tentakelfabrik
/
mcp
1
0
Fork 0
Code Issues 8 Pull Requests 0 Releases 4 Wiki Activity

25 Commits
0.2 ... master

Author SHA1 Message Date
  Björn 95be8c61b0 adding 4 years ago
  Björn 892c7ac130 adding #45 4 years ago
  Björn 95d748254e adding #45 4 years ago
  Björn 4fb3cd81a6 adding #45 4 years ago
  Björn 8b99447b31 adding #45 4 years ago
  Björn 624983950e adding #45 4 years ago
  Björn e1f1ec3d8c adding #45 4 years ago
  Björn de3a1feba3 adding #45 4 years ago
  Björn bb342dd389 adding #45 4 years ago
  Björn edef5733b7 adding #45 4 years ago
  Björn 5a53c9a07f adding #45 4 years ago
  Björn c7b6430dca adding #45 4 years ago
  Björn 613e1c8cad adding #45 4 years ago
  Björn 63625cfea8 adding #45 4 years ago
  Björn 11806d2cfd adding #45 4 years ago
  Björn fc523207af adding #45 4 years ago
  Björn 93556a99a7 adding #25 4 years ago
  Björn 9b60d5cc3b adding #25 4 years ago
  Björn 5f45a5b02b adding #42 4 years ago
  Björn 0f11e6d5fe adding #44 4 years ago
  Björn 886a5a2279 adding 4 years ago
  Björn 8349a397aa adding #34 4 years ago
  Björn 63e12a28e9 adding #34 4 years ago
  Björn f09af98a4a adding #34 4 years ago
  Björn df7645c21e adding #34 4 years ago
15 changed files with 534 additions and 113 deletions
Unified View
Diff Options
Show Stats
  1. +1
    -1
      README.md
  2. +54
    -0
      app/Commands/AdminerInstallCommand.php
  3. +123
    -0
      app/Commands/Fail2banManageCommand.php
  4. +18
    -15
      app/Commands/LetsEncryptAddCommand.php
  5. +6
    -20
      app/Commands/MariadbAddCommand.php
  6. +105
    -0
      app/Commands/MariadbClientInstallCommand.php
  7. +60
    -7
      app/Commands/MariadbInstallCommand.php
  8. +17
    -2
      app/Factories/NginxVhostFactory.php
  9. +36
    -6
      app/Helpers/NginxVhostHelper.php
  10. +6
    -3
      app/Menus/ItemValidator.php
  11. +32
    -0
      app/Menus/Nginx/NginxVhostCancelAction.php
  12. +1
    -2
      app/Menus/Nginx/NginxVhostGoBackAction.php
  13. +68
    -46
      app/Menus/Nginx/TemplateMenuFactory.php
  14. +6
    -0
      resources/fail2ban/jail.d/mysql-auth.conf
  15. +1
    -11
      resources/nginx/templates/layouts/ssl.blade.php

+ 1
- 1
README.md View File

@ -1,6 +1,6 @@
# MCP # MCP
**Version: 0.2**
**Version: 0.3**
* Nginx * Nginx
* Lets Encrypt * Lets Encrypt


+ 54
- 0
app/Commands/AdminerInstallCommand.php View File

@ -0,0 +1,54 @@
<?php
namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command;
use App\Facades\Install;
/**
* Install php-fpm
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://gitea.tentakelfabrik.de/Tentakelfabrik/mcp
*
*/
class AdminerInstallCommand extends Command
{
/**
* The signature of the command.
*
* @var string
*/
protected $signature = 'adminer:install {destination}';
/**
* The description of the command.
*
* @var string
*/
protected $description = 'Install Adminer.';
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$this->info('Adminer installing...');
// download adminer
system('wget "http://www.adminer.org/latest.php" -O '.$this->argument('destination').'/index.php');
// check if nginx is ready and installed
if (file_exists($this->argument('destination').'/index.php')) {
$this->info('Adminer installing...Success! \o/');
} else {
$this->error('Failed! Please check log-file!');
}
}
}

+ 123
- 0
app/Commands/Fail2banManageCommand.php View File

@ -0,0 +1,123 @@
<?php
namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command;
use PhpSchool\CliMenu\CliMenu;
use PhpSchool\CliMenu\MenuItem\CheckboxItem;
use PhpSchool\CliMenu\Builder\SplitItemBuilder;
use App\Facades\Menus\StylesFactory;
/**
* Manage Fail2ban Configuration
*
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://gitea.tentakelfabrik.de/Tentakelfabrik/mcp
*
*/
class Fail2banManageCommand extends Command
{
// destination to jail
const DESTINATION_FAIL2BAN_JAIL_DIRECTORY = '/etc/fail2ban/jail.d';
// source to jail
const SOURCE_FAIL2BAN_JAIL_DIRECTORY = '/resources/fail2ban/jail.d';
// ignore files
const IGNORE_FILES = [
'.', '..', 'defaults-debian.conf'
];
// configuration
private $configuration = [];
// enabled
private $enabled = [];
/**
* The signature of the command.
*
* @var string
*/
protected $signature = 'fail2ban:manage';
/**
* The description of the command.
*
* @var string
*/
protected $description = 'manage fail2ban configuration';
/**
*
* @param [type] $file [description]
* @return boolean [description]
*/
private function name($file)
{
return str_replace('.conf', '', $file);
}
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
foreach(scandir(self::DESTINATION_FAIL2BAN_JAIL_DIRECTORY) as $file) {
if (!in_array($file, self::IGNORE_FILES)) {
$this->enabled[] = $this->name($file);
}
}
foreach(scandir(base_path().self::SOURCE_FAIL2BAN_JAIL_DIRECTORY) as $file) {
if (!in_array($file, self::IGNORE_FILES)) {
$name = $this->name($file);
$this->configuration[$name] = in_array($name, $this->enabled);
}
}
// create menu
$builder = $this->menu('Fail2ban');
foreach($this->configuration as $name => $single) {
// create checkbox
$checkbox = new CheckboxItem($name, function(CliMenu $menu) use ($name) {
if ($this->configuration[$name] === true) {
$this->call('fail2ban:disable', [ 'configuration' => $name ]);
$menu->redraw();
$menu->confirm($name.' is disabled!')->display('OK!');
} else {
$this->call('fail2ban:enable', [ 'configuration' => $name ]);
$menu->redraw();
$menu->confirm($name.' is enabled!')->display('OK!');
}
// getting new value
$this->configuration[$name] = $menu->getSelectedItem()->getChecked();
$menu->redraw();
});
// set default value
if ($this->configuration[$name]) {
$checkbox->setChecked(true);
}
$builder->addMenuItem($checkbox);
}
// apperance
$builder = StylesFactory::setMenuStyles($builder);
$builder->addLineBreak('-');
$mainmenu = $builder->build();
$mainmenu->open();
}
}

+ 18
- 15
app/Commands/LetsEncryptAddCommand.php View File

@ -5,6 +5,9 @@ namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule; use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command; use LaravelZero\Framework\Commands\Command;
use Respect\Validation\Validator as v;
use Respect\Validation\Exceptions\NestedValidationException;
/** /**
* Add LetsEncrypt Certificate * Add LetsEncrypt Certificate
* *
@ -21,7 +24,7 @@ class LetsEncryptAddCommand extends Command
* *
* @var string * @var string
*/ */
protected $signature = 'lets-encrypt:add {email} {domain*} ';
protected $signature = 'lets-encrypt:add {email} {domain}';
/** /**
* The description of the command. * The description of the command.
@ -38,7 +41,14 @@ class LetsEncryptAddCommand extends Command
*/ */
public function handle() public function handle()
{ {
$domains = $this->argument('domain');
$email = $this->argument('email');
if (!v::email()->validate($email)) {
$this->error('First argument has to be a valid E-Mail! Failed!');
exit();
}
$domain = $this->argument('domain');
// adding flags // adding flags
$domainFlags = ''; $domainFlags = '';
@ -46,20 +56,13 @@ class LetsEncryptAddCommand extends Command
// add file for domain // add file for domain
$saved = []; $saved = [];
// create flags
foreach($domains as $domain) {
$domainFlags .= '-d '.$domain.' ';
$saved[$domain] = '/etc/letsencrypt/live/'.$domain.'/fullchain.pem';
}
system('certbot --non-interactive --agree-tos -m '.$this->argument('email').' --nginx '.$domainFlags);
system('certbot --non-interactive --agree-tos -m '.$this->argument('email').' --nginx -d '.$domain);
foreach($saved as $domain => $file) {
if (file_exists($file)) {
$this->info($domain.'...Success!');
} else {
$this->error($domain.'...Failed!');
}
// check for certificate
if (file_exists( '/etc/letsencrypt/live/'.$domain.'/fullchain.pem')) {
$this->info($domain.'...Success!');
} else {
$this->error($domain.'...Failed!');
} }
} }
} }

+ 6
- 20
app/Commands/MariadbAddCommand.php View File

@ -21,21 +21,15 @@ use Hackzilla\PasswordGenerator\RandomGenerator\Php7RandomGenerator;
*/ */
class MariadbAddCommand extends Command class MariadbAddCommand extends Command
{ {
// destination for username and password
const MCP_LOG_FILE = '/root/mcp.log';
// length for password // length for password
const NAME_LENGTH = 15; const NAME_LENGTH = 15;
// length for password
const PASSWORD_LENGTH = 40;
/** /**
* The signature of the command. * The signature of the command.
* *
* @var string * @var string
*/ */
protected $signature = 'mariadb:add {--ssl}';
protected $signature = 'mariadb:add';
/** /**
* The description of the command. * The description of the command.
@ -97,17 +91,11 @@ class MariadbAddCommand extends Command
$this->info('Database: '.$database); $this->info('Database: '.$database);
$this->info('Username: '.$username); $this->info('Username: '.$username);
// getting option for ssl
$ssl = $this->option('ssl');
$mysqli->query("CREATE DATABASE $database DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci"); $mysqli->query("CREATE DATABASE $database DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci");
if ($ssl === false) {
$mysqli->query("CREATE USER $username@localhost IDENTIFIED BY '$password'");
} else {
$mysqli->query("CREATE USER $username@'%' IDENTIFIED BY '$password'");
}
// create user for remote and local access
$mysqli->query("CREATE USER $username@'localhost' IDENTIFIED BY '$password'");
$mysqli->query("CREATE USER $username@'%' IDENTIFIED BY '$password'");
if ($mysqli->error) { if ($mysqli->error) {
$this->error('Failed! '.$mysqli->error); $this->error('Failed! '.$mysqli->error);
@ -118,11 +106,9 @@ class MariadbAddCommand extends Command
exit(); exit();
} }
// grant privleges, for remote acces require ssl
$mysqli->query("GRANT ALL PRIVILEGES ON $database.* TO $username@localhost"); $mysqli->query("GRANT ALL PRIVILEGES ON $database.* TO $username@localhost");
if ($ssl === true) {
$mysqli->query("GRANT ALL PRIVILEGES ON $database.* TO $username@'%' require ssl");
}
$mysqli->query("GRANT ALL PRIVILEGES ON $database.* TO $username@'%' require SSL");
if ($mysqli->error) { if ($mysqli->error) {
$this->error('Failed! '.$mysqli->error); $this->error('Failed! '.$mysqli->error);


+ 105
- 0
app/Commands/MariadbClientInstallCommand.php View File

@ -0,0 +1,105 @@
<?php
namespace App\Commands;
use Illuminate\Console\Scheduling\Schedule;
use LaravelZero\Framework\Commands\Command;
use Illuminate\Support\Facades\File;
use App\Facades\Install;
use Hackzilla\PasswordGenerator\Generator\ComputerPasswordGenerator;
use Hackzilla\PasswordGenerator\RandomGenerator\Php7RandomGenerator;
/**
* Install Mariadb Client for Remote Access
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://gitea.tentakelfabrik.de/Tentakelfabrik/mcp
*
*/
class MariadbClientInstallCommand extends Command
{
/**
* The signature of the command.
*
* @var string
*/
protected $signature = 'mariadb-client:install {remote_user} {remote_host} {version=10.4}';
/**
* The description of the command.
*
* @var string
*/
protected $description = 'Install Mariadb Client and set configuration';
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$this->info('Mariadb Client install...');
$version = $this->argument('version');
exec('apt update 2>&1', $output);
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
if ($version === '10.4') {
$this->info('Mariadb try install 10.04...');
// getting release
$release = Install::getDistributionRelease();
if (Install::getDistributionId() === 'Ubuntu' && ($release === '18.04' || $release === '20.04')) {
$this->info('Mariadb install for Ubuntu '.$release.'...');
$output = [];
exec('apt install -y software-properties-common 2>&1', $output);
exec('apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 2>&1', $output);
exec('add-apt-repository -y "deb [arch=amd64,arm64,ppc64el] http://mariadb.mirror.liquidtelecom.com/repo/10.4/ubuntu '.Install::getDistributionCodename().' main" 2>&1', $output);
exec('apt update 2>&1', $output);
}
}
exec('apt install -y mariadb-client 2>&1', $output);
// @TODO apt add a Warning for no good, in a later version output will be scanned for helpfull infos
$this->line(implode("\n", Install::filterAptMessages($output)));
if (Install::isReady('mariadb-client')) {
if (!is_dir('/etc/mysql/ssl')) {
system('mkdir /etc/mysql/ssl');
}
// getting
system('rsync -rv --include="ca-cert.pem" --include="client-cert.pem" --include="client-key.pem" --exclude="*" '.$this->argument('remote_user').'@'.$this->argument('remote_host').':/etc/mysql/ssl/ /etc/mysql/ssl/');
// checking if certificates are exists from remote server
if (!file_exists('/etc/mysql/ssl/ca-cert.pem') || !file_exists('/etc/mysql/ssl/client-cert.pem') || !file_exists('/etc/mysql/ssl/client-key.pem')) {
$this->error('Failed! Certificates not found!');
exit();
}
system('cat >> /etc/mysql/my.cnf << EOF
[client]
ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cert=/etc/mysql/ssl/client-cert.pem
ssl-key=/etc/mysql/ssl/client-key.pem
ssl');
system('chown -R mysql:mysql /etc/mysql/ssl');
system('chmod 644 /etc/mysql/ssl/*cert*');
system('chmod 644 /etc/mysql/ssl/*key*');
} else {
$this->error('Failed! Please check log-file!');
}
}
}

+ 60
- 7
app/Commands/MariadbInstallCommand.php View File

@ -21,18 +21,12 @@ use Hackzilla\PasswordGenerator\RandomGenerator\Php7RandomGenerator;
*/ */
class MariadbInstallCommand extends Command class MariadbInstallCommand extends Command
{ {
// destination for username and password
const MCP_LOG_FILE = '/root/mcp.log';
// length for password
const PASSWORD_LENGTH = 40;
/** /**
* The signature of the command. * The signature of the command.
* *
* @var string * @var string
*/ */
protected $signature = 'mariadb:install {version=10.4}';
protected $signature = 'mariadb:install {version=10.4} {--remote}';
/** /**
* The description of the command. * The description of the command.
@ -123,8 +117,67 @@ class MariadbInstallCommand extends Command
$this->info('Mariadb installing...Success! \o/'); $this->info('Mariadb installing...Success! \o/');
if ($this->option('remote') === true) {
$this->remoteAccess();
}
} else { } else {
$this->error('Failed! Please check log-file!'); $this->error('Failed! Please check log-file!');
} }
} }
/**
*
*
*/
private function remoteAccess()
{
$this->info('Mariadb remote...');
system('mkdir -p /etc/mysql/ssl');
system('hostname', $hostname);
$this->info('Generating CA');
system('openssl genrsa 4096 > /etc/mysql/ssl/ca-key.pem');
system('openssl req -new -x509 -nodes -days 365000 -key /etc/mysql/ssl/ca-key.pem -out /etc/mysql/ssl/ca-cert.pem -subj "/CN='.$hostname.'-mysql-ca"');
$this->info('Generating Server Certificate');
system('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout /etc/mysql/ssl/server-key.pem -out /etc/mysql/ssl/server-req.pem -subj "/CN='.$hostname.'-mysql-server"');
system('openssl rsa -in /etc/mysql/ssl/server-key.pem -out /etc/mysql/ssl/server-key.pem');
system('openssl x509 -req -in /etc/mysql/ssl/server-req.pem -days 365000 -CA /etc/mysql/ssl/ca-cert.pem -CAkey /etc/mysql/ssl/ca-key.pem -set_serial 01 -out /etc/mysql/ssl/server-cert.pem');
$this->info('Generating Client Certificate');
system('openssl req -newkey rsa:4096 -days 365000 -nodes -keyout /etc/mysql/ssl/client-key.pem -out /etc/mysql/ssl/client-req.pem -subj "/CN='.$hostname.'-mysql-server"');
system('openssl rsa -in /etc/mysql/ssl/client-key.pem -out /etc/mysql/ssl/client-key.pem');
system('openssl x509 -req -in /etc/mysql/ssl/client-req.pem -days 365000 -CA /etc/mysql/ssl/ca-cert.pem -CAkey /etc/mysql/ssl/ca-key.pem -set_serial 01 -out /etc/mysql/ssl/client-cert.pem');
if (!file_exists('/etc/mysql/ssl/ca-cert.pem') || !file_exists('/etc/mysql/ssl/client-cert.pem') || !file_exists('/etc/mysql/ssl/client-key.pem')) {
$this->error('Failed! Certificates not created!');
exit();
}
$this->info('Validate Certificates');
system('openssl verify -CAfile /etc/mysql/ssl/ca-cert.pem /etc/mysql/ssl/server-cert.pem /etc/mysql/ssl/client-cert.pem');
system('cat >> /etc/mysql/my.cnf << EOF
[mysqld]
bind-address = 0.0.0.0
ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cert=/etc/mysql/ssl/server-cert.pem
ssl-key=/etc/mysql/ssl/server-key.pem
[client]
ssl-ca=/etc/mysql/ssl/ca-cert.pem
ssl-cert=/etc/mysql/ssl/client-cert.pem
ssl-key=/etc/mysql/ssl/client-key.pem');
system('chown -R mysql:mysql /etc/mysql/ssl');
system('chmod 644 /etc/mysql/ssl/*cert*');
system('chmod 644 /etc/mysql/ssl/*key*');
system('systemctl restart mariadb');
system('ufw allow mysql');
$this->info('Mariadb remote...Success! \o/');
}
} }

+ 17
- 2
app/Factories/NginxVhostFactory.php View File

@ -136,11 +136,26 @@ class NginxVhostFactory
->addMenuItem($checkbox) ->addMenuItem($checkbox)
->addLineBreak('-'); ->addLineBreak('-');
if ($vhost['ssl']) {
if ($vhost['ssl'] === true) {
if ($vhost['ssl_certificate_exists']) { if ($vhost['ssl_certificate_exists']) {
$builder->addStaticItem('expired_at: '.$vhost['ssl_certificate_expired_at']); $builder->addStaticItem('expired_at: '.$vhost['ssl_certificate_expired_at']);
} else { } else {
$builder->addStaticItem('no certificate');
// add certificate
$builder->addItem('add certificate', function(CliMenu $menu) use ($vhost) {
$result = $menu->askText()
->setPromptText('Enter E-Mail')
->ask();
$email = $result->fetch();
system('php '.base_path().'/mcp lets-encrypt:add '.$email.' '.$vhost['domain']);
if ($vhost['redirect_www'] === true) {
system('php '.base_path().'/mcp lets-encrypt:add '.$email.' www.'.$vhost['domain']);
}
});
} }
$builder->addLineBreak('-'); $builder->addLineBreak('-');


+ 36
- 6
app/Helpers/NginxVhostHelper.php View File

@ -83,21 +83,47 @@ class NginxVhostHelper
if (count($matches) >= 2) { if (count($matches) >= 2) {
$result['ssl'] = true; $result['ssl'] = true;
// @TODO find a regex that ignore the ";"
foreach($matches as $index => $match) {
$matches[$index] = str_replace(';', '', $match);
}
if (file_exists($matches[0]) && file_exists($matches[1])) { if (file_exists($matches[0]) && file_exists($matches[1])) {
$result['ssl_certificate_exists'] = true; $result['ssl_certificate_exists'] = true;
}
// getting expired
exec('openssl x509 -noout -dates -in '.$path, $openssl);
// getting expired
exec('openssl x509 -noout -dates -in '.$matches[0], $openssl);
if (isset($openssl[1])) {
$openssl = str_replace('notAfter=', '', $openssl[1]);
if (isset($openssl[1])) {
$result['ssl_certificate_expired_at'] = str_replace('notAfter=', '', $openssl[1]);
}
} }
} }
return $result; return $result;
} }
/**
*
* @return
*/
private function getRedirect($path, $domain)
{
// getting .conf-file
$content = file_get_contents($path);
// result
$result = false;
preg_match('/server_name www.'.$domain.'/', $content, $matches);
if (count($matches) > 0) {
$result = true;
}
return $result;
}
/** /**
* get vhost * get vhost
* *
@ -113,10 +139,14 @@ class NginxVhostHelper
// getting certificates from a configuration // getting certificates from a configuration
$certificate = $this->getCertificate($path); $certificate = $this->getCertificate($path);
// domain
$domain = str_replace('.conf', '', $filename);
$result = array_merge([ $result = array_merge([
'domain' => str_replace('.conf', '', $filename),
'domain' => $domain,
'path' => $path, 'path' => $path,
'file' => $filename, 'file' => $filename,
'redirect_www' => $this->getRedirect($path, $domain),
'enabled' => in_array($filename, $enabled), 'enabled' => in_array($filename, $enabled),
], $certificate); ], $certificate);


+ 6
- 3
app/Menus/ItemValidator.php View File

@ -8,7 +8,7 @@ use Respect\Validation\Exceptions\NestedValidationException;
/** /**
* *
* *
*
*
* *
*/ */
class ItemValidator class ItemValidator
@ -107,13 +107,16 @@ class ItemValidator
$errors = $exception->getMessages(); $errors = $exception->getMessages();
} }
// remove message
$this->remove($menu, $this->message);
// if errors a set add message
if (isset($errors)) { if (isset($errors)) {
// @TODO use ColorUtil // @TODO use ColorUtil
$this->message->setText("\033[33m"."\xE2\x9A\xA0 ".join(' ', $errors)); $this->message->setText("\033[33m"."\xE2\x9A\xA0 ".join(' ', $errors));
$this->addAfter($menu, $item, $this->message); $this->addAfter($menu, $item, $this->message);
} else {
$this->remove($menu, $this->message);
} }
} }
} }

+ 32
- 0
app/Menus/Nginx/NginxVhostCancelAction.php View File

@ -0,0 +1,32 @@
<?php
namespace App\Menus\Nginx;
use PhpSchool\CliMenu\CliMenu;
use App\Facades\NginxVhost;
use App\Facades\NginxVhostFactory;
/**
* Action that override default-action for go back
* reload vhosts
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://gitea.tentakelfabrik.de/Tentakelfabrik/mcp
*
*/
class NginxVhostCancelAction
{
/**
*
* @param CliMenu $menu [description]
* @return [type] [description]
*/
public function __invoke(CliMenu $menu): void
{
$parent = $menu->getParent();
$menu->closeThis();
$parent->open();
}
}

+ 1
- 2
app/Menus/Nginx/NginxVhostGoBackAction.php View File

@ -8,7 +8,7 @@ use App\Facades\NginxVhostFactory;
/** /**
* Action that override default-action for go back * Action that override default-action for go back
* reload vhosts
* reload vhosts
* *
* @author Björn Hase, Tentakelfabrik * @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License * @license http://opensource.org/licenses/MIT The MIT License
@ -17,7 +17,6 @@ use App\Facades\NginxVhostFactory;
*/ */
class NginxVhostGoBackAction class NginxVhostGoBackAction
{ {
// index for vhosts
const VHOST_INDEX = 0; const VHOST_INDEX = 0;
/** /**


+ 68
- 46
app/Menus/Nginx/TemplateMenuFactory.php View File

@ -16,7 +16,6 @@ use App\Menus\ItemValidator;
use App\BladeFile; use App\BladeFile;
use App\Helpers\NginxTemplateHelper; use App\Helpers\NginxTemplateHelper;
use App\Facades\TerminalHelper; use App\Facades\TerminalHelper;
/** /**
@ -32,6 +31,26 @@ class TemplateMenuFactory
// path templates // path templates
const TEMPLATES_DIR = '/resources/nginx/templates'; const TEMPLATES_DIR = '/resources/nginx/templates';
private $configuration = [];
/**
* default configuration
*
* @TODO will be removed after
*
* @return array
*/
private function getConfiguration()
{
return [
'domain' => '',
'root' => '',
'index' => 'index.php',
'ssl' => true,
'redirect_www' => true
];
}
/** /**
* add item to select template * add item to select template
* *
@ -65,24 +84,6 @@ class TemplateMenuFactory
return $menu; return $menu;
} }
/**
* default configuration
*
* @TODO will be removed after
*
* @return array
*/
private function getConfiguration()
{
return [
'domain' => '',
'root' => '',
'index' => 'index.php',
'ssl' => true,
'redirect_www' => true
];
}
/** /**
* add input item * add input item
* *
@ -90,18 +91,18 @@ class TemplateMenuFactory
* @param string $label * @param string $label
* @param array $configuration * @param array $configuration
*/ */
private function addInputItem($key, $label, &$configuration, $itemValidator = NULL)
private function addInputItem($key, $label, $itemValidator = NULL)
{ {
$callable = function(CliMenu $menu) use ($key, $label, &$configuration, $itemValidator)
$callable = function(CliMenu $menu) use ($key, $label, $itemValidator)
{ {
$input = $menu->askText(); $input = $menu->askText();
if ($configuration[$key]) {
$input->setPlaceholderText($configuration[$key]);
if ($this->configuration[$key]) {
$input->setPlaceholderText($this->configuration[$key]);
} }
$result = $input->ask(); $result = $input->ask();
$configuration[$key] = $result->fetch();
$this->configuration[$key] = $result->fetch();
$menu->getSelectedItem()->setText($label.': '.$result->fetch()); $menu->getSelectedItem()->setText($label.': '.$result->fetch());
@ -122,12 +123,12 @@ class TemplateMenuFactory
* @param object $bladeFile * @param object $bladeFile
* @param array $configuration * @param array $configuration
*/ */
private function addPublishItem($template, $bladeFile, &$configuration)
private function addPublishItem($template, $bladeFile)
{ {
$callable = function(CliMenu $menu) use ($template, $bladeFile, &$configuration)
$callable = function(CliMenu $menu) use ($template, $bladeFile)
{ {
// getting configuration // getting configuration
$data = $configuration;
$data = $this->configuration;
$validator = v::key('domain', v::domain(false)) $validator = v::key('domain', v::domain(false))
->key('root', v::notEmpty()) ->key('root', v::notEmpty())
@ -145,12 +146,14 @@ class TemplateMenuFactory
} else { } else {
// create filename // create filename
$filename = $configuration['domain'].'.conf';
$filename = $this->configuration['domain'].'.conf';
// write configuration to file // write configuration to file
$bladeFile->put($template['name'], '/etc/nginx/sites-available/'.$filename, $configuration);
$bladeFile->put($template['name'], '/etc/nginx/sites-available/'.$filename, $this->configuration);
$menu->confirm('Success!')->display('Ok!'); $menu->confirm('Success!')->display('Ok!');
$this->configuration = $this->getConfiguration();
// invoke action // invoke action
$action = new NginxVhostGoBackAction(); $action = new NginxVhostGoBackAction();
is_callable($action($menu)); is_callable($action($menu));
@ -160,6 +163,24 @@ class TemplateMenuFactory
return $callable; return $callable;
} }
/**
*
*
*
*/
private function addCancelItem()
{
$callable = function(CliMenu $menu)
{
$this->configuration = $this->getConfiguration();
$action = new NginxVhostCancelAction();
is_callable($action($menu));
};
return $callable;
}
/** /**
* adding radio buttons to select php-fpm version * adding radio buttons to select php-fpm version
* *
@ -167,7 +188,7 @@ class TemplateMenuFactory
* @param CliMenuBuilder $builder * @param CliMenuBuilder $builder
* @param array $configuration * @param array $configuration
*/ */
private function addPhpFpmItems($builder, &$configuration)
private function addPhpFpmItems($builder)
{ {
// get php-fpm services // get php-fpm services
exec('find /lib/systemd/system/ -name "php[0-9\.]*-fpm.service"', $files); exec('find /lib/systemd/system/ -name "php[0-9\.]*-fpm.service"', $files);
@ -180,8 +201,8 @@ class TemplateMenuFactory
// remove extension // remove extension
$file = str_replace('.service', '', $file); $file = str_replace('.service', '', $file);
$builder->addRadioItem($file, function(CliMenu $menu) use (&$configuration) {
$configuration['phpFpm'] = $menu->getSelectedItem()->getText();
$builder->addRadioItem($file, function(CliMenu $menu) {
$this->configuration['phpFpm'] = $menu->getSelectedItem()->getText();
}); });
} }
@ -200,41 +221,41 @@ class TemplateMenuFactory
{ {
$menu = function(CliMenuBuilder $builder) use ($template, $bladeFile) $menu = function(CliMenuBuilder $builder) use ($template, $bladeFile)
{ {
$configuration = $this->getConfiguration();
$this->configuration = $this->getConfiguration();
// create checkbox for ssl // create checkbox for ssl
$checkboxSSL = new CheckboxItem('ssl', function(CliMenu $menu) use (&$configuration) {
$configuration['ssl'] = $menu->getSelectedItem()->getChecked();
$checkboxSSL = new CheckboxItem('ssl', function(CliMenu $menu) {
$this->configuration['ssl'] = $menu->getSelectedItem()->getChecked();
}); });
$checkboxSSL->setChecked($configuration['ssl']);
$checkboxSSL->setChecked($this->configuration['ssl']);
// create checkbox for redirect from www // create checkbox for redirect from www
$checkboxRedirect = new CheckboxItem('redirect www', function(CliMenu $menu) use (&$configuration) {
$configuration['redirect_www'] = $menu->getSelectedItem()->getChecked();
$checkboxRedirect = new CheckboxItem('redirect www', function(CliMenu $menu) {
$this->configuration['redirect_www'] = $menu->getSelectedItem()->getChecked();
}); });
$checkboxRedirect->setChecked($configuration['redirect_www']);
$checkboxRedirect->setChecked($this->configuration['redirect_www']);
$validator = v::key('root', v::directory()); $validator = v::key('root', v::directory());
$itemValidator = new ItemValidator($validator); $itemValidator = new ItemValidator($validator);
$builder $builder
->setTitle('Nginx > Add > '.$template['name']) ->setTitle('Nginx > Add > '.$template['name'])
->setGoBackButtonText('Cancel')
->disableDefaultItems()
// input domain // input domain
->addItem('domain: -', $this->addInputItem('domain', 'domain', $configuration))
->addItem('domain: -', $this->addInputItem('domain', 'domain'))
// input root // input root
->addItem('root: -', $this->addInputItem('root', 'root', $configuration, $itemValidator))
->addItem('root: -', $this->addInputItem('root', 'root', $itemValidator))
// input index // input index
->addItem('index: '.$configuration['index'], $this->addInputItem('index', 'index', $configuration))
->addItem('index: '.$this->configuration['index'], $this->addInputItem('index', 'index'))
->addLineBreak('-'); ->addLineBreak('-');
// add php-fpm items // add php-fpm items
$builder = $this->addPhpFpmItems($builder, $configuration);
$builder = $this->addPhpFpmItems($builder);
$builder $builder
->addLineBreak('-') ->addLineBreak('-')
@ -245,8 +266,9 @@ class TemplateMenuFactory
->addLineBreak('-') ->addLineBreak('-')
// create // create
->addItem('publish', $this->addPublishItem($template, $bladeFile, $configuration))
->addLineBreak('-');
->addItem('Publish', $this->addPublishItem($template, $bladeFile))
->addLineBreak('-')
->addItem('Cancel', $this->addCancelItem());
}; };
return $menu; return $menu;


+ 6
- 0
resources/fail2ban/jail.d/mysql-auth.conf View File

@ -0,0 +1,6 @@
[mysqld-auth]
enabled = true
filter = mysqld-auth
port = 3306
logpath = /var/log/mysql/error.log

+ 1
- 11
resources/nginx/templates/layouts/ssl.blade.php View File

@ -28,19 +28,9 @@ server {
ssl_certificate /etc/letsencrypt/live/{{ $domain }}/fullchain.pem; ssl_certificate /etc/letsencrypt/live/{{ $domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ $domain }}/privkey.pem; ssl_certificate_key /etc/letsencrypt/live/{{ $domain }}/privkey.pem;
include /etc/nginx/snippets/snippets/ssl-params.conf;
include /etc/nginx/snippets/ssl-params.conf;
include /etc/nginx/snippets/secure-headers.conf; include /etc/nginx/snippets/secure-headers.conf;
add_header Content-Security-Policy "
default-src 'self';
font-src 'self';
style-src 'self';
img-src 'self';
base-uri 'self';
form-action 'self';
frame-ancestors 'self';
";
@include('partials.default', ['domain' => $domain]) @include('partials.default', ['domain' => $domain])
@yield('server') @yield('server')

Write Preview
Loading…
Cancel
Save