reworked to use new systemd path configs to reload services

2023-05-12 16:03:20 -07:00 · 2023-05-12 16:03:20 -07:00 · 7149c743cc
commit 7149c743cc
parent 1d2ae28e86
20 changed files with 101 additions and 76 deletions
--- a/bin/vhost-add.sh
+++ b/bin/vhost-add.sh
@ -73,15 +73,6 @@ vhost::set-phpVersion
 if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
  if ! /bin/grep -q "^php_admin_value\[sendmail_path\]" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then
    echo "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -fwebmaster@$domain" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
-    # restart php-fpm if it's active
-    if systemctl is-active --quiet php$phpVersion-fpm ; then
-      # check for valid config before restarting
-      if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then
-        systemctl reload php$phpVersion-fpm
-      else
-        echo "WARNING: php-fpm$phpVersion configuration test failed"
-      fi
-    fi
  fi
 fi

--- a/bin/vhost-del.sh
+++ b/bin/vhost-del.sh
@ -39,7 +39,6 @@ username=$(stat -c '%U' /srv/www/$domain)
 # disable the apache conf and reload apache
 if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then
  a2dissite --quiet $domain
-  systemctl --quiet is-active apache2 && systemctl --quiet reload  apache2
 fi

 # remove the apache config
--- a/bin/vhost-disable.sh
+++ b/bin/vhost-disable.sh
@ -29,5 +29,5 @@ if [[ -z $domain ]]; then
 fi

 if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then
-  a2dissite --quiet $domain && systemctl --quiet is-active apache2 && systemctl --quiet reload apache2
+  a2dissite --quiet $domain
 fi
--- a/bin/vhost-enable.sh
+++ b/bin/vhost-enable.sh
@ -156,16 +156,10 @@ fi
 echo "$macro_vhost_line" > /etc/apache2/sites-available/$domain.conf

 # enable apache conf
-if [[ ! -h /etc/apache2/sites-enabled/$domain.conf ]]; then
+if [[ -h /etc/apache2/sites-enabled/$domain.conf ]]; then
+  # modify timestamp on existing symlink to trigger apache restart
+  touch --no-dereference /etc/apache2/sites-enabled/$domain.conf
+else
  a2ensite --quiet $domain.conf
 fi

-# restart apache
-if systemctl --quiet is-active apache2 ; then
-  if /usr/sbin/apachectl -t >/dev/null 2>&1 ; then
-    systemctl --quiet reload  apache2
-  else
-    echo "apache config test failed, not doing restart"
-    exit 2
-  fi
-fi
--- a/bin/vhost-exp.sh
+++ b/bin/vhost-exp.sh
@ -122,14 +122,6 @@ if [[ -d /srv/www/$domain ]]; then
    # /etc/ configs
    if [[ -d /srv/www/$domain/.exp/etc ]]; then
      echo "cp -a /srv/www/$domain/.exp/etc/* /etc/"
-      # reload apache
-      if [[ -f /srv/www/$domain/.exp/etc/apache2/sites-enabled/$domain.conf ]]; then
-        echo "systemctl reload apache2.service"
-      fi
-      # reload php
-      if [[ -f /srv/www/$domain/.exp/etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
-        echo "systemctl reload php$phpVersion-fpm"
-      fi
    fi
  fi

--- a/bin/vhost-user-add.sh
+++ b/bin/vhost-user-add.sh
@ -116,12 +116,4 @@ if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
  fi
  echo "pm.max_children = $fpmmax" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
  echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
-  # restart php$phpVersion-fpm
-  if systemctl is-active --quiet php$phpVersion-fpm ; then
-    if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then
-      systemctl reload php$phpVersion-fpm
-    else
-      echo "WARNING: php-fpm$phpVersion configuration test failed"
-    fi
-  fi
 fi
--- a/bin/vhost-user-del.sh
+++ b/bin/vhost-user-del.sh
@ -60,14 +60,6 @@ fi
 vhost::set-phpVersion
 if [[ -f "/etc/php/$phpVersion/fpm/pool.d/$username.conf" ]]; then
  rm /etc/php/$phpVersion/fpm/pool.d/$username.conf
-  # restart php$phpVersion-fpm if it's running
-  if systemctl is-active --quiet php$phpVersion-fpm ; then
-    if /usr/sbin/php-fpm$phpVersion -t >/dev/null 2>&1 ; then
-      systemctl reload php$phpVersion-fpm
-    else
-      echo "WARNING: php-fpm$phpVersion configuration test failed"
-    fi
-  fi
 fi

 # if users home dir is mounted in a jail, unmount it
@ -96,6 +88,4 @@ fi
 # remove jailkit socket if it exists
 if grep -q "\[/usr/jails/$username/dev/log\]" /etc/jailkit/jk_socketd.ini; then
  sed -i "/\/usr\/jails\/$username\/dev\/log/,+3 d" /etc/jailkit/jk_socketd.ini
-  killall jk_socketd
-  jk_socketd
 fi
--- a/bin/vhost-user-jail.sh
+++ b/bin/vhost-user-jail.sh
@ -56,6 +56,4 @@ chmod a+rwx /usr/jails/$username/tmp
 install -d -o $username -g $username -m 755 /usr/jails/$username/home/$username
 mount --bind /home/$username /usr/jails/$username/home/$username
 echo "/home/$username /usr/jails/$username/home/$username none bind 0 0" >> /etc/fstab.jails
-killall jk_socketd
-jk_socketd
 jk_jailuser -n -j /usr/jails/$username -s /bin/bash $username
--- a/bin/vhost-varnish-disable.sh
+++ b/bin/vhost-varnish-disable.sh
@ -60,6 +60,4 @@ fi
 if [[ -f /etc/varnish/sites.d/$domain ]]; then
  rm /etc/varnish/sites.d/$domain
  /usr/local/bin/vhost-varnish-update-sites.sh $vhost_enable
-  # uncomment to flush varnish cache
-  # systemctl is-active --quiet varnish && systemctl reload --quiet varnish
 fi
--- a/bin/vhost-varnish-enable.sh
+++ b/bin/vhost-varnish-enable.sh
@ -103,7 +103,6 @@ if [[ ! -f "/etc/varnish/sites.d/$domain.vcl" ]]; then
  echo "  }" >> /etc/varnish/sites.d/$domain.vcl
  echo "}" >> /etc/varnish/sites.d/$domain.vcl
  /usr/local/bin/vhost-varnish-update-sites.sh
-  systemctl is-active --quiet varnish && systemctl reload --quiet varnish
 fi

 /usr/local/bin/vhost-enable.sh $vhost_enable
--- a/install.sh
+++ b/install.sh
@ -40,6 +40,16 @@ if [[ -f /etc/needrestart/needrestart.conf ]]; then
  sed -i "s|^#\$nrconf{restart} = 'i';|\$nrconf{restart} = 'a';|g" /etc/needrestart/needrestart.conf
 fi

+# create local systemd dir
+if [[ ! -d /usr/local/lib/systemd/system ]]; then
+  mkdir -p /usr/local/lib/systemd/system
+fi
+
+# install systemd files and reload
+cp systemd/* /usr/local/lib/systemd/system/
+chmod 644 /usr/local/lib/systemd/system/*
+systemctl daemon-reload
+
 # install pwgen, used to create random passwords
 DEBIAN_FRONTEND=noninteractive apt-get -y install pwgen

@ -94,6 +104,7 @@ echo '    AllowOverride None' >> /etc/apache2/conf-available/security.conf
 echo '    Options None' >> /etc/apache2/conf-available/security.conf
 echo '    Require all granted' >> /etc/apache2/conf-available/security.conf
 echo '</Directory>' >> /etc/apache2/conf-available/security.conf
+systemctl enable --now vhost-reload-apache.path

 # configure php
 sed -i "s|post_max_size = 8M|post_max_size = 256M|g" /etc/php/8.1/fpm/php.ini
@ -112,6 +123,7 @@ systemctl reload apache2
 #   sed -i "s|^user = www-data|user = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf
 #   sed -i "s|^group = www-data|group = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf
 systemctl reload php8.1-fpm
+systemctl enable --now vhost-reload-php.path

 if [ -d /srv/www ]; then
  if [ -d /var/www ]; then
@ -134,21 +146,13 @@ else
  install --owner=vhost --group=vhost --mode=755 --directory /srv/www/html
 fi

-# create local systemd dir, used by webalizer & jailkit
-if [[ ! -d /usr/local/lib/systemd/system ]]; then
-  mkdir -p /usr/local/lib/systemd/system
-fi
-
 # Webalizer
 DEBIAN_FRONTEND=noninteractive apt-get -y install webalizer
 cp etc/logrotate.d/apache2 /etc/logrotate.d/apache2
 chmod 644 /etc/logrotate.d/apache2
 rm /etc/cron.daily/webalizer
 rmdir /srv/www/webalizer
-cp systemd/webalizer.* /usr/local/lib/systemd/system/
-chmod 644 /usr/local/lib/systemd/system/webalizer.*
-systemctl enable webalizer.timer
-systemctl start webalizer.timer
+systemctl enable --now webalizer.timer

 # install status.php
 cp html/status.php /srv/www/html
@ -217,9 +221,8 @@ if ! [ -f "/etc/fstab.jails" ]; then
  chmod 644 /etc/fstab.jails
  echo "# /etc/fstab.jails: jail bind mounts information." > /etc/fstab.jails
 fi
-cp systemd/jail-mounts.service /usr/local/lib/systemd/system/
-chmod 644 /usr/local/lib/systemd/system/jail-mounts.service
 systemctl enable jail-mounts.service
+systemctl enable --now vhost-reload-jailkit.path

 # varnish
 DEBIAN_FRONTEND=noninteractive apt-get -y install varnish
@ -227,6 +230,7 @@ cp -a etc/varnish/* /etc/varnish/
 find /etc/varnish/ -type d -exec chmod 755 {} +
 find /etc/varnish/ -type f -exec chmod 644 {} +
 chown -R root:root /etc/varnish/
+systemctl enable --now vhost-reload-varnish.path
 ## /usr/bin/varnishncsa

 # mini_sendmail so users can send out of jails
--- a/systemd/vhost-reload-apache.path
+++ b/systemd/vhost-reload-apache.path
@ -0,0 +1,10 @@
+[Unit]
+Description="Reload Apache on changes to sites-enabled configs"
+After=apache2.service
+
+[Path]
+PathChanged=/etc/apache2/sites-enabled/
+Unit=vhost-reload-apache.service
+
+[Install]
+WantedBy=default.target
--- a/systemd/vhost-reload-apache.service
+++ b/systemd/vhost-reload-apache.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Reload Apache
+
+[Service]
+Type=oneshot
+ExecStartPre=sleep 2
+ExecStart=systemctl reload apache2
--- a/systemd/vhost-reload-jailkit.path
+++ b/systemd/vhost-reload-jailkit.path
@ -0,0 +1,9 @@
+[Unit]
+Description="Reload Jailkit socketd on changes to config file"
+
+[Path]
+PathChanged=/etc/jailkit/jk_socketd.ini
+Unit=vhost-reload-jailkit.service
+
+[Install]
+WantedBy=default.target
--- a/systemd/vhost-reload-jailkit.service
+++ b/systemd/vhost-reload-jailkit.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Reload Jailkit socketd
+
+[Service]
+Type=oneshot
+ExecStartPre=killall jk_socketd
+ExecStart=/usr/sbin/jk_socketd
--- a/systemd/vhost-reload-php.path
+++ b/systemd/vhost-reload-php.path
@ -0,0 +1,10 @@
+[Unit]
+Description="Reload PHP-FPM on changes to pool config files"
+After=php8.1-fpm.service
+
+[Path]
+PathChanged=/etc/php/8.1/fpm/pool.d/
+Unit=vhost-reload-php.service
+
+[Install]
+WantedBy=default.target
--- a/systemd/vhost-reload-php.service
+++ b/systemd/vhost-reload-php.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Reload PHP-FPM
+
+[Service]
+Type=oneshot
+ExecStartPre=sleep 2
+ExecStart=systemctl reload php8.1-fpm
--- a/systemd/vhost-reload-varnish.path
+++ b/systemd/vhost-reload-varnish.path
@ -0,0 +1,11 @@
+[Unit]
+Description="Reload Varnish on changes to site configs"
+After=varnish.service
+
+[Path]
+PathChanged=/etc/varnish/sites.d/
+PathChanged=/etc/varnish/sites.vcl
+Unit=vhost-reload-varnish.service
+
+[Install]
+WantedBy=default.target
--- a/systemd/vhost-reload-varnish.service
+++ b/systemd/vhost-reload-varnish.service
@ -0,0 +1,7 @@
+[Unit]
+Description=Reload Varnish
+
+[Service]
+Type=oneshot
+ExecStartPre=sleep 1
+ExecStart=systemctl reload varnish.service
--- a/update.sh
+++ b/update.sh
@ -82,16 +82,16 @@ if ! diff -q libexec/command-not-found-handle /usr/local/libexec/command-not-fou
  echo
 fi

-# check systemd timer for update
-if ! diff -q systemd/webalizer.service /usr/local/lib/systemd/system/webalizer.service ; then
-  cp systemd/webalizer.service /usr/local/lib/systemd/system/webalizer.service
-  chmod 644 /usr/local/lib/systemd/system/webalizer.service
-  echo "systemd/webalizer.service updated"
+# check for systemd updates
+systemdConfigs=(`ls -1 systemd/`)
+for systemdConfig in "${systemdConfigs[@]}"
+do
+  if ! diff -q systemd/$systemdConfig /usr/local/lib/systemd/system/$systemdConfig ; then
+    cp systemd/$systemdConfig /usr/local/lib/systemd/system/$systemdConfig
+    chmod 644 /usr/local/lib/systemd/system/$systemdConfig
+    systemctl daemon-reload
+    /systemctl --quiet is-active $systemdConfig && systemctl --quiet reload $systemdConfig
+    echo "systemd/$systemdConfig updated"
    echo
-fi
-if ! diff -q systemd/webalizer.timer /usr/local/lib/systemd/system/webalizer.timer ; then
-  cp systemd/webalizer.timer /usr/local/lib/systemd/system/webalizer.timer
-  chmod 644 /usr/local/lib/systemd/system/webalizer.timer
-  echo "systemd/webalizer.timer updated"
-  echo
-fi
+  fi
+done