$dash_len) { $dash_str .= substr($password, 0, $dash_len) . '-'; $password = substr($password, $dash_len); } $dash_str .= $password; return $dash_str; } function createSQLUserAndDatabase($user, $type) { $pass = generatePassword(); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e \'CREATE DATABASE IF NOT EXISTS '.$user.';\'', $output); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e "CREATE USER IF NOT EXISTS \''.$user.'\'@\'localhost\' IDENTIFIED BY \''.$pass.'\';"', $output); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e "GRANT ALL PRIVILEGES ON '.$user.'.* TO \''.$user.'\'@\'localhost\';"', $output); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e "FLUSH PRIVILEGES;"', $output); $databaseModel = ($type === 'solo') ? $_SERVER['solomodel'] : $_SERVER['fermemodel']; exec('mysqldump -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -v '.$databaseModel.' | mysql -u '.$user.' -p\''.$pass.'\' -D '.$user, $output); // TODO: add first user and make him admin return ['database' => $user, 'user' => $user, 'password' => $pass]; } function removeMySQLUserAndDatabase($user) { exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e \'DROP DATABASE IF EXISTS '.$user.';\'', $output); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e "DROP USER IF EXISTS \''.$user.'\'@\'localhost\';"', $output); exec('mysql -u '.$_SERVER['mysqluser'].' -p\''.$_SERVER['mysqlpassword'].'\' -e "FLUSH PRIVILEGES;"', $output); return; } function createUnixUserWithQuota($user, $quota) { $pass = generatePassword(); exec('useradd -m -p "'.$pass.'" '.$user, $output); exec('setquota -u '.$user.' '.$quota.' '.$quota.' 0 0 -a /dev/loop0', $output); // TODO : handle errors return ['user' => $user, 'password' => $pass, 'quota' => $quota]; } function removeUnixUser($user) { exec('deluser --remove-home '.$user, $output); // TODO : handle errors return; } function createNginxConfig($domain, $user, $herseUser, $hersePass) { $nginxFile = '/etc/nginx/conf.d/'.$domain.'.conf'; if (empty($herseUser) && empty($hersePass)) { // no herse needed } elseif (empty($herseUser) || empty($hersePass)) { throw new Exception('You need an username AND a password to add a herse.'); } else { // add password file to domain file_put_contents( '/home'.'/'.$user.'/'.$domain.'/.htpasswd', $herseUser.':'.password_hash($hersePass, PASSWORD_BCRYPT) ); } $templates = new League\Plates\Engine(dirname(__FILE__).'/templates'); $subDomain = preg_match('/.'.$_SERVER['maindomain'].'$/isU', $domain, $matches, PREG_OFFSET_CAPTURE, 0); if (!$subDomain) { file_put_contents( $nginxFile, $templates->render( 'nginx-for-ssl-certificate', [ 'domain' => $domain, ] ) ); exec('service nginx force-reload', $output); exec('/root/.acme.sh/acme.sh --issue -d '.$domain.' -d www.'.$domain.' -k ec-384 -w /home/'.$user.'/'.$domain.'/', $output); exec('mkdir -p /etc/letsencrypt/live/'.$domain, $output); exec('/root/.acme.sh/acme.sh --install-cert -d '.$domain.' --ecc \ --cert-file /etc/letsencrypt/live/'.$domain.'/cert.pem \ --key-file /etc/letsencrypt/live/'.$domain.'/key.pem \ --fullchain-file /etc/letsencrypt/live/'.$domain.'/fullchain.pem \ --ca-file /etc/letsencrypt/live/'.$domain.'/ca.pem \ --reloadcmd "systemctl restart nginx.service"', $output); } file_put_contents( $nginxFile, $templates->render( 'nginx-maindomain', [ 'domain' => $domain, 'user' => $user, 'herseUser' => $herseUser, 'hersePass' => $hersePass, 'subDomain' => $subDomain, ] ) ); exec('service nginx force-reload', $output); } function removeNginxConfig($domain) { $nginxFile = '/etc/nginx/conf.d/'.$domain.'.conf'; unlink($nginxFile); exec('service nginx force-reload', $output); } function createPhpFpmConfig($user) { $phpVersion = str_replace(['php', '-fpm'], '', $_SERVER['phpservice']); $phpConfFile = '/etc/php/'.$phpVersion.'/fpm/pool.d/'.$user.'.conf'; $templates = new League\Plates\Engine(dirname(__FILE__).'/templates'); file_put_contents($phpConfFile, $templates->render('php-fpm', ['user' => $user])); exec('service '.$_SERVER['phpservice'].' reload', $output); } function removePhpFpmConfig($user) { $phpVersion = str_replace(['php', '-fpm'], '', $_SERVER['phpservice']); $phpConfFile = '/etc/php/'.$phpVersion.'/fpm/pool.d/'.$user.'.conf'; unlink($phpConfFile); exec('service '.$_SERVER['phpservice'].' reload', $output); } function copyYesWikiFiles($domain, $user, $dbUser) { $tmpFile = '/tmp/yeswiki.zip'; $destDir = '/home'.'/'.$user.'/'.$domain; $sudo = 'sudo -u '.$user.' '; exec($sudo.' mkdir -p '.$destDir, $output); if (file_exists($tmpFile)) { unlink($tmpFile); } exec($sudo.'curl --insecure -o '.$tmpFile.' '.$_SERVER['source_archive_url']); exec($sudo.'unzip '.$tmpFile.' "doryphore/*" -d '.$destDir); exec($sudo.'mv '.$destDir.'/doryphore/* '.$destDir.'/'); exec($sudo.'rm -rf '.$destDir.'/doryphore'); unlink($tmpFile); # we wait 10 seconds before launching install echo "\nEn attente de dézippage\n"; echo exec('sleep 10'); $curl = 'curl -X POST --insecure --data-urlencode \'config[default_language]=fr\' --data-urlencode \'config[wakka_name]='.$domain.'\' --data-urlencode \'config[root_page]=PagePrincipale\' --data-urlencode \'config[mysql_host]=localhost\' --data-urlencode \'config[mysql_database]='.$dbUser['database'].'\' --data-urlencode \'config[mysql_user]='.$dbUser['user'].'\' --data-urlencode \'config[mysql_password]='.$dbUser['password'].'\' --data-urlencode \'config[table_prefix]=yeswiki_\' --data-urlencode \'admin_name='.$_SERVER['admin_id'].'\' --data-urlencode \'admin_password='.$_SERVER['admin_password'].'\' --data-urlencode \'admin_password_conf='.$_SERVER['admin_password'].'\' --data-urlencode \'admin_email='.$_SERVER['admin_email'].'\' --data-urlencode \'config[rewrite_mode]=1\' --data-urlencode \'submit=Continue\' \'https://'.$domain.'/?PagePrincipale&installAction=install\' 2>&1'; echo exec($curl); return; } function checkHerse($herseUser, $hersePass) { if (empty($herseUser) && empty($hersePass)) { return false; // no herse needed } elseif (empty($herseUser) || empty($hersePass)) { throw new Exception('You need an username AND a password to add a herse.'); } return true; // herse needed }