msb/vhost-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add support for multiple php versions

Browse Source
This commit is contained in:
Matthew Saunders Brown 2024-09-18 12:35:55 -07:00
parent 48871ee4fd
commit 812fa2dd01
14 changed files with 164 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
bin/vhost-add.sh
View File

@ -13,11 +13,12 @@ help()
thisfilename=$(basename -- "$0")
echo "Add virtualhost to this server."
echo ""
echo "usage: $thisfilename -d <domain> -u <username> [-h]"
echo "usage: $thisfilename -d <domain> -u <username> [-f <fpm>] [-h]"
echo ""
echo " -h Print this help."
echo " -d <domain> Domain name to add as a VirtualHost. www. subdomain is automatically aliased."
echo " -u <username> Username to install VirtualHost for. Username must already exist."
echo " -f <fpm> PHP-FPM version to enable. Optional, defaults to default PHP version."
echo " If need be run vhost-user-add.sh first."
echo " Or use vhost-deploy.sh instead to automatically generate username."
}
@ -36,6 +37,12 @@ if [[ -z $username ]]; then
exit
fi
# set php-fpm to default php version, if not otherwise specified
if [[ -z $fpm ]]; then
vhost::set-phpVersion
fpm=$phpVersion
fi
if [[ ! -d /home/$username ]]; then
echo "home dir for $username does not exist"
exit 1
@ -65,17 +72,14 @@ if [[ -d /usr/jails/$username ]]; then
install -d -o $username -g $username -m 755 /usr/jails/$username/srv/www/$domain
mount --bind /srv/www/$domain /usr/jails/$username/srv/www/$domain
echo "/srv/www/$domain /usr/jails/$username/srv/www/$domain none bind 0 0" >> /etc/fstab.jails
# ensure php-fpm is chrooted. should have already been set when user was initially jailed
if [[ -f /etc/php/$fpm/fpm/pool.d/$username.conf ]]; then
if ! /bin/grep -q "^chroot" /etc/php/$fpm/fpm/pool.d/$username.conf; then
echo "chroot = /usr/jails/$username" >> /etc/php/$fpm/fpm/pool.d/$username.conf
fi
fi
fi
fi
# set sendmail_path in php-fpm, but only if not already set
## disabled, now relying on defaults (user@fqdn) with .forward (/home/user/.forward)
## vhost::set-phpVersion
## if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
## if ! /bin/grep -q "^php_admin_value\[sendmail_path\]" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then
## echo "php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -fwebmaster@$domain" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
## fi
## fi
# create & enable apache config
/usr/local/bin/vhost-enable.sh -d $domain -m VHostHTTP
/usr/local/bin/vhost-enable.sh -d $domain -m VHostHTTP -f $fpm

11
bin/vhost-deploy.sh
View File

@ -13,13 +13,14 @@ help()
thisfilename=$(basename -- "$0")
echo "Add virtualhost to this server, including shell user and MySQL database."
echo ""
echo "usage: $thisfilename -d <domain> [-u <username>] [-p <password>] [-x <fpmmax>] [-j <0|1>] [-w <0|1>] [-h]"
echo "usage: $thisfilename -d <domain> [-u <username>] [-p <password>] [-x <fpmmax>] [-f <fpm>] [-j <0|1>] [-w <0|1>] [-h]"
echo ""
echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to remove."
echo " -u <username> Username to use for this virtualhost. Optional, defaults to first 8 alphanumeric characters of virtualhost."
echo " -p <password> Password for username. Optional, random password generated if none specified."
echo " -x <fpmmax> PHP-FPM pm.max_children. Optional, defaults to 4, recommended range 2-12 on Shared Server."
echo " -f <fpm> PHP-FPM version to enable. Optional, defaults to default PHP version."
echo " -j <0|1> Whether or not to jail the user. 0 = no, 1 = yes. Default is 1, which can be overridden in main config."
echo " -w <0|1> Write user info to /home/username/.passwd. 0 = no, 1 = yes. Default is 1, which can be overridden in main config."
exit
@ -117,8 +118,14 @@ if ! grep -q "^$username:" /etc/passwd; then
fi
fi
# set php-fpm to default php version, if not otherwise specified
if [[ -z $fpm ]]; then
vhost::set-phpVersion
fpm=$phpVersion
fi
# add virtualhost
/usr/local/bin/vhost-add.sh -d $domain -u $username > /dev/null 2>&1
/usr/local/bin/vhost-add.sh -d $domain -u $username -f $fpm > /dev/null 2>&1
# add mysql database
/usr/local/bin/vhost-mysql-db-add.sh -d $domain> /dev/null 2>&1

29
bin/vhost-enable.sh
View File

@ -13,11 +13,12 @@ help()
thisfilename=$(basename -- "$0")
echo "Enable Apache config for virtualhost."
echo ""
echo "usage: $thisfilename -d <domain> [-m <macro>] [-o <alias>|<redirect_url>] [-h]"
echo "usage: $thisfilename -d <domain> [-m <macro>] [-f <fpm>] [-o <alias>|<redirect_url>] [-h]"
echo ""
echo " -h Print this help."
echo " -d <domain> Domain name of VirtualHost to add."
echo " -m <macro> Name of Apache macro to apply. Optional, script will attempt to autoselect if possible."
echo " -f <fpm> PHP-FPM version to enable. Optional, defaults to default PHP version, only used by VHost macros."
echo " -o <option> Alias or Redirect URL if specified macro requires one."
echo " For Aliases & Redirects '-d <domain>' is the alias/redirect domain,"
echo " and '-o <option>' is the existing VirtualHost to alias/redirect to."
@ -25,7 +26,7 @@ help()
echo " Available Apache Macros with examples:"
echo ""
echo " vhost-enable.sh -m VHostHTTP -d example.com"
echo " vhost-enable.sh -m VHostHTTPS -d example.com"
echo " vhost-enable.sh -m VHostHTTPS -d example.com -f 8.3"
echo " vhost-enable.sh -m VHostHTTPSVarnish -d example.com"
echo " vhost-enable.sh -m VHostSubdomainHTTP -d staging.example.com"
echo " vhost-enable.sh -m VHostSubdomainHTTPS -d staging.example.com"
@ -79,7 +80,7 @@ if [[ "$macro" == *"HTTPS"* ]]; then
fi
fi
# set username for all VHost macros
# set username & php-fpm for all VHost macros
if [[ "$macro" == *"VHost"* ]]; then
# check for vhost dir
if [[ "$macro" == *"Alias"* ]]; then
@ -110,7 +111,27 @@ if [[ "$macro" == *"VHost"* ]]; then
if [[ -d "/srv/www/$vhost" ]]; then
# get and set $username
username=$(stat -c '%U' /srv/www/$vhost)
macro_vhost_line="$macro_vhost_line $vhost $username"
# use default phpVersion for fpm if not otherwise specified
vhost::set-phpVersion
if [[ -z $fpm ]]; then
fpm=$phpVersion
else
# not using default php-fpm version, make sure config exists for specified version
if [[ ! -f /etc/php/$fpm/fpm/pool.d/$username.conf ]]; then
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
cat /etc/php/$phpVersion/fpm/pool.d/$username.conf |sed "s|php$phpVersion|php$fpm|g" > /etc/php/$fpm/fpm/pool.d/$username.conf
fi
fi
fi
macro_vhost_line="$macro_vhost_line $vhost $username $fpm"
# if vhost is jailed ensure php-fpm is chrooted. should have already been set when user was initially jailed
if [[ -d /usr/jails/$username/srv/www/$domain ]]; then
if [[ -f /etc/php/$fpm/fpm/pool.d/$username.conf ]]; then
if ! /bin/grep -q "^chroot" /etc/php/$fpm/fpm/pool.d/$username.conf; then
echo "chroot = /usr/jails/$username" >> /etc/php/$fpm/fpm/pool.d/$username.conf
fi
fi
fi
else
echo "VirtualHost dir for $vhost does not exist."
exit 1

11
bin/vhost-exp.sh
View File

@ -61,10 +61,13 @@ if [[ -d /srv/www/$domain ]]; then
fi
# php config
vhost::set-phpVersion
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
cp --archive --parents /etc/php/$phpVersion/fpm/pool.d/$username.conf /srv/www/$domain/.exp/
fi
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
cp --archive --parents /etc/php/$phpVersion/fpm/pool.d/$username.conf /srv/www/$domain/.exp/
fi
done
# mysql
basedatabase=${domain//./dot}

9
bin/vhost-get.sh
View File

@ -45,11 +45,12 @@ if [[ $option = 'virtualhosts' ]]; then
vhost::set-virtualhostArray
fi
output="virtualhost username config status"
output="virtualhost username config php status"
for v in "${virtualhostArray[@]}"
do
owner=$(stat -c '%U' /srv/www/$v)
fpm=$(head -n 1 /etc/apache2/sites-available/$v.conf |grep ^Use|cut -d ' ' -f 5)
if [[ -f /etc/apache2/sites-available/$v.conf ]]; then
macro="Custom"
if head -n 1 /etc/apache2/sites-available/$v.conf |grep --quiet ^Use; then
@ -65,13 +66,13 @@ if [[ $option = 'virtualhosts' ]]; then
fi
if [[ -n $username ]]; then
if [[ $username = $owner ]]; then
output="$output${NL}$v $owner $macro $status"
output="$output${NL}$v $owner $macro $fpm $status"
fi
else
output="$output${NL}$v $owner $macro $status"
output="$output${NL}$v $owner $macro $fpm $status"
fi
done
if [[ $output != "virtualhost username config status" ]]; then
if [[ $output != "virtualhost username config php status" ]]; then
if [[ $cvs ]]; then
echo "$output" | tr " " ","
else

40
bin/vhost-user-add.sh
View File

@ -97,23 +97,25 @@ if [[ $write == 1 ]]; then
fi
# php-fpm pool
vhost::set-phpVersion
if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
# create /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "[$username]" > /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "user = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "group = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
if [ -d /usr/jails/$username ]; then
echo "chroot = /usr/jails/$username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
# vhost::set-phpVersion
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ ! -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
# create /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "[$username]" > /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "user = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "group = $username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen = /run/php/php$phpVersion-fpm-$username.sock" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.owner = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.group = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm = ondemand" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
# check for and set php-fpm process manager max children
if [[ -z $fpmmax ]]; then
fpmmax=$FPM_MAX
fi
echo "pm.max_children = $fpmmax" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
echo "listen = /run/php/php$phpVersion-fpm-$username.sock" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.owner = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "listen.group = www-data" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm = ondemand" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
# check for and set php-fpm process manager max children
if [[ -z $fpmmax ]]; then
fpmmax=$FPM_MAX
fi
echo "pm.max_children = $fpmmax" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
echo "pm.process_idle_timeout = 3s;" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
done

13
bin/vhost-user-del.sh
View File

@ -56,11 +56,14 @@ fi
# checks complete, start removing stuff
# check for php-fpm pool conf
vhost::set-phpVersion
if [[ -f "/etc/php/$phpVersion/fpm/pool.d/$username.conf" ]]; then
rm /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
# check for php-fpm pool confs
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ -f "/etc/php/$phpVersion/fpm/pool.d/$username.conf" ]]; then
rm /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
done
# if users home dir is mounted in a jail, unmount it
if grep -q " /usr/jails/$username/home/$username " /etc/mtab; then

12
bin/vhost-user-jail.sh
View File

@ -20,7 +20,6 @@ help()
exit
}
vhost:getoptions "$@"
# check for username
@ -57,3 +56,14 @@ install -d -o $username -g $username -m 755 /usr/jails/$username/home/$username
mount --bind /home/$username /usr/jails/$username/home/$username
echo "/home/$username /usr/jails/$username/home/$username none bind 0 0" >> /etc/fstab.jails
jk_jailuser -n -j /usr/jails/$username -s /bin/bash $username
# configure chroot for php-fpm
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
if ! /bin/grep -q "^chroot" /etc/php/$phpVersion/fpm/pool.d/$username.conf; then
echo "chroot = /usr/jails/$username" >> /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
fi
done

14
bin/vhost-user-mod.sh
View File

@ -55,13 +55,13 @@ if /bin/grep -q "^$username:" /etc/passwd; then
# check for and change php workers
if [[ -n "$fpmmax" ]]; then
vhost::set-phpVersion
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
sed -i "s|pm.max_children.*|pm.max_children = $fpmmax|g" /etc/php/$phpVersion/fpm/pool.d/$username.conf
else
echo "ERROR: PHP config for $username does not exist."
exit 1
fi
vhost::set-phpVersionArray
for phpVersion in "${phpVersionArray[@]}"
do
if [[ -f /etc/php/$phpVersion/fpm/pool.d/$username.conf ]]; then
sed -i "s|pm.max_children.*|pm.max_children = $fpmmax|g" /etc/php/$phpVersion/fpm/pool.d/$username.conf
fi
done
fi
else

16
bin/vhost.sh
View File

@ -33,6 +33,12 @@ function vhost::set-phpVersion () {
}
function vhost::set-phpVersionArray () {
mapfile -t phpVersionArray < <( /usr/bin/update-alternatives --list php-fpm.sock | sed "s|/run/php/php||g" | cut -d \- -f 1 )
}
function vhost::set-opensslpass () {
if [[ -f "/root/.vhost.ini" ]]; then
@ -57,7 +63,7 @@ function vhost::validate_domain () {
function vhost:getoptions () {
local OPTIND
while getopts "cd:i:m:o:p:u:j:hnvw:x:" opt ; do
while getopts "cd:f:i:m:o:p:u:j:hnvw:x:" opt ; do
case "${opt}" in
h ) # display help and exit
help
@ -73,6 +79,14 @@ function vhost:getoptions () {
exit 1
fi
;;
f ) # php-fpm version
fpm=${OPTARG}
vhost::set-phpVersionArray
if [[ ! " ${phpVersionArray[@]} " =~ " ${fpm} " ]]; then
echo "Invalid PHP-FPM version."
exit 1
fi
;;
i ) # User ID (UID) for new user
uid=${OPTARG}
;;

74
etc/apache2/mods-available/macro.conf
View File

@ -26,12 +26,12 @@
#Define ForceHTTPS
# VHostHTTP - HTTP on Port 80
<Macro VHostHTTP $vhost $username>
<Macro VHostHTTP $vhost $username $phpVersion>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -39,31 +39,31 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
</Macro>
<Macro VHostSubdomainHTTP $vhost $username $subdomain>
<Macro VHostSubdomainHTTP $vhost $username $phpVersion $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
ServerAlias $subdomain.$vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
</Macro>
# VHostHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for ${AliasDomain} subdomain
<Macro VHostHTTPS $vhost $username>
# VHostHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for $AliasDomain subdomain
<Macro VHostHTTPS $vhost $username $phpVersion>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -78,14 +78,14 @@
</Location>
</IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -93,7 +93,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
@ -113,12 +113,12 @@
</VirtualHost>
</Macro>
# VHostSubdomainHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for ${AliasDomain} subdomain
<Macro VHostSubdomainHTTPS $vhost $username $subdomain>
# VHostSubdomainHTTPS - HTTPS on Port 443. Inludes Port 80 and ServerAliases for $AliasDomain subdomain
<Macro VHostSubdomainHTTPS $vhost $username $phpVersion $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
ServerAlias $subdomain.$vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain
<IfDefine ForceHTTPS>
@ -129,17 +129,17 @@
</Location>
</IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $subdomain.$vhost
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
ServerAlias $subdomain.$vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
@ -147,12 +147,12 @@
</Macro>
# VHostHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
<Macro VHostHTTPSVarnish $vhost $username>
<Macro VHostHTTPSVarnish $vhost $username $phpVersion>
<VirtualHost *:80>
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -160,14 +160,14 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
RequestHeader set X-Forwarded-Proto https
ProxyPreserveHost On
@ -179,21 +179,21 @@
</Macro>
# VHostSubdomainHTTPSVarnish - HTTPS on Port 443 proxies to Varnish which then connects to Port 80
<Macro VHostSubdomainHTTPSVarnish $vhost $username $subdomain>
<Macro VHostSubdomainHTTPSVarnish $vhost $username $phpVersion $subdomain>
<VirtualHost *:80>
ServerName $subdomain.$vhost
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
ServerAlias $subdomain.$vhost.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $subdomain.$vhost
<IfDefine AliasDomain>
ServerAlias $subdomain.$vhost.${AliasDomain}
ServerAlias $subdomain.$vhost.$AliasDomain
</IfDefine>
RequestHeader set X-Forwarded-Proto https
ProxyPreserveHost On
@ -247,7 +247,7 @@
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
@ -262,7 +262,7 @@
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
@ -274,7 +274,7 @@
ServerName $vhost
ServerAlias www.$vhost
<IfDefine AliasDomain>
ServerAlias $vhost.${AliasDomain}
ServerAlias $vhost.$AliasDomain
</IfDefine>
<Location "/">
<If "%{REQUEST_URI} !~ m#^/.well-known/acme-challenge/#">
@ -286,12 +286,12 @@
</VirtualHost>
</Macro>
<Macro VHostAliasHTTP $vhost $username $alias>
<Macro VHostAliasHTTP $vhost $username $phpVersion $alias>
<VirtualHost *:80>
ServerName $alias
ServerAlias www.$alias
<IfDefine AliasDomain>
ServerAlias $alias.${AliasDomain}
ServerAlias $alias.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -299,17 +299,17 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
</Macro>
<Macro VHostAliasHTTPS $vhost $username $alias>
<Macro VHostAliasHTTPS $vhost $username $phpVersion $alias>
<VirtualHost *:80>
ServerName $alias
ServerAlias www.$alias
<IfDefine AliasDomain>
ServerAlias $alias.${AliasDomain}
ServerAlias $alias.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -324,14 +324,14 @@
</Location>
</IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
<VirtualHost *:443>
ServerName $alias
ServerAlias www.$alias
<IfDefine AliasDomain>
ServerAlias $alias.${AliasDomain}
ServerAlias $alias.$AliasDomain
</IfDefine>
DocumentRoot /srv/www/$vhost/html
ScriptAlias /cgi-wrap/ "/usr/local/lib/cgi-wrap/$vhost/"
@ -339,7 +339,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/phpPHPVERSION-fpm-$username.sock|fcgi://localhost"
SetHandler "proxy:unix:/run/php/php$phpVersion-fpm-$username.sock|fcgi://localhost"
</FilesMatch>
SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem

5
install.sh
View File

@ -44,9 +44,6 @@ fi
# install systemd files and reload
cp systemd/* /usr/local/lib/systemd/system/
chmod 644 /usr/local/lib/systemd/system/*
# set php version
sed -i "s|PHPVERSION|$phpVersion|g" /usr/local/lib/systemd/system/vhost-reload-php.path
sed -i "s|PHPVERSION|$phpVersion|g" /usr/local/lib/systemd/system/vhost-reload-php.service
systemctl daemon-reload
# install pwgen, used to create random passwords
@ -161,7 +158,7 @@ fi
systemctl reload apache2
systemctl reload php$phpVersion-fpm
systemctl enable --now vhost-reload-php.path
systemctl enable --now vhost-reload-php@$phpVersion.path
# Webalizer
DEBIAN_FRONTEND=noninteractive apt-get -y install webalizer

4
systemd/vhost-reload-php.path → systemd/vhost-reload-php@.path
View File

@ -2,8 +2,8 @@
Description="Reload PHP-FPM on changes to pool config files"
[Path]
PathChanged=/etc/php/PHPVERSION/fpm/pool.d/
Unit=vhost-reload-php.service
PathChanged=/etc/php/%i/fpm/pool.d/
Unit=vhost-reload-php@%i.service
[Install]
WantedBy=paths.target

2
systemd/vhost-reload-php.service → systemd/vhost-reload-php@.service
View File

@ -4,4 +4,4 @@ Description=Reload PHP-FPM
[Service]
Type=oneshot
ExecStartPre=sleep 2
ExecStart=systemctl try-reload-or-restart phpPHPVERSION-fpm
ExecStart=systemctl try-reload-or-restart php%i-fpm