github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-14 10:37:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

LE installation

Browse source
This commit is contained in:
Serghey Rodin 2016-11-11 00:28:24 +02:00
commit 9bf86eaabd
2 changed files with 128 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

259
web/edit/web/index.php
View file

@ -35,8 +35,7 @@ $v_tpl = $data[$v_domain]['IP'];
$v_cgi = $data[$v_domain]['CGI'];
$v_elog = $data[$v_domain]['ELOG'];
$v_ssl = $data[$v_domain]['SSL'];
$v_letsencrypt = $data[$v_domain]['LETSENCRYPT'];
if ( $v_ssl == 'yes' && ($v_letsencrypt == 'no' || empty($v_letsencrypt))) {
if (!empty($v_ssl)) {
exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
$ssl_str = json_decode(implode('', $output), true);
unset($output);
@ -51,6 +50,8 @@ if ( $v_ssl == 'yes' && ($v_letsencrypt == 'no' || empty($v_letsencrypt))) {
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
}
$v_letsencrypt = $data[$v_domain]['LETSENCRYPT'];
if (empty($v_letsencrypt)) $v_letsencrypt = 'no';
$v_ssl_home = $data[$v_domain]['SSL_HOME'];
$v_backend_template = $data[$v_domain]['BACKEND'];
$v_proxy = $data[$v_domain]['PROXY'];
@ -214,10 +215,10 @@ if (!empty($_POST['save'])) {
// Change backend template
if ((!empty($_SESSION['WEB_BACKEND'])) && ( $v_backend_template != $_POST['v_backend_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
$v_backend_template = $_POST['v_backend_template'];
exec (VESTA_CMD."v-change-web-domain-backend-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_backend_template), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_backend_template = $_POST['v_backend_template'];
exec (VESTA_CMD."v-change-web-domain-backend-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_backend_template), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Delete proxy support
@ -264,139 +265,72 @@ if (!empty($_POST['save'])) {
$restart_proxy = 'yes';
}
// Disable Lets Encrypt support
if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var);
// Delete Lets Encrypt support
if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_letsencrypt = 'no';
$v_letsencrypt_deleted = 'yes';
$v_ssl = 'no';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
else{
// Delete SSL certificate
if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_ssl = 'no';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
}
}
// Enable Lets Encrypt support
if (( $v_letsencrypt == 'no' || empty( $v_letsencrypt)) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var);
$data = json_decode(implode('', $output), true);
exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '' 'no'", $output, $return_var);
// Delete SSL certificate
if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_ssl = 'no';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
// Add Lets Encrypt support
if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
$l_aliases = str_replace("\n", ',', $v_aliases);
exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$l_aliases."' 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_letsencrypt = 'yes';
$v_ssl = 'yes';
$restart_web = 'yes';
$restart_proxy = 'yes';
}
else{
// Change SSL certificate
if (($v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) {
exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0];
// Certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fwrite($fp, "\n");
fclose($fp);
}
// Add SSL certificate
if (( $v_ssl == 'no' ) && (!empty($_POST['v_ssl'])) && (empty($v_letsencrypt_deleted)) && (empty($_SESSION['error_msg']))) {
if (empty($_POST['v_ssl_crt'])) $errors[] = 'ssl certificate';
if (empty($_POST['v_ssl_key'])) $errors[] = 'ssl key';
if (empty($_POST['v_ssl_home'])) $errors[] = 'ssl home';
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
} else {
exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0];
// Key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n");
fclose($fp);
}
// Certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fclose($fp);
}
// CA
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$restart_web = 'yes';
$restart_proxy = 'yes';
exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
$ssl_str = json_decode(implode('', $output), true);
unset($output);
$v_ssl_crt = $ssl_str[$v_domain]['CRT'];
$v_ssl_key = $ssl_str[$v_domain]['KEY'];
$v_ssl_ca = $ssl_str[$v_domain]['CA'];
$v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
$v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
$v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
$v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
$v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
// Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) {
unlink($tmpdir."/".$_POST['v_domain'].".crt");
}
if (!empty($_POST['v_ssl_key'])) {
unlink($tmpdir."/".$_POST['v_domain'].".key");
}
if (!empty($_POST['v_ssl_ca'])) {
unlink($tmpdir."/".$_POST['v_domain'].".ca");
}
rmdir($tmpdir);
}
}
// Add SSL certificate
if (( $v_ssl == 'no') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))) $errors[] = 'ssl certificate';
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))) $errors[] = 'ssl key';
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_home']))) $errors[] = 'ssl home';
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
} else {
exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0];
// Certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fclose($fp);
}
// Key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fclose($fp);
}
// Key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fclose($fp);
}
// CA
if (!empty($_POST['v_ssl_ca'])) {
@ -425,23 +359,72 @@ if (!empty($_POST['save'])) {
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
// Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) {
unlink($tmpdir."/".$_POST['v_domain'].".crt");
}
// Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca");
rmdir($tmpdir);
}
}
if (!empty($_POST['v_ssl_key'])) {
unlink($tmpdir."/".$_POST['v_domain'].".key");
}
// Change SSL certificate
if (( $v_letsencrypt == 'no' ) && ( $v_ssl == 'yes' ) && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) {
exec ('mktemp -d', $mktemp_output, $return_var);
$tmpdir = $mktemp_output[0];
if (!empty($_POST['v_ssl_ca'])) {
unlink($tmpdir."/".$_POST['v_domain'].".ca");
}
// Certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fwrite($fp, "\n");
fclose($fp);
}
// Key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n");
fclose($fp);
}
// CA
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$restart_web = 'yes';
$restart_proxy = 'yes';
exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
$ssl_str = json_decode(implode('', $output), true);
unset($output);
$v_ssl_crt = $ssl_str[$v_domain]['CRT'];
$v_ssl_key = $ssl_str[$v_domain]['KEY'];
$v_ssl_ca = $ssl_str[$v_domain]['CA'];
$v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
$v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
$v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
$v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
$v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
// Cleanup certificate tempfiles
if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca");
rmdir($tmpdir);
}
}
rmdir($tmpdir);
}
}
}
// Change document root for ssl domain
if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
if ( $v_ssl_home != $_POST['v_ssl_home'] ) {

19
web/templates/admin/edit_web.html
View file

@ -186,14 +186,9 @@
<tr>
<td class="step-left">
<table style="display:<?php if ($v_ssl == 'no' ) { echo 'none';} else {echo 'block';}?> ;" id="ssltable">
<tr>
<td class="input-label vst-text">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print __('Lets Encrypt Support');?></label>
</td>
</tr>
<tr>
<td class="vst-text input-label lets-encrypt-note <? if($v_letencrypt == 'yes' || $v_letencrypt == 'on') echo ' enabled';?>" >
<?= __('Your certificate will be automatically issued in 5 minutes')?>
<tr>
<td class="input-label vst-text">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print __('Lets Encrypt Support');?></label>
</td>
</tr>
<tr>
@ -217,7 +212,7 @@
<tr>
<td class="vst-text input-label">
<?php print __('SSL Certificate');?>
<span id="generate-csr"> / <a class="generate" target="_blank" href="/generate/ssl/?domain=<?php echo $v_domain ?>"><?php print __('Generate CSR') ?></a></span>
<span id="generate-csr"> / <a class="generate" target="_blank" href="/generate/ssl/?domain=<?php echo $v_domain ?>"><?php print __('Generate CSR') ?></a></span>
</td>
</tr>
<tr>
@ -246,7 +241,7 @@
</td>
</tr>
<?
if ($v_ssl != 'no' ) { ?>
if ($v_ssl != 'no' ) { ?>
<tr>
<td>
<table class="additional-info">
@ -311,7 +306,7 @@
</table>
</td>
</tr>
<? } // if ssl is enabled ?>
<? } // if ssl is enabled ?>
</table>
</td>
</tr>
@ -337,7 +332,7 @@
</select>
</td>
</tr>
<tr class="stats-auth" style="<? if ($v_stats == 'none') { ?>display:none"<? } ?>>
<tr class="stats-auth" style="<? if ($v_stats == 'none') { ?>display:none<? } ?>">
<td class="vst-text input-label step-left">
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_stats_auth" <?php if (!empty($v_stats_user)) echo "checked=yes" ?> onclick="javascript:elementHideShow('statstable');"><?php print __('Statistics Authorization');?></label>
</td>