mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-11-15 09:46:11 +01:00
lsws switch
This commit is contained in:
usmannasir
@@ -1,9 +1,10 @@
|
||||
import CyberCPLogFileWriter as logging
|
||||
import shutil
|
||||
import os
|
||||
import shlex
|
||||
import subprocess
|
||||
import socket
|
||||
from plogical.processUtilities import ProcessUtilities
|
||||
from websiteFunctions.models import ChildDomains, Websites
|
||||
|
||||
class sslUtilities:
|
||||
|
||||
@@ -58,109 +59,189 @@ class sslUtilities:
|
||||
return [0, "347 " + str(msg) + " [issueSSLForDomain]"]
|
||||
|
||||
@staticmethod
|
||||
def installSSLForDomain(virtualHostName):
|
||||
def installSSLForDomain(virtualHostName, adminEmail='usman@cyberpersons.com'):
|
||||
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
confPath = sslUtilities.Server_root + "/conf/vhosts/" + virtualHostName
|
||||
completePathToConfigFile = confPath + "/vhost.conf"
|
||||
|
||||
confPath = sslUtilities.Server_root + "/conf/vhosts/" + virtualHostName
|
||||
completePathToConfigFile = confPath + "/vhost.conf"
|
||||
|
||||
try:
|
||||
map = " map " + virtualHostName + " " + virtualHostName + "\n"
|
||||
|
||||
if sslUtilities.checkSSLListener() != 1:
|
||||
|
||||
writeDataToFile = open("/usr/local/lsws/conf/httpd_config.conf", 'a')
|
||||
|
||||
listener = "listener SSL {" + "\n"
|
||||
address = " address *:443" + "\n"
|
||||
secure = " secure 1" + "\n"
|
||||
keyFile = " keyFile /etc/letsencrypt/live/" + virtualHostName + "/privkey.pem\n"
|
||||
certFile = " certFile /etc/letsencrypt/live/" + virtualHostName + "/fullchain.pem\n"
|
||||
certChain = " certChain 1" + "\n"
|
||||
sslProtocol = " sslProtocol 30" + "\n"
|
||||
try:
|
||||
map = " map " + virtualHostName + " " + virtualHostName + "\n"
|
||||
final = "}" + "\n" + "\n"
|
||||
|
||||
writeDataToFile.writelines("\n")
|
||||
writeDataToFile.writelines(listener)
|
||||
writeDataToFile.writelines(address)
|
||||
writeDataToFile.writelines(secure)
|
||||
writeDataToFile.writelines(keyFile)
|
||||
writeDataToFile.writelines(certFile)
|
||||
writeDataToFile.writelines(certChain)
|
||||
writeDataToFile.writelines(sslProtocol)
|
||||
writeDataToFile.writelines(map)
|
||||
writeDataToFile.writelines(final)
|
||||
writeDataToFile.writelines("\n")
|
||||
writeDataToFile.close()
|
||||
if sslUtilities.checkSSLListener() != 1:
|
||||
|
||||
writeDataToFile = open("/usr/local/lsws/conf/httpd_config.conf", 'a')
|
||||
|
||||
else:
|
||||
|
||||
if sslUtilities.checkIfSSLMap(virtualHostName) == 0:
|
||||
|
||||
data = open("/usr/local/lsws/conf/httpd_config.conf").readlines()
|
||||
writeDataToFile = open("/usr/local/lsws/conf/httpd_config.conf", 'w')
|
||||
sslCheck = 0
|
||||
|
||||
for items in data:
|
||||
if items.find("listener") > -1 and items.find("SSL") > -1:
|
||||
sslCheck = 1
|
||||
|
||||
if (sslCheck == 1):
|
||||
writeDataToFile.writelines(items)
|
||||
writeDataToFile.writelines(map)
|
||||
sslCheck = 0
|
||||
else:
|
||||
writeDataToFile.writelines(items)
|
||||
writeDataToFile.close()
|
||||
|
||||
###################### Write per host Configs for SSL ###################
|
||||
|
||||
data = open(completePathToConfigFile, "r").readlines()
|
||||
|
||||
## check if vhssl is already in vhconf file
|
||||
|
||||
vhsslPresense = 0
|
||||
|
||||
for items in data:
|
||||
if items.find("vhssl") > -1:
|
||||
vhsslPresense = 1
|
||||
|
||||
if vhsslPresense == 0:
|
||||
writeSSLConfig = open(completePathToConfigFile, "a")
|
||||
|
||||
vhssl = "vhssl {" + "\n"
|
||||
keyFile = " keyFile /etc/letsencrypt/live/" + virtualHostName + "/privkey.pem\n"
|
||||
certFile = " certFile /etc/letsencrypt/live/" + virtualHostName + "/fullchain.pem\n"
|
||||
listener = "listener SSL {" + "\n"
|
||||
address = " address *:443" + "\n"
|
||||
secure = " secure 1" + "\n"
|
||||
keyFile = " keyFile /etc/letsencrypt/live/" + virtualHostName + "/privkey.pem\n"
|
||||
certFile = " certFile /etc/letsencrypt/live/" + virtualHostName + "/fullchain.pem\n"
|
||||
certChain = " certChain 1" + "\n"
|
||||
sslProtocol = " sslProtocol 30" + "\n"
|
||||
final = "}"
|
||||
map = " map " + virtualHostName + " " + virtualHostName + "\n"
|
||||
final = "}" + "\n" + "\n"
|
||||
|
||||
writeSSLConfig.writelines("\n")
|
||||
writeDataToFile.writelines("\n")
|
||||
writeDataToFile.writelines(listener)
|
||||
writeDataToFile.writelines(address)
|
||||
writeDataToFile.writelines(secure)
|
||||
writeDataToFile.writelines(keyFile)
|
||||
writeDataToFile.writelines(certFile)
|
||||
writeDataToFile.writelines(certChain)
|
||||
writeDataToFile.writelines(sslProtocol)
|
||||
writeDataToFile.writelines(map)
|
||||
writeDataToFile.writelines(final)
|
||||
writeDataToFile.writelines("\n")
|
||||
writeDataToFile.close()
|
||||
|
||||
writeSSLConfig.writelines(vhssl)
|
||||
writeSSLConfig.writelines(keyFile)
|
||||
writeSSLConfig.writelines(certFile)
|
||||
writeSSLConfig.writelines(certChain)
|
||||
writeSSLConfig.writelines(sslProtocol)
|
||||
writeSSLConfig.writelines(final)
|
||||
|
||||
writeSSLConfig.writelines("\n")
|
||||
else:
|
||||
|
||||
writeSSLConfig.close()
|
||||
if sslUtilities.checkIfSSLMap(virtualHostName) == 0:
|
||||
|
||||
return 1
|
||||
data = open("/usr/local/lsws/conf/httpd_config.conf").readlines()
|
||||
writeDataToFile = open("/usr/local/lsws/conf/httpd_config.conf", 'w')
|
||||
sslCheck = 0
|
||||
|
||||
for items in data:
|
||||
if items.find("listener") > -1 and items.find("SSL") > -1:
|
||||
sslCheck = 1
|
||||
|
||||
if (sslCheck == 1):
|
||||
writeDataToFile.writelines(items)
|
||||
writeDataToFile.writelines(map)
|
||||
sslCheck = 0
|
||||
else:
|
||||
writeDataToFile.writelines(items)
|
||||
writeDataToFile.close()
|
||||
|
||||
###################### Write per host Configs for SSL ###################
|
||||
|
||||
data = open(completePathToConfigFile, "r").readlines()
|
||||
|
||||
## check if vhssl is already in vhconf file
|
||||
|
||||
vhsslPresense = 0
|
||||
|
||||
for items in data:
|
||||
if items.find("vhssl") > -1:
|
||||
vhsslPresense = 1
|
||||
|
||||
if vhsslPresense == 0:
|
||||
writeSSLConfig = open(completePathToConfigFile, "a")
|
||||
|
||||
vhssl = "vhssl {" + "\n"
|
||||
keyFile = " keyFile /etc/letsencrypt/live/" + virtualHostName + "/privkey.pem\n"
|
||||
certFile = " certFile /etc/letsencrypt/live/" + virtualHostName + "/fullchain.pem\n"
|
||||
certChain = " certChain 1" + "\n"
|
||||
sslProtocol = " sslProtocol 30" + "\n"
|
||||
final = "}"
|
||||
|
||||
writeSSLConfig.writelines("\n")
|
||||
|
||||
writeSSLConfig.writelines(vhssl)
|
||||
writeSSLConfig.writelines(keyFile)
|
||||
writeSSLConfig.writelines(certFile)
|
||||
writeSSLConfig.writelines(certChain)
|
||||
writeSSLConfig.writelines(sslProtocol)
|
||||
writeSSLConfig.writelines(final)
|
||||
|
||||
writeSSLConfig.writelines("\n")
|
||||
|
||||
writeSSLConfig.close()
|
||||
|
||||
return 1
|
||||
except BaseException, msg:
|
||||
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [installSSLForDomain]]")
|
||||
return 0
|
||||
else:
|
||||
confPath = sslUtilities.Server_root + "/conf/vhosts/" + virtualHostName
|
||||
completePathToConfigFile = confPath + "/vhost.conf"
|
||||
|
||||
## Check if SSL VirtualHost already exists
|
||||
|
||||
data = open(completePathToConfigFile, 'r').readlines()
|
||||
|
||||
for items in data:
|
||||
if items.find('*:443') > -1:
|
||||
return 1
|
||||
|
||||
try:
|
||||
|
||||
try:
|
||||
chilDomain = ChildDomains.objects.get(domain=virtualHostName)
|
||||
externalApp = chilDomain.master.externalApp
|
||||
DocumentRoot = ' DocumentRoot ' + chilDomain.path + '\n'
|
||||
except BaseException, msg:
|
||||
website = Websites.objects.get(domain=virtualHostName)
|
||||
externalApp = website.externalApp
|
||||
DocumentRoot = ' DocumentRoot /home/' + virtualHostName + '/public_html\n'
|
||||
|
||||
data = open(completePathToConfigFile, 'r').readlines()
|
||||
phpHandler = ''
|
||||
|
||||
for items in data:
|
||||
if items.find('AddHandler') > -1 and items.find('php') > -1:
|
||||
phpHandler = items
|
||||
break
|
||||
|
||||
confFile = open(completePathToConfigFile, 'a')
|
||||
|
||||
doNotModify = '\n\n# Do not modify this file, this is auto-generated file.\n\n'
|
||||
|
||||
VirtualHost = '<VirtualHost *:443>\n\n'
|
||||
ServerName = ' ServerName ' + virtualHostName + '\n'
|
||||
ServerAlias = ' ServerAlias www.' + virtualHostName + '\n'
|
||||
ScriptAlias = ' Alias /.filemanager/ /usr/local/lsws/FileManager\n'
|
||||
ServerAdmin = ' ServerAdmin ' + adminEmail + '\n'
|
||||
SeexecUserGroup = ' SuexecUserGroup ' + externalApp + ' ' + externalApp + '\n'
|
||||
CustomLogCombined = ' CustomLog /home/' + virtualHostName + '/logs/' + virtualHostName + '.access_log combined\n'
|
||||
|
||||
confFile.writelines(doNotModify)
|
||||
confFile.writelines(VirtualHost)
|
||||
confFile.writelines(ServerName)
|
||||
confFile.writelines(ServerAlias)
|
||||
confFile.writelines(ScriptAlias)
|
||||
confFile.writelines(ServerAdmin)
|
||||
confFile.writelines(SeexecUserGroup)
|
||||
confFile.writelines(DocumentRoot)
|
||||
confFile.writelines(CustomLogCombined)
|
||||
DirectoryFileManager = """\n <Directory /usr/local/lsws/FileManager>
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_value display_errors "Off"
|
||||
php_value upload_max_filesize "200M"
|
||||
php_value post_max_size "250M"
|
||||
</Directory>\n"""
|
||||
confFile.writelines(DirectoryFileManager)
|
||||
|
||||
SSLEngine = ' SSLEngine on\n'
|
||||
SSLVerifyClient = ' SSLVerifyClient none\n'
|
||||
SSLCertificateFile = ' SSLCertificateFile /etc/letsencrypt/live/' + virtualHostName + '/fullchain.pem\n'
|
||||
SSLCertificateKeyFile = ' SSLCertificateKeyFile /etc/letsencrypt/live/' + virtualHostName + '/privkey.pem\n'
|
||||
|
||||
confFile.writelines(SSLEngine)
|
||||
confFile.writelines(SSLVerifyClient)
|
||||
confFile.writelines(SSLCertificateFile)
|
||||
confFile.writelines(SSLCertificateKeyFile)
|
||||
confFile.writelines(phpHandler)
|
||||
|
||||
VirtualHostEnd = '</VirtualHost>\n'
|
||||
confFile.writelines(VirtualHostEnd)
|
||||
confFile.close()
|
||||
return 1
|
||||
|
||||
except BaseException, msg:
|
||||
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [installSSLForDomain]")
|
||||
return 0
|
||||
|
||||
except BaseException, msg:
|
||||
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [installSSLForDomain]]")
|
||||
return 0
|
||||
|
||||
@staticmethod
|
||||
def obtainSSLForADomain(virtualHostName,adminEmail,sslpath, aliasDomain = None):
|
||||
try:
|
||||
acmePath = '/root/.acme.sh/acme.sh'
|
||||
|
||||
if os.path.exists('/etc/lsb-release'):
|
||||
if ProcessUtilities.decideDistro() == ProcessUtilities.ubuntu:
|
||||
acmePath = '/home/cyberpanel/.acme.sh/acme.sh'
|
||||
|
||||
if not os.path.exists(acmePath):
|
||||
@@ -239,30 +320,13 @@ class sslUtilities:
|
||||
|
||||
def issueSSLForDomain(domain, adminEmail, sslpath, aliasDomain = None):
|
||||
try:
|
||||
|
||||
if sslUtilities.obtainSSLForADomain(domain, adminEmail, sslpath, aliasDomain) == 1:
|
||||
|
||||
if sslUtilities.installSSLForDomain(domain) == 1:
|
||||
if sslUtilities.installSSLForDomain(domain, adminEmail) == 1:
|
||||
return [1, "None"]
|
||||
else:
|
||||
return [0, "210 Failed to install SSL for domain. [issueSSLForDomain]"]
|
||||
else:
|
||||
pathToStoreSSL = "/etc/letsencrypt/live/" + domain
|
||||
command = 'mkdir -p ' + pathToStoreSSL
|
||||
subprocess.call(shlex.split(command))
|
||||
|
||||
pathToStoreSSLPrivKey = "/etc/letsencrypt/live/" + domain + "/privkey.pem"
|
||||
pathToStoreSSLFullChain = "/etc/letsencrypt/live/" + domain + "/fullchain.pem"
|
||||
|
||||
command = 'openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -keyout ' + pathToStoreSSLPrivKey + ' -out ' + pathToStoreSSLFullChain
|
||||
cmd = shlex.split(command)
|
||||
subprocess.call(cmd)
|
||||
|
||||
if sslUtilities.installSSLForDomain(domain) == 1:
|
||||
logging.CyberCPLogFileWriter.writeToFile("Self signed SSL issued for " + domain + ".")
|
||||
return [1, "None"]
|
||||
else:
|
||||
return [0, "220 Failed to install SSL for domain. [issueSSLForDomain]"]
|
||||
return [0, "283 Failed to obtain SSL for domain. [issueSSLForDomain]"]
|
||||
|
||||
except BaseException,msg:
|
||||
return [0, "347 "+ str(msg)+ " [issueSSLForDomain]"]
|
||||
Reference in New Issue
Block a user