Web setup

bin/module/apache/install.inc

@@ -17,8 +17,8 @@ hestia_module_apache_install() {
     osal_package_preinstall
     osal_package_install $OSAL_PKG_APACHE $OSAL_PKG_APACHE_EXTRA $OSAL_PKG_APACHE_MOD_RUID2
 
-    mkdir -p $OSAL_PATH_APACHE_CONF_D
     mkdir -p $OSAL_PATH_APACHE_CONF_D/domains
+    rm -f $OSAL_PATH_APACHE_CONF_D/ssl.conf
 
     # Enable/disable required modules
     osal_apache_module_enable rewrite > /dev/null 2>&1

bin/module/apache/remove.inc

@@ -14,7 +14,7 @@ hestia_module_apache_remove() {
     osal_service_stop $OSAL_SERVICE_APACHE > /dev/null 2>&1
     osal_service_disable $OSAL_SERVICE_APACHE > /dev/null 2>&1
 
-    hestia_config_backup 'apache-remove' $OSAL_PATH_APACHE_CONF
+    hestia_config_backup 'apache-remove' $OSAL_PATH_APACHE_CONF $OSAL_PATH_APACHE_CONF_D
 
     osal_package_remove $OSAL_PKG_APACHE
 

bin/module/nginx/install.inc

@@ -56,8 +56,6 @@ EOL
     done
     if [ ! -z "$resolver" ]; then
         sed -i "s/1.0.0.1 1.1.1.1/$resolver/g" $OSAL_PATH_NGINX_CONF/nginx.conf
-        # FIXME: the following should be done on hestia-nginx install, not on nginx install
-        sed -i "s/1.0.0.1 1.1.1.1/$resolver/g" $HESTIA/nginx/conf/nginx.conf
     fi
 
     osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'installed' '1'

bin/module/web/setup-ip.inc

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+hestia_module_web_setup-ip() {
+    source $HESTIA/bin/module/func.inc
+
+    ip=$param_ip
+
+    echo "Configuring web for IP address $ip"
+
+    # Web support
+    if [ ! -z "$WEB_SYSTEM" ]; then
+        web_conf="/etc/$WEB_SYSTEM/conf.d/$ip.conf"
+        rm -f $web_conf
+
+        if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then
+            if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
+                # FIXME: this will break with Apache > 2.4
+                echo "NameVirtualHost $ip:$WEB_PORT" >  $web_conf
+            fi
+            echo "Listen $ip:$WEB_PORT" >> $web_conf
+            cat $HESTIA_INSTALL_DIR/$WEB_SYSTEM/unassigned.conf >> $web_conf
+            sed -i 's/directIP/'$ip'/g' $web_conf
+            sed -i 's/directPORT/'$WEB_PORT'/g' $web_conf
+        elif [ "$WEB_SYSTEM" = 'nginx' ]; then
+            cp -f $HESTIA_INSTALL_DIR/nginx/unassigned.inc $web_conf
+            sed -i 's/directIP/'$ip'/g' $web_conf
+        fi
+
+        if [ "$WEB_SSL" = 'mod_ssl' ]; then
+            if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
+                # FIXME: this will break with Apache > 2.4
+                sed -i "1s/^/NameVirtualHost $ip:$WEB_SSL_PORT\n/" $web_conf
+            fi
+            sed -i "1s/^/Listen $ip:$WEB_SSL_PORT\n/" $web_conf
+            sed -i 's/directSSLPORT/'$WEB_SSL_PORT'/g' $web_conf
+        fi
+    fi
+
+    # Proxy support
+    if [ ! -z "$PROXY_SYSTEM" ]; then
+        cat $WEBTPL/$PROXY_SYSTEM/proxy_ip.tpl |\
+            sed -e "s/%ip%/$ip/g" \
+                -e "s/%web_port%/$WEB_PORT/g" \
+                -e "s/%proxy_port%/$PROXY_PORT/g" \
+            > /etc/$PROXY_SYSTEM/conf.d/$ip.conf
+
+        # mod_extract_forwarded
+        fw_conf="$OSAL_PATH_APACHE_CONF_D/mod_extract_forwarded.conf"
+        if [ -e "$fw_conf" ]; then
+            ips=$(grep 'MEFaccept ' $fw_conf | grep -v '#' | head -n1)
+            sed -i "s/$ips/$ips $ip/g" $fw_conf
+        fi
+
+        # mod_rpaf
+        rpaf_conf="$OSAL_PATH_APACHE_MODS_ENABLED/rpaf.conf"
+        if [ -e "$rpaf_conf" ]; then
+            rpaf_str=$(grep RPAFproxy_ips $rpaf_conf)
+            [ -z "$rpaf_str" ] && sed -i 's|</IfModule>|RPAFproxy_ips\n</IfModule>|' $rpaf_conf && rpaf_str='RPAFproxy_ips'
+            rpaf_str="$rpaf_str $ip"
+            sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf
+        fi
+
+        #mod_remoteip
+        remoteip_conf="$OSAL_PATH_APACHE_MODS_ENABLED/remoteip.conf"
+        if [ -e "$remoteip_conf" ]; then
+            if [ $( grep -ic "$ip" $remoteip_conf ) -eq 0 ]; then
+                sed -i "s/<\/IfModule>/RemoteIPInternalProxy $ip\n<\/IfModule>/g" $remoteip_conf
+            fi
+        fi
+    fi
+}

bin/module/web/setup-ips.inc

@@ -0,0 +1,50 @@
+#!/bin/bash
+
+hestia_module_web_setup-ips() {
+    source $HESTIA/bin/module/func.inc
+
+    if [ "$OS_BASE" = 'debian' ]; then
+        remoteip_conf=$OSAL_PATH_APACHE_MODS_AVAILABLE/remoteip.conf
+    else
+        remoteip_conf=$OSAL_PATH_APACHE_CONF_D/remoteip.conf
+    fi
+
+    # Get main IP
+    local_ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
+    pub_ip=$(curl --ipv4 -s https://ip.hestiacp.com/)
+
+    echo "Configuring web IP addresses (local: $local_ip, public: $pub_ip)"
+
+    # FIXME: the following line should be: if WEB_SYSTEM is apache and PROXY_SYSTEM is something (i.e. not [ null or 'no' ])
+    if ( [ "$WEB_SYSTEM" = 'apache2' ] || [ "$WEB_SYSTEM" = 'httpd' ] ) && [ "$PROXY_SYSTEM" = 'nginx' ]; then
+        echo "Configuring remoteip apache module"
+        # If we are using web server and proxy server, configure mod_remoteip
+        echo "<IfModule mod_remoteip.c>" > $remoteip_conf
+        echo "  RemoteIPHeader X-Real-IP" >> $remoteip_conf
+        if [ "$local_ip" != "127.0.0.1" ] && [ "$pub_ip" != "127.0.0.1" ]; then
+            echo "  RemoteIPInternalProxy 127.0.0.1" >> $remoteip_conf
+        fi
+        if [ ! -z "$local_ip" ] && [ "$local_ip" != "$pub_ip" ]; then
+            echo "  RemoteIPInternalProxy $local_ip" >> $remoteip_conf
+        fi
+        if [ ! -z "$pub_ip" ]; then
+            echo "  RemoteIPInternalProxy $pub_ip" >> $remoteip_conf
+        fi
+        echo "</IfModule>" >> $remoteip_conf
+
+        sed -i "s/LogFormat \"%h/LogFormat \"%a/g" $OSAL_PATH_APACHE_CONF/${OSAL_PKG_APACHE}.conf
+    else
+        # Unconfigure remoteip
+        [ -f $remoteip_conf ] && rm $remoteip_conf
+        sed -i "s/LogFormat \"%a/LogFormat \"%h/g" $OSAL_PATH_APACHE_CONF/${OSAL_PKG_APACHE}.conf
+    fi
+
+    if [ "$OS_BASE" = 'debian' ]; then
+        osal_apache_module_enable remoteip
+    fi
+    
+    for ip_conf in $HESTIA/data/ips/*; do
+        ip=$(basename $ip_conf)
+        $BIN/hestia module web setup-ip --ip "$ip"
+    done
+}

bin/module/web/setup.inc

@@ -74,28 +74,7 @@ hestia_module_web_setup() {
 
     osal_kv_write $HESTIA_CONF_MODULES/web.conf 'description' 'Hestia Web module'
 
-    if [ "$OS_BASE" = 'debian' ]; then
-        # Configuring libapache2-mod-remoteip
-        if [ "$apache_installed" = 'yes' ] && [ "$nginx_installed"  = 'yes' ] ; then
-            # FIXME: RHEL version
-            cd /etc/apache2/mods-available
-            echo "<IfModule mod_remoteip.c>" > remoteip.conf
-            echo "  RemoteIPHeader X-Real-IP" >> remoteip.conf
-            if [ "$local_ip" != "127.0.0.1" ] && [ "$pub_ip" != "127.0.0.1" ]; then
-                echo "  RemoteIPInternalProxy 127.0.0.1" >> remoteip.conf
-            fi
-            if [ ! -z "$local_ip" ] && [ "$local_ip" != "$pub_ip" ]; then
-                echo "  RemoteIPInternalProxy $local_ip" >> remoteip.conf
-            fi
-            if [ ! -z "$pub_ip" ]; then
-                echo "  RemoteIPInternalProxy $pub_ip" >> remoteip.conf
-            fi
-            echo "</IfModule>" >> remoteip.conf
-            sed -i "s/LogFormat \"%h/LogFormat \"%a/g" /etc/apache2/apache2.conf
-            a2enmod remoteip >> $LOG
-            systemctl restart apache2
-        fi
-    fi
+    $BIN/hestia module web setup-ips
 
     # FIXME: setup PHP support
     php_variant=$(hestia_module_variant_installed php)
@@ -112,9 +91,6 @@ hestia_module_web_setup() {
         fi
     fi
 
-    # FIXME: move the following to awstats install
-    osal_kv_write $HESTIA/conf/hestia.conf 'STATS_SYSTEM' 'awstats'
-
     # Rebuild mail
     for user in $($HESTIA/bin/v-list-sys-users plain); do
         echo "Rebuilding web domains for user $user"
@@ -134,5 +110,4 @@ hestia_module_web_setup() {
         osal_service_start $OSAL_SERVICE_NGINX
     fi
     check_result $? "Nginx start failed"
-
 }