+require_once EVOADMIN_BASE . '../lib/domain.php';
+
+global $conf;
+
+if (isset($_GET['edit']) ) {
+ require_once EVOADMIN_BASE . '../evolibs/Form.php';
+
+ include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
+ include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
+
+ $form = new FormPage("Modification du ServerName", FALSE);
+ $form->addField('domain_servername', new DomainInputFormField("ServerName", TRUE), $_GET['edit']);
+ $form->addField('previous_servername', new DomainInputFormField("", TRUE, TRUE), $_GET['edit']);
+
+ if (!empty($_POST)) {
+ $form->isCurrentPage(TRUE);
+ $form->initFields();
+
+ if ($form->verify(TRUE)) {
+ // TODO: Adapt the script for cluster mode
+ if ($conf['cluster']) {
+ if (is_mcluster_mode()) {
+ // If the user has not yet selected a cluster, redirect-it to home page.
+ if (empty($_SESSION['cluster'])) {
+ http_redirect('/');
+ }
+ $cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']);
+ }
+ else {
+ $cache = $conf['cache'];
+ }
+ $bdd = new bdd();
+ $bdd->open($cache);
+
+ $servername = array (
+ 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
+ 'servername' => $form->getField('domain_servername')->getValue(),
+ 'previous_servername' => $form->getField('previous_servername')->getValue(),
+ );
+
+ $account_name=$servername['domain'];
+ $account = $bdd->get_account($account_name);
+
+
+ if (sizeof($account) == 0)
+ die("Anomalie... Contactez votre administrateur.");
+
+ $master = $bdd->get_server_from_roleid($account['id_master']);
+ $slave = $bdd->get_server_from_roleid($account['id_slave']);
+
+
+ if ( $bdd->is_serveralias( $account_name, $serveralias['alias'] ) == 0 ) {
+
+ /* web-add-cluster addalias */
+ $exec_cmd = 'web-add-cluster.sh add-alias '.$serveralias['domain'].' '.$serveralias['alias'].' '.$master.' '.$slave;
+ sudoexec($exec_cmd, $exec_output, $exec_return);
+
+
+
+ if ($exec_return == 0) {
+ /* Ajout BDD */
+ $bdd->add_serveralias($serveralias);
+
+ domain_add($serveralias['alias'], gethostbyname($master) , false);
+
+ # Si le compte en question est en replication temps
+ # reel, il faut faire un restart manuel de lsyncd
+ # pour prendre en compte le nouveau domaine.
+ if ($account['replication'] == "realtime") {
+ mail('tech@evolix.fr', "[TAF] Redemarrer lsyncd sur $master", wordwrap('killer tous les processus lsyncd lancé par vmail pour le compte '.$account['name'].' et les relancer (cf. la ligne correspondante à ce compte dans la crontab de vmail).\n', 70));
+ }
+
+ print "";
+ printf ('L\'alias %s du domaine %s a bien été créé
', $serveralias['alias'], $serveralias['domain']);
+ printf ('Retour à la liste des alias
', $_SERVER['REDIRECT_URL']);
+ print "";
+ } else {
+ print "";
+ printf ('Echec dans la creation de l\'alias %s du domaine %s
', $serveralias['alias'], $serveralias['domain']);
+ printf ('Retour à la liste des alias
', $_SERVER['REDIRECT_URL']);
+ print "";
+ }
+ } else {
+ print "";
+ printf ('Alias %s du domaine %s deja existant !
', $serveralias['alias'], $serveralias['domain']);
+ printf ('Retour à la liste des alias
', $_SERVER['REDIRECT_URL']);
+ print "";
+
+ }
+ }
+ else {
+ $servername = array (
+ 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
+ 'servername' => $form->getField('domain_servername')->getValue(),
+ 'previous_servername' => $form->getField('previous_servername')->getValue(),
+ );
+
+ $account_name=$servername['domain'];
+
+ $is_servername_present = check_occurence_name($servername['servername']);
+
+ if (!$is_servername_present) {
+ $exec_cmd = 'web-add.sh update-servername ' . $servername['domain'] . ' ' . $servername['servername'] . ' ' . $servername['previous_servername'];
+ sudoexec($exec_cmd, $exec_output, $exec_return);
+
+ if ($exec_return == 0) {
+ //domain_add($serveralias['alias'], gethostbyname($master) , false); TODO avec l'IP du load balancer
+ print "";
+ printf ('Le ServerName %s a bien été modifié
', $servername['servername']);
+ printf ('Retour à la liste des ServerNames
', $_SERVER['REDIRECT_URL']);
+ print "";
+ }
+ else {
+ print "";
+ printf ('Echec dans la modification du ServerName %s
', $servername['servername']);
+ printf ('Retour à la liste des ServerNames
', $_SERVER['REDIRECT_URL']);
+ print "";
+ }
+ }
+ else {
+ print "";
+ printf ('Echec dans la modification du ServerName %s
', $servername['servername']);
+ print ('Le domaine existe déjà dans d\'autres vhosts.');
+ printf ('
Retour à la liste des ServerNames
', $_SERVER['REDIRECT_URL']);
+ print "";
+ }
+ }
+ } else {
+ print "Modification du ServerName
";
+ print "";
+ }
+ } else {
+ print "Modification du ServerName
";
+ print "";
+
+ }
+
+ include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
+
+
+} else {
+
+ $domain = $params[1];
+ $servername_list = array();
+
+ // TODO: adapt for cluster mode
+ if ($conf['cluster']) {
+ if (is_mcluster_mode()) {
+ // If the user has not yet selected a cluster, redirect-it to home page.
+ if (empty($_SESSION['cluster'])) {
+ http_redirect('/');
+ }
+ $cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']);
+ }
+ else {
+ $cache = $conf['cache'];
+ }
+
+ $alias_list = array();
+
+ /* parcours de la table Serveralias */
+ $bdd = new bdd();
+ $bdd->open($cache);
+
+ $alias_list = $bdd->list_serveralias($domain);
+ }
+ else {
+
+ $cmd = 'web-add.sh list-servername ' . $domain;
+
+ if(!is_superadmin()) {
+ $cmd = sprintf('%s %s', $cmd, $_SESSION['user']);
+ }
+ sudoexec($cmd, $data_output, $exec_return);
+
+ foreach($data_output as $data_line) {
+ array_push($servername_list, $data_line);
+ }
+ }
+
+ include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
+ include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
+ include_once EVOADMIN_BASE . '../tpl/webadmin-servername.tpl.php';
+ include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
+
+}
+
+?>
diff --git a/lib/domain.php b/lib/domain.php
index a63df20..1e6dea7 100644
--- a/lib/domain.php
+++ b/lib/domain.php
@@ -17,13 +17,37 @@ function domain_add($name, $IP, $with_mxs, $gmail=false) {
$exec_cmd .= ' -m mail,10';
$exec_cmd .= ' -m backup.quai13.net.,20';
}
-# mail('tech@evolix.fr', '[TAF] Ajouter '.$name.' sur quai13-backup', wordwrap('Ajouter le domaine '.$name.' à la directive relay_domains dans le fichier /etc/postfix/main.cf sur quai13-backup, pour mettre en place le MX secondaire du domaine.', 70));
}
$exec_cmd .= " -a $IP $name";
- //echo $exec_cmd."\n";
sudoexec($exec_cmd, $exec_output, $exec_return);
return array($exec_cmd, $exec_return, $exec_output);
}
+/**
+ * Ensure that the domain (or list of domains) do no exists in any other
+ * apache config file. Either as a ServerName or ServerAlias
+ *
+ * @param string $name Domain (or list of domains separated by commas)
+ *
+ * @return boolean True if one occurence is found. Else otherwise
+ */
+function check_occurence_name($name) {
+
+ // If no domain are given, that should be okay
+ if(strlen($name) === 0){
+ return false;
+ }
+
+ $exploded_names = explode(',', $name);
+
+ foreach ($exploded_names as $current_name) {
+ $check_occurence_cmd = 'web-add.sh check-occurence ' . escapeshellarg($current_name);
+
+ sudoexec($check_occurence_cmd, $check_occurence_output, $check_occurence_return);
+ if ($check_occurence_return == 0) return true;
+ }
+
+ return false;
+}
diff --git a/scripts/web-add.sh b/scripts/web-add.sh
index 80ab7aa..df0306e 100755
--- a/scripts/web-add.sh
+++ b/scripts/web-add.sh
@@ -109,8 +109,9 @@ del LOGIN [DBNAME]
list-vhost LOGIN
List Apache vhost for user LOGIN
-
+
check-vhosts -f
+
List suggested changes to vhosts, apply fixes with -f
add-alias VHOST ALIAS
@@ -121,6 +122,31 @@ del-alias VHOST ALIAS
Del a ServerAlias from an Apache vhost
+list-servername LOGIN
+
+ List ServerName(s) for user LOGIN
+
+update-servername VHOST SERVERNAME OLD_SERVERNAME
+
+ Replace the OLD_SERVERNAME with the SERVERNAME for an Apache vhost
+ Also apply to rules
+
+check-occurence NAME
+
+ List all occurences of NAME in vhosts
+
+list-user-itk DOMAIN LOGIN
+
+ List the assigned ITK user for the DOMAIN specified
+
+enable-user-itk DOMAIN LOGIN
+
+ Enable the assigned ITK user for the DOMAIN specified
+
+disable-user-itk DOMAIN LOGIN
+
+ Disable the assigned ITK user for the DOMAIN specified
+
setphpversion LOGIN VERSION
Change PHP version for LOGIN
@@ -261,7 +287,7 @@ create_www_account() {
${in_gid:+'--gid' "$in_gid"} \
--force-badname \
--home "$HOME_DIR_USER" >/dev/null
-
+
[ -z "$in_sshkey" ] \
&& echo "$in_login:$in_passwd" | chpasswd
@@ -272,7 +298,7 @@ create_www_account() {
&& chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" \
&& chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh"
- if [ "$WEB_SERVER" == "apache" ]; then
+ if [ "$WEB_SERVER" == "apache" ]; then
# Create www user and force UID if specified
/usr/sbin/adduser \
--gecos "WWW $in_login" \
@@ -486,25 +512,25 @@ EOT
if [ "$in_dbname" ]; then
sed -e "
- s/LOGIN/$in_login/g ;
- s/SERVERNAME/$in_wwwdomain/ ;
- s/PASSE1/$in_passwd/ ;
- s/PASSE2/$in_dbpasswd/ ;
- s/RANDOM/$random/ ;
- s/QUOTA/$quota/ ;
- s/RCPTTO/$in_mail/ ;
- s/DBNAME/$in_dbname/ ;
+ s/LOGIN/$in_login/g ;
+ s/SERVERNAME/$in_wwwdomain/ ;
+ s/PASSE1/$in_passwd/ ;
+ s/PASSE2/$in_dbpasswd/ ;
+ s/RANDOM/$random/ ;
+ s/QUOTA/$quota/ ;
+ s/RCPTTO/$in_mail/ ;
+ s/DBNAME/$in_dbname/ ;
s#HOME_DIR#$HOME_DIR#" \
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
else
sed -e "
- s/LOGIN/$in_login/g ;
- s/SERVERNAME/$in_wwwdomain/ ;
- s/PASSE1/$in_passwd/ ;
- s/RANDOM/$random/ ;
- s/QUOTA/$quota/ ;
- s/RCPTTO/$in_mail/ ;
- s#HOME_DIR#$HOME_DIR# ;
+ s/LOGIN/$in_login/g ;
+ s/SERVERNAME/$in_wwwdomain/ ;
+ s/PASSE1/$in_passwd/ ;
+ s/RANDOM/$random/ ;
+ s/QUOTA/$quota/ ;
+ s/RCPTTO/$in_mail/ ;
+ s#HOME_DIR#$HOME_DIR# ;
39,58d" \
< $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL"
fi
@@ -719,7 +745,7 @@ arg_processing() {
;;
list-vhost)
op_listvhost "$@"
- ;;
+ ;;
check-vhosts)
op_checkvhosts "$@"
;;
@@ -729,6 +755,24 @@ arg_processing() {
del-alias)
op_aliasdel "$@"
;;
+ list-servername)
+ op_listservername "$@"
+ ;;
+ update-servername)
+ op_servernameupdate "$@"
+ ;;
+ check-occurence)
+ op_checkoccurencename "$@"
+ ;;
+ list-user-itk)
+ op_listuseritk "$@"
+ ;;
+ enable-user-itk)
+ op_enableuseritk "$@"
+ ;;
+ disable-user-itk)
+ op_disableuseritk "$@"
+ ;;
setphpversion)
op_setphpversion "$@"
;;
@@ -793,13 +837,146 @@ op_aliasdel() {
if [ $# -eq 2 ]; then
vhost="${1}.conf"
alias=$2
+ vhost_file="${VHOST_PATH}/${vhost}"
- [ -f $VHOST_PATH/"$vhost" ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/"$vhost" --follow-symlinks
+ if [ -f "${vhost_file}" ]; then
+ sed -i -e "/ServerAlias $alias/d" "${vhost_file}" --follow-symlinks
+ else
+ echo "VHost file \`${vhost_file}' not found'" >&2
+ return 1
+ fi
- apache2ctl configtest 2>/dev/null
- /etc/init.d/apache2 force-reload >/dev/null
+ configtest_out=$(apache2ctl configtest)
+ configtest_rc=$?
- else usage
+ if [ "$configtest_rc" = "0" ]; then
+ /etc/init.d/apache2 force-reload >/dev/null
+ else
+ echo $configtest_out >&2
+ fi
+ else
+ usage
+ fi
+}
+
+op_listservername() {
+ if [ $# -eq 1 ]; then
+ vhost_file="$VHOST_PATH/${1}.conf";
+
+ if [ -f "${vhost_file}" ]; then
+ servernames=$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$vhost_file" | uniq)
+
+ for servername in $servernames; do
+ echo "$servername";
+ done
+ else
+ echo "VHost file \`${vhost_file}' not found'" >&2
+ return 1
+ fi
+ else
+ usage
+ fi
+}
+
+op_servernameupdate() {
+ if [ $# -eq 3 ]; then
+ vhost="${1}.conf"
+ servername=$2
+ old_servername=$3
+ vhost_file="${VHOST_PATH}/${vhost}"
+
+ # Remplacement de toutes les directives ServerName, on assume qu'il s'agit du même pour chaque vhost du fichier
+ if [ -f "${vhost_file}" ]; then
+ sed -i "/^ *ServerName/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks
+ sed -i "/^ *RewriteCond/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks
+ fi
+
+ configtest_out=$(apache2ctl configtest)
+ configtest_rc=$?
+
+ if [ "$configtest_rc" = "0" ]; then
+ /etc/init.d/apache2 force-reload >/dev/null
+ else
+ echo $configtest_out >&2
+ fi
+ else
+ usage
+ fi
+}
+
+op_checkoccurencename() {
+ if [ $# -eq 1 ]; then
+ name=${1}
+ configlist="$VHOST_PATH/*";
+ servernames=''
+ aliases=''
+
+ for configfile in $configlist; do
+ if [ -r "$configfile" ]; then
+ alias=$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1)
+ aliases="$aliases $alias"
+
+ servername=$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | uniq)
+ servernames="$servernames $servername"
+ fi
+ done
+
+ echo "$servernames" "$aliases" | grep -w "$name"
+ else
+ usage
+ fi
+}
+
+op_listuseritk() {
+ if [ $# -eq 2 ]; then
+ domain=${1}
+ configfile="$VHOST_PATH/${2}.conf"
+
+ sed -n "/$domain/,/<\/VirtualHost>/p" "$configfile" | awk '/AssignUserID/ {print $2}' | uniq
+ else
+ usage
+ fi
+}
+
+op_enableuseritk() {
+ if [ $# -eq 2 ]; then
+ domain=${1}
+ configfile="$VHOST_PATH/${2}.conf"
+ group=$(sed -n "/$domain/,/<\/VirtualHost>/p" "$configfile" | awk '/AssignUserID/ {print $3}' | uniq)
+
+ sed -i "/$domain/,/<\/VirtualHost>/ s/^ *AssignUserID $group/ AssignUserID www-$group/" "$configfile" --follow-symlinks
+
+ configtest_out=$(apache2ctl configtest)
+ configtest_rc=$?
+
+ if [ "$configtest_rc" = "0" ]; then
+ /etc/init.d/apache2 force-reload >/dev/null
+ else
+ echo $configtest_out >&2
+ fi
+ else
+ usage
+ fi
+}
+
+op_disableuseritk() {
+ if [ $# -eq 2 ]; then
+ domain=${1}
+ configfile="$VHOST_PATH"/"${2}".conf
+ group=$(sed -n "/$domain/,/<\/VirtualHost>/p" $configfile | awk '/AssignUserID/ {print $3}' | uniq)
+
+ sed -i "/$domain/,/<\/VirtualHost>/ s/^ *AssignUserID www-$group/ AssignUserID ${group}/" "$configfile" --follow-symlinks
+
+ configtest_out=$(apache2ctl configtest)
+ configtest_rc=$?
+
+ if [ "$configtest_rc" = "0" ]; then
+ /etc/init.d/apache2 force-reload >/dev/null
+ else
+ echo $configtest_out >&2
+ fi
+ else
+ usage
fi
}
@@ -1006,7 +1183,7 @@ op_add() {
op_checkvhosts() {
ln_vhosts_dir="$(sed 's/available/enabled/' <<< "$VHOST_PATH")"
non_ln_vhosts="$(find "$ln_vhosts_dir"/* ! -type l)"
-
+
while getopts f opt; do
case "$opt" in
f)
@@ -1018,7 +1195,7 @@ op_checkvhosts() {
;;
esac
done
-
+
for ln_path in $non_ln_vhosts
do
vhost_name=$(basename "$ln_path")
diff --git a/tpl/accounts.tpl.php b/tpl/accounts.tpl.php
index 34cc35c..89e4c84 100644
--- a/tpl/accounts.tpl.php
+++ b/tpl/accounts.tpl.php
@@ -13,9 +13,7 @@
* @version 1.0
*/
-?>
-';
if ($conf['debug'] == TRUE)
@@ -23,7 +21,7 @@
if ($exec_info[1]) {
print "La commande a échoué\n";
- print_r($exec_info);
+ print_r($exec_info);
}
else print "Le compte a été créé avec succès\n";
@@ -34,12 +32,21 @@
print '';
} else {
+
+ // If there is validation errors, display them
+ if (isset($errors_check)) {
+ print 'Erreur(s) :
';
+ foreach ($errors_check as $error) {
+ printf('%s
', $error);
+ }
+ print '
';
+ }
?>
diff --git a/tpl/webadmin-itk.tpl.php b/tpl/webadmin-itk.tpl.php
new file mode 100644
index 0000000..7d1f596
--- /dev/null
+++ b/tpl/webadmin-itk.tpl.php
@@ -0,0 +1,61 @@
+
+ * @version 1.0
+ */
+
+?>
+
+Sécurité ITK
+
+ 0) { ?>
+
+
+
+
+ | ServerName |
+ Utilisateur |
+ Action';
+ } ?>
+
+
+
+ ';
+ printf('%s | ',
+ $data_list[$i]['servername']);
+ printf('%s | ',
+ $data_list[$i]['user']);
+ if (is_superadmin()) {
+
+ if (strpos($data_list[$i]['user'], 'www') !== false) {
+ $action = ['disable', 'Désactiver'];
+ } else {
+ $action = ['enable', 'Activer'];
+ }
+
+ printf(''.$action[1].' | ',
+ $domain, $action[0], $data_list[$i]['servername']);
+ }
+ print '';
+ } ?>
+
+
+La sécurité ITK ne semble pas en place pour le domaine $domain";
+ }
+
+
+?>
diff --git a/tpl/webadmin-php.tpl.php b/tpl/webadmin-php.tpl.php
new file mode 100644
index 0000000..34f590b
--- /dev/null
+++ b/tpl/webadmin-php.tpl.php
@@ -0,0 +1,26 @@
+
+ * @version 1.0
+ */
+
+?>
+
+Version PHP
+
+Version actuelle de PHP :
+
+
diff --git a/tpl/webadmin-servername.tpl.php b/tpl/webadmin-servername.tpl.php
new file mode 100644
index 0000000..5e218cb
--- /dev/null
+++ b/tpl/webadmin-servername.tpl.php
@@ -0,0 +1,50 @@
+
+ * @version 1.0
+ */
+
+?>
+
+ServerNames
+
+ 0) { ?>
+
+
+
+
+ | ServerName |
+ Action';
+ } ?>
+
+
+
+ ';
+ printf('%s | ',
+ $servername_list[$i]);
+ if (is_superadmin())
+ printf('Modifier | ',
+ $domain, $servername_list[$i]);
+ print '';
+ } ?>
+
+
+Aucun ServerName existant pour le domaine $domain !";
+ }
+
+
+?>
diff --git a/tpl/webadmin.tpl.php b/tpl/webadmin.tpl.php
index 1fad772..3ae37f0 100755
--- a/tpl/webadmin.tpl.php
+++ b/tpl/webadmin.tpl.php
@@ -5,7 +5,7 @@
*
* Copyright (c) 2009 Evolix - Tous droits reserves
*
- * vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
+ * vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
*
* @author Gregory Colpart
* @author Thomas Martin
@@ -15,7 +15,7 @@
?>
-Domaines
+Liste des comptes web
0) { ?>
@@ -39,7 +39,12 @@
}
?>
| Actif ? |
- Action |
+
+ Administration';
+ }
+ ?>
+
Bdd |
@@ -58,7 +63,7 @@
}
printf('http://%s | ',
$vhost_info['server_name'], $vhost_info['server_name']);
-
+
if ($conf['cluster']) {
if (empty($vhost_info['bdd']))
printf(' | ');
@@ -94,9 +99,15 @@
printf('%s | ', preg_replace("/^(\d)(\d)$/", '\1.\2', $vhost_info['php_version']));
}
printf('%s | ', ($vhost_info['is_enabled'] ? 'Activé' : 'Désactivé' ));
+
if (is_superadmin()) {
- printf('Lister/Modifier les alias | ',
- $vhost_info['owner']);
+ printf('');
+ printf('Alias - ', $vhost_info['owner']);
+ printf('Servername - ', $vhost_info['owner']);
+ printf('ITK - ', $vhost_info['owner']);
+ printf('PHP', $vhost_info['owner']);
+ printf(' | ');
+
}
print '';