github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-20 05:14:08 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #804 from pcfreak30/feature/800

Browse source 
Add GUI support for letsencrypt
This commit is contained in:
Serghey Rodin 2016-10-18 17:00:57 +03:00 committed by GitHub
commit 602d6cd4cf
10 changed files with 313 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

19
bin/v-add-letsencrypt-domain
View file

@ -38,7 +38,8 @@ is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain" is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_object_value_empty 'web' 'DOMAIN' "$domain" '$LETSENCRYPT'
get_domain_values 'web'
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
@ -55,8 +56,8 @@ i=1
for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
$BIN/v-check-letsencrypt-domain $user $alias $BIN/v-check-letsencrypt-domain $user $alias
check_result $? "LE domain validation" >/dev/null check_result $? "LE domain validation" >/dev/null
if [ "$i" -gt 6 ]; then if [ "$i" -gt 100 ]; then
check_result $E_LIMIT "LE can't sign more than 6 domains" check_result $E_LIMIT "LE can't sign more than 100 domains"
fi fi
i=$((i++)) i=$((i++))
done done
@ -86,11 +87,23 @@ $BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $BIN/v-add-web-domain-ssl $user $domain $ssl_dir
check_result $? "SSL install" >/dev/null check_result $? "SSL install" >/dev/null
if [ -z "$LETSENCRYPT" ]; then
add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restarting web
if [ "$restart" != 'no' ]; then
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
# Logging # Logging
log_event "$OK" "$ARGUMENTS" log_event "$OK" "$ARGUMENTS"

3
bin/v-add-letsencrypt-user
View file

@ -41,11 +41,12 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
api='https://acme-v01.api.letsencrypt.org' api='https://acme-v01.api.letsencrypt.org'
agreement='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
if [ -z "$email" ]; then if [ -z "$email" ]; then
email=$(get_user_value '$CONTACT') email=$(get_user_value '$CONTACT')
fi fi
agreement=$(curl -s -I "$api/terms" |grep Location |cut -f 2 -d \ |tr -d '\r\n')
# Generating key # Generating key
key="$USER_DATA/ssl/user.key" key="$USER_DATA/ssl/user.key"
if [ ! -e "$key" ]; then if [ ! -e "$key" ]; then

60
bin/v-delete-letsencrypt-domain Executable file
View file

@ -0,0 +1,60 @@
#!/bin/bash
# info: deleting letsencrypt ssl cetificate for domain
# options: USER DOMAIN [RESTART]
#
# The function turns off letsencrypt SSL support for a domain.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
restart=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_object_value_exist 'web' 'DOMAIN' "$domain" '$LETSENCRYPT'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Delete SSL
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
check_result $? "SSL delete" >/dev/null
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'no'
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting web
if [ "$restart" != 'no' ]; then
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

46
bin/v-update-letsencrypt-ssl
View file

@ -23,34 +23,34 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Defining user list # Defining user list
users=$(ls $VESTA/data/users/*/ssl/le.conf |cut -f 7 -d /) users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
# Checking users # Checking users
for user in $users; do for user in $users; do
USER_DATA=$VESTA/data/users/$user
# Checking user certificates # Checking user certificates
for crt in $(ls $VESTA/data/users/$user/ssl/*.crt 2>/dev/null); do for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
crt="$VESTA/data/users/$user/ssl/$domain.crt"
# Checking certificate issuer # Checking certificate issuer
crt_data=$(openssl x509 -text -in $crt) crt_data=$(openssl x509 -text -in "$crt")
issuer=$(echo "$crt_data" |grep Issuer: |grep Encrypt)
if [ ! -z "$issuer" ]; then expire=$(echo "$crt_data" |grep "Not After")
expire=$(echo "$crt_data" |grep "Not After") expire=$(echo "$expire" |cut -f 2,3,4 -d :)
expire=$(echo "$expire" |cut -f 2,3,4 -d :) expire=$(date -d "$expire" +%s)
expire=$(date -d "$expire" +%s) now=$(date +%s)
now=$(date +%s) expire=$((expire - now))
expire=$((expire - now)) expire=$((expire / 86400))
expire=$((expire / 86400)) domain=$(basename $crt |sed -e "s/.crt$//")
domain=$(basename $crt |sed -e "s/.crt$//") if [[ "$expire" -lt 31 ]]; then
if [[ "$expire" -lt 31 ]]; then aliases=$(echo "$crt_data" |grep DNS:)
aliases=$(echo "$crt_data" |grep DNS:) aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") aliases=$(echo "$aliases" |grep -v "^$domain$")
aliases=$(echo "$aliases" |grep -v "^$domain$") if [ ! -z "$aliases" ]; then
if [ ! -z "$aliases" ]; then aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') $BIN/v-add-letsencrypt-domain $user $domain $aliases
$BIN/v-add-letsencrypt-domain $user $domain $aliases else
else $BIN/v-add-letsencrypt-domain $user $domain
$BIN/v-add-letsencrypt-domain $user $domain
fi
fi fi
fi fi
done done

81
web/add/web/index.php
View file

@ -18,8 +18,8 @@ if (!empty($_POST['ok'])) {
// Check for empty fields // Check for empty fields
if (empty($_POST['v_domain'])) $errors[] = __('domain'); if (empty($_POST['v_domain'])) $errors[] = __('domain');
if (empty($_POST['v_ip'])) $errors[] = __('ip'); if (empty($_POST['v_ip'])) $errors[] = __('ip');
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = __('ssl certificate'); if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl certificate');
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = __('ssl key'); if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl key');
if (!empty($errors[0])) { if (!empty($errors[0])) {
foreach ($errors as $i => $error) { foreach ($errors as $i => $error) {
if ( $i == 0 ) { if ( $i == 0 ) {
@ -79,6 +79,7 @@ if (!empty($_POST['ok'])) {
$v_ssl_key = $_POST['v_ssl_key']; $v_ssl_key = $_POST['v_ssl_key'];
$v_ssl_ca = $_POST['v_ssl_ca']; $v_ssl_ca = $_POST['v_ssl_ca'];
$v_ssl_home = $data[$v_domain]['SSL_HOME']; $v_ssl_home = $data[$v_domain]['SSL_HOME'];
$v_letsencrypt = $_POST['v_letsencrypt'];
$v_stats = escapeshellarg($_POST['v_stats']); $v_stats = escapeshellarg($_POST['v_stats']);
$v_stats_user = $data[$v_domain]['STATS_USER']; $v_stats_user = $data[$v_domain]['STATS_USER'];
$v_stats_password = $data[$v_domain]['STATS_PASSWORD']; $v_stats_password = $data[$v_domain]['STATS_PASSWORD'];
@ -96,6 +97,7 @@ if (!empty($_POST['ok'])) {
if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes'; if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes';
if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes'; if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes';
if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes'; if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes';
if ((!empty($_POST['v_letsencrypt']))) $v_adv = 'yes';
// Check advanced features // Check advanced features
if (empty($_POST['v_dns'])) $v_dns = 'off'; if (empty($_POST['v_dns'])) $v_dns = 'off';
@ -144,42 +146,53 @@ if (!empty($_POST['ok'])) {
unset($output); unset($output);
} }
// Add SSL certificates // Add Lets Encrypt support
if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec ('mktemp -d', $output, $return_var);
$tmpdir = $output[0];
unset($output);
// Save certificate if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
if (!empty($_POST['v_ssl_crt'])) { exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var);
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); $data = json_decode(implode('', $output), true);
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$data['ALIAS']."' 'no'", $output, $return_var);
fwrite($fp, "\n");
fclose($fp);
}
// Save private key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n");
fclose($fp);
}
// Save CA bundle
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var);
check_return_code($return_var,$output); check_return_code($return_var,$output);
unset($output); unset($output);
} }
else {
// Add SSL certificates only if Lets Encrypt is off
if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec ('mktemp -d', $output, $return_var);
$tmpdir = $output[0];
unset($output);
// Save certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fwrite($fp, "\n");
fclose($fp);
}
// Save private key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n");
fclose($fp);
}
// Save CA bundle
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Add web stats // Add web stats
if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) { if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) {
$v_stats = escapeshellarg($_POST['v_stats']); $v_stats = escapeshellarg($_POST['v_stats']);

205
web/edit/web/index.php
View file

@ -35,7 +35,8 @@ $v_tpl = $data[$v_domain]['IP'];
$v_cgi = $data[$v_domain]['CGI']; $v_cgi = $data[$v_domain]['CGI'];
$v_elog = $data[$v_domain]['ELOG']; $v_elog = $data[$v_domain]['ELOG'];
$v_ssl = $data[$v_domain]['SSL']; $v_ssl = $data[$v_domain]['SSL'];
if ( $v_ssl == 'yes' ) { $v_letsencrypt = $data[$v_domain]['LETSENCRYPT'];
if ( $v_ssl == 'yes' && ($v_letsencrypt == 'no' || empty($v_letsencrypt))) {
exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var); exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
$ssl_str = json_decode(implode('', $output), true); $ssl_str = json_decode(implode('', $output), true);
unset($output); unset($output);
@ -263,45 +264,69 @@ if (!empty($_POST['save'])) {
$restart_proxy = 'yes'; $restart_proxy = 'yes';
} }
// Delete SSL certificate // Disable Lets Encrypt support
if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var); if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var);
check_return_code($return_var,$output); check_return_code($return_var,$output);
unset($output); unset($output);
$v_ssl = 'no'; $v_letsencrypt = 'no';
$restart_web = 'yes'; $restart_web = 'yes';
$restart_proxy = 'yes'; $restart_proxy = 'yes';
} }
else {
// Delete SSL certificate
if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var);
$data = json_decode(implode('', $output), true);
exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$data['ALIAS']."' 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_ssl = 'no';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
}
if (( $v_letsencrypt == 'no' || empty( $v_letsencrypt)) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var);
$data = json_decode(implode('', $output), true);
exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_letsencrypt = 'yes';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
else{
// Change SSL certificate
if (($v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) {
exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0];
// Change SSL certificate // Certificate
if (($v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { if (!empty($_POST['v_ssl_crt'])) {
if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) { $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
exec ('mktemp -d', $mktemp_output, $return_var); fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
$tmpdir = $mktemp_output[0]; fwrite($fp, "\n");
fclose($fp);
}
// Certificate // Key
if (!empty($_POST['v_ssl_crt'])) { if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n"); fwrite($fp, "\n");
fclose($fp); fclose($fp);
} }
// Key // CA
if (!empty($_POST['v_ssl_key'])) { if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n"); fwrite($fp, "\n");
fclose($fp); fclose($fp);
} }
// CA
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var); exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
check_return_code($return_var,$output); check_return_code($return_var,$output);
@ -323,55 +348,55 @@ if (!empty($_POST['save'])) {
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY']; $v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER']; $v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
// Cleanup certificate tempfiles // Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) { if (!empty($_POST['v_ssl_crt'])) {
unlink($tmpdir."/".$_POST['v_domain'].".crt"); unlink($tmpdir."/".$_POST['v_domain'].".crt");
} }
if (!empty($_POST['v_ssl_key'])) { if (!empty($_POST['v_ssl_key'])) {
unlink($tmpdir."/".$_POST['v_domain'].".key"); unlink($tmpdir."/".$_POST['v_domain'].".key");
} }
if (!empty($_POST['v_ssl_ca'])) { if (!empty($_POST['v_ssl_ca'])) {
unlink($tmpdir."/".$_POST['v_domain'].".ca"); unlink($tmpdir."/".$_POST['v_domain'].".ca");
} }
rmdir($tmpdir); rmdir($tmpdir);
} }
} }
// Add SSL certificate // Add SSL certificate
if (( $v_ssl == 'no') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { if (( $v_ssl == 'no') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = 'ssl certificate'; if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = 'ssl certificate';
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = 'ssl key'; if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = 'ssl key';
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_home']))) $errors[] = 'ssl home'; if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_home']))) $errors[] = 'ssl home';
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']); $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
if (!empty($errors[0])) { if (!empty($errors[0])) {
foreach ($errors as $i => $error) { foreach ($errors as $i => $error) {
if ( $i == 0 ) { if ( $i == 0 ) {
$error_msg = $error; $error_msg = $error;
} else { } else {
$error_msg = $error_msg.", ".$error; $error_msg = $error_msg.", ".$error;
} }
} }
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
} else { } else {
exec ('mktemp -d', $mktemp_output, $return_var); exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0]; $tmpdir = $mktemp_output[0];
// Certificate // Certificate
if (!empty($_POST['v_ssl_crt'])) { if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fclose($fp); fclose($fp);
} }
// Key // Key
if (!empty($_POST['v_ssl_key'])) { if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fclose($fp); fclose($fp);
} }
// CA // CA
if (!empty($_POST['v_ssl_ca'])) { if (!empty($_POST['v_ssl_ca'])) {
@ -400,23 +425,23 @@ if (!empty($_POST['save'])) {
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY']; $v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER']; $v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
// Cleanup certificate tempfiles // Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) { if (!empty($_POST['v_ssl_crt'])) {
unlink($tmpdir."/".$_POST['v_domain'].".crt"); unlink($tmpdir."/".$_POST['v_domain'].".crt");
} }
if (!empty($_POST['v_ssl_key'])) { if (!empty($_POST['v_ssl_key'])) {
unlink($tmpdir."/".$_POST['v_domain'].".key"); unlink($tmpdir."/".$_POST['v_domain'].".key");
} }
if (!empty($_POST['v_ssl_ca'])) { if (!empty($_POST['v_ssl_ca'])) {
unlink($tmpdir."/".$_POST['v_domain'].".ca"); unlink($tmpdir."/".$_POST['v_domain'].".ca");
} }
rmdir($tmpdir);
}
}
rmdir($tmpdir);
}
}
}
// Change document root for ssl domain // Change document root for ssl domain
if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if ( $v_ssl_home != $_POST['v_ssl_home'] ) { if ( $v_ssl_home != $_POST['v_ssl_home'] ) {

16
web/js/pages/add_web.js
View file

@ -151,6 +151,21 @@ App.Actions.WEB.toggle_additional_ftp_accounts = function(elm) {
} }
} }
App.Actions.WEB.toggle_letsencrypt = function(elm) {
if ($(elm).attr('checked')) {
$('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').attr('disabled', 'disabled');
$('input[name=v_ssl]').prop('checked', true);
$('#ssltable').show();
$('#generate-csr').hide();
}
else {
$('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').removeAttr('disabled');
$('input[name=v_ssl]').prop('checked', false);
$('#ssltable').hide();
$('#generate-csr').show();
}
}
// //
// Page entry point // Page entry point
App.Listeners.WEB.keypress_ftp_username(); App.Listeners.WEB.keypress_ftp_username();
@ -163,6 +178,7 @@ $(function() {
var prefix = 'www.'; var prefix = 'www.';
document.getElementById('v_aliases').value = prefix + document.getElementById('v_domain').value; document.getElementById('v_aliases').value = prefix + document.getElementById('v_domain').value;
}); });
App.Actions.WEB.toggle_letsencrypt($('input[name=v_letsencrypt]'))
}); });
function WEBrandom() { function WEBrandom() {

26
web/js/pages/edit_web.js
View file

@ -132,6 +132,21 @@ App.Actions.WEB.toggle_additional_ftp_accounts = function(elm) {
} }
} }
App.Actions.WEB.toggle_letsencrypt = function(elm) {
if ($(elm).attr('checked')) {
$('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').attr('disabled', 'disabled');
$('input[name=v_ssl]').prop('checked', true);
$('#ssltable').show();
$('#generate-csr').hide();
}
else {
$('#ssltable textarea[name=v_ssl_crt],#ssltable textarea[name=v_ssl_key], #ssltable textarea[name=v_ssl_ca]').removeAttr('disabled');
$('input[name=v_ssl]').prop('checked', false);
$('#ssltable').hide();
$('#generate-csr').show();
}
}
App.Actions.WEB.randomPasswordGenerated = function(elm) { App.Actions.WEB.randomPasswordGenerated = function(elm) {
return App.Actions.WEB.passwordChanged(elm); return App.Actions.WEB.passwordChanged(elm);
} }
@ -159,11 +174,14 @@ App.Actions.WEB.passwordChanged = function(elm) {
App.Listeners.WEB.keypress_ftp_username(); App.Listeners.WEB.keypress_ftp_username();
App.Listeners.WEB.keypress_ftp_path(); App.Listeners.WEB.keypress_ftp_path();
$('.v-ftp-user-psw').on('keypress', function(evt) {
var elm = $(evt.target);
App.Actions.WEB.passwordChanged(elm);
});
$(function() {
$('.v-ftp-user-psw').on('keypress', function (evt) {
var elm = $(evt.target);
App.Actions.WEB.passwordChanged(elm);
});
App.Actions.WEB.toggle_letsencrypt($('input[name=v_letsencrypt]'))
});
function WEBrandom() { function WEBrandom() {
var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz'; var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz';

7
web/templates/admin/add_web.html
View file

@ -124,7 +124,7 @@
<tr> <tr>
<td class="step-top vst-text"> <td class="step-top vst-text">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl" <?php if($v_ssl == 'yes' || $v_ssl == 'on') echo "checked=yes" ?> onclick="javascript:elementHideShow('ssltable');"> <?php print __('SSL Support');?></label> / <label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl" <?php if($v_ssl == 'yes' || $v_ssl == 'on') echo "checked=yes" ?> onclick="javascript:elementHideShow('ssltable');"> <?php print __('SSL Support');?></label> /
<a class="generate" target="_blank" href="/generate/ssl/"><?php print __('Generate CSR') ?></a> <a class="generate" id="generate-csr" target="_blank" href="/generate/ssl/"><?php print __('Generate CSR') ?></a>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -180,6 +180,11 @@
</table> </table>
</td> </td>
</tr> </tr>
<tr>
<td class="step-top vst-text">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letsencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print __('Lets Encrypt Support');?></label>
</td>
</tr>
<tr> <tr>
<td class="vst-text step-top"> <td class="vst-text step-top">
<?php print __('Web Statistics');?> <?php print __('Web Statistics');?>

7
web/templates/admin/edit_web.html
View file

@ -181,7 +181,7 @@
<tr> <tr>
<td class="vst-text step-top"> <td class="vst-text step-top">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl" <?php if ($v_ssl == 'yes') echo "checked=yes" ?> onclick="javascript:elementHideShow('ssltable');"> <?php print __('SSL Support');?></label> / <label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl" <?php if ($v_ssl == 'yes') echo "checked=yes" ?> onclick="javascript:elementHideShow('ssltable');"> <?php print __('SSL Support');?></label> /
<a class="generate" target="_blank" href="/generate/ssl/?domain=<?php echo $v_domain ?>"><?php print __('Generate CSR') ?></a> <a class="generate" id="generate-csr" target="_blank" href="/generate/ssl/?domain=<?php echo $v_domain ?>"><?php print __('Generate CSR') ?></a>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -304,6 +304,11 @@
</table> </table>
</td> </td>
</tr> </tr>
<tr>
<td class="step-top vst-text">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print __('Lets Encrypt Support');?></label>
</td>
</tr>
<tr> <tr>
<td class="vst-text step-top"> <td class="vst-text step-top">
<?php print __('Web Statistics');?> <?php print __('Web Statistics');?>