Skip to content

Commit f52de04

Browse files
qroacqroac
committed
Handle host-specific ssl certificates
1 parent 029167a commit f52de04

File tree

11 files changed

+550
-13
lines changed

11 files changed

+550
-13
lines changed

install/apps/metronome-init

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,16 @@ stop()
3333
$METRONOME stop >> /dev/null
3434
}
3535

36+
reload()
37+
{
38+
&METRONOME reload >> /dev/null
39+
}
40+
41+
restart()
42+
{
43+
&METRONOME restart >> /dev/null
44+
}
45+
3646
case "$1" in
3747
start)
3848
echo -n "Starting Metronome..."
@@ -42,13 +52,16 @@ case "$1" in
4252
echo -n "Stopping Metronome..."
4353
stop &
4454
;;
55+
reload)
56+
echo -n "Reloading Metronome config..."
57+
reload &
58+
;;
4559
restart)
4660
echo -n "Restarting Metronome..."
47-
stop &
48-
start &
61+
restart &
4962
;;
5063
*)
51-
echo "Usage: $0 {start|stop|restart}" >&2
64+
echo "Usage: $0 {start|stop|reload|restart}" >&2
5265
exit 1
5366
;;
5467
esac

install/sql/incremental/upd_0081.sql

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,18 @@ CREATE TABLE `xmpp_domain` (
4848
`http_archive_show_status` enum('n', 'y') NOT NULL DEFAULT 'n',
4949
`use_status_host` enum('n','y') NOT NULL DEFAULT 'n',
5050

51+
`ssl_state` varchar(255) NULL,
52+
`ssl_locality` varchar(255) NULL,
53+
`ssl_organisation` varchar(255) NULL,
54+
`ssl_organisation_unit` varchar(255) NULL,
55+
`ssl_country` varchar(255) NULL,
56+
`ssl_email` varchar(255) NULL,
57+
`ssl_request` mediumtext NULL,
58+
`ssl_cert` mediumtext NULL,
59+
`ssl_bundle` mediumtext NULL,
60+
`ssl_key` mediumtext NULL,
61+
`ssl_action` varchar(16) NULL,
62+
5163
`active` enum('n','y') NOT NULL DEFAULT 'n',
5264
PRIMARY KEY (`domain_id`),
5365
KEY `server_id` (`server_id`,`domain`),

install/sql/ispconfig3.sql

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2002,6 +2002,18 @@ CREATE TABLE `xmpp_domain` (
20022002
`http_archive_show_status` enum('n', 'y') NOT NULL DEFAULT 'n',
20032003
`use_status_host` enum('n','y') NOT NULL DEFAULT 'n',
20042004

2005+
`ssl_state` varchar(255) NULL,
2006+
`ssl_locality` varchar(255) NULL,
2007+
`ssl_organisation` varchar(255) NULL,
2008+
`ssl_organisation_unit` varchar(255) NULL,
2009+
`ssl_country` varchar(255) NULL,
2010+
`ssl_email` varchar(255) NULL,
2011+
`ssl_request` mediumtext NULL,
2012+
`ssl_cert` mediumtext NULL,
2013+
`ssl_bundle` mediumtext NULL,
2014+
`ssl_key` mediumtext NULL,
2015+
`ssl_action` varchar(16) NULL,
2016+
20052017
`active` enum('n','y') NOT NULL DEFAULT 'n',
20062018
PRIMARY KEY (`domain_id`),
20072019
KEY `server_id` (`server_id`,`domain`),

interface/web/mail/form/xmpp_domain.tform.php

Lines changed: 123 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -280,5 +280,128 @@
280280
)
281281
);
282282

283+
$form["tabs"]['ssl'] = array (
284+
'title' => "SSL",
285+
'width' => 100,
286+
'template' => "templates/xmpp_domain_edit_ssl.htm",
287+
'readonly' => false,
288+
'fields' => array (
289+
//#################################
290+
// Begin Datatable fields
291+
//#################################
292+
'ssl_state' => array (
293+
'datatype' => 'VARCHAR',
294+
'formtype' => 'TEXT',
295+
'validators' => array ( 0 => array ( 'type' => 'REGEX',
296+
'regex' => '/^(([\.]{0})|([-a-zA-Z0-9._,&äöüÄÖÜ ]{1,255}))$/',
297+
'errmsg'=> 'ssl_state_error_regex'),
298+
),
299+
'default' => '',
300+
'value' => '',
301+
'width' => '30',
302+
'maxlength' => '255'
303+
),
304+
'ssl_locality' => array (
305+
'datatype' => 'VARCHAR',
306+
'formtype' => 'TEXT',
307+
'validators' => array ( 0 => array ( 'type' => 'REGEX',
308+
'regex' => '/^(([\.]{0})|([-a-zA-Z0-9._,&äöüÄÖÜ ]{1,255}))$/',
309+
'errmsg'=> 'ssl_locality_error_regex'),
310+
),
311+
'default' => '',
312+
'value' => '',
313+
'width' => '30',
314+
'maxlength' => '255'
315+
),
316+
'ssl_organisation' => array (
317+
'datatype' => 'VARCHAR',
318+
'formtype' => 'TEXT',
319+
'validators' => array ( 0 => array ( 'type' => 'REGEX',
320+
'regex' => '/^(([\.]{0})|([-a-zA-Z0-9._,&äöüÄÖÜ ]{1,255}))$/',
321+
'errmsg'=> 'ssl_organisation_error_regex'),
322+
),
323+
'default' => '',
324+
'value' => '',
325+
'width' => '30',
326+
'maxlength' => '255'
327+
),
328+
'ssl_organisation_unit' => array (
329+
'datatype' => 'VARCHAR',
330+
'formtype' => 'TEXT',
331+
'validators' => array ( 0 => array ( 'type' => 'REGEX',
332+
'regex' => '/^(([\.]{0})|([-a-zA-Z0-9._,&äöüÄÖÜ ]{1,255}))$/',
333+
'errmsg'=> 'ssl_organistaion_unit_error_regex'),
334+
),
335+
'default' => '',
336+
'value' => '',
337+
'width' => '30',
338+
'maxlength' => '255'
339+
),
340+
'ssl_country' => array (
341+
'datatype' => 'VARCHAR',
342+
'formtype' => 'SELECT',
343+
'default' => '',
344+
'datasource' => array ( 'type' => 'SQL',
345+
'querystring' => 'SELECT iso,printable_name FROM country ORDER BY printable_name',
346+
'keyfield'=> 'iso',
347+
'valuefield'=> 'printable_name'
348+
),
349+
'value' => ''
350+
),
351+
'ssl_email' => array (
352+
'datatype' => 'VARCHAR',
353+
'formtype' => 'TEXT',
354+
'default' => '',
355+
'value' => '',
356+
'width' => '30',
357+
'maxlength' => '255',
358+
'validators' => array ( 0 => array ( 'type' => 'ISEMAIL',
359+
'errmsg'=> 'ssl_error_isemail')
360+
),
361+
),
362+
'ssl_key' => array (
363+
'datatype' => 'TEXT',
364+
'formtype' => 'TEXTAREA',
365+
'default' => '',
366+
'value' => '',
367+
'cols' => '30',
368+
'rows' => '10'
369+
),
370+
'ssl_request' => array (
371+
'datatype' => 'TEXT',
372+
'formtype' => 'TEXTAREA',
373+
'default' => '',
374+
'value' => '',
375+
'cols' => '30',
376+
'rows' => '10'
377+
),
378+
'ssl_cert' => array (
379+
'datatype' => 'TEXT',
380+
'formtype' => 'TEXTAREA',
381+
'default' => '',
382+
'value' => '',
383+
'cols' => '30',
384+
'rows' => '10'
385+
),
386+
'ssl_bundle' => array (
387+
'datatype' => 'TEXT',
388+
'formtype' => 'TEXTAREA',
389+
'default' => '',
390+
'value' => '',
391+
'cols' => '30',
392+
'rows' => '10'
393+
),
394+
'ssl_action' => array (
395+
'datatype' => 'VARCHAR',
396+
'formtype' => 'SELECT',
397+
'default' => '',
398+
'value' => array('' => 'none_txt', 'save' => 'save_certificate_txt', 'create' => 'create_certificate_txt', 'del' => 'delete_certificate_txt')
399+
),
400+
//#################################
401+
// ENDE Datatable fields
402+
//#################################
403+
)
404+
);
405+
283406

284407
?>

interface/web/mail/lib/lang/en_xmpp_domain.lng

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,4 +30,32 @@ $wb["cant_change_domainname_txt"] = 'The Domain name of existing XMPP domain can
3030
$wb["about_registration_url_txt"] = 'Link to your registration form.';
3131
$wb["about_registration_message_txt"] = 'Description about your account registration process.';
3232
$wb["no_corresponding_maildomain_txt"] = 'Corresponding mail domain for user management not found. Please create the mail domain first.';
33+
$wb['ssl_state_txt'] = 'State';
34+
$wb['ssl_locality_txt'] = 'Locality';
35+
$wb['ssl_organisation_txt'] = 'Organisation';
36+
$wb['ssl_organisation_unit_txt'] = 'Organisation Unit';
37+
$wb['ssl_country_txt'] = 'Country';
38+
$wb['ssl_key_txt'] = 'SSL Key';
39+
$wb['ssl_request_txt'] = 'SSL Request';
40+
$wb['ssl_cert_txt'] = 'SSL Certificate';
41+
$wb['ssl_bundle_txt'] = 'SSL Bundle';
42+
$wb['ssl_action_txt'] = 'SSL Action';
43+
$wb['ssl_email_txt'] = 'Email Address';
44+
$wb['ssl_txt'] = 'SSL';
45+
$wb['error_ssl_state_empty'] = 'SSL State is empty.';
46+
$wb['error_ssl_locality_empty'] = 'SSL Locality is empty.';
47+
$wb['error_ssl_organisation_empty'] = 'SSL Organisation is empty.';
48+
$wb['error_ssl_organisation_unit_empty'] = 'SSL Organisation Unit is empty.';
49+
$wb['error_ssl_country_empty'] = 'SSL Country is empty.';
50+
$wb['error_ssl_cert_empty'] = 'SSL Certificate field is empty';
51+
$wb['ssl_state_error_regex'] = 'Invalid SSL State. Valid characters are: a-z, 0-9 and .,-_&äöüÄÖÜ';
52+
$wb['ssl_locality_error_regex'] = 'Invalid SSL Locality. Valid characters are: a-z, 0-9 and .,-_&äöüÄÖÜ';
53+
$wb['ssl_organisation_error_regex'] = 'Invalid SSL Organisation. Valid characters are: a-z, 0-9 and .,-_&äöüÄÖÜ';
54+
$wb['ssl_organistaion_unit_error_regex'] = 'Invalid SSL Organisation Unit. Valid characters are: a-z, 0-9 and .,-_&äöüÄÖÜ';
55+
$wb['ssl_country_error_regex'] = 'Invalid SSL Country. Valid characters are: A-Z';
56+
$wb['none_txt'] = 'None';
57+
$wb['save_certificate_txt'] = 'Save certificate';
58+
$wb['create_certificate_txt'] = 'Create certificate';
59+
$wb['delete_certificate_txt'] = 'Delete certificate';
60+
$wb['ssl_error_isemail'] = 'Please enter a valid email adress for generation of the SSL certificate';
3361
?>

interface/web/mail/templates/xmpp_domain_edit_ssl.htm

Lines changed: 100 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,100 @@
1+
<div class='page-header'>
2+
<h1><tmpl_var name="list_head_txt"></h1>
3+
</div>
4+
<p><tmpl_var name="list_desc_txt"></p>
5+
6+
<tmpl_if name="config_error_msg">
7+
<div style="background: #ffdfdf; border: 1px solid #df7d7d; border-width: 1px 0; margin: 1.5em 0 1.5em 0; padding: 7px;">
8+
<p style="font-face:bold">{tmpl_var name='configuration_error_txt'}</p>
9+
<div>
10+
<div style="float:left;width:150px;">{tmpl_var name='config_error_tstamp'} :&nbsp;</div><div style="padding-left:150px;">{tmpl_var name='config_error_msg'}</div>
11+
</div>
12+
</div>
13+
</tmpl_if>
14+
15+
16+
<tmpl_if name='show_helper_links'>
17+
<div id="show_helper_links" style="display:none;">
18+
<label></label>
19+
<div class="col-sm-9">
20+
<a href="javascript:void(0);" id="load_data"><tmpl_if name='is_admin'>{tmpl_var name='load_client_data_txt'}</tmpl_else>{tmpl_var name='load_my_data_txt'}</tmpl_if></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="javascript:void(0);" id="reset_data">{tmpl_var name='reset_client_data_txt'}</a>
21+
</div>
22+
</div>
23+
</tmpl_if>
24+
<div class="form-group">
25+
<label for="ssl_state" class="col-sm-3 control-label">{tmpl_var name='ssl_state_txt'}</label>
26+
<div class="col-sm-9"><input type="text" name="ssl_state" id="ssl_state" value="{tmpl_var name='ssl_state'}" class="form-control" /></div></div>
27+
<div class="form-group">
28+
<label for="ssl_locality" class="col-sm-3 control-label">{tmpl_var name='ssl_locality_txt'}</label>
29+
<div class="col-sm-9"><input type="text" name="ssl_locality" id="ssl_locality" value="{tmpl_var name='ssl_locality'}" class="form-control" /></div></div>
30+
<div class="form-group">
31+
<label for="ssl_organisation" class="col-sm-3 control-label">{tmpl_var name='ssl_organisation_txt'}</label>
32+
<div class="col-sm-9"><input type="text" name="ssl_organisation" id="ssl_organisation" value="{tmpl_var name='ssl_organisation'}" class="form-control" /></div></div>
33+
<div class="form-group">
34+
<label for="ssl_organisation_unit" class="col-sm-3 control-label">{tmpl_var name='ssl_organisation_unit_txt'}</label>
35+
<div class="col-sm-9"><input type="text" name="ssl_organisation_unit" id="ssl_organisation_unit" value="{tmpl_var name='ssl_organisation_unit'}" class="form-control" /></div></div>
36+
<div class="form-group">
37+
<label for="ssl_country" class="col-sm-3 control-label">{tmpl_var name='ssl_country_txt'}</label>
38+
<div class="col-sm-9"><select name="ssl_country" id="ssl_country" class="form-control flags">
39+
{tmpl_var name='ssl_country'}
40+
</select></div>
41+
</div>
42+
<div class="form-group">
43+
<label for="ssl_email" class="col-sm-3 control-label">{tmpl_var name='ssl_email_txt'}</label>
44+
<div class="col-sm-9"><input type="email" name="ssl_email" id="ssl_email" value="{tmpl_var name='ssl_email'}" class="form-control" /></div></div>
45+
<div class="form-group">
46+
<label for="ssl_request" class="col-sm-3 control-label">{tmpl_var name='ssl_key_txt'}</label>
47+
<div class="col-sm-9"><textarea class="form-control" name="ssl_key" id="ssl_key" rows='10' cols='30'>{tmpl_var name='ssl_key'}</textarea></div>
48+
</div>
49+
<div class="form-group">
50+
<label for="ssl_request" class="col-sm-3 control-label">{tmpl_var name='ssl_request_txt'}</label>
51+
<div class="col-sm-9"><textarea class="form-control" name="ssl_request" id="ssl_request" rows='10' cols='30'>{tmpl_var name='ssl_request'}</textarea></div>
52+
</div>
53+
<div class="form-group">
54+
<label for="ssl_cert" class="col-sm-3 control-label">{tmpl_var name='ssl_cert_txt'}</label>
55+
<div class="col-sm-9"><textarea class="form-control" name="ssl_cert" id="ssl_cert" rows='10' cols='30'>{tmpl_var name='ssl_cert'}</textarea></div>
56+
</div>
57+
<div class="form-group">
58+
<label for="ssl_action" class="col-sm-3 control-label">{tmpl_var name='ssl_action_txt'}</label>
59+
<div class="col-sm-9"><select name="ssl_action" id="ssl_action" class="form-control">
60+
{tmpl_var name='ssl_action'}
61+
</select></div>
62+
</div>
63+
64+
65+
<input type="hidden" name="id" value="{tmpl_var name='id'}">
66+
<input type="hidden" name="type" value="ssl">
67+
68+
<div class="clear"><div class="right">
69+
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="mail/xmpp_domain_edit.php">{tmpl_var name='btn_save_txt'}</button>
70+
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="mail/xmpp_domain_list.php">{tmpl_var name='btn_cancel_txt'}</button>
71+
</div></div>
72+
73+
<script>
74+
<!--
75+
<tmpl_if name='show_helper_links'>
76+
if($("input[name=id]").val() > 0) $('#show_helper_links:hidden').show();
77+
78+
$('#reset_data').click(function(){
79+
$('#ssl_organisation').add('#ssl_locality').add('#ssl_state').add('#ssl_organisation_unit').val('');
80+
$('#ssl_country').val($("#ssl_country option:first").val());
81+
});
82+
$('#load_data').click(function(){
83+
loadClientData();
84+
});
85+
86+
87+
function loadClientData() {
88+
var web_id = $("input[name=id]").val();
89+
90+
jQuery.getJSON('sites/ajax_get_json.php'+ '?' + Math.round(new Date().getTime()), {'web_id': web_id, 'type': "getclientssldata"}, function(data) {
91+
$('#ssl_organisation').val(data['company_name']);
92+
$('#ssl_locality').val(data['city']);
93+
$('#ssl_country').val(data['country']);
94+
$('#ssl_state').val(data['state']);
95+
$('#ssl_organisation_unit').val('IT');
96+
});
97+
}
98+
</tmpl_if>
99+
//-->
100+
</script>

interface/web/mail/xmpp_domain_edit.php

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,14 +49,16 @@
4949
$app->load('tform_actions');
5050

5151
class page_action extends tform_actions {
52-
var $_xmpp_type = 'domain';
52+
var $_xmpp_type = 'server';
5353

5454
function onLoad() {
5555
$show_type = 'server';
56-
if(isset($_GET['type']) && $_GET['type'] == 'modules') {
56+
if(isset($_REQUEST['type']) && $_REQUEST['type'] == 'modules') {
5757
$show_type = 'modules';
58-
} elseif(isset($_GET['type']) && $_GET['type'] == 'muc') {
58+
} elseif(isset($_REQUEST['type']) && $_REQUEST['type'] == 'muc') {
5959
$show_type = 'muc';
60+
}elseif(isset($_REQUEST['type']) && $_REQUEST['type'] == 'ssl') {
61+
$show_type = 'ssl';
6062
}
6163

6264
$_SESSION['s']['var']['xmpp_type'] = $show_type;
@@ -363,6 +365,21 @@ function onBeforeUpdate() {
363365
}
364366
}
365367

368+
if($this->_xmpp_type == 'ssl'){
369+
//* Check that all fields for the SSL cert creation are filled
370+
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') {
371+
if($this->dataRecord['ssl_state'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_state_empty').'<br />';
372+
if($this->dataRecord['ssl_locality'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_locality_empty').'<br />';
373+
if($this->dataRecord['ssl_organisation'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_organisation_empty').'<br />';
374+
if($this->dataRecord['ssl_organisation_unit'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_organisation_unit_empty').'<br />';
375+
if($this->dataRecord['ssl_country'] == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_country_empty').'<br />';
376+
}
377+
378+
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'save') {
379+
if(trim($this->dataRecord['ssl_cert']) == '') $app->tform->errorMessage .= $app->tform->lng('error_ssl_cert_empty').'<br />';
380+
}
381+
}
382+
366383
//* make sure that the xmpp domain is lowercase
367384
if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
368385

server/conf/metronome_conf_host.master

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -52,12 +52,12 @@ VirtualHost "{tmpl_var name='domain'}"
5252
admins = {
5353
{tmpl_var name='domain_admins'}
5454
};
55-
-- TODO: SSL Certs for Hosts
56-
-- ssl = {
57-
-- key = "/var/lib/metronome/iplay-esports.de.key",
58-
-- certificate = "/var/lib/metronome/iplay-esports.de.crt",
59-
-- };
60-
55+
<tmpl_if name='ssl_cert' op='==' value='true'>
56+
ssl = {
57+
key = "/etc/metronome/certs/{tmpl_var name='domain'}.key",
58+
certificate = "/etc/metronome/certs/{tmpl_var name='domain'}.cert",
59+
};
60+
</tmpl_if>
6161

6262
<tmpl_if name='use_proxy' op='==' value='true'>
6363
VirtualHost "anon.{tmpl_var name='domain'}"

0 commit comments

Comments
 (0)