Skip to content

Commit 4125e32

Browse files
BizarrusBizarrus
committed
Fix VHosts and Permissions
1 parent 7b9a315 commit 4125e32

File tree

2 files changed

+92
-25
lines changed

2 files changed

+92
-25
lines changed

domains/daemon.php

Lines changed: 91 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
class DomainsDaemon {
66
public function __construct() {
77
$this->deleteDomains();
8+
$this->fixDomains();
89
$this->createDomains();
910
$this->reloadApache();
1011
}
@@ -59,21 +60,36 @@ protected function createDomains() {
5960
}
6061
}
6162

63+
protected function fixDomains() {
64+
$domains = $this->getDomains('AND
65+
`' . DATABASE_PREFIX . 'domains`.`time_deleted` IS NULL');
66+
67+
foreach($domains AS $domain) {
68+
print "\033[0;32m\tFixing VHost:\033[39m " . $domain->name . PHP_EOL;
69+
$path = $this->createPath($domain->username, $domain->directory);
70+
}
71+
}
72+
6273
protected function createPath($username, $directory) {
6374
$logs = sprintf('%s%s/%s/', HOST_PATH, $username, 'logs');
6475
$path = sprintf('%s%s/%s/', HOST_PATH, $username, $directory);
76+
$user = (object) posix_getpwnam($username);
6577

66-
chmod(HOST_PATH . $username, 0777);
78+
chmod(HOST_PATH . $username, 0700);
6779

6880
if(!file_exists($logs)) {
6981
mkdir($logs);
70-
chmod($logs, 0777);
7182
}
83+
chmod($logs, 0700);
84+
chown($logs, $user->uid);
85+
chgrp($logs, $user->gid);
7286

7387
if(!file_exists($path)) {
7488
mkdir($path);
75-
chmod($path, 0777);
7689
}
90+
chmod($path, 0700);
91+
chown($path, $user->uid);
92+
chgrp($path, $user->gid);
7793

7894
return str_replace('//', '/', $path);
7995
}
@@ -96,66 +112,117 @@ protected function getDomains($sql = '') {
96112
protected function createVirtualHost($domain, $path, $grant_all = true) {
97113
$config = '# Generated by fruithost' . PHP_EOL;
98114
$config .= '<VirtualHost *:80>' . PHP_EOL;
99-
$config .= TAB . sprintf('ServerAdmin abuse@%s', $domain->name) . PHP_EOL;
100-
$config .= TAB . sprintf('DocumentRoot %s', $path) . PHP_EOL;
101-
$config .= TAB . sprintf('ServerName %s', $domain->name) . PHP_EOL;
115+
$config .= TAB . '# DO NOT EDIT' . PHP_EOL;
116+
$config .= TAB . sprintf('ServerAdmin abuse@%s', $domain->name) . PHP_EOL;
117+
$config .= TAB . sprintf('DocumentRoot %s', $path) . PHP_EOL;
118+
$config .= TAB . sprintf('ServerName %s', $domain->name) . PHP_EOL;
102119

103120
$logs = sprintf('%s%s/%s/', HOST_PATH, $domain->username, 'logs');
104-
$config .= TAB . sprintf('ErrorLog %s%s_error.log', $logs, $domain->name) . PHP_EOL;
105-
$config .= TAB . sprintf('CustomLog %s%s_access.log combined', $logs, $domain->name) . PHP_EOL;
121+
$config .= TAB . sprintf('ErrorLog %s%s_error.log', $logs, $domain->name) . PHP_EOL;
122+
$config .= TAB . sprintf('CustomLog %s%s_access.log combined', $logs, $domain->name) . PHP_EOL;
123+
$config .= TAB . sprintf('CustomLog %s%s_bandwidth.log common', $logs, $domain->name) . PHP_EOL;
106124

107125
$config .= PHP_EOL;
108126

109-
// Security @ToDo
127+
// Security
110128
$config .= PHP_EOL;
111-
$config .= '#' . TAB . '<IfModule mpm_itk_module>' . PHP_EOL;
112-
$config .= '#' . TAB . TAB . sprintf('AssignUserId %s www-data', $domain->username) . PHP_EOL;
113-
$config .= '#' . TAB . '</IfModule>' . PHP_EOL;
129+
$config .= TAB . '# Security' . PHP_EOL;
130+
$config .= TAB . '<IfModule mpm_itk_module>' . PHP_EOL;
131+
$config .= TAB . TAB . sprintf('AssignUserId %s www-data', $domain->username) . PHP_EOL;
132+
$config .= TAB . '</IfModule>' . PHP_EOL;
133+
134+
// @ToDo Make settings for that
135+
#$config .= PHP_EOL;
136+
#$config .= TAB . '<IfModule headers>' . PHP_EOL;
137+
#$config .= TAB . TAB . 'Header set X-Frame-Options: "SAMEORIGIN"' . PHP_EOL;
138+
#$config .= TAB . '</IfModule>' . PHP_EOL;
114139

115140
// Error Pages
141+
$config .= PHP_EOL;
142+
$config .= TAB . '<IfModule mod_alias.c>' . PHP_EOL;
143+
$config .= TAB . TAB . '# Define Error Pages' . PHP_EOL;
116144
foreach([
117145
100, 101,
118146
400, 401, 403, 404, 405, 408, 410, 411, 412, 413, 414, 415,
119147
500, 501, 502, 503, 504, 505, 506
120148
] AS $code) {
121-
$config .= TAB . sprintf('Alias /errors/%1$s.html /etc/fruithost/placeholder/errors/%1$s.html', $code) . PHP_EOL;
149+
$config .= TAB . TAB . sprintf('Alias /errors/%1$s.html /etc/fruithost/placeholder/errors/%1$s.html', $code) . PHP_EOL;
122150
}
151+
$config .= TAB . '</IfModule>' . PHP_EOL;
123152

124153
// PHP-FPM
125-
$config .= PHP_EOL;
126-
$config .= TAB . '<IfModule setenvif_module>' . PHP_EOL;
127-
$config .= TAB . TAB . 'SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1' . PHP_EOL;
128-
$config .= TAB . '</IfModule>' . PHP_EOL;
129154

130155
// @ToDo
131156
$fpm = '[' . $domain->username. ']
132-
;prefix = /var/fruithost/users/$pool
157+
prefix = /var/fruithost/users/$pool
133158
134159
user = $pool
135160
group = www-data
136161
137-
listen = /run/php/$pool.sock
162+
listen = /var/fruithost/users/.sockets/$pool.sock
138163
139164
listen.owner = $pool
140165
listen.group = www-data
141-
listen.mode = 0770
166+
listen.mode = 0660
167+
168+
process.dumpable = yes
169+
decorate_workers_output = yes
170+
catch_workers_output = yes
142171
143172
pm = dynamic
144173
pm.max_children = 5
145174
pm.start_servers = 2
146175
pm.min_spare_servers = 1
147176
pm.max_spare_servers = 3
148177
149-
;access.log = log/$pool.access.log';
178+
;access.log = log/$pool.access.log
179+
decorate_workers_output = yes
180+
catch_workers_output = yes
181+
php_flag[display_errors] = on
182+
php_admin_value[error_log] = logs/php_error.log
183+
php_admin_flag[log_errors] = on';
184+
150185
file_put_contents(sprintf('/etc/fruithost/config/php/users/%s.conf', $domain->username), $fpm);
151186

187+
# PHP-FPM
152188
$config .= PHP_EOL;
153-
$config .= TAB . '<FilesMatch ".+\.ph(?:ar|p|tml)$">' . PHP_EOL;
154-
$config .= TAB . TAB . sprintf('SetHandler "proxy:unix:/run/php/%s.sock|fcgi://localhost"', $domain->username) . PHP_EOL;
155-
$config .= TAB . '</FilesMatch>' . PHP_EOL;
189+
$config .= TAB . '# PHP-FPM' . PHP_EOL;
190+
$config .= TAB . '<IfModule !mod_php8.c>' . PHP_EOL;
191+
$config .= TAB . TAB . '<IfModule proxy_fcgi_module>' . PHP_EOL;
192+
$config .= TAB . TAB . TAB . '# Forward Auth-Header' . PHP_EOL;
193+
$config .= TAB . TAB . TAB . '<IfModule setenvif_module>' . PHP_EOL;
194+
$config .= TAB . TAB . TAB . TAB . 'SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1' . PHP_EOL;
195+
$config .= TAB . TAB . TAB . '</IfModule>' . PHP_EOL;
196+
$config .= PHP_EOL;
197+
$config .= TAB . TAB . TAB . '# Define Proxy' . PHP_EOL;
198+
$config .= TAB . TAB . TAB . sprintf('<Proxy "unix:/var/fruithost/users/.sockets/%1$s.sock|fcgi://user-%1$s">', $domain->username) . PHP_EOL;
199+
$config .= TAB . TAB . TAB . TAB . 'ProxySet disablereuse=on' . PHP_EOL;
200+
$config .= TAB . TAB . TAB . '</Proxy>' . PHP_EOL;
201+
$config .= PHP_EOL;
202+
$config .= TAB . TAB . TAB . '# When .php-Files will be visited' . PHP_EOL;
203+
$config .= TAB . TAB . TAB . '<FilesMatch "\.php$">' . PHP_EOL;
204+
$config .= TAB . TAB . TAB . TAB . '# Remove old handlers (if exists)' . PHP_EOL;
205+
$config .= TAB . TAB . TAB . TAB . 'RemoveHandler .php' . PHP_EOL;
206+
$config .= TAB . TAB . TAB . TAB . PHP_EOL;
207+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGIBackendType FPM' . PHP_EOL;
208+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}"' . PHP_EOL;
209+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" CONTEXT_DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}"' . PHP_EOL;
210+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" PATH_INFO "%{PATH_INFO}"' . PHP_EOL;
211+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" PATH_TRANSLATED "%{reqenv:DOCUMENT_ROOT}%{reqenv:PATH_INFO}%{reqenv:SCRIPT_NAME}"' . PHP_EOL;
212+
$config .= TAB . TAB . TAB . TAB . '#ProxyFCGISetEnvIf "true" REQUEST_URI "${REQUEST_URI}"' . PHP_EOL;
213+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" SCRIPT_NAME "%{reqenv:SCRIPT_NAME}"' . PHP_EOL;
214+
$config .= TAB . TAB . TAB . TAB . 'ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "%{reqenv:SCRIPT_FILENAME}"' . PHP_EOL;
215+
$config .= TAB . TAB . TAB . TAB . PHP_EOL;
216+
$config .= TAB . TAB . TAB . TAB . sprintf('SetHandler proxy:fcgi://user-%1$s', $domain->username) . PHP_EOL;
217+
$config .= TAB . TAB . TAB . '</FilesMatch>' . PHP_EOL;
218+
219+
$config .= TAB . TAB . '</IfModule>' . PHP_EOL;
220+
$config .= TAB . '</IfModule>' . PHP_EOL;
221+
$config .= TAB . PHP_EOL;
156222

157223
// Directory
158224
$config .= PHP_EOL;
225+
$config .= TAB . '# Accessibility' . PHP_EOL;
159226
$config .= TAB . sprintf('<Directory %s>', $path) . PHP_EOL;
160227
$config .= TAB . TAB . 'Options +FollowSymLinks -Indexes' . PHP_EOL;
161228
$config .= TAB . TAB . 'AllowOverride All' . PHP_EOL;

domains/module.package

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "Domains",
3-
"version": "1.1.4",
3+
"version": "1.1.5",
44
"category": "DOMAIN_MANAGEMENT",
55
"icon": "globe-europe-africa",
66
"order": 1,

0 commit comments

Comments
 (0)