diff --git a/bin/vhost-add.sh b/bin/vhost-add.sh index 9c27c0a..1c7304b 100755 --- a/bin/vhost-add.sh +++ b/bin/vhost-add.sh @@ -73,15 +73,6 @@ vhost::set-phpVersion if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then if ! /bin/grep -q "^php_admin_value\[sendmail_path\]" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then echo "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -fwebmaster@$domain" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf - # restart php-fpm if it's active - if systemctl is-active --quiet php$phpVersion-fpm ; then - # check for valid config before restarting - if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then - systemctl reload php$phpVersion-fpm - else - echo "WARNING: php-fpm$phpVersion configuration test failed" - fi - fi fi fi diff --git a/bin/vhost-del.sh b/bin/vhost-del.sh index 172e3e1..099e152 100755 --- a/bin/vhost-del.sh +++ b/bin/vhost-del.sh @@ -39,7 +39,6 @@ username=$(stat -c '%U' /srv/www/$domain) # disable the apache conf and reload apache if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then a2dissite --quiet $domain - systemctl --quiet is-active apache2 && systemctl --quiet reload apache2 fi # remove the apache config diff --git a/bin/vhost-disable.sh b/bin/vhost-disable.sh index c9e5804..2041419 100755 --- a/bin/vhost-disable.sh +++ b/bin/vhost-disable.sh @@ -29,5 +29,5 @@ if [[ -z $domain ]]; then fi if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then - a2dissite --quiet $domain && systemctl --quiet is-active apache2 && systemctl --quiet reload apache2 + a2dissite --quiet $domain fi diff --git a/bin/vhost-enable.sh b/bin/vhost-enable.sh index 5e2027a..9cb7423 100755 --- a/bin/vhost-enable.sh +++ b/bin/vhost-enable.sh @@ -156,16 +156,10 @@ fi echo "$macro_vhost_line" > /etc/apache2/sites-available/$domain.conf # enable apache conf -if [[ ! -h /etc/apache2/sites-enabled/$domain.conf ]]; then +if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then + # modify timestamp on existing symlink to trigger apache restart + touch --no-dereference /etc/apache2/sites-enabled/$domain.conf +else a2ensite --quiet $domain.conf fi -# restart apache -if systemctl --quiet is-active apache2 ; then - if /usr/sbin/apachectl -t >/dev/null 2>&1 ; then - systemctl --quiet reload apache2 - else - echo "apache config test failed, not doing restart" - exit 2 - fi -fi diff --git a/bin/vhost-exp.sh b/bin/vhost-exp.sh index 467d578..7317e16 100755 --- a/bin/vhost-exp.sh +++ b/bin/vhost-exp.sh @@ -122,14 +122,6 @@ if [[ -d /srv/www/$domain ]]; then # /etc/ configs if [[ -d /srv/www/$domain/.exp/etc ]]; then echo "cp -a /srv/www/$domain/.exp/etc/* /etc/" - # reload apache - if [[ -f /srv/www/$domain/.exp/etc/apache2/sites-enabled/$domain.conf ]]; then - echo "systemctl reload apache2.service" - fi - # reload php - if [[ -f /srv/www/$domain/.exp/etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then - echo "systemctl reload php$phpVersion-fpm" - fi fi fi diff --git a/bin/vhost-user-add.sh b/bin/vhost-user-add.sh index 4bfe299..f8bcf78 100755 --- a/bin/vhost-user-add.sh +++ b/bin/vhost-user-add.sh @@ -116,12 +116,4 @@ if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then fi echo "pm.max_children = $fpmmax" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf - # restart php$phpVersion-fpm - if systemctl is-active --quiet php$phpVersion-fpm ; then - if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then - systemctl reload php$phpVersion-fpm - else - echo "WARNING: php-fpm$phpVersion configuration test failed" - fi - fi fi diff --git a/bin/vhost-user-del.sh b/bin/vhost-user-del.sh index 066d09a..871db94 100755 --- a/bin/vhost-user-del.sh +++ b/bin/vhost-user-del.sh @@ -60,14 +60,6 @@ fi vhost::set-phpVersion if [[ -f "/etc/php/$phpVersion/fpm/pool.d/$username.conf" ]]; then rm /etc/php/$phpVersion/fpm/pool.d/$username.conf - # restart php$phpVersion-fpm if it's running - if systemctl is-active --quiet php$phpVersion-fpm ; then - if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then - systemctl reload php$phpVersion-fpm - else - echo "WARNING: php-fpm$phpVersion configuration test failed" - fi - fi fi # if users home dir is mounted in a jail, unmount it @@ -96,6 +88,4 @@ fi # remove jailkit socket if it exists if grep -q "\[/usr/jails/$username/dev/log\]" /etc/jailkit/jk_socketd.ini; then sed -i "/\/usr\/jails\/$username\/dev\/log/,+3 d" /etc/jailkit/jk_socketd.ini - killall jk_socketd - jk_socketd fi diff --git a/bin/vhost-user-jail.sh b/bin/vhost-user-jail.sh index 2e40d05..c767cdf 100755 --- a/bin/vhost-user-jail.sh +++ b/bin/vhost-user-jail.sh @@ -56,6 +56,4 @@ chmod a+rwx /usr/jails/$username/tmp install -d -o $username -g $username -m 755 /usr/jails/$username/home/$username mount --bind /home/$username /usr/jails/$username/home/$username echo "/home/$username /usr/jails/$username/home/$username none bind 0 0" >> /etc/fstab.jails -killall jk_socketd -jk_socketd jk_jailuser -n -j /usr/jails/$username -s /bin/bash $username diff --git a/bin/vhost-varnish-disable.sh b/bin/vhost-varnish-disable.sh index a1d1093..285a31b 100755 --- a/bin/vhost-varnish-disable.sh +++ b/bin/vhost-varnish-disable.sh @@ -60,6 +60,4 @@ fi if [[ -f /etc/varnish/sites.d/$domain ]]; then rm /etc/varnish/sites.d/$domain /usr/local/bin/vhost-varnish-update-sites.sh $vhost_enable - # uncomment to flush varnish cache - # systemctl is-active --quiet varnish && systemctl reload --quiet varnish fi diff --git a/bin/vhost-varnish-enable.sh b/bin/vhost-varnish-enable.sh index 45ca363..da83295 100755 --- a/bin/vhost-varnish-enable.sh +++ b/bin/vhost-varnish-enable.sh @@ -103,7 +103,6 @@ if [[ ! -f "/etc/varnish/sites.d/$domain.vcl" ]]; then echo " }" >> /etc/varnish/sites.d/$domain.vcl echo "}" >> /etc/varnish/sites.d/$domain.vcl /usr/local/bin/vhost-varnish-update-sites.sh - systemctl is-active --quiet varnish && systemctl reload --quiet varnish fi /usr/local/bin/vhost-enable.sh $vhost_enable diff --git a/install.sh b/install.sh index 3dd3e1f..896f8c7 100755 --- a/install.sh +++ b/install.sh @@ -40,6 +40,16 @@ if [[ -f /etc/needrestart/needrestart.conf ]]; then sed -i "s|^#\$nrconf{restart} = 'i';|\$nrconf{restart} = 'a';|g" /etc/needrestart/needrestart.conf fi +# create local systemd dir +if [[ ! -d /usr/local/lib/systemd/system ]]; then + mkdir -p /usr/local/lib/systemd/system +fi + +# install systemd files and reload +cp systemd/* /usr/local/lib/systemd/system/ +chmod 644 /usr/local/lib/systemd/system/* +systemctl daemon-reload + # install pwgen, used to create random passwords DEBIAN_FRONTEND=noninteractive apt-get -y install pwgen @@ -94,6 +104,7 @@ echo ' AllowOverride None' >> /etc/apache2/conf-available/security.conf echo ' Options None' >> /etc/apache2/conf-available/security.conf echo ' Require all granted' >> /etc/apache2/conf-available/security.conf echo '' >> /etc/apache2/conf-available/security.conf +systemctl enable --now vhost-reload-apache.path # configure php sed -i "s|post_max_size = 8M|post_max_size = 256M|g" /etc/php/8.1/fpm/php.ini @@ -112,6 +123,7 @@ systemctl reload apache2 # sed -i "s|^user = www-data|user = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf # sed -i "s|^group = www-data|group = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf systemctl reload php8.1-fpm +systemctl enable --now vhost-reload-php.path if [ -d /srv/www ]; then if [ -d /var/www ]; then @@ -134,21 +146,13 @@ else install --owner=vhost --group=vhost --mode=755 --directory /srv/www/html fi -# create local systemd dir, used by webalizer & jailkit -if [[ ! -d /usr/local/lib/systemd/system ]]; then - mkdir -p /usr/local/lib/systemd/system -fi - # Webalizer DEBIAN_FRONTEND=noninteractive apt-get -y install webalizer cp etc/logrotate.d/apache2 /etc/logrotate.d/apache2 chmod 644 /etc/logrotate.d/apache2 rm /etc/cron.daily/webalizer rmdir /srv/www/webalizer -cp systemd/webalizer.* /usr/local/lib/systemd/system/ -chmod 644 /usr/local/lib/systemd/system/webalizer.* -systemctl enable webalizer.timer -systemctl start webalizer.timer +systemctl enable --now webalizer.timer # install status.php cp html/status.php /srv/www/html @@ -217,9 +221,8 @@ if ! [ -f "/etc/fstab.jails" ]; then chmod 644 /etc/fstab.jails echo "# /etc/fstab.jails: jail bind mounts information." > /etc/fstab.jails fi -cp systemd/jail-mounts.service /usr/local/lib/systemd/system/ -chmod 644 /usr/local/lib/systemd/system/jail-mounts.service systemctl enable jail-mounts.service +systemctl enable --now vhost-reload-jailkit.path # varnish DEBIAN_FRONTEND=noninteractive apt-get -y install varnish @@ -227,6 +230,7 @@ cp -a etc/varnish/* /etc/varnish/ find /etc/varnish/ -type d -exec chmod 755 {} + find /etc/varnish/ -type f -exec chmod 644 {} + chown -R root:root /etc/varnish/ +systemctl enable --now vhost-reload-varnish.path ## /usr/bin/varnishncsa # mini_sendmail so users can send out of jails diff --git a/systemd/vhost-reload-apache.path b/systemd/vhost-reload-apache.path new file mode 100644 index 0000000..7c1ef2e --- /dev/null +++ b/systemd/vhost-reload-apache.path @@ -0,0 +1,10 @@ +[Unit] +Description="Reload Apache on changes to sites-enabled configs" +After=apache2.service + +[Path] +PathChanged=/etc/apache2/sites-enabled/ +Unit=vhost-reload-apache.service + +[Install] +WantedBy=default.target diff --git a/systemd/vhost-reload-apache.service b/systemd/vhost-reload-apache.service new file mode 100644 index 0000000..0332290 --- /dev/null +++ b/systemd/vhost-reload-apache.service @@ -0,0 +1,7 @@ +[Unit] +Description=Reload Apache + +[Service] +Type=oneshot +ExecStartPre=sleep 2 +ExecStart=systemctl reload apache2 diff --git a/systemd/vhost-reload-jailkit.path b/systemd/vhost-reload-jailkit.path new file mode 100644 index 0000000..9b94747 --- /dev/null +++ b/systemd/vhost-reload-jailkit.path @@ -0,0 +1,9 @@ +[Unit] +Description="Reload Jailkit socketd on changes to config file" + +[Path] +PathChanged=/etc/jailkit/jk_socketd.ini +Unit=vhost-reload-jailkit.service + +[Install] +WantedBy=default.target diff --git a/systemd/vhost-reload-jailkit.service b/systemd/vhost-reload-jailkit.service new file mode 100644 index 0000000..cd1941c --- /dev/null +++ b/systemd/vhost-reload-jailkit.service @@ -0,0 +1,7 @@ +[Unit] +Description=Reload Jailkit socketd + +[Service] +Type=oneshot +ExecStartPre=killall jk_socketd +ExecStart=/usr/sbin/jk_socketd diff --git a/systemd/vhost-reload-php.path b/systemd/vhost-reload-php.path new file mode 100644 index 0000000..5b4df68 --- /dev/null +++ b/systemd/vhost-reload-php.path @@ -0,0 +1,10 @@ +[Unit] +Description="Reload PHP-FPM on changes to pool config files" +After=php8.1-fpm.service + +[Path] +PathChanged=/etc/php/8.1/fpm/pool.d/ +Unit=vhost-reload-php.service + +[Install] +WantedBy=default.target diff --git a/systemd/vhost-reload-php.service b/systemd/vhost-reload-php.service new file mode 100644 index 0000000..8950a80 --- /dev/null +++ b/systemd/vhost-reload-php.service @@ -0,0 +1,7 @@ +[Unit] +Description=Reload PHP-FPM + +[Service] +Type=oneshot +ExecStartPre=sleep 2 +ExecStart=systemctl reload php8.1-fpm diff --git a/systemd/vhost-reload-varnish.path b/systemd/vhost-reload-varnish.path new file mode 100644 index 0000000..39b5d93 --- /dev/null +++ b/systemd/vhost-reload-varnish.path @@ -0,0 +1,11 @@ +[Unit] +Description="Reload Varnish on changes to site configs" +After=varnish.service + +[Path] +PathChanged=/etc/varnish/sites.d/ +PathChanged=/etc/varnish/sites.vcl +Unit=vhost-reload-varnish.service + +[Install] +WantedBy=default.target diff --git a/systemd/vhost-reload-varnish.service b/systemd/vhost-reload-varnish.service new file mode 100644 index 0000000..5b8d858 --- /dev/null +++ b/systemd/vhost-reload-varnish.service @@ -0,0 +1,7 @@ +[Unit] +Description=Reload Varnish + +[Service] +Type=oneshot +ExecStartPre=sleep 1 +ExecStart=systemctl reload varnish.service diff --git a/update.sh b/update.sh index 42b54ca..99c4b90 100755 --- a/update.sh +++ b/update.sh @@ -82,16 +82,16 @@ if ! diff -q libexec/command-not-found-handle /usr/local/libexec/command-not-fou echo fi -# check systemd timer for update -if ! diff -q systemd/webalizer.service /usr/local/lib/systemd/system/webalizer.service ; then - cp systemd/webalizer.service /usr/local/lib/systemd/system/webalizer.service - chmod 644 /usr/local/lib/systemd/system/webalizer.service - echo "systemd/webalizer.service updated" - echo -fi -if ! diff -q systemd/webalizer.timer /usr/local/lib/systemd/system/webalizer.timer ; then - cp systemd/webalizer.timer /usr/local/lib/systemd/system/webalizer.timer - chmod 644 /usr/local/lib/systemd/system/webalizer.timer - echo "systemd/webalizer.timer updated" - echo -fi +# check for systemd updates +systemdConfigs=(`ls -1 systemd/`) +for systemdConfig in "${systemdConfigs[@]}" +do + if ! diff -q systemd/$systemdConfig /usr/local/lib/systemd/system/$systemdConfig ; then + cp systemd/$systemdConfig /usr/local/lib/systemd/system/$systemdConfig + chmod 644 /usr/local/lib/systemd/system/$systemdConfig + systemctl daemon-reload + /systemctl --quiet is-active $systemdConfig && systemctl --quiet reload $systemdConfig + echo "systemd/$systemdConfig updated" + echo + fi +done