1: | <?php |
2: | declare(strict_types=1); |
3: | |
4: | |
5: | |
6: | |
7: | |
8: | |
9: | |
10: | |
11: | |
12: | |
13: | |
14: | |
15: | |
16: | use Daphnie\Collector; |
17: | use Daphnie\Metrics\Apache as ApacheMetrics; |
18: | use Module\Support\Webapps\App\UIPanel; |
19: | use Module\Support\Webapps\MetaManager; |
20: | use Opcenter\Filesystem; |
21: | use Opcenter\Http\Apache; |
22: | use Opcenter\Http\Apache\Map; |
23: | use Opcenter\Provisioning\ConfigurationWriter; |
24: | |
25: | |
26: | |
27: | |
28: | |
29: | |
30: | class Web_Module extends Module_Skeleton implements \Module\Skeleton\Contracts\Hookable, \Module\Skeleton\Contracts\Reactive |
31: | { |
32: | const DEPENDENCY_MAP = [ |
33: | 'ipinfo', |
34: | 'ipinfo6', |
35: | 'siteinfo', |
36: | 'dns', |
37: | |
38: | 'cgroup' |
39: | ]; |
40: | |
41: | |
42: | const MAIN_DOC_ROOT = '/var/www/html'; |
43: | const WEB_USERNAME = APACHE_USER; |
44: | const WEB_GROUPID = APACHE_GID; |
45: | const PROTOCOL_MAP = '/etc/httpd/conf/http10'; |
46: | const SUBDOMAIN_ROOT = '/var/subdomain'; |
47: | |
48: | protected $pathCache = []; |
49: | protected $service_cache; |
50: | protected $exportedFunctions = [ |
51: | '*' => PRIVILEGE_SITE, |
52: | 'add_subdomain_raw' => PRIVILEGE_SITE | PRIVILEGE_SERVER_EXEC, |
53: | 'host_html_dir' => PRIVILEGE_SITE | PRIVILEGE_USER, |
54: | 'reload' => PRIVILEGE_SITE | PRIVILEGE_ADMIN, |
55: | 'status' => PRIVILEGE_ADMIN, |
56: | 'get_sys_user' => PRIVILEGE_ALL, |
57: | 'capture' => PRIVILEGE_SERVER_EXEC | PRIVILEGE_SITE, |
58: | 'inventory_capture' => PRIVILEGE_ADMIN |
59: | ]; |
60: | protected $hostCache = []; |
61: | |
62: | |
63: | |
64: | |
65: | |
66: | |
67: | public function __construct() |
68: | { |
69: | parent::__construct(); |
70: | |
71: | if (!DAV_APACHE) { |
72: | $this->exportedFunctions += [ |
73: | 'bind_dav' => PRIVILEGE_NONE, |
74: | 'unbind_dav' => PRIVILEGE_NONE, |
75: | 'list_dav_locations' => PRIVILEGE_NONE, |
76: | ]; |
77: | } |
78: | |
79: | } |
80: | |
81: | public function __wakeup() |
82: | { |
83: | $this->pathCache = []; |
84: | } |
85: | |
86: | |
87: | |
88: | |
89: | |
90: | |
91: | |
92: | |
93: | |
94: | |
95: | public function user_service_enabled(string $user, string $svc): bool |
96: | { |
97: | if (!IS_CLI) { |
98: | return $this->query('web_user_service_enabled', |
99: | array($user, $svc)); |
100: | } |
101: | if ($svc != 'cgi' && $svc != 'subdomain') { |
102: | return error('Invalid service name `%s\'', $svc); |
103: | } |
104: | |
105: | return true; |
106: | } |
107: | |
108: | |
109: | |
110: | |
111: | |
112: | |
113: | public function validate_subdomains(): array |
114: | { |
115: | $prefix = $this->domain_fs_path(); |
116: | $invalid = array(); |
117: | foreach (glob($prefix . self::SUBDOMAIN_ROOT . '/*/') as $entry) { |
118: | $subdomain = basename($entry); |
119: | if ((is_link($entry . '/html') || is_dir($entry . '/html')) && file_exists($entry . '/html')) { |
120: | continue; |
121: | } |
122: | warn("inaccessible subdomain `%s' detected", $subdomain); |
123: | $file = Opcenter\Filesystem::rel2abs($entry . '/html', |
124: | readlink($entry . '/html')); |
125: | $invalid[$subdomain] = substr($file, strlen($prefix)); |
126: | } |
127: | |
128: | return $invalid; |
129: | } |
130: | |
131: | |
132: | |
133: | |
134: | |
135: | |
136: | |
137: | public function is_subdomain(string $hostname): bool |
138: | { |
139: | if (false !== strpos($hostname, '.') && !preg_match(Regex::SUBDOMAIN, $hostname)) { |
140: | return false; |
141: | } |
142: | |
143: | return is_dir($this->domain_fs_path(self::SUBDOMAIN_ROOT . "/$hostname")); |
144: | } |
145: | |
146: | public function subdomain_accessible($subdomain) |
147: | { |
148: | if ($subdomain[0] == '*') { |
149: | $subdomain = substr($subdomain, 2); |
150: | } |
151: | |
152: | return file_exists($this->domain_fs_path(self::SUBDOMAIN_ROOT . "/$subdomain/html")) && |
153: | is_executable($this->domain_fs_path(self::SUBDOMAIN_ROOT . "/$subdomain/html")); |
154: | } |
155: | |
156: | |
157: | |
158: | |
159: | |
160: | |
161: | |
162: | |
163: | |
164: | |
165: | public function get_user(string $hostname, string $path = ''): string |
166: | { |
167: | |
168: | |
169: | if ($hostname[0] === '/' && $path) { |
170: | warn('$path variable should be omitted when specifying docroot'); |
171: | } |
172: | return $this->getServiceValue('apache', 'webuser', static::WEB_USERNAME); |
173: | } |
174: | |
175: | |
176: | |
177: | |
178: | |
179: | |
180: | |
181: | |
182: | |
183: | public function get_sys_user(): string |
184: | { |
185: | return static::WEB_USERNAME; |
186: | } |
187: | |
188: | |
189: | |
190: | |
191: | |
192: | |
193: | |
194: | |
195: | |
196: | |
197: | |
198: | public function normalize_path(string $hostname, string $path = ''): ?string |
199: | { |
200: | if (!IS_CLI && isset($this->pathCache[$hostname][$path])) { |
201: | return $this->pathCache[$hostname][$path]; |
202: | } |
203: | $prefix = $this->domain_fs_path(); |
204: | if (false === ($docroot = $this->get_docroot($hostname, $path))) { |
205: | return null; |
206: | } |
207: | |
208: | $checkpath = $prefix . DIRECTORY_SEPARATOR . $docroot; |
209: | clearstatcache(true, $checkpath); |
210: | if (\Util_PHP::is_link($checkpath)) { |
211: | |
212: | |
213: | if (false === ($checkpath = realpath($checkpath))) { |
214: | return $docroot; |
215: | } |
216: | if (0 !== strpos($checkpath, $prefix)) { |
217: | error("docroot for `%s/%s' exceeds site root", $hostname, $path); |
218: | |
219: | return null; |
220: | } |
221: | $docroot = substr($checkpath, strlen($prefix)); |
222: | } |
223: | if (!file_exists($checkpath)) { |
224: | $subpath = dirname($checkpath); |
225: | if (!file_exists($subpath)) { |
226: | error("invalid domain `%s', docroot `%s' does not exist", $hostname, $docroot); |
227: | |
228: | return null; |
229: | } |
230: | } |
231: | if (!isset($this->pathCache[$hostname])) { |
232: | $this->pathCache[$hostname] = []; |
233: | } |
234: | |
235: | $this->pathCache[$hostname][$path] = $docroot; |
236: | |
237: | return $docroot ?: null; |
238: | } |
239: | |
240: | |
241: | |
242: | |
243: | |
244: | |
245: | |
246: | |
247: | public function get_docroot(string $hostname, string $path = '') |
248: | { |
249: | $domains = $this->list_domains(); |
250: | $path = ltrim($path, '/'); |
251: | if (isset($domains[$hostname])) { |
252: | return rtrim($domains[$hostname] . '/' . $path, '/'); |
253: | } |
254: | |
255: | $domains = $this->list_subdomains(); |
256: | if (array_key_exists($hostname, $domains)) { |
257: | |
258: | if (null !== $domains[$hostname]) { |
259: | return rtrim($domains[$hostname] . '/' . $path, '/'); |
260: | } |
261: | $info = $this->subdomain_info($hostname); |
262: | |
263: | return rtrim($info['path'] . '/' . $path, '/'); |
264: | } |
265: | |
266: | if (0 === strncmp($hostname, "www.", 4)) { |
267: | $tmp = substr($hostname, 4); |
268: | |
269: | return $this->get_docroot($tmp, $path); |
270: | } |
271: | if (false !== strpos($hostname, '.')) { |
272: | $host = $this->split_host($hostname); |
273: | if (!empty($host['subdomain']) && $this->subdomain_exists($host['subdomain'])) { |
274: | return $this->get_docroot($host['subdomain'], $path); |
275: | } |
276: | |
277: | } |
278: | |
279: | return error("unknown domain `$hostname'"); |
280: | } |
281: | |
282: | |
283: | |
284: | |
285: | |
286: | |
287: | |
288: | |
289: | public function import_subdomains_from_domain(string $target, string $src): bool |
290: | { |
291: | $domains = $this->web_list_domains(); |
292: | foreach ([$target, $src] as $chk) { |
293: | if (!isset($domains[$chk])) { |
294: | return error("Unknown domain `%s'", $chk); |
295: | } |
296: | } |
297: | if ($target === $src) { |
298: | return error('Cannot import - target is same as source'); |
299: | } |
300: | foreach ($this->list_subdomains('local', $target) as $subdomain => $path) { |
301: | $this->remove_subdomain($subdomain); |
302: | } |
303: | foreach ($this->list_subdomains('local', $src) as $subdomain => $path) { |
304: | if ($src !== substr($subdomain, -\strlen($src))) { |
305: | warn("Subdomain attached to `%s' does not match target domain `%s'??? Skipping", $subdomain, $target); |
306: | continue; |
307: | } |
308: | $subdomain = substr($subdomain, 0, -\strlen($src)) . $target; |
309: | $this->add_subdomain($subdomain, $path); |
310: | } |
311: | |
312: | return true; |
313: | } |
314: | |
315: | |
316: | |
317: | |
318: | |
319: | |
320: | |
321: | |
322: | |
323: | |
324: | public function list_subdomains(string $filter = '', $domains = array()) |
325: | { |
326: | if ($filter && $filter != 'local' && $filter != 'global' && $filter != 'path') { |
327: | return error("invalid filter mode `%s'", $filter); |
328: | } |
329: | $subdomains = array(); |
330: | if ($filter == 'path') { |
331: | $re = $domains; |
332: | if ($re && $re[0] !== $re[-1]) { |
333: | $re = '!' . preg_quote($re, '!') . '!'; |
334: | } |
335: | } else { |
336: | $re = null; |
337: | } |
338: | if ($domains && !is_array($domains)) { |
339: | $domains = array($domains); |
340: | } |
341: | foreach (glob($this->domain_fs_path() . self::SUBDOMAIN_ROOT . '/*', GLOB_NOSORT) as $entry) { |
342: | $subdomain = basename($entry); |
343: | $path = ''; |
344: | if (is_link($entry . '/html') || is_dir($entry . '/html') ) { |
345: | if (!is_link($entry . '/html')) { |
346: | warn(':subdomain_is_dir', "subdomain `%s' doc root is directory", $subdomain); |
347: | $path = Opcenter\Http\Apache::makeSubdomainPath($subdomain); |
348: | } else { |
349: | $path = (string)substr(Opcenter\Filesystem::rel2abs($entry . '/html', |
350: | readlink($entry . '/html')), |
351: | strlen($this->domain_fs_path())); |
352: | } |
353: | } |
354: | if ($filter && ($filter == 'local' && !strpos($subdomain, '.') || |
355: | $filter == 'global' && strpos($subdomain, '.')) |
356: | ) { |
357: | continue; |
358: | } |
359: | if ($filter == 'path' && !preg_match($re, $path)) { |
360: | continue; |
361: | } |
362: | |
363: | if ($filter !== 'path' && strpos($subdomain, '.') && $domains) { |
364: | $skip = 0; |
365: | foreach ($domains as $domain) { |
366: | $lendomain = strlen($domain); |
367: | if (substr($subdomain, -$lendomain) != $domain) { |
368: | $skip = 1; |
369: | break; |
370: | } |
371: | } |
372: | if ($skip) { |
373: | continue; |
374: | } |
375: | } |
376: | |
377: | $subdomains[$subdomain] = $path; |
378: | } |
379: | |
380: | asort($subdomains, SORT_LOCALE_STRING); |
381: | |
382: | return $subdomains; |
383: | } |
384: | |
385: | |
386: | |
387: | |
388: | |
389: | |
390: | |
391: | |
392: | |
393: | |
394: | |
395: | |
396: | |
397: | public function subdomain_info(string $subdomain): array |
398: | { |
399: | if ($subdomain[0] == '*') { |
400: | $subdomain = substr($subdomain, 2); |
401: | } |
402: | |
403: | if (!$subdomain) { |
404: | return error('no subdomain provided'); |
405: | } |
406: | if (!$this->subdomain_exists($subdomain)) { |
407: | return error($subdomain . ': subdomain does not exist'); |
408: | } |
409: | |
410: | $info = array( |
411: | 'path' => null, |
412: | 'active' => false, |
413: | 'user' => null, |
414: | 'type' => null |
415: | ); |
416: | |
417: | $fs_location = $this->domain_fs_path() . self::SUBDOMAIN_ROOT . "/$subdomain"; |
418: | |
419: | if (!strpos($subdomain, '.')) { |
420: | $type = 'global'; |
421: | } else if (!array_key_exists($subdomain, $this->list_domains())) { |
422: | $type = 'local'; |
423: | } else { |
424: | $type = 'fallthrough'; |
425: | } |
426: | |
427: | $info['type'] = $type; |
428: | $link = $fs_location . '/html'; |
429: | |
430: | |
431: | |
432: | |
433: | |
434: | |
435: | if (!file_exists($link) && !is_link($link)) { |
436: | return $info; |
437: | } |
438: | |
439: | if (!is_link($link)) { |
440: | $path = $link; |
441: | } else { |
442: | clearstatcache(true, $link); |
443: | $path = Opcenter\Filesystem::rel2abs($link, readlink($link)); |
444: | } |
445: | $info['path'] = $this->file_canonicalize_site($path); |
446: | |
447: | $info['active'] = file_exists($link) && is_readable($link); |
448: | $stat = $this->file_stat($info['path']); |
449: | if (!$stat || $stat instanceof Exception) { |
450: | return $info; |
451: | } |
452: | $info['user'] = $stat['owner']; |
453: | |
454: | return $info; |
455: | } |
456: | |
457: | |
458: | |
459: | |
460: | |
461: | |
462: | |
463: | |
464: | |
465: | |
466: | |
467: | |
468: | public function subdomain_exists(string $subdomain): bool |
469: | { |
470: | if ($subdomain[0] === '*') { |
471: | $subdomain = substr($subdomain, 2); |
472: | } |
473: | $path = $this->domain_fs_path(self::SUBDOMAIN_ROOT . "/$subdomain"); |
474: | |
475: | return file_exists($path); |
476: | } |
477: | |
478: | public function list_domains(): array |
479: | { |
480: | $domains = array_merge( |
481: | array($this->getConfig('siteinfo', 'domain') => self::MAIN_DOC_ROOT), |
482: | $this->aliases_list_shared_domains() |
483: | ); |
484: | |
485: | return $domains + array_fill_keys( |
486: | array_keys(array_diff_key(array_flip($this->aliases_list_aliases()), $domains)), |
487: | self::MAIN_DOC_ROOT |
488: | ); |
489: | |
490: | } |
491: | |
492: | |
493: | |
494: | |
495: | |
496: | |
497: | |
498: | public function split_host(string $host) |
499: | { |
500: | if (!preg_match(Regex::HTTP_HOST, $host)) { |
501: | return error("can't split, invalid host `%s'", $host); |
502: | } |
503: | $split = array( |
504: | 'subdomain' => '', |
505: | 'domain' => $host |
506: | ); |
507: | $domain_lookup = $this->list_domains(); |
508: | if (!$host || isset($domain_lookup[$host])) { |
509: | return $split; |
510: | } |
511: | |
512: | $offset = 0; |
513: | $level_sep = strpos($host, '.'); |
514: | do { |
515: | $subdomain = substr($host, $offset, $level_sep - $offset); |
516: | $domain = substr($host, $level_sep + 1); |
517: | if (isset($domain_lookup[$domain])) { |
518: | break; |
519: | } |
520: | |
521: | $offset = $level_sep + 1; |
522: | $level_sep = strpos($host, '.', $offset + 1); |
523: | } while ($level_sep !== false); |
524: | if (!isset($domain_lookup[$domain])) { |
525: | return $split; |
526: | } |
527: | $split['subdomain'] = (string)substr($host, 0, $offset) . $subdomain; |
528: | $split['domain'] = $domain; |
529: | |
530: | return $split; |
531: | } |
532: | |
533: | |
534: | |
535: | |
536: | |
537: | |
538: | |
539: | public function normalize_hostname(string $host): string |
540: | { |
541: | if (false !== strpos($host, '.')) { |
542: | return $host; |
543: | } |
544: | |
545: | |
546: | return $host . '.' . |
547: | ($this->inContext() ? $this->domain : \Session::get('entry_domain', $this->domain)); |
548: | } |
549: | |
550: | |
551: | |
552: | |
553: | |
554: | |
555: | |
556: | |
557: | |
558: | |
559: | |
560: | |
561: | |
562: | |
563: | public function domain_info(string $domain) |
564: | { |
565: | if (!$this->domain_exists($domain)) { |
566: | return error($domain . ': domain does not exist'); |
567: | } |
568: | |
569: | $path = self::MAIN_DOC_ROOT; |
570: | $info = array( |
571: | 'path' => $path, |
572: | 'active' => false, |
573: | 'user' => null |
574: | ); |
575: | |
576: | if ($domain !== $this->getConfig('siteinfo', 'domain')) { |
577: | $domains = $this->aliases_list_shared_domains(); |
578: | |
579: | $path = $domains[$domain] ?? self::MAIN_DOC_ROOT; |
580: | } |
581: | $info['path'] = $path; |
582: | $info['active'] = is_readable($this->domain_fs_path() . $path); |
583: | |
584: | $stat = $this->file_stat($path); |
585: | if (!$stat || $stat instanceof Exception) { |
586: | return $stat; |
587: | } |
588: | $info['user'] = $stat['owner']; |
589: | |
590: | return $info; |
591: | } |
592: | |
593: | |
594: | |
595: | |
596: | |
597: | |
598: | |
599: | |
600: | |
601: | |
602: | |
603: | |
604: | public function domain_exists(string $domain): bool |
605: | { |
606: | return $domain == $this->getConfig('siteinfo', 'domain') || |
607: | in_array($domain, $this->aliases_list_aliases(), true); |
608: | |
609: | } |
610: | |
611: | |
612: | |
613: | |
614: | |
615: | |
616: | |
617: | |
618: | |
619: | public function get_hostname_from_docroot(string $docroot): ?string |
620: | { |
621: | $docroot = rtrim($docroot, '/'); |
622: | if ($docroot === static::MAIN_DOC_ROOT) { |
623: | return $this->getServiceValue('siteinfo', 'domain'); |
624: | } |
625: | $aliases = $this->aliases_list_shared_domains(); |
626: | if (false !== ($domain = array_search($docroot, $aliases, true))) { |
627: | return $domain; |
628: | } |
629: | |
630: | if ($subdomain = $this->list_subdomains('path', $docroot)) { |
631: | return (string)key($subdomain); |
632: | } |
633: | |
634: | return null; |
635: | } |
636: | |
637: | |
638: | |
639: | |
640: | |
641: | |
642: | |
643: | |
644: | |
645: | public function get_all_hostnames_from_path(string $docroot): array |
646: | { |
647: | $hosts = []; |
648: | if ($docroot === static::MAIN_DOC_ROOT) { |
649: | $hosts[] = $this->getServiceValue('siteinfo', 'domain'); |
650: | } |
651: | foreach ($this->aliases_list_shared_domains() as $domain => $path) { |
652: | if ($docroot === $path) { |
653: | $hosts[] = $domain; |
654: | } |
655: | } |
656: | |
657: | return array_merge($hosts, array_keys($this->list_subdomains('path', '!' . preg_quote($docroot, '!') . '$!'))); |
658: | } |
659: | |
660: | |
661: | |
662: | |
663: | |
664: | |
665: | |
666: | public function extract_components_from_path(string $docroot): ?array |
667: | { |
668: | $path = []; |
669: | do { |
670: | if (null !== ($hostname = $this->get_hostname_from_docroot($docroot))) { |
671: | return [ |
672: | 'hostname' => $hostname, |
673: | 'path' => implode('/', $path) |
674: | ]; |
675: | } |
676: | array_unshift($path, \basename($docroot)); |
677: | $docroot = \dirname($docroot); |
678: | } while ($docroot !== '/'); |
679: | |
680: | return null; |
681: | } |
682: | |
683: | |
684: | |
685: | |
686: | |
687: | |
688: | |
689: | |
690: | public function bind_dav(string $location, string $provider): bool |
691: | { |
692: | if (!IS_CLI) { |
693: | return $this->query('web_bind_dav', $location, $provider); |
694: | } |
695: | |
696: | if (!$this->verco_svn_enabled() && (strtolower($provider) == 'svn')) { |
697: | return error('Cannot use Subversion provider when not enabled'); |
698: | } else if (!\in_array($provider, ['on', 'dav', 'svn'])) { |
699: | return error("Unknown dav provider `%s'", $provider); |
700: | } |
701: | if ($provider === 'dav') { |
702: | $provider = 'on'; |
703: | } |
704: | if ($location[0] != '/') { |
705: | return error("DAV location `%s' is not absolute", $location); |
706: | } |
707: | if (!file_exists($this->domain_fs_path() . $location)) { |
708: | return error('DAV location `%s\' does not exist', $location); |
709: | } |
710: | |
711: | $stat = $this->file_stat($location); |
712: | if ($stat instanceof Exception) { |
713: | return $stat; |
714: | } |
715: | |
716: | if ($stat['file_type'] != 'dir') { |
717: | return error("bind_dav: `$location' is not directory"); |
718: | } else if (!$stat['can_write']) { |
719: | return error("`%s': cannot write to directory", $location); |
720: | } |
721: | |
722: | $this->query('file_fix_apache_perms_backend', $location); |
723: | $file = $this->site_config_dir() . '/dav'; |
724: | |
725: | $locations = $this->parse_dav($file); |
726: | if (null !== ($chk = $locations[$location] ?? null) && $chk === $provider) { |
727: | return warn("DAV already enabled for `%s'", $location); |
728: | } |
729: | $locations[$location] = $provider; |
730: | |
731: | return $this->write_dav($file, $locations); |
732: | } |
733: | |
734: | |
735: | |
736: | |
737: | |
738: | |
739: | |
740: | private function parse_dav(string $path): array |
741: | { |
742: | $locations = []; |
743: | if (!file_exists($path)) { |
744: | return []; |
745: | } |
746: | $dav_config = trim(file_get_contents($path)); |
747: | |
748: | if (preg_match_all(\Regex::DAV_CONFIG, $dav_config, $matches, PREG_SET_ORDER)) { |
749: | foreach ($matches as $match) { |
750: | $cfgpath = $this->file_unmake_path($match['path']); |
751: | $locations[$cfgpath] = $match['provider']; |
752: | } |
753: | } |
754: | return $locations; |
755: | } |
756: | |
757: | |
758: | |
759: | |
760: | |
761: | |
762: | |
763: | |
764: | private function write_dav(string $path, array $cfg): bool |
765: | { |
766: | if (!$cfg) { |
767: | if (file_exists($path)) { |
768: | unlink($path); |
769: | } |
770: | return true; |
771: | } |
772: | $template = (new \Opcenter\Provisioning\ConfigurationWriter('apache.dav-provider', |
773: | \Opcenter\SiteConfiguration::shallow($this->getAuthContext()))) |
774: | ->compile([ |
775: | 'prefix' => $this->domain_fs_path(), |
776: | 'locations' => $cfg |
777: | ]); |
778: | return file_put_contents($path, $template) !== false; |
779: | } |
780: | |
781: | public function site_config_dir(): string |
782: | { |
783: | return Apache::siteStoragePath($this->site); |
784: | } |
785: | |
786: | |
787: | |
788: | |
789: | |
790: | |
791: | |
792: | |
793: | public function allow_protocol(string $hostname, string $proto = 'http10'): bool |
794: | { |
795: | if (!IS_CLI) { |
796: | return $this->query('web_allow_protocol', $hostname, $proto); |
797: | } |
798: | if ($proto !== 'http10') { |
799: | return error("protocol `%s' not known, only http10 accepted", $proto); |
800: | } |
801: | if (!$this->protocol_disallowed($hostname, $proto)) { |
802: | return true; |
803: | } |
804: | if (!$this->split_host($hostname)) { |
805: | |
806: | return error("Invalid hostname `%s'", $hostname); |
807: | } |
808: | $map = Map::open(self::PROTOCOL_MAP, Map::MODE_WRITE); |
809: | $map[$hostname] = $this->site_id; |
810: | |
811: | return $map->sync(); |
812: | } |
813: | |
814: | |
815: | |
816: | |
817: | |
818: | |
819: | |
820: | |
821: | public function protocol_disallowed(string $hostname, string $proto = 'http10'): bool |
822: | { |
823: | if ($proto !== 'http10') { |
824: | return error("protocol `%s' not known, only http10 accepted", $proto); |
825: | } |
826: | $map = Map::open(self::PROTOCOL_MAP); |
827: | |
828: | return !isset($map[$hostname]); |
829: | } |
830: | |
831: | |
832: | |
833: | |
834: | |
835: | |
836: | |
837: | |
838: | public function disallow_protocol(string $hostname, string $proto = 'http10'): bool |
839: | { |
840: | if (!IS_CLI) { |
841: | return $this->query('web_disallow_protocol', $hostname, $proto); |
842: | } |
843: | if ($proto !== 'http10') { |
844: | return error("protocol `%s' not known, only http10 accepted", $proto); |
845: | } |
846: | if ($this->protocol_disallowed($hostname, $proto)) { |
847: | return true; |
848: | } |
849: | $map = Map::open(self::PROTOCOL_MAP, Map::MODE_WRITE); |
850: | if ((int)($map[$hostname] ?? -1) !== $this->site_id) { |
851: | return warn("Site `%s' not found in map", $hostname); |
852: | } |
853: | |
854: | unset($map[$hostname]); |
855: | |
856: | return $map->sync(); |
857: | |
858: | } |
859: | |
860: | public function unbind_dav(string $location): bool |
861: | { |
862: | if (!IS_CLI) { |
863: | return $this->query('web_unbind_dav', $location); |
864: | } |
865: | $file = $this->site_config_dir() . '/dav'; |
866: | $locations = $this->parse_dav($file); |
867: | if (!isset($locations[$location])) { |
868: | return warn("DAV not enabled for `%s'", $location); |
869: | } |
870: | unset($locations[$location]); |
871: | |
872: | return $this->write_dav($file, $locations); |
873: | |
874: | } |
875: | |
876: | public function list_dav_locations(): array |
877: | { |
878: | $file = $this->site_config_dir() . '/dav'; |
879: | $locations = []; |
880: | foreach ($this->parse_dav($file) as $path => $type) { |
881: | $locations[] = [ |
882: | 'path' => $path, |
883: | 'provider' => $type === 'on' ? 'dav' : $type |
884: | ]; |
885: | } |
886: | return $locations; |
887: | } |
888: | |
889: | public function _edit() |
890: | { |
891: | $conf_new = $this->getAuthContext()->getAccount()->new; |
892: | $conf_old = $this->getAuthContext()->getAccount()->old; |
893: | |
894: | $ssl = \Opcenter\SiteConfiguration::getModuleRemap('openssl'); |
895: | if ($conf_new['apache'] != $conf_old['apache'] || |
896: | $conf_new['ipinfo'] != $conf_old['ipinfo'] || |
897: | $conf_new[$ssl] != $conf_old[$ssl] || |
898: | $conf_new['aliases'] != $conf_old['aliases'] |
899: | ) { |
900: | Apache::activate(); |
901: | } |
902: | |
903: | } |
904: | |
905: | public function _edit_user(string $userold, string $usernew, array $oldpwd) |
906: | { |
907: | if ($userold === $usernew) { |
908: | return; |
909: | } |
910: | |
911: | |
912: | |
913: | |
914: | |
915: | |
916: | $userhome = $this->user_get_user_home($usernew); |
917: | $re = '!^' . $oldpwd['home'] . '!'; |
918: | mute_warn(); |
919: | $subdomains = $this->list_subdomains('path', $re); |
920: | unmute_warn(); |
921: | foreach ($subdomains as $subdomain => $path) { |
922: | $newpath = preg_replace('!' . DIRECTORY_SEPARATOR . $userold . '!', |
923: | DIRECTORY_SEPARATOR . $usernew, $path, 1); |
924: | if ($subdomain === $userold) { |
925: | $newsubdomain = $usernew; |
926: | } else { |
927: | $newsubdomain = $subdomain; |
928: | } |
929: | if ($this->rename_subdomain($subdomain, $newsubdomain, $newpath)) { |
930: | info("moved subdomain `%s' from `%s' to `%s'", $subdomain, $path, $newpath); |
931: | } |
932: | } |
933: | |
934: | return true; |
935: | } |
936: | |
937: | |
938: | |
939: | |
940: | |
941: | |
942: | |
943: | |
944: | |
945: | public function rename_subdomain(string $subdomain, string $newsubdomain = null, string $newpath = null): bool |
946: | { |
947: | if (!$this->subdomain_exists($subdomain)) { |
948: | $parts = array_values($this->split_host($subdomain)); |
949: | if ($parts[0] && $this->subdomain_exists($parts[0])) { |
950: | |
951: | warn("Requested subdomain %(local)s is global subdomain %(global)s. Retrying %(fn)s.", [ |
952: | 'local' => $subdomain, |
953: | 'global' => $parts[0], |
954: | 'fn' => 'web_' . __FUNCTION__ |
955: | ]); |
956: | return $this->rename_subdomain($parts[0], $newsubdomain, $newpath); |
957: | } |
958: | return error('%s: subdomain does not exist', $subdomain); |
959: | } |
960: | if ($newsubdomain && $subdomain !== $newsubdomain && $this->subdomain_exists($newsubdomain)) { |
961: | return error("destination subdomain `%s' already exists", $newsubdomain); |
962: | } |
963: | if (!$newsubdomain && !$newpath) { |
964: | return error('no rename operation specified'); |
965: | } |
966: | if ($newpath && ($newpath[0] != '/' && $newpath[0] != '.')) { |
967: | return error("invalid path `%s', subdomain path must " . |
968: | 'be relative or absolute', $newpath); |
969: | } |
970: | |
971: | if (!$newsubdomain) { |
972: | $newsubdomain = $subdomain; |
973: | } else { |
974: | $newsubdomain = strtolower($newsubdomain); |
975: | } |
976: | |
977: | unset($this->hostCache[$subdomain], $this->hostCache[$newsubdomain]); |
978: | $sdpath = Opcenter\Http\Apache::makeSubdomainPath($subdomain); |
979: | $stat = $this->file_stat($sdpath); |
980: | $old_path = $stat['link'] ? $stat['referent'] : $sdpath; |
981: | |
982: | if (!$newpath) { |
983: | $newpath = $old_path; |
984: | } |
985: | if (!$newsubdomain) { |
986: | $newsubdomain = $subdomain; |
987: | } |
988: | |
989: | |
990: | if (!$this->file_exists($newpath . '/index.html')) { |
991: | defer($_, fn() => $this->file_delete($newpath . '/index.html')); |
992: | } |
993: | |
994: | if ($subdomain !== $newsubdomain) { |
995: | if (!$this->remove_subdomain($subdomain) || !$this->add_subdomain($newsubdomain, $newpath)) { |
996: | error("changing subdomain `%s' to `%s' failed", $subdomain, $newsubdomain); |
997: | if (!$this->add_subdomain($subdomain, $old_path)) { |
998: | error("critical: could not reassign subdomain `%(sub)s' to `%(path)s' after failed rename", [ |
999: | 'sub' => $subdomain, |
1000: | 'path' => $old_path |
1001: | ]); |
1002: | } |
1003: | |
1004: | return false; |
1005: | } |
1006: | } else if (!$this->remove_subdomain($subdomain) || !$this->add_subdomain($subdomain, $newpath)) { |
1007: | error("failed to change path for `%s' from `%s' to `%s'", |
1008: | $subdomain, |
1009: | $old_path, |
1010: | $newpath); |
1011: | if (!$this->add_subdomain($subdomain, $old_path)) { |
1012: | error("failed to restore subdomain `%s' to old path `%s'", |
1013: | $subdomain, |
1014: | $old_path); |
1015: | } |
1016: | |
1017: | return false; |
1018: | } |
1019: | |
1020: | if ($subdomain !== $newsubdomain) { |
1021: | MetaManager::instantiateContexted($this->getAuthContext()) |
1022: | ->merge($newpath, ['hostname' => $newsubdomain])->sync(); |
1023: | } |
1024: | return true; |
1025: | } |
1026: | |
1027: | |
1028: | |
1029: | |
1030: | |
1031: | |
1032: | |
1033: | |
1034: | public function remove_subdomain(string $subdomain, bool $keepdns = false): bool |
1035: | { |
1036: | |
1037: | $this->purge(); |
1038: | if (!IS_CLI) { |
1039: | |
1040: | $docroot = $this->get_docroot($subdomain); |
1041: | if (false && $docroot) { |
1042: | |
1043: | |
1044: | $mm = MetaManager::factory($this->getAuthContext()); |
1045: | $app = \Module\Support\Webapps\App\Loader::fromDocroot( |
1046: | array_get($mm->get($docroot), 'type', 'unknown'), |
1047: | $docroot, |
1048: | $this->getAuthContext() |
1049: | ); |
1050: | $app->uninstall(); |
1051: | } |
1052: | |
1053: | if (!$this->query('web_remove_subdomain', $subdomain)) { |
1054: | return false; |
1055: | } |
1056: | |
1057: | if (false && $docroot) { |
1058: | $mm->forget($docroot)->sync(); |
1059: | } |
1060: | return true; |
1061: | } |
1062: | |
1063: | $subdomain = strtolower((string)$subdomain); |
1064: | |
1065: | if (!preg_match(Regex::SUBDOMAIN, $subdomain) && |
1066: | (0 !== strncmp($subdomain, '*.', 2) || |
1067: | !preg_match(Regex::DOMAIN, substr($subdomain, 2)))) |
1068: | { |
1069: | return error('%s: invalid subdomain', $subdomain); |
1070: | } |
1071: | if ($subdomain[0] === '*') { |
1072: | $subdomain = substr($subdomain, 2); |
1073: | } |
1074: | if (!$this->subdomain_exists($subdomain)) { |
1075: | return warn('%s: subdomain does not exist', $subdomain); |
1076: | } |
1077: | |
1078: | $this->map_subdomain('delete', $subdomain); |
1079: | $path = $this->domain_fs_path() . self::SUBDOMAIN_ROOT . "/$subdomain"; |
1080: | if (is_link($path)) { |
1081: | return unlink($path) && warn("subdomain `%s' path `%s' corrupted, removing reference", |
1082: | $subdomain, |
1083: | $this->file_unmake_path($path) |
1084: | ); |
1085: | } |
1086: | |
1087: | $dh = opendir($path); |
1088: | while (false !== ($entry = readdir($dh))) { |
1089: | if ($entry === '..' || $entry === '.') { |
1090: | continue; |
1091: | } |
1092: | if (!is_link($path . '/' . $entry) && is_dir($path . '/' . $entry)) { |
1093: | warn("directory found in subdomain `%s'", $entry); |
1094: | Filesystem::rmdir($path . '/' . $entry); |
1095: | } else { |
1096: | unlink($path . '/' . $entry); |
1097: | } |
1098: | } |
1099: | closedir($dh); |
1100: | rmdir($path); |
1101: | if (!$this->dns_configured() || $keepdns) { |
1102: | return true; |
1103: | } |
1104: | $hostcomponents = [ |
1105: | 'subdomain' => $subdomain, |
1106: | 'domain' => '' |
1107: | ]; |
1108: | if (false !== strpos($subdomain, '.')) { |
1109: | $hostcomponents = $this->split_host($subdomain); |
1110: | } |
1111: | if (!$hostcomponents['subdomain']) { |
1112: | return true; |
1113: | } |
1114: | if (!$hostcomponents['domain']) { |
1115: | $hostcomponents['domain'] = array_keys($this->list_domains()); |
1116: | } |
1117: | $ret = true; |
1118: | |
1119: | $ips = []; |
1120: | if ($tmp = $this->dns_get_public_ip()) { |
1121: | $ips = (array)$tmp; |
1122: | } |
1123: | if ($tmp = $this->dns_get_public_ip6()) { |
1124: | $ips = array_merge($ips, (array)$tmp); |
1125: | } |
1126: | |
1127: | $components = ['']; |
1128: | if (DNS_SUBDOMAIN_IMPLICIT_WWW) { |
1129: | $components[] = 'www'; |
1130: | } |
1131: | foreach ((array)$hostcomponents['domain'] as $domain) { |
1132: | foreach ($components as $component) { |
1133: | $subdomain = ltrim("${component}." . $hostcomponents['subdomain'], '.'); |
1134: | foreach ($ips as $ip) { |
1135: | $rr = false === strpos($ip, ':') ? 'A' : 'AAAA'; |
1136: | if ($this->dns_record_exists($domain, $subdomain, $rr, $ip)) { |
1137: | $oldex = \Error_Reporter::exception_upgrade(\Error_Reporter::E_ERROR); |
1138: | try { |
1139: | $ret &= $this->dns_remove_record($domain, $subdomain, $rr, $ip); |
1140: | } catch (\apnscpException $e) { |
1141: | warn($e->getMessage()); |
1142: | } finally { |
1143: | \Error_Reporter::exception_upgrade($oldex); |
1144: | } |
1145: | } |
1146: | } |
1147: | } |
1148: | } |
1149: | |
1150: | return (bool)$ret; |
1151: | } |
1152: | |
1153: | |
1154: | |
1155: | |
1156: | |
1157: | |
1158: | public function purge(): void |
1159: | { |
1160: | $this->pathCache = []; |
1161: | $this->hostCache = []; |
1162: | if (!IS_CLI) { |
1163: | $this->query('web_purge'); |
1164: | } |
1165: | } |
1166: | |
1167: | |
1168: | |
1169: | |
1170: | |
1171: | |
1172: | |
1173: | |
1174: | |
1175: | |
1176: | |
1177: | public function map_subdomain(string $mode, string $subdomain, string $path = null, string $user = null): bool |
1178: | { |
1179: | if (!IS_CLI) { |
1180: | return $this->query('web_map_subdomain', |
1181: | $mode, |
1182: | $subdomain, |
1183: | $path, |
1184: | $user); |
1185: | } |
1186: | |
1187: | $mode = substr($mode, 0, 3); |
1188: | if (!preg_match(Regex::SUBDOMAIN, $subdomain)) { |
1189: | return error($subdomain . ': invalid subdomain'); |
1190: | } |
1191: | if ($mode != 'add' && $mode != 'del') { |
1192: | return error($mode . ': invalid mapping operation'); |
1193: | } |
1194: | if ($mode == 'del') { |
1195: | $docroot = $this->get_docroot($subdomain); |
1196: | if ($docroot) { |
1197: | MetaManager::factory($this->getAuthContext())->forget($docroot)->sync(); |
1198: | } |
1199: | |
1200: | return $this->file_delete('/home/*/all_subdomains/' . $subdomain); |
1201: | } |
1202: | if ($mode == 'add') { |
1203: | if (!$user) { |
1204: | $stat = $this->file_stat($path); |
1205: | if ($stat instanceof Exception) { |
1206: | return error("Cannot map subdomain - failed to determine user from `%s'", $path); |
1207: | } |
1208: | |
1209: | $user = $stat['uid'] >= \User_Module::MIN_UID ? $this->user_get_username_from_uid($stat['uid']) : $this->username; |
1210: | |
1211: | } |
1212: | $user_home = '/home/' . $user; |
1213: | $user_home_abs = $this->domain_fs_path() . $user_home; |
1214: | |
1215: | if (!file_exists($this->domain_fs_path() . $path)) { |
1216: | warn($path . ': path does not exist, creating link'); |
1217: | } |
1218: | if (!file_exists($user_home_abs . '/all_subdomains')) { |
1219: | $this->file_create_directory($user_home . '/all_subdomains'); |
1220: | $this->file_chown($user_home . '/all_subdomains', $user); |
1221: | } |
1222: | $this->file_symlink($path, $user_home . '/all_subdomains/' . $subdomain) && |
1223: | $this->file_chown_symlink($user_home . '/all_subdomains/' . $subdomain, $user); |
1224: | } |
1225: | |
1226: | return true; |
1227: | } |
1228: | |
1229: | |
1230: | |
1231: | |
1232: | |
1233: | |
1234: | |
1235: | |
1236: | |
1237: | |
1238: | |
1239: | |
1240: | |
1241: | public function add_subdomain(string $subdomain, string $docroot): bool |
1242: | { |
1243: | if (!IS_CLI) { |
1244: | return $this->query('web_add_subdomain', $subdomain, $docroot); |
1245: | } |
1246: | $subdomain = strtolower(trim((string)$subdomain)); |
1247: | if ($subdomain === 'www') { |
1248: | return error('illegal subdomain name'); |
1249: | } |
1250: | $subdomain = preg_replace('/^www\./', '', strtolower($subdomain)); |
1251: | if (!$subdomain) { |
1252: | return error('Missing subdomain'); |
1253: | } |
1254: | |
1255: | if (!preg_match(Regex::SUBDOMAIN, $subdomain) && |
1256: | 0 !== strncmp($subdomain, '*.', 2) && |
1257: | !preg_match(Regex::DOMAIN, $subdomain) |
1258: | ) { |
1259: | return error($subdomain . ': invalid subdomain'); |
1260: | } |
1261: | if ($this->subdomain_exists($subdomain)) { |
1262: | return error($subdomain . ': subdomain exists'); |
1263: | } else if ($subdomain === gethostname()) { |
1264: | warn("Subdomain duplicates system hostname `%s'. Supplied document root will " . |
1265: | 'never have precedence over system document root.', $subdomain); |
1266: | } |
1267: | if ($docroot[0] != '/' && $docroot[0] != '.') { |
1268: | return error("invalid path `%s', subdomain path must " . |
1269: | 'be relative or absolute', $docroot); |
1270: | } |
1271: | |
1272: | |
1273: | |
1274: | |
1275: | |
1276: | |
1277: | |
1278: | |
1279: | |
1280: | |
1281: | |
1282: | $domains = array_keys($this->list_domains()); |
1283: | if ($subdomain[0] === '*') { |
1284: | $subdomain = substr($subdomain, 2); |
1285: | $domain = ''; |
1286: | if (!in_array($subdomain, $domains, true)) { |
1287: | return error("domain `%s' not attached to account (DNS > Addon Domains)", $domain); |
1288: | } |
1289: | } |
1290: | if ( null !== ($limit = $this->getConfig('apache', 'subnum', null) ) && ($limit <= count($this->list_subdomains())) ) { |
1291: | return error('Subdomain limit %d has been reached - cannot add %s', $limit, $subdomain); |
1292: | } |
1293: | |
1294: | |
1295: | $FQDN = false; |
1296: | |
1297: | |
1298: | $recs_to_add = array(); |
1299: | foreach ($domains as $domain) { |
1300: | if (preg_match('/\.' . $domain . '$/', $subdomain)) { |
1301: | |
1302: | $FQDN = true; |
1303: | $recs_to_add = array( |
1304: | array( |
1305: | 'subdomain' => substr($subdomain, 0, -strlen($domain) - 1), |
1306: | 'domain' => $domain |
1307: | ) |
1308: | ); |
1309: | break; |
1310: | } else if ($subdomain === $domain) { |
1311: | |
1312: | $recs_to_add[] = array( |
1313: | 'subdomain' => '*', |
1314: | 'domain' => $domain |
1315: | ); |
1316: | |
1317: | } |
1318: | } |
1319: | if (!$recs_to_add) { |
1320: | |
1321: | foreach ($domains as $domain) { |
1322: | $recs_to_add[] = array( |
1323: | 'subdomain' => $subdomain, |
1324: | 'domain' => $domain |
1325: | ); |
1326: | } |
1327: | } |
1328: | |
1329: | $ips = []; |
1330: | if ($tmp = $this->dns_get_public_ip()) { |
1331: | $ips = (array)$tmp; |
1332: | } |
1333: | if ($tmp = $this->dns_get_public_ip6()) { |
1334: | $ips = array_merge($ips, (array)$tmp); |
1335: | } |
1336: | |
1337: | foreach ($recs_to_add as $record) { |
1338: | foreach ($ips as $ip) { |
1339: | $rr = false === strpos($ip, ':') ? 'A' : 'AAAA'; |
1340: | $this->dns_add_record_conditionally($record['domain'], $record['subdomain'], $rr, $ip); |
1341: | if ($record['subdomain'] !== '*') { |
1342: | $this->dns_add_record_conditionally( |
1343: | $record['domain'], |
1344: | 'www.' . $record['subdomain'], |
1345: | $rr, |
1346: | $ip |
1347: | ); |
1348: | } |
1349: | } |
1350: | } |
1351: | |
1352: | |
1353: | |
1354: | |
1355: | |
1356: | |
1357: | |
1358: | $realpath = $this->file_unmake_path(realpath($this->file_make_path($docroot))); |
1359: | |
1360: | if (preg_match('!^/home/([^/]+)!', $realpath, $user_home)) { |
1361: | $user = $user_home[1]; |
1362: | $stat = $this->file_stat('/home/' . $user); |
1363: | if ($stat instanceof Exception || !$stat) { |
1364: | return error("user `%s' does not exist", $user); |
1365: | } |
1366: | |
1367: | if (!$this->file_chmod("/home/${user}", decoct($stat['permissions']) | 001)) { |
1368: | return false; |
1369: | } |
1370: | |
1371: | if ($this->php_jailed()) { |
1372: | |
1373: | $this->file_set_acls("/home/${user}", $this->get_user($subdomain,''), 'x'); |
1374: | } |
1375: | |
1376: | } else { |
1377: | $user = $this->getServiceValue('siteinfo', 'admin_user'); |
1378: | } |
1379: | |
1380: | $prefix = $this->domain_fs_path(); |
1381: | if (!$this->file_exists($docroot) || empty($this->file_get_directory_contents($docroot))) { |
1382: | if (\Util_PHP::is_link($prefix . $docroot)) { |
1383: | |
1384: | |
1385: | $newlink = Opcenter\Filesystem::abs2rel($docroot, readlink($prefix . $docroot)); |
1386: | warn('converted unfollowable absolute symlink to relative (document root): %s -> %s', $docroot, |
1387: | $newlink); |
1388: | unlink($prefix . $docroot); |
1389: | $ret = $this->file_symlink($newlink, $docroot); |
1390: | } else { |
1391: | $ret = $this->file_create_directory($docroot, 0755, true); |
1392: | } |
1393: | |
1394: | if (!$ret) { |
1395: | return $ret; |
1396: | } |
1397: | $this->file_chown($docroot, $user); |
1398: | $index = $prefix . $docroot . '/index.html'; |
1399: | $template = (string)(new ConfigurationWriter('apache.placeholder', |
1400: | \Opcenter\SiteConfiguration::shallow($this->getAuthContext())))->compile([ |
1401: | 'hostname' => $subdomain, |
1402: | 'docroot' => $docroot, |
1403: | 'user' => $user |
1404: | ]); |
1405: | file_put_contents($index, $template) && |
1406: | Filesystem::chogp($index, (int)$this->user_get_uid_from_username($user), $this->group_id, 0644); |
1407: | } |
1408: | $subdomainpath = Opcenter\Http\Apache::makeSubdomainPath($subdomain); |
1409: | |
1410: | defer($_, function () use($subdomain) { |
1411: | UIPanel::instantiateContexted($this->getAuthContext())->freshen($subdomain, "", |
1412: | (bool)SCREENSHOTS_ENABLED); |
1413: | }); |
1414: | |
1415: | return $this->add_subdomain_raw($subdomain, |
1416: | Opcenter\Filesystem::abs2rel($subdomainpath, $docroot)) && |
1417: | $this->map_subdomain('add', $subdomain, $docroot); |
1418: | } |
1419: | |
1420: | public function add_subdomain_raw(string $subdomain, string $docroot): bool |
1421: | { |
1422: | |
1423: | $prefix = $this->domain_fs_path(); |
1424: | $subdomain_path = Opcenter\Http\Apache::makeSubdomainPath($subdomain); |
1425: | $subdomain_parent = dirname($prefix . $subdomain_path); |
1426: | if (!file_exists($subdomain_parent)) { |
1427: | \Opcenter\Filesystem::mkdir($subdomain_parent, $this->user_id, $this->group_id); |
1428: | } |
1429: | $tmp = $docroot; |
1430: | if ($docroot[0] === '.' && $docroot[1] == '.') { |
1431: | $tmp = $subdomain_parent . DIRECTORY_SEPARATOR . $docroot; |
1432: | } |
1433: | clearstatcache(true, $tmp); |
1434: | $user = fileowner($tmp); |
1435: | if (!file_exists($tmp)) { |
1436: | Error_Reporter::print_debug_bt(); |
1437: | } |
1438: | |
1439: | return symlink($docroot, $prefix . $subdomain_path) && |
1440: | Util_PHP::lchown($prefix . $subdomain_path, $user) && |
1441: | Util_PHP::lchgrp($prefix . $subdomain_path, $this->group_id); |
1442: | } |
1443: | |
1444: | |
1445: | |
1446: | |
1447: | |
1448: | |
1449: | public function status(): array |
1450: | { |
1451: | return Apache::getReportedServiceStatus(); |
1452: | } |
1453: | |
1454: | |
1455: | |
1456: | |
1457: | public function _create() |
1458: | { |
1459: | Apache::activate(); |
1460: | } |
1461: | |
1462: | public function _verify_conf(\Opcenter\Service\ConfigurationContext $ctx): bool |
1463: | { |
1464: | return true; |
1465: | } |
1466: | |
1467: | public function _reload(string $why = '', array $args = []) |
1468: | { |
1469: | if (in_array($why, ['', 'php', 'aliases', Ssl_Module::SYS_RHOOK, Ssl_Module::USER_RHOOK], true)) { |
1470: | return Apache::activate(); |
1471: | } |
1472: | } |
1473: | |
1474: | public function _housekeeping() { |
1475: | |
1476: | $class = new ReflectionClass(\Service\CaptureDevices\Chromedriver::class); |
1477: | $instance = $class->newInstanceWithoutConstructor(); |
1478: | if ($instance->running()) { |
1479: | $instance->stop(true); |
1480: | } |
1481: | } |
1482: | |
1483: | public function _cron(Cronus $c) { |
1484: | if (SCREENSHOTS_ENABLED && !APNSCPD_HEADLESS) { |
1485: | $c->schedule(60 * 60, 'screenshots', static function () { |
1486: | |
1487: | $n = (int)sprintf('%u', SCREENSHOTS_BATCH); |
1488: | $job = (new \Service\BulkCapture(new \Service\CaptureDevices\Chromedriver)); |
1489: | $job->batch($n); |
1490: | |
1491: | }); |
1492: | } |
1493: | |
1494: | |
1495: | if (TELEMETRY_ENABLED) { |
1496: | $collector = new Collector(PostgreSQL::pdo()); |
1497: | |
1498: | if ( !($status = $this->status()) ) { |
1499: | |
1500: | |
1501: | |
1502: | $status = array_fill_keys(array_values(ApacheMetrics::ATTRVAL_MAP), 0); |
1503: | } |
1504: | |
1505: | foreach (ApacheMetrics::ATTRVAL_MAP as $attr => $metric) { |
1506: | $collector->add("apache-${attr}", null, (int)$status[$metric]); |
1507: | } |
1508: | } |
1509: | } |
1510: | |
1511: | public function _delete() |
1512: | { |
1513: | |
1514: | } |
1515: | |
1516: | public function http_config_dir(): string |
1517: | { |
1518: | deprecated_func('use site_config_dir'); |
1519: | |
1520: | return $this->site_config_dir(); |
1521: | } |
1522: | |
1523: | public function config_dir(): string |
1524: | { |
1525: | return Apache::CONFIG_PATH; |
1526: | } |
1527: | |
1528: | public function _delete_user(string $user) |
1529: | { |
1530: | $this->remove_user_subdomain($user); |
1531: | } |
1532: | |
1533: | |
1534: | |
1535: | |
1536: | |
1537: | |
1538: | |
1539: | public function remove_user_subdomain(string $user): bool |
1540: | { |
1541: | $ret = true; |
1542: | $home = $this->user_get_user_home($user) . '/'; |
1543: | foreach ($this->list_subdomains() as $subdomain => $dir) { |
1544: | if (!str_starts_with($dir, $home)) { |
1545: | continue; |
1546: | } |
1547: | $ret &= $this->remove_subdomain($subdomain); |
1548: | } |
1549: | |
1550: | return (bool)$ret; |
1551: | } |
1552: | |
1553: | |
1554: | |
1555: | |
1556: | |
1557: | |
1558: | |
1559: | public function inventory_capture(array $sites = null): void { |
1560: | if (!$sites) { |
1561: | $sites = \Opcenter\Account\Enumerate::sites(); |
1562: | } |
1563: | $driver = new \Service\BulkCapture(new \Service\CaptureDevices\Chromedriver); |
1564: | foreach ($sites as $site) { |
1565: | $oldex = \Error_Reporter::exception_upgrade(\Error_Reporter::E_FATAL|\Error_Reporter::E_ERROR); |
1566: | try { |
1567: | $ctx = \Auth::context(null, $site); |
1568: | $afi = \apnscpFunctionInterceptor::factory($ctx); |
1569: | } catch (\apnscpException $e) { |
1570: | continue; |
1571: | } finally { |
1572: | \Error_Reporter::exception_upgrade($oldex); |
1573: | } |
1574: | |
1575: | if (!posix_getuid()) { |
1576: | |
1577: | $serviceRef = new \Opcenter\Http\Php\Fpm\StateRestore($ctx->site); |
1578: | } |
1579: | |
1580: | foreach ((new \Module\Support\Webapps\Finder($ctx))->getAllApplicationRoots() as $meta) { |
1581: | if (empty($meta['hostname'])) { |
1582: | continue; |
1583: | } |
1584: | |
1585: | debug('%(site)s: Capturing %(url)s (IP: %(ip)s)', [ |
1586: | 'site' => $ctx->site, |
1587: | 'url' => rtrim(implode('/', [$meta['hostname'], $meta['path']]), '/'), |
1588: | 'ip' => $afi->site_ip_address() |
1589: | ]); |
1590: | $driver->snap($meta['hostname'], $meta['path'], $afi->site_ip_address()); |
1591: | } |
1592: | |
1593: | } |
1594: | } |
1595: | |
1596: | |
1597: | |
1598: | |
1599: | |
1600: | |
1601: | |
1602: | |
1603: | |
1604: | |
1605: | |
1606: | public function capture(string $hostname, string $path = '', \Service\BulkCapture $service = null): bool |
1607: | { |
1608: | if (APNSCPD_HEADLESS) { |
1609: | return warn('Panel in headless mode'); |
1610: | } |
1611: | |
1612: | $hostname = strtolower($hostname); |
1613: | if (!$this->normalize_path($hostname, $path)) { |
1614: | return error("Site `%s/%s' is not hosted on account", $hostname, $path); |
1615: | } |
1616: | if (!$service) { |
1617: | $service = new \Service\BulkCapture(new \Service\CaptureDevices\Chromedriver); |
1618: | } |
1619: | return $service->snap($hostname, $path, $this->site_ip_address()); |
1620: | } |
1621: | |
1622: | public function _create_user(string $user) |
1623: | { |
1624: | |
1625: | } |
1626: | } |