Allow Force SSL on creation

jaapmarcus · ScIT-Raphael · commit ed0965bff846 · 2020-11-10T21:10:10.000+01:00
diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
@@ -96,6 +96,10 @@ if [ -e "$USER_DATA/ssl/$domain.ca" ]; then
     cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/$domain/ssl/$domain.ca
 fi
 
+if [ "$SSL_FORCE" == "yes" ]; then
+    # Enabling SSL redirection on demand
+    $BIN/v-add-web-domain-ssl-force "$user" "$domain"
+fi
 # Parsing domain values
 get_domain_values 'web'
 local_ip=$(get_real_ip $IP)
diff --git a/bin/v-add-web-domain-ssl-preset b/bin/v-add-web-domain-ssl-preset
@@ -0,0 +1,58 @@
+#!/bin/bash
+# info: Adding force SSL for a domain
+# options: USER DOMAIN [SSL] 
+# labels: hestia web
+#
+# example: v-add-web-domain-ssl-preset
+#
+# Up on creating an web domain set the SSL Force values due to the delay of LE due to DNS propergation over DNS cluster
+# When LE has been activated it will set the actions
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+ssl=$3
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN [SSL]'
+is_format_valid 'user' 'domain' 'ssl'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+if [  "$ssl" = "yes" ]; then
+    if [ -z "$SSL_FORCE" ]; then
+    add_object_key "web" 'DOMAIN' "$domain" 'SSL_FORCE' 'SSL_HOME'
+    fi
+
+    # Set forcessl flag to enabled
+    update_object_value 'web' 'DOMAIN' "$domain" '$SSL_FORCE' 'yes'
+fi
+
+# Logging
+log_history "Set values SSL FORCE / HSTS for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/web/add/web/index.php b/web/add/web/index.php
@@ -167,6 +167,13 @@
         exec (HESTIA_CMD."v-schedule-letsencrypt-domain ".$user." ".escapeshellarg($v_domain), $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
+        
+        if(!empty($_POST['v_ssl_forcessl']) && $_POST['v_ssl_forcessl'] = 'yes'){
+            exec (HESTIA_CMD."v-add-web-domain-ssl-preset ".$user." ".escapeshellarg($v_domain)." 'yes'", $output, $return_var); 
+            check_return_code($return_var,$output);
+            unset ($output); 
+        }        
+        
      } else {
         // Add SSL certificates only if Lets Encrypt is off
          if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
@@ -202,6 +209,12 @@
              exec (HESTIA_CMD."v-add-web-domain-ssl ".$user." ".escapeshellarg($v_domain)." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var);
              check_return_code($return_var,$output);
              unset($output);
+             
+             if(!empty($_POST['v_ssl_forcessl']) && $_POST['v_ssl_forcessl'] = 'yes'){
+                exec (HESTIA_CMD."v-add-web-domain-ssl-force ".$user." ".escapeshellarg($v_domain), $output, $return_var); 
+                check_return_code($return_var,$output);
+                unset ($output); 
+             }
 
             // Cleanup certificate tempfiles
             if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$v_domain.".crt");
@@ -384,6 +397,12 @@
 $v_ftp_email = $panel[$user]['CONTACT'];
 $v_custom_doc_root_prepath = '/home/'.$user.'/web/';
 
+if( $_POST['v_ssl_forcessl'] == 'yes' ){
+    $v_ssl_forcessl = 'yes';
+}else{
+    $v_ssl_forcessl = 'no';
+}
+
 // List IP addresses
 exec (HESTIA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
 $ips = json_decode(implode('', $output), true);
diff --git a/web/inc/main.php b/web/inc/main.php
@@ -3,7 +3,7 @@
 session_start();
 
 define('HESTIA_CMD', '/usr/bin/sudo /usr/local/hestia/bin/');
-define('JS_LATEST_UPDATE', '1491697868');
+define('JS_LATEST_UPDATE', time());
 define('DEFAULT_PHP_VERSION', "php-" . exec('php -r "echo (float)phpversion();"'));
 
 $i = 0;
diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
@@ -4,7 +4,7 @@
             <a class="ui-button cancel" id="btn-back" href="/list/web/"><i class="fas fa-arrow-left status-icon blue"></i> <?=_('Back')?></a>
           </div>
           <div class="l-unit-toolbar__buttonstrip float-right">
-            <a href="#" class="ui-button" data-action="submit" data-id="vstobjects"><i class="fas fa-save status-icon purple"></i> <?=_('Save')?></a>
+            <a href="#" class="ui-button" title="<?=_('Save')?>" data-action="submit" data-id="vstobjects"><i class="fas fa-save status-icon purple"></i> <?=_('Save')?></a>
           </div>
         </div>
       </div>
@@ -264,12 +264,17 @@
                                         <td class="step-left input-label vst-text">
                                             <label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letsencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print _('Lets Encrypt Support');?></label>
                                         </td>
-                                    </tr>
+                                    </tr>                                    
                                     <tr>
                                         <td class="vst-text input-label lets-encrypt-note step-left" >
                                             <?= _('Your certificate will be automatically issued in 5 minutes')?>
                                         </td>
                                     </tr>
+                                    <tr>
+                                        <td class="step-left input-label vst-text">
+                                            <label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl_forcessl" <?php if($v_ssl_forcessl != 'no') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_forcessl(this)"> <?php print _('Force SSL/HTTPS');?></label>
+                                        </td>
+                                    </tr>
                                     <tr>
                                         <td class="vst-text input-label step-left">
                                           <?php print _('SSL Certificate');?>
