Merge pull request hestiacp#1994 from jaapmarcus/fix/issues-with-webmail

Fix hestiacp#1986 and  Webmail client reset to disabled after ssl enabled

Author: jaapmarcus

bin/v-add-mail-domain-ssl

@@ -78,7 +78,7 @@ fi
 # Call routine to add SSL configuration to mail domain
 add_mail_ssl_config
 
-if [ "$webmail" == "roundcube" ]; then
+if [ "$WEBMAIL" == "roundcube" ]; then
     WEBMAIL_TEMPLATE="default"
     if [ ! -z "$PROXY_SYSTEM" ]; then
         PROXY_TEMPLATE="default"
@@ -88,7 +88,7 @@ if [ "$webmail" == "roundcube" ]; then
     if [ "$WEB_SYSTEM" = "nginx" ]; then
         WEBMAIL_TEMPLATE="web_system"
     fi
-elif [ "$webmail" == "rainloop" ]; then
+elif [ "$WEBMAIL" == "rainloop" ]; then
     WEBMAIL_TEMPLATE="rainloop"
     if [ ! -z "$PROXY_SYSTEM" ]; then
         PROXY_TEMPLATE="default_rainloop"

bin/v-add-mail-domain-webmail

@@ -20,6 +20,10 @@ webmail=$3
 restart="$4"
 quiet=$5
 
+if [ -z "$restart" ]; then 
+    restart="yes"
+fi
+
 # Additional argument formatting
 if [[ "$domain" =~ [[:upper:]] ]]; then
     domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]')

func/domain.sh

@@ -802,9 +802,7 @@ add_webmail_config() {
         fi
 
         # Remove old configurations
-        rm -rf $HOMEDIR/$user/conf/mail/$domain.*
-        rm -rf $HOMEDIR/$user/conf/mail/ssl.$domain.*
-        rm -rf $HOMEDIR/$user/conf/mail/*nginx.$domain.*
+        find $HOMEDIR/$user/conf/mail/ -maxdepth 1 -type f \( -name "$domain.*" -o -name "ssl.$domain.*" -o -name "*nginx.$domain.*" \) -exec rm {} \;
     else
         if [ ! -z "$WEB_SYSTEM" ]; then
             rm -f /etc/$1/conf.d/domains/$WEBMAIL_ALIAS.$domain.conf
@@ -815,7 +813,7 @@ add_webmail_config() {
             ln -s $conf /etc/$1/conf.d/domains/$WEBMAIL_ALIAS.$domain.conf
         fi
         # Clear old configurations
-        rm -rf $HOMEDIR/$user/conf/mail/$domain.*
+        find $HOMEDIR/$user/conf/mail/ -maxdepth 1 -type f \( -name "$domain.*" \) -exec rm {} \;
     fi
 }
 

install/deb/templates/mail/apache2/disabled.stpl

@@ -1,21 +1,12 @@
 <VirtualHost %ip%:%web_ssl_port%>
 ServerName %domain_idn%
 ServerAlias %alias_idn%
-Alias / /var/www/html/
-Alias /error/ %home%/%user%/web/%root_domain%/document_errors/
-#SuexecUserGroup %user% %group%
+DocumentRoot /var/www/html/
+Alias /error/ /var/www/document_errors/
 
 SSLEngine on
 SSLVerifyClient none
 SSLCertificateFile         %home%/%user%/conf/mail/%root_domain%/ssl/%root_domain%.crt
 SSLCertificateKeyFile      %home%/%user%/conf/mail/%root_domain%/ssl/%root_domain%.key
-    
-<Directory /var/www/html>
-    Options +FollowSymLinks
-    AllowOverride All
-    order allow,deny
-    allow from all
-</Directory>
 
-IncludeOptional %home%/%user%/conf/mail/%root_domain%/%web_system%.conf_*
 </VirtualHost>

install/deb/templates/mail/apache2/disabled.tpl

@@ -1,18 +1,7 @@
 <VirtualHost %ip%:%web_port%>
     ServerName %domain_idn%
     ServerAlias %alias_idn%
-    Alias / /var/www/html
-    Alias /error/ %home%/%user%/web/%root_domain%/document_errors/
+    DocumentRoot /var/www/html/
+    Alias /error/ /var/www/document_errors/
     #SuexecUserGroup %user% %group%
-        
-    IncludeOptional %home%/%user%/conf/mail/%root_domain%/apache2.forcessl.conf*
-
-    <Directory /var/www/html>
-        Options +FollowSymLinks
-        AllowOverride All
-        order allow,deny
-        allow from all
-    </Directory>
-
-    IncludeOptional %home%/%user%/conf/mail/%root_domain%/%web_system%.conf_*
 </VirtualHost>

install/deb/templates/mail/nginx/default_disabled.stpl

@@ -1,33 +1,21 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-    root        /var/lib/roundcube;
+    listen       %ip%:%proxy_ssl_port% ssl http2;
+    server_name  %domain_idn% %alias_idn%;
     index       index.php index.html index.htm;
     access_log /var/log/nginx/domains/%domain%.log combined;
     error_log  /var/log/nginx/domains/%domain%.error.log error;
-
+    
     ssl_certificate     %ssl_pem%;
     ssl_certificate_key %ssl_key%;
     ssl_stapling on;
     ssl_stapling_verify on;
-
+    
     location ~ /\.(?!well-known\/) {
         deny all;
         return 404;
     }
-
+    
     location / {
-        try_files $uri $uri/ =404;
-        alias /var/www/html;
+        proxy_pass  http://%ip%:%web_port%;
     }
-
-    location /error/ {
-        alias /var/www/document_errors/;
-    }
-	
-    location @fallback {
-        proxy_pass https://%ip%:%web_ssl_port%;
-    }
-
-    include %home%/%user%/conf/mail/%root_domain%/%proxy_system%.conf_*;
-}
+}

install/deb/templates/mail/nginx/default_disabled.tpl

@@ -1,33 +1,18 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-    root        /var/lib/roundcube;
-    index       index.php index.html index.htm;
-    access_log /var/log/nginx/domains/%domain%.log combined;
-    error_log  /var/log/nginx/domains/%domain%.error.log error;
-    
-    ssl_certificate     %ssl_pem%;
-    ssl_certificate_key %ssl_key%;
-    ssl_stapling on;
-    ssl_stapling_verify on;
-    
+listen       %ip%:%proxy_port%;
+server_name  %domain_idn% %alias_idn%;
+index       index.php index.html index.htm;
+access_log /var/log/nginx/domains/%domain%.log combined;
+error_log  /var/log/nginx/domains/%domain%.error.log error;
+
+include %home%/%user%/conf/mail/%root_domain%/nginx.forcessl.conf*;
+
     location ~ /\.(?!well-known\/) {
         deny all;
         return 404;
     }
-    
+
     location / {
-        try_files $uri $uri/ =404;
-        alias /var/www/html;
+        proxy_pass  http://%ip%:%web_port%;
     }
-    
-    location /error/ {
-        alias /var/www/document_errors/;
-    }
-    
-    location @fallback {
-        proxy_pass https://%ip%:%web_ssl_port%;
-    }
-    
-    include %home%/%user%/conf/mail/%root_domain%/%proxy_system%.conf_*;
-}
+}

test/test.bats

@@ -23,6 +23,7 @@ function setup() {
         echo 'userpass2=t3st-p4ssw0rd' >> /tmp/hestia-test-env.sh
         echo 'HESTIA=/usr/local/hestia' >> /tmp/hestia-test-env.sh
         echo 'domain=test-5285.hestiacp.com' >> /tmp/hestia-test-env.sh
+        echo 'domainuk=test-5285.hestiacp.com.uk' >> /tmp/hestia-test-env.sh
         echo 'rootdomain=testhestiacp.com' >> /tmp/hestia-test-env.sh
         echo 'subdomain=cdn.testhestiacp.com' >> /tmp/hestia-test-env.sh
         echo 'database=test-5285_database' >> /tmp/hestia-test-env.sh
@@ -121,26 +122,38 @@ function validate_webmail_domain() {
     if [ ! -z "$webpath" ]; then
         assert_file_exist /var/lib/roundcube/$webpath
     fi
-
-    # Test HTTP
-    run curl --location --silent --show-error --insecure --resolve "webmail.${domain}:80:${domain_ip}" "http://webmail.${domain}/${webpath}"
-    assert_success
-    assert_output --partial "$webproof"
-
-    # Test HTTP
-    run curl --location --silent --show-error --insecure --resolve "mail.${domain}:80:${domain_ip}" "http://mail.${domain}/${webpath}"
-    assert_success
-    assert_output --partial "$webproof"
+    
+    if [ "$SSL" = "no" ]; then 
+        # Test HTTP
+        run curl --location --silent --show-error --insecure  --resolve "webmail.${domain}:80:${domain_ip}" "http://webmail.${domain}/${webpath}"
+        assert_success
+        assert_output --partial "$webproof"
+            
+        # Test HTTP
+        run curl  --location --silent --show-error --insecure --resolve "mail.${domain}:80:${domain_ip}" "http://mail.${domain}/${webpath}"
+        assert_success
+        assert_output --partial "$webproof"
+    fi
 
     # Test HTTPS
     if [ "$SSL" = "yes" ]; then
-        run v-list-mail-domain-ssl $user $domain
+        # Test HTTP with 301 redirect for some reasons due to 301 redirect it fails
+        run curl --silent --show-error --insecure --resolve "webmail.${domain}:80:${domain_ip}" "http://webmail.${domain}/${webpath}"
         assert_success
+        assert_output --partial "301 Moved Permanently"
 
+        # Test HTTP with 301 redirect for some reasons due to 301 redirect it fails
+        run curl --silent --show-error --insecure --resolve "mail.${domain}:80:${domain_ip}" "http://mail.${domain}/${webpath}"
+        assert_success
+        assert_output --partial "301 Moved Permanently"
+                
+        run v-list-mail-domain-ssl $user $domain
+        assert_success
+    
         run curl --location --silent --show-error --insecure --resolve "webmail.${domain}:443:${domain_ip}" "https://webmail.${domain}/${webpath}"
         assert_success
         assert_output --partial "$webproof"
-
+    
         run curl --location --silent --show-error --insecure --resolve "mail.${domain}:443:${domain_ip}" "https://mail.${domain}/${webpath}"
         assert_success
         assert_output --partial "$webproof"
@@ -183,17 +196,6 @@ function validate_database(){
     rm -f "$tmpfile"
 }
 
-#----------------------------------------------------------#
-#                         MAIN                             #
-#----------------------------------------------------------#
-
-@test "Add new userXXX" {
-    skip
-    run v-add-user $user $user $user@hestiacp.com default "Super Test"
-    assert_success
-    refute_output
-}
-
 #----------------------------------------------------------#
 #                           IP                             #
 #----------------------------------------------------------#
@@ -918,20 +920,52 @@ function validate_database(){
     run v-add-mail-domain $user $domain
     assert_success
     refute_output
+    
+    validate_mail_domain $user $domain
 }
 
-@test "MAIL: Add mail domain webmail client" {
-    skip 
-    run v-add-mail-domain-webmail $user $domain "rouncube"
+@test "MAIL: Add mail domain webmail client (Roundcube)" {
+    run v-add-mail-domain-webmail $user $domain "roundcube" "yes"
     assert_success
     refute_output
-    validate_mail_domain $user $domain
 
     # echo -e "<?php\necho 'Server: ' . \$_SERVER['SERVER_SOFTWARE'];" > /var/lib/roundcube/check_server.php
     validate_webmail_domain $user $domain 'Welcome to Roundcube Webmail'
     # rm /var/lib/roundcube/check_server.php
 }
 
+@test "Mail: Add SSL to mail domain" {
+    cp -f $HESTIA/ssl/certificate.crt /tmp/$domain.crt
+    cp -f $HESTIA/ssl/certificate.key /tmp/$domain.key
+
+    run v-add-mail-domain-ssl $user $domain /tmp
+    assert_success
+    refute_output
+    
+    validate_webmail_domain $user $domain 'Welcome to Roundcube Webmail'
+}
+
+@test "MAIL: Add mail domain webmail client (Rainloop)" {
+    if [ -z "$(echo $WEBMAIL_SYSTEM | grep -w "rainloop")" ]; then 
+        skip "Webmail client Rainloop not installed"
+    fi
+    run v-add-mail-domain-webmail $user $domain "rainloop" "yes"
+    assert_success
+    refute_output
+    validate_mail_domain $user $domain
+    
+    validate_webmail_domain $user $domain 'RainLoop Webmail'
+}    
+
+@test "MAIL: Disable webmail client" {
+    run v-add-mail-domain-webmail $user $domain "disabled" "yes"
+    assert_success
+    refute_output
+    validate_mail_domain $user $domain
+    
+    validate_webmail_domain $user $domain 'Success!'
+} 
+
 @test "MAIL: Add domain (duplicate)" {
     run v-add-mail-domain $user $domain
     assert_failure $E_EXISTS
@@ -959,6 +993,12 @@ function validate_database(){
     assert_failure $E_NOTEXIST
 }
 
+@test "MAIL: Rebuild mail domain" {
+    run v-rebuild-mail-domains $user
+    assert_success
+    refute_output
+}
+
 #----------------------------------------------------------#
 #    Limit possibilities adding different owner domain     #
 #----------------------------------------------------------#
@@ -1066,8 +1106,6 @@ function validate_database(){
     refute_output
 }
 
-
-
 #----------------------------------------------------------#
 #                         DB                               #
 #----------------------------------------------------------#

web/templates/pages/edit_mail.html

@@ -76,13 +76,13 @@
 								<select class="vst-list" name="v_webmail" tabindex="6">
 									<?php foreach ($webmail_clients as $client){
 										echo "\t\t\t\t<option value=\"".htmlentities($client)."\"";
-										if (( $v_webmail == $client )) {
+										if (( htmlentities(trim($v_webmail,"'")) == $client )) {
 											echo ' selected' ;
 										}
 										echo ">".htmlentities(ucfirst($client))."</option>\n";
 										}
 									?>
-									<option value="disabled" <?php if ( empty($v_webmail) || ($v_webmail == 'disabled')) { echo "selected";}?>><?=_('Disabled');?></option>
+									<option value="disabled" <?php if (htmlentities(trim($v_webmail,"'")) == 'disabled') { echo "selected";}?>><?=_('Disabled');?></option>
 								</select>
 							</td>
 						</tr>