msb/vpanel-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

changes to make vhost mapping work properly

Browse Source
This commit is contained in:
Matthew Saunders Brown 2024-08-30 14:01:15 -07:00
parent f2639ca1ca
commit ed48b46060
8 changed files with 176 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
panel/classes/Panel/Login.php
View File

@ -133,6 +133,7 @@ class Login extends \Panel {
/* user authenticated, check if they own requested domain */
if ($domain_array = $f3->call('\Panel::vGet', array("vhost-get.sh -u $username -d $domain -c", FALSE))) {
$f3->set('SESSION.expiration', time() + $f3->get('TIMEOUT'));
$f3->set('SESSION.vhostusername', $username);
$f3->reroute('/');
} else {
/* user does not own domain, check if user is a vpanel admin */
@ -142,8 +143,7 @@ class Login extends \Panel {
$f3->reroute('/');
} else {
/* user does not own domain, and is not a vpanel admin */
$messages[] = "User validated, but does not have admin privileges for $domain.";
$messages[] = "Please try another username.";
$messages[] = "Invalid user. Please try another username.";
$f3->set('SESSION.messages', $messages);
echo \Template::instance()->render('login.html');
}

34
panel/classes/Panel/Vhost/UsersEdit.php
View File

@ -15,6 +15,26 @@ class UsersEdit extends \Panel\Vhost {
parent::beforeRoute($f3);
$username = $f3->get('PARAMS.username');
/* exta auth checks if logged in via vhost mapping */
if ($f3->get('NAV.mapping') == 'vhost') {
if ($f3->exists('SESSION.vhostusername')) {
/* vhostusername indicates vhost user login */
$vhostusername = $f3->get('SESSION.vhostusername');
if ($username != $vhostusername) {
/* trying to edit wrong username, redirect back home */
$messages[] = "Unauthorized request.";
$f3->set('SESSION.messages', $messages);
$f3->reroute("/");
}
} else {
/* SESSION.vhostusername not set. Something went wrong, redirect back home */
$messages[] = "Error verifying system user for domain $domain, can not edit.";
$f3->set('SESSION.messages', $messages);
$f3->reroute("/");
}
}
if ($user_array = $f3->call('\Panel::vGet', array("vhost-user-get.sh -u $username -c -v", FALSE))) {
if ($user_array[0]['passwd'] == "") {
$user_array[0]['passwd'] = '(unavailable)';
@ -56,7 +76,7 @@ class UsersEdit extends \Panel\Vhost {
} else {
$password = escapeshellarg($password);
if ($f3->get('WRITEUSERINFO') == '1') {
exec("/usr/local/bin/vhost-user-mod.sh -u $username -p $password -w", $output, $result_code);
exec("/usr/local/bin/vhost-user-mod.sh -u $username -p $password -w 1", $output, $result_code);
} else {
exec("/usr/local/bin/vhost-user-mod.sh -u $username -p $password", $output, $result_code);
}
@ -69,7 +89,6 @@ class UsersEdit extends \Panel\Vhost {
} elseif ($action == 'jail') {
exec("/usr/local/bin/vhost-user-jail.sh -u $username >/dev/null 2>/dev/null &", $output, $result_code);
$messages[] = "User is being jailed. Note: Setting up the jail environment takes about a minute to complete and is run in the background now.";
$f3->reroute("/Users/$username");
} elseif ($action == 'fpmmax') {
$fpmmax = $_POST['fpmmax'];
exec("/usr/local/bin/vhost-user-mod.sh -u $username -x $fpmmax", $output, $result_code);
@ -83,8 +102,15 @@ class UsersEdit extends \Panel\Vhost {
}
$f3->set('SESSION.messages', $messages);
$f3->reroute("/Users/$username");
if ($f3->get('NAV.mapping') == 'vhost') {
if (isset($result_code) && $result_code == 0) {
$f3->reroute("/");
} else {
$f3->reroute("/Users/$username/Edit");
}
} else {
$f3->reroute("/Users/$username");
}
// /* run mod command here */
// $mbox = $f3->get('PARAMS.mbox');

31
panel/classes/Panel/Vhost/Vhosts.php
View File

@ -17,8 +17,23 @@ class Vhosts extends \Panel\Vhost {
parent::beforeRoute($f3);
if ($f3->exists('PARAMS.vhost')) {
/* got here via vpanel link */
$vhost = $f3->get('PARAMS.vhost');
if ($vhost_array = $f3->call('\Panel::vGet', array("vhost-get.sh -d $vhost -c", FALSE))) {
$vhost_get_cmd = "vhost-get.sh -d $vhost -c";
} elseif ($f3->get('NAV.mapping') == 'vhost') {
/* got here via vhost page */
if ($f3->exists('SESSION.domain') && $f3->exists('SESSION.vhostusername')) {
/* SESSION.domain should be set for all vhost logins */
$vhost = $f3->get('SESSION.domain');
$vhostusername = $f3->get('SESSION.vhostusername');
$vhost_get_cmd = "vhost-get.sh -d $vhost -u $vhostusername -c";
} else {
/* should never get here, throw a 500 error to prevent further processing */
$f3->error(500);
}
}
if (isset($vhost_get_cmd)) {
if ($vhost_array = $f3->call('\Panel::vGet', array("$vhost_get_cmd", FALSE))) {
$f3->set('vhost_array', $vhost_array[0]);
/* get cert info */
if ($f3->call('\Panel::verifyCertificateExists', $vhost)) {
@ -82,15 +97,13 @@ class Vhosts extends \Panel\Vhost {
static function get($f3) {
if ($f3->exists('PARAMS.vhost')) {
// $vhost_array = $f3->get('vhost_array');
/* convert data for frontend display */
// nothing to convert
// $f3->set('vhost_array', $vhost_array);
$vhost = $f3->get('PARAMS.vhost');
} elseif ($f3->exists('SESSION.domain')) {
$vhost = $f3->get('SESSION.domain');
}
if (isset($vhost)) {
$f3->set('page_header', "Details for $vhost");
echo \Template::instance()->render('vhost/vhosts-vhost.html');

6
panel/config/maps-vhost.ini
View File

@ -8,8 +8,4 @@
/ [sync] = Panel\Vhost\Vhosts
/Login [sync] = Panel\Login
/Logout [sync] = Panel\Logout
/Websites [sync] = Panel\Vhost\Vhosts
/Websites/Add [sync] = Panel\Vhost\VhostsAdd
/Websites/@vhost [sync] = Panel\Vhost\Vhosts
/Websites/@vhost/Edit [sync] = Panel\Vhost\VhostsEdit
/Websites/@vhost/Delete [sync] = Panel\Vhost\VhostsDelete
/Users/@username/Edit [sync] = Panel\Vhost\UsersEdit

22
panel/index.php
View File

@ -26,6 +26,13 @@ if ($f3->get('HOST') == $f3->get('NAV.hostname')) {
if ($f3->exists('SESSION.domain')) {
$f3->clear('SESSION.domain');
}
if ($f3->exists('SESSION.vhostusername')) {
$f3->clear('SESSION.vhostusername');
}
/* load DNS mapping, if enabled */
if ($f3->get('VDNSADMIN') == '1') {
$f3->config("config/maps-vdns.ini");
}
} elseif (preg_match('/^mail\./i', $f3->get('HOST'))) {
$mapping = 'vmail';
$domain = preg_replace('/^mail\./i', '', $f3->get('HOST'));
@ -34,15 +41,20 @@ if ($f3->get('HOST') == $f3->get('NAV.hostname')) {
$mapping = 'vhost';
$domain = preg_replace('/^www\./i', '', $f3->get('HOST'));
$f3->set('SESSION.domain', $domain);
/* vhostusername is not set when logging in to vhost admin as vpanel user or via ADMIN IP */
if (!$f3->exists('SESSION.vhostusername')) {
if ($vhost_array = $f3->call('\Panel::vGet', array("vhost-get.sh -d $domain -c", FALSE))) {
$vhostusername = $vhost_array[0]['username'];
$f3->set('SESSION.vhostusername', $vhostusername);
} else {
$messages[] = "System error verifying system user for domain $domain. Please contact support for further assistance.";
$f3->set('SESSION.messages', $messages);
}
}
}
$f3->set('NAV.mapping', $mapping);
$f3->config("config/maps-$mapping.ini");
/* load DNS mapping, if enabled */
if ($f3->get('VDNSADMIN') == '1') {
$f3->config("config/maps-vdns.ini");
}
/* custom error page */
$f3->set('ONERROR',function($f3){
echo \Template::instance()->render('error.html');

75
panel/ui/header.html
View File

@ -26,43 +26,52 @@
<header>
<h1><a href="{{@SCHEME}}://{{@HOST}}{{@BASE}}">{{@PACKAGE}}</a></h1>
<nav>
<check if="{{@NAV.mapping=='vpanel'}}">
<a href="{{@BASE}}/Websites">Websites</a> |
<a href="{{@BASE}}/Email">Email</a> |
<a href="{{@BASE}}/Databases">Databases</a> |
<a href="{{@BASE}}/Certs">Certificates</a> |
<a href="{{@BASE}}/Users">Users</a> |
<check if="{{ @VDNSADMIN=='1' }}"><a href="{{@BASE}}/DNS">DNS</a> |</check>
<a href="{{@BASE}}/Logout">Logout</a>
</check>
<check if="isset(@SESSION.expiration)">
<check if="isset(@NAV.subnav)">
<true>
<p style="padding-top: 5px">
>>
<repeat group="{{ @NAV.subnav }}" key="{{ @NAV.subnav_path }}" value="{{ @NAV.subnav_name }}" counter="{{ @ctr }}">
<check if="{{ @ctr }} > 1">/</check>
<check if="{{ @NAV.subnav_count }} == {{ @ctr }}">
<true>
{{ @NAV.subnav_name }}
</true>
<false>
<a href="{{ @NAV.subnav_path }}">{{ @NAV.subnav_name }}</a>
</false>
</check>
</repeat>
</p>
</true>
<false>
<check if="{{@NAV.mapping != 'vpanel'}}">
<nav>
<check if="{{@NAV.mapping=='vpanel'}}">
<a href="{{@BASE}}/Websites">Websites</a> |
<a href="{{@BASE}}/Email">Email</a> |
<a href="{{@BASE}}/Databases">Databases</a> |
<a href="{{@BASE}}/Certs">Certificates</a> |
<a href="{{@BASE}}/Users">Users</a> |
<check if="{{ @VDNSADMIN=='1' }}"><a href="{{@BASE}}/DNS">DNS</a> |</check>
<a href="{{@BASE}}/Logout">Logout</a>
</check>
<check if="{{ @NAV.mapping=='vhost' }}">
<a href="{{@BASE}}/Logout">Logout</a>
</check>
<check if="{{ @NAV.mapping!='vhost' }}">
<check if="isset(@NAV.subnav)">
<true>
<p style="padding-top: 5px">
>>
<a href="{{@BASE}}/Logout">Logout</a>
</check>
</false>
<repeat group="{{ @NAV.subnav }}" key="{{ @NAV.subnav_path }}" value="{{ @NAV.subnav_name }}" counter="{{ @ctr }}">
<check if="{{ @ctr }} > 1">/</check>
<check if="{{ @NAV.subnav_count }} == {{ @ctr }}">
<true>
{{ @NAV.subnav_name }}
</true>
<false>
<a href="{{ @NAV.subnav_path }}">{{ @NAV.subnav_name }}</a>
</false>
</check>
</repeat>
</p>
</true>
<false>
<check if="{{@NAV.mapping != 'vpanel'}}">
<p style="padding-top: 5px">
>>
<a href="{{@BASE}}/Logout">Logout</a>
</check>
</false>
</check>
</check>
</nav>
</nav>
</check>
<check if="isset(@page_header)">
<h1>{{@page_header}}</h1>
</check>

18
panel/ui/vhost/users-edit.html
View File

@ -26,6 +26,7 @@ Passwords 15 or more characters long do not have any complexity requirements.<br
</form>
</p>
<check if="{{ @NAV.mapping=='vpanel' }}">
<p>
<!-- jail -->
<form action="{{@REALM}}" method="POST">
@ -173,4 +174,21 @@ Passwords 15 or more characters long do not have any complexity requirements.<br
</form>
</p>
</check>
<check if="{{ @NAV.mapping=='vhost' }}">
<!-- show php workers -->
<p>
<form action="{{@REALM}}" method="POST">
<fieldset>
<b>PHP Workers for {{ @user_array.username }}: {{ @user_array.fpmmax }}</b>
<br><br>
PHP Workers is maximum number of PHP processes that this user can have running at one time. Any website(s) installed for this user will be limited by this.
<br><br>
This can not be changed here, contact tech support if you think you need more PHP workers.<br>
</fieldset>
</form>
</p>
</check>
<include href="footer.html" />

78
panel/ui/vhost/vhosts-vhost.html
View File

@ -1,5 +1,7 @@
<include href="header.html" />
<check if="{{ @NAV.mapping=='vpanel' }}">
<table>
<tr>
<th>Website</th>
@ -21,6 +23,8 @@
<br><br>
</check>
<table>
<tr>
<th>System User</th>
@ -30,10 +34,14 @@
<tr>
<td>{{ @vhost_array.username }}</td>
<td>{{ @users_array.fpmmax }}</td>
<td><a href="{{@BASE}}/Users/{{ @users_array.username }}/Edit">Edit User</a></td>
<check if="{{ @NAV.mapping=='vhost' }}">
<true><td><a href="{{@BASE}}/Users/{{ @users_array.username }}/Edit">Change Password</a></td></true>
<false><td><a href="{{@BASE}}/Users/{{ @users_array.username }}/Edit">Edit User</a></td></false>
</check>
</tr>
</table>
<check if="isset(@cert_array)">
<true>
<br><br>
@ -42,50 +50,52 @@
<th style="white-space: nowrap;">Certificate</th>
<th style="white-space: nowrap;">Expiration</th>
<th style="white-space: nowrap;">Secured Hostnames</th>
<th>Action</th>
<check if="{{ @NAV.mapping=='vpanel' }}"><th>Action</th></check>
</tr>
<tr>
<td style="white-space: nowrap;">{{ @cert_array.common }}</td>
<td style="white-space: nowrap;">{{ @cert_array.end }}</td>
<td style="white-space: nowrap; text-align: right;">{{ @cert_array.alternative | raw }}</td>
<td style="white-space: nowrap;"><a href="{{@BASE}}/Certs/{{@vhost_array.virtualhost}}/Delete?r={{@PATH}}">Delete</a></td>
<check if="{{ @NAV.mapping=='vpanel' }}"><td style="white-space: nowrap;"><a href="{{@BASE}}/Certs/{{@vhost_array.virtualhost}}/Delete?r={{@PATH}}">Delete</a></td></check>
</tr>
</table>
<br><br>
</true>
<false>
<hr>
<check if="{{ @dnsinfo.a.status=='Verified' }}">
<true>
You need a Security Certificate. <a href="{{@BASE}}/Certs/{{@vhost_array.virtualhost}}/Add?r={{@PATH}}">Click Here</a> to add one now.
</true>
<false>
<span style="color:red">You need a Security Certificate for {{ @vhost_array.virtualhost }}.</span>
<br>
Before you can add one you must make the DNS change listed below. Once that's completed come back here and this message will change to an option to create a Security Certificate.
<br>
<small>Note that after you add DNS records it can take some time for the changes to propagate and show up here.</small>
<br><br>
<table>
<tr><th style="color:{{ @dnsinfo.a.color }}" colspan="2">{{ @dnsinfo.a.status }} A Record for {{ @vhost_array.virtualhost }}</th></tr>
<tr><td style="text-align: right;">Type:</td><td>A</td></tr>
<tr><td style="text-align: right;">Host:</td><td>{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">Value:</td><td>{{ @dnsinfo.server_addr }}</td></tr>
<tr><td style="text-align: right;">TTL:</td><td>3600 (or default)</td></tr>
<tr><td></td><td><small>This should be the only A record for {{ @vhost_array.virtualhost }}.</small></td></tr>
</table>
<br><br>
<table>
<tr><th style="color:{{ @dnsinfo.a.color }}" colspan="2">Verify CNAME Record for www.{{ @vhost_array.virtualhost }}</th></tr>
<tr><td style="text-align: right;">Type:</td><td>CNAME</td></tr>
<tr><td style="text-align: right;">Host:</td><td>www.{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">Value:</td><td>{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">TTL:</td><td>3600 (or default)</td></tr>
<tr><td></td><td><small>This should be the only record for www.{{ @vhost_array.virtualhost }}.<br>Note this admin did not check for this record, it may already exist.</small></td></tr>
</table>
</false>
<check if="{{ @NAV.mapping=='vpanel' }}">
<hr>
<check if="{{ @dnsinfo.a.status=='Verified' }}">
<true>
You need a Security Certificate. <a href="{{@BASE}}/Certs/{{@vhost_array.virtualhost}}/Add?r={{@PATH}}">Click Here</a> to add one now.
</true>
<false>
<span style="color:red">You need a Security Certificate for {{ @vhost_array.virtualhost }}.</span>
<br>
Before you can add one you must make the DNS change listed below. Once that's completed come back here and this message will change to an option to create a Security Certificate.
<br>
<small>Note that after you add DNS records it can take some time for the changes to propagate and show up here.</small>
<br><br>
<table>
<tr><th style="color:{{ @dnsinfo.a.color }}" colspan="2">{{ @dnsinfo.a.status }} A Record for {{ @vhost_array.virtualhost }}</th></tr>
<tr><td style="text-align: right;">Type:</td><td>A</td></tr>
<tr><td style="text-align: right;">Host:</td><td>{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">Value:</td><td>{{ @dnsinfo.server_addr }}</td></tr>
<tr><td style="text-align: right;">TTL:</td><td>3600 (or default)</td></tr>
<tr><td></td><td><small>This should be the only A record for {{ @vhost_array.virtualhost }}.</small></td></tr>
</table>
<br><br>
<table>
<tr><th style="color:{{ @dnsinfo.a.color }}" colspan="2">Verify CNAME Record for www.{{ @vhost_array.virtualhost }}</th></tr>
<tr><td style="text-align: right;">Type:</td><td>CNAME</td></tr>
<tr><td style="text-align: right;">Host:</td><td>www.{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">Value:</td><td>{{ @vhost_array.virtualhost }}</td></tr>
<tr><td style="text-align: right;">TTL:</td><td>3600 (or default)</td></tr>
<tr><td></td><td><small>This should be the only record for www.{{ @vhost_array.virtualhost }}.<br>Note this admin did not check for this record, it may already exist.</small></td></tr>
</table>
</false>
</check>
<hr>
</check>
<hr>
</false>
</check>