smeserver-php/sme10/smeserver-php-3.0.0-bz11087-webapps.patch

diff -Nur smeserver-php-3.0.0.old/createlinks smeserver-php-3.0.0/createlinks
--- smeserver-php-3.0.0.old/createlinks 2020-11-08 21:14:58.600000000 -0500
+++ smeserver-php-3.0.0/createlinks     2020-11-08 21:29:38.439000000 -0500
@@ -105,3 +105,9 @@
 $service = "php-fpm.service";
 safe_symlink("../$service", "root/usr/lib/systemd/system/multi-user.target.wants/$service");
 safe_symlink("../$service", "root/usr/lib/systemd/system/sme-server.target.wants/$service");
+
+#webapps
+$event = 'webapps-update';
+templates2events("/etc/my.cnf", $event);
+
+safe_symlink("start", "root/etc/e-smith/events/$event/services2adjust/mysql.init");
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts     2020-11-08 21:22:23.367000000 -0500
@@ -0,0 +1,35 @@
+{
+    $OUT = '';
+
+    use esmith::DomainsDB;
+
+    my $db = esmith::DomainsDB->open_ro;
+    unless ($db){   
+        warn "Couldn't open domains DB in VirtualHosts template fragment";
+        return;
+    }
+
+    my @vhosts = $db->get_all_by_prop('type' => 'vhost');
+    foreach my $vhost (@vhosts) {
+        my $templatePath = $vhost->prop('TemplatePath') || 'WebAppVirtualHost';
+        foreach my $port ($httpPort, $httpsPort){
+            my %virtualHost = (
+                ipAddress => '0.0.0.0',
+                port => $port,
+                localAccess => $localAccess,
+                externalSSLAccess => $externalSSLAccess,
+                domain => $vhost,
+                httpPort => $httpPort,
+                httpsPort => $httpsPort
+            );
+
+            $OUT .= esmith::templates::processTemplate (
+            {
+                MORE_DATA => \%virtualHost,
+                TEMPLATE_PATH =>
+                    "/etc/httpd/conf/httpd.conf/$templatePath",
+                OUTPUT_TYPE => 'string',
+            });
+        }
+    }
+}
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup      1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup  2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,9 @@
+{
+    use esmith::DomainsDB;
+    # Convert the passed hash for the domain object back into an object.
+    $domain = bless \%domain, 'esmith::DB::db::Record';
+
+    # Make scalars from some of the properties of the domain
+    $virtualHost = $domain->key;
+    $OUT = "";
+}
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName     2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1 @@
+    ServerName {$virtualHost}
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias        1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias    2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,13 @@
+    ServerAlias {
+
+    use esmith::HostsDB;
+    use esmith::DomainsDB;
+    my $hdb = esmith::HostsDB->open_ro();
+    my %domains = map { $_->key => 1 } esmith::DomainsDB->open_ro->domains;
+    my @hosts = grep {
+            my $h = $_;
+            ($h->prop('HostType') eq 'Self') && !$domains{$h->key}
+        } $hdb->get_hosts_by_domain($virtualHost);
+    $OUT = join " ", map { $_->key } @hosts;
+}
+
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives      1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives  2020-11-08 21:23:48.335000000 -0500
@@ -0,0 +1,28 @@
+{
+    my $ssl = $domain->prop('RequireSSL') || 'disabled';
+    my $auth = $domain->prop('Authentication') || 'none';
+
+    if ($httpsPort eq $port){
+        $OUT .= "    SSLEngine on\n";
+    }
+    elsif (($ssl =~ m/^enabled|yes|on|1$/i) || ($auth =~ /^LemonLDAP/)){
+        $OUT .=<<'EOF';
+    RewriteEngine on
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
+    RewriteRule ^/(.*|$) https://%{HTTP_HOST}/$1 [L,R]
+
+EOF
+    }
+    elsif ($ssl =~ m#/#){
+        $OUT .= "    RewriteEngine on\n";
+        foreach my $loc (split(/[;,]/, $ssl)){
+            $OUT .= "    # Rewriting $loc to use SSL\n";
+            $loc =~ s#^/##;
+            $OUT .= "    RewriteRule ^/$loc(/.*|\$)  https://%\{HTTP_HOST\}/$loc\$1 \[L,R\]\n";
+        }
+    }
+    else{
+        $OUT .= '';
+    }
+}
+
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack       1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack   2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,8 @@
+{
+    $OUT =<<'HERE';
+    RewriteEngine on
+    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
+    RewriteRule .* - [F]
+HERE
+}
+
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias    1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias        2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,13 @@
+{
+my $alias = $domain->prop('IconAlias') || 'enabled';
+$OUT .= '';
+
+unless ($alias =~ m/disabled|off|no|0/i){
+    $OUT .=<<'EOF';
+
+    # alias for Apache icons
+    Alias /icons/ /var/www/icons/
+
+EOF
+}
+}
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content    1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content        2020-11-08 21:26:33.645000000 -0500
@@ -0,0 +1,166 @@
+{
+
+use esmith::util;
+my $base = esmith::util::ldapBase($DomainName);
+
+my $name = $domain->key;
+my $target = $domain->prop('ProxyPassTarget') || '';
+my $proxy_acme = $domain->prop('ProxyPassACMEChallenges') || 'disabled';
+my $redirect = $domain->prop('Redirect') || '';
+my $rewrite = $domain->prop('Rewrite') || '';
+my $allow = $domain->prop('AllowHosts') || '';
+my $preserve = $domain->prop('ProxyPreserveHost') || 'no';
+my $keepalive = $domain->prop('ProxyNoKeepAlive') || 'no';
+my $timeout = $domain->prop('Timeout') || '';
+my $index = $domain->prop('DirectoryIndex') || '';
+my @alias = split /[,;]/, ($domain->prop('Alias') || '');
+my @env = split(/[;,]/, ($domain->prop('SetEnv') || ''));
+my $auth = $domain->prop('Authentication') || 'none';
+my @groups = split(/[;,]/, ($domain->prop('AllowGroups') || ''));
+my $ssl_port = $httpsPort;
+my $proto = ($port eq $ssl_port ) ? 'https' : 'http';
+my $socketio = $domain->prop('ProxySocketIO') || 'disabled';
+my @proxyrules = split /[,;]/, ($domain->prop('ProxyPassRules') || '');
+
+# Custom proxypass rules
+foreach my $rule (@proxyrules){
+  my ($from, $to) = split /=/, $rule;
+  $OUT .= "    ProxyPass $from $to\n";
+}
+
+if (@proxyrules > 0 || $target =~ m|https?://[\d\w\.\-/]*|){
+  $OUT .= "    ProxyPreserveHost on\n" if ($preserve eq 'yes');
+  $OUT .= "    RequestHeader set X-Forwarded-Proto \"$proto\"\n";
+}
+
+# ProxyPass ?
+if ($target =~ m|https?://[\d\w\.\-/]*|){
+    $OUT .= "    SetEnv proxy-nokeepalive 1\n" if ($keepalive eq 'yes');
+    if ($proxy_acme eq 'only'){
+      $OUT .= "    ProxyPass /.well-known/acme-challenge/ $target" . ".well-known/acme-challenge/\n";
+      $OUT .= "    ProxyPassReverse / $target" . ".well-known/acme-challenge/\n";
+    }
+    else{
+      if ($proxy_acme eq 'disabled'){
+        $OUT .= "    ProxyPass /.well-known/acme-challenge/ !\n";
+      }
+      if ($socketio eq 'enabled'){
+        # Try to handle Socket.IO
+        my $wstarget = $target;
+        $wstarget =~ s/^http:/ws:/;
+        $wstarget =~ s/^https:/wss:/;
+        $OUT .=<<"_EOF"
+
+    <IfModule mod_proxy_wstunnel.c>
+      RewriteCond %{QUERY_STRING} transport=polling      [NC]
+      RewriteRule /socket.io/(.*) ${target}socket.io/\$1 [P,L]
+
+      ProxyPass /socket.io/socket.io.js ${target}socket.io/socket.io.js
+      ProxyPassReverse /socket.io/socket.io.js ${target}socket.io/socket.io.js
+
+      ProxyPass /socket.io/ ${wstarget}socket.io/
+      ProxyPassReverse /socket.io/ ${wstarget}socket.io/
+    </IfModule>
+
+_EOF
+      }
+      $OUT .= "    ProxyPass / $target\n";
+      $OUT .= "    ProxyPassReverse / $target\n";
+    }
+}
+# Rewrite ?
+elsif ($rewrite =~ m|https?://[\d\w\.\-/]*|){
+    $OUT .=<<"HERE";
+
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
+    RewriteRule /(.*|\$) $rewrite/\$1 [L,R]
+
+HERE
+}
+# Redirect ?
+elsif ($redirect =~ m|https?://[\d\w\.\-/]*|){
+    $OUT .=<<"HERE";
+
+    RedirectMatch permanent ^/(.*|\$) $redirect/\$1
+
+HERE
+}
+else{
+    my $root = $domain->prop('DocumentRoot') ||
+        '/home/e-smith/files/ibays/Primary/html';
+
+    $OUT .= "    DocumentRoot $root\n";
+}
+
+if ($timeout =~ m/^\d+$/){
+    $OUT .= "    Timeout $timeout\n";
+}
+
+if ($index ne ''){
+    $OUT .= "    DirectoryIndex $index\n";
+}
+
+foreach (@alias){
+    next unless $_ =~ m/^(\/\w+)=(\/.*)/;
+    my ($al, $targ) = ($1, $2);
+    next unless (-e $2);
+    $OUT .= "    Alias $al $targ\n";
+}
+
+foreach (@env){
+    next unless (m/^(.*)=(.*)$/);
+    $OUT .= "    SetEnv $1 $2\n";
+}
+
+if ($allow ne ''){
+    if ($allow eq 'local'){
+        $allow = "$localAccess $externalSSLAccess";
+    }
+    else{
+        $allow =~ s/[,;]/ /g;
+    }
+    $OUT .=<<"EOF";
+
+    <Location />
+        Order deny,allow
+        Deny from all
+        Allow from $allow
+    </Location>
+
+    <Location /.well-known/acme-challenge/>
+        Allow from all
+    </Location>
+
+EOF
+}
+
+if ($auth =~ m/^Basic$/i){
+    my $require = "Require valid-user";
+    if (scalar(@groups) > 0){
+        $require = "Require ldap-group ";
+        $require .= "cn=$_,ou=Groups,$base " foreach(@groups);
+    }
+
+    $OUT .=<<"EOF";
+    SetEnvIf %{Request_URI} "^/\.well\-known/acme\-challenge" granted=1
+
+    <Location />
+        Order deny,allow
+        Satisfy any
+        Deny from all
+        Allow from env=granted
+        AuthType basic
+        AuthName "$name"
+        AuthBasicProvider ldap
+        AuthLDAPURL ldap://localhost/ou=Users,$base?uid
+        AuthLDAPGroupAttribute memberUid
+        AuthLDAPGroupAttributeIsDN off
+        $require
+    </location>
+
+EOF
+
+}
+
+}
+
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin       1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin   2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,2 @@
+
+<VirtualHost {$ipAddress}:{$port}>
diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end
--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end     2017-10-01 09:19:18.000000000 -0400
@@ -0,0 +1,2 @@
+</VirtualHost>
+
1	diff -Nur smeserver-php-3.0.0.old/createlinks smeserver-php-3.0.0/createlinks
2	--- smeserver-php-3.0.0.old/createlinks 2020-11-08 21:14:58.600000000 -0500
3	+++ smeserver-php-3.0.0/createlinks 2020-11-08 21:29:38.439000000 -0500
4	@@ -105,3 +105,9 @@
5	$service = "php-fpm.service";
6	safe_symlink("../$service", "root/usr/lib/systemd/system/multi-user.target.wants/$service");
7	safe_symlink("../$service", "root/usr/lib/systemd/system/sme-server.target.wants/$service");
8	+
9	+#webapps
10	+$event = 'webapps-update';
11	+templates2events("/etc/my.cnf", $event);
12	+
13	+safe_symlink("start", "root/etc/e-smith/events/$event/services2adjust/mysql.init");
14	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts
15	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts 1969-12-31 19:00:00.000000000 -0500
16	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/81SimpleVHosts 2020-11-08 21:22:23.367000000 -0500
17	@@ -0,0 +1,35 @@
18	+{
19	+ $OUT = '';
20	+
21	+ use esmith::DomainsDB;
22	+
23	+ my $db = esmith::DomainsDB->open_ro;
24	+ unless ($db){
25	+ warn "Couldn't open domains DB in VirtualHosts template fragment";
26	+ return;
27	+ }
28	+
29	+ my @vhosts = $db->get_all_by_prop('type' => 'vhost');
30	+ foreach my $vhost (@vhosts) {
31	+ my $templatePath = $vhost->prop('TemplatePath') \|\| 'WebAppVirtualHost';
32	+ foreach my $port ($httpPort, $httpsPort){
33	+ my %virtualHost = (
34	+ ipAddress => '0.0.0.0',
35	+ port => $port,
36	+ localAccess => $localAccess,
37	+ externalSSLAccess => $externalSSLAccess,
38	+ domain => $vhost,
39	+ httpPort => $httpPort,
40	+ httpsPort => $httpsPort
41	+ );
42	+
43	+ $OUT .= esmith::templates::processTemplate (
44	+ {
45	+ MORE_DATA => \%virtualHost,
46	+ TEMPLATE_PATH =>
47	+ "/etc/httpd/conf/httpd.conf/$templatePath",
48	+ OUTPUT_TYPE => 'string',
49	+ });
50	+ }
51	+ }
52	+}
53	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup
54	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup 1969-12-31 19:00:00.000000000 -0500
55	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/00Setup 2017-10-01 09:19:18.000000000 -0400
56	@@ -0,0 +1,9 @@
57	+{
58	+ use esmith::DomainsDB;
59	+ # Convert the passed hash for the domain object back into an object.
60	+ $domain = bless \%domain, 'esmith::DB::db::Record';
61	+
62	+ # Make scalars from some of the properties of the domain
63	+ $virtualHost = $domain->key;
64	+ $OUT = "";
65	+}
66	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName
67	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName 1969-12-31 19:00:00.000000000 -0500
68	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/02ServerName 2017-10-01 09:19:18.000000000 -0400
69	@@ -0,0 +1 @@
70	+ ServerName {$virtualHost}
71	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias
72	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias 1969-12-31 19:00:00.000000000 -0500
73	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/03ServerAlias 2017-10-01 09:19:18.000000000 -0400
74	@@ -0,0 +1,13 @@
75	+ ServerAlias {
76	+
77	+ use esmith::HostsDB;
78	+ use esmith::DomainsDB;
79	+ my $hdb = esmith::HostsDB->open_ro();
80	+ my %domains = map { $_->key => 1 } esmith::DomainsDB->open_ro->domains;
81	+ my @hosts = grep {
82	+ my $h = $_;
83	+ ($h->prop('HostType') eq 'Self') && !$domains{$h->key}
84	+ } $hdb->get_hosts_by_domain($virtualHost);
85	+ $OUT = join " ", map { $_->key } @hosts;
86	+}
87	+
88	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives
89	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives 1969-12-31 19:00:00.000000000 -0500
90	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/25SSLDirectives 2020-11-08 21:23:48.335000000 -0500
91	@@ -0,0 +1,28 @@
92	+{
93	+ my $ssl = $domain->prop('RequireSSL') \|\| 'disabled';
94	+ my $auth = $domain->prop('Authentication') \|\| 'none';
95	+
96	+ if ($httpsPort eq $port){
97	+ $OUT .= " SSLEngine on\n";
98	+ }
99	+ elsif (($ssl =~ m/^enabled\|yes\|on\|1$/i) \|\| ($auth =~ /^LemonLDAP/)){
100	+ $OUT .=<<'EOF';
101	+ RewriteEngine on
102	+ RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
103	+ RewriteRule ^/(.*\|$) https://%{HTTP_HOST}/$1 [L,R]
104	+
105	+EOF
106	+ }
107	+ elsif ($ssl =~ m#/#){
108	+ $OUT .= " RewriteEngine on\n";
109	+ foreach my $loc (split(/[;,]/, $ssl)){
110	+ $OUT .= " # Rewriting $loc to use SSL\n";
111	+ $loc =~ s#^/##;
112	+ $OUT .= " RewriteRule ^/$loc(/.*\|\$) https://%\{HTTP_HOST\}/$loc\$1 \[L,R\]\n";
113	+ }
114	+ }
115	+ else{
116	+ $OUT .= '';
117	+ }
118	+}
119	+
120	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack
121	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack 1969-12-31 19:00:00.000000000 -0500
122	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/26RewriteTraceAndTrack 2017-10-01 09:19:18.000000000 -0400
123	@@ -0,0 +1,8 @@
124	+{
125	+ $OUT =<<'HERE';
126	+ RewriteEngine on
127	+ RewriteCond %{REQUEST_METHOD} ^(TRACE\|TRACK)
128	+ RewriteRule .* - [F]
129	+HERE
130	+}
131	+
132	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias
133	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias 1969-12-31 19:00:00.000000000 -0500
134	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/40ApacheIconAlias 2017-10-01 09:19:18.000000000 -0400
135	@@ -0,0 +1,13 @@
136	+{
137	+my $alias = $domain->prop('IconAlias') \|\| 'enabled';
138	+$OUT .= '';
139	+
140	+unless ($alias =~ m/disabled\|off\|no\|0/i){
141	+ $OUT .=<<'EOF';
142	+
143	+ # alias for Apache icons
144	+ Alias /icons/ /var/www/icons/
145	+
146	+EOF
147	+}
148	+}
149	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content
150	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content 1969-12-31 19:00:00.000000000 -0500
151	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/50Content 2020-11-08 21:26:33.645000000 -0500
152	@@ -0,0 +1,166 @@
153	+{
154	+
155	+use esmith::util;
156	+my $base = esmith::util::ldapBase($DomainName);
157	+
158	+my $name = $domain->key;
159	+my $target = $domain->prop('ProxyPassTarget') \|\| '';
160	+my $proxy_acme = $domain->prop('ProxyPassACMEChallenges') \|\| 'disabled';
161	+my $redirect = $domain->prop('Redirect') \|\| '';
162	+my $rewrite = $domain->prop('Rewrite') \|\| '';
163	+my $allow = $domain->prop('AllowHosts') \|\| '';
164	+my $preserve = $domain->prop('ProxyPreserveHost') \|\| 'no';
165	+my $keepalive = $domain->prop('ProxyNoKeepAlive') \|\| 'no';
166	+my $timeout = $domain->prop('Timeout') \|\| '';
167	+my $index = $domain->prop('DirectoryIndex') \|\| '';
168	+my @alias = split /[,;]/, ($domain->prop('Alias') \|\| '');
169	+my @env = split(/[;,]/, ($domain->prop('SetEnv') \|\| ''));
170	+my $auth = $domain->prop('Authentication') \|\| 'none';
171	+my @groups = split(/[;,]/, ($domain->prop('AllowGroups') \|\| ''));
172	+my $ssl_port = $httpsPort;
173	+my $proto = ($port eq $ssl_port ) ? 'https' : 'http';
174	+my $socketio = $domain->prop('ProxySocketIO') \|\| 'disabled';
175	+my @proxyrules = split /[,;]/, ($domain->prop('ProxyPassRules') \|\| '');
176	+
177	+# Custom proxypass rules
178	+foreach my $rule (@proxyrules){
179	+ my ($from, $to) = split /=/, $rule;
180	+ $OUT .= " ProxyPass $from $to\n";
181	+}
182	+
183	+if (@proxyrules > 0 \|\| $target =~ m\|https?://[\d\w\.\-/]*\|){
184	+ $OUT .= " ProxyPreserveHost on\n" if ($preserve eq 'yes');
185	+ $OUT .= " RequestHeader set X-Forwarded-Proto \"$proto\"\n";
186	+}
187	+
188	+# ProxyPass ?
189	+if ($target =~ m\|https?://[\d\w\.\-/]*\|){
190	+ $OUT .= " SetEnv proxy-nokeepalive 1\n" if ($keepalive eq 'yes');
191	+ if ($proxy_acme eq 'only'){
192	+ $OUT .= " ProxyPass /.well-known/acme-challenge/ $target" . ".well-known/acme-challenge/\n";
193	+ $OUT .= " ProxyPassReverse / $target" . ".well-known/acme-challenge/\n";
194	+ }
195	+ else{
196	+ if ($proxy_acme eq 'disabled'){
197	+ $OUT .= " ProxyPass /.well-known/acme-challenge/ !\n";
198	+ }
199	+ if ($socketio eq 'enabled'){
200	+ # Try to handle Socket.IO
201	+ my $wstarget = $target;
202	+ $wstarget =~ s/^http:/ws:/;
203	+ $wstarget =~ s/^https:/wss:/;
204	+ $OUT .=<<"_EOF"
205	+
206	+ <IfModule mod_proxy_wstunnel.c>
207	+ RewriteCond %{QUERY_STRING} transport=polling [NC]
208	+ RewriteRule /socket.io/(.*) ${target}socket.io/\$1 [P,L]
209	+
210	+ ProxyPass /socket.io/socket.io.js ${target}socket.io/socket.io.js
211	+ ProxyPassReverse /socket.io/socket.io.js ${target}socket.io/socket.io.js
212	+
213	+ ProxyPass /socket.io/ ${wstarget}socket.io/
214	+ ProxyPassReverse /socket.io/ ${wstarget}socket.io/
215	+ </IfModule>
216	+
217	+_EOF
218	+ }
219	+ $OUT .= " ProxyPass / $target\n";
220	+ $OUT .= " ProxyPassReverse / $target\n";
221	+ }
222	+}
223	+# Rewrite ?
224	+elsif ($rewrite =~ m\|https?://[\d\w\.\-/]*\|){
225	+ $OUT .=<<"HERE";
226	+
227	+ RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
228	+ RewriteRule /(.*\|\$) $rewrite/\$1 [L,R]
229	+
230	+HERE
231	+}
232	+# Redirect ?
233	+elsif ($redirect =~ m\|https?://[\d\w\.\-/]*\|){
234	+ $OUT .=<<"HERE";
235	+
236	+ RedirectMatch permanent ^/(.*\|\$) $redirect/\$1
237	+
238	+HERE
239	+}
240	+else{
241	+ my $root = $domain->prop('DocumentRoot') \|\|
242	+ '/home/e-smith/files/ibays/Primary/html';
243	+
244	+ $OUT .= " DocumentRoot $root\n";
245	+}
246	+
247	+if ($timeout =~ m/^\d+$/){
248	+ $OUT .= " Timeout $timeout\n";
249	+}
250	+
251	+if ($index ne ''){
252	+ $OUT .= " DirectoryIndex $index\n";
253	+}
254	+
255	+foreach (@alias){
256	+ next unless $_ =~ m/^(\/\w+)=(\/.*)/;
257	+ my ($al, $targ) = ($1, $2);
258	+ next unless (-e $2);
259	+ $OUT .= " Alias $al $targ\n";
260	+}
261	+
262	+foreach (@env){
263	+ next unless (m/^(.)=(.)$/);
264	+ $OUT .= " SetEnv $1 $2\n";
265	+}
266	+
267	+if ($allow ne ''){
268	+ if ($allow eq 'local'){
269	+ $allow = "$localAccess $externalSSLAccess";
270	+ }
271	+ else{
272	+ $allow =~ s/[,;]/ /g;
273	+ }
274	+ $OUT .=<<"EOF";
275	+
276	+ <Location />
277	+ Order deny,allow
278	+ Deny from all
279	+ Allow from $allow
280	+ </Location>
281	+
282	+ <Location /.well-known/acme-challenge/>
283	+ Allow from all
284	+ </Location>
285	+
286	+EOF
287	+}
288	+
289	+if ($auth =~ m/^Basic$/i){
290	+ my $require = "Require valid-user";
291	+ if (scalar(@groups) > 0){
292	+ $require = "Require ldap-group ";
293	+ $require .= "cn=$_,ou=Groups,$base " foreach(@groups);
294	+ }
295	+
296	+ $OUT .=<<"EOF";
297	+ SetEnvIf %{Request_URI} "^/\.well\-known/acme\-challenge" granted=1
298	+
299	+ <Location />
300	+ Order deny,allow
301	+ Satisfy any
302	+ Deny from all
303	+ Allow from env=granted
304	+ AuthType basic
305	+ AuthName "$name"
306	+ AuthBasicProvider ldap
307	+ AuthLDAPURL ldap://localhost/ou=Users,$base?uid
308	+ AuthLDAPGroupAttribute memberUid
309	+ AuthLDAPGroupAttributeIsDN off
310	+ $require
311	+ </location>
312	+
313	+EOF
314	+
315	+}
316	+
317	+}
318	+
319	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin
320	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin 1969-12-31 19:00:00.000000000 -0500
321	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-begin 2017-10-01 09:19:18.000000000 -0400
322	@@ -0,0 +1,2 @@
323	+
324	+<VirtualHost {$ipAddress}:{$port}>
325	diff -Nur smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end
326	--- smeserver-php-3.0.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end 1969-12-31 19:00:00.000000000 -0500
327	+++ smeserver-php-3.0.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/template-end 2017-10-01 09:19:18.000000000 -0400
328	@@ -0,0 +1,2 @@
329	+</VirtualHost>
330	+