tentakelfabrik
/
mcp
1
0
Fork 0
Code Issues 8 Pull Requests 0 Releases 4 Wiki Activity
OpenSource CLI-App to install and handle stuff related to Web-Server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
94 Commits
4 Branches
456 KiB
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
mcp/app/Helpers/NginxVhostHelper.php

193 lines
4.5 KiB
Raw Permalink Blame History

<?php
namespace App\Helpers;
/**
* hande nginx vhosts
*
* @author Björn Hase, Tentakelfabrik
* @license http://opensource.org/licenses/MIT The MIT License
* @link https://gitea.tentakelfabrik.de/Tentakelfabrik/mcp
*
*/
class NginxVhostHelper
{
// path for available files
const SITES_AVAILABLE = '/etc/nginx/sites-available';
// path for enabled files
const SITES_ENABLED = '/etc/nginx/sites-enabled';
// regex to get files for
const REGEX_SSL_CERTIFICATE = '/\bssl_certificate\s+\K\S+/';
const REGEX_SSL_CERTIFICATE_KEY = '/\bssl_certificate_key\s+\K\S+/';
// ignore files
const IGNORE_FILES = [
'.', '..'
];
/**
* get sites that are in sites-available
*
*
* @return array
*
*/
private function getSitesAvailable()
{
return scandir(self::SITES_AVAILABLE);
}
/**
* get sites that are in sites-enabled
*
*
* @return array
*
*/
private function getSitesEnabled()
{
return scandir(self::SITES_ENABLED);
}
/**
* find path for certificates in .conf-files
*
*
* ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
* ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
*
* @param string $filename
*
*/
private function getCertificate($path)
{
$result = [
'ssl' => false,
'ssl_certificate_exists' => false,
'ssl_certificate_expired_at' => false
];
// getting .conf-file
$content = file_get_contents($path);
// check for path of sites
preg_match(self::REGEX_SSL_CERTIFICATE, $content, $certificates);
$matches = array_merge([], $certificates);
preg_match(self::REGEX_SSL_CERTIFICATE_KEY, $content, $certificates);
$matches = array_merge($matches, $certificates);
// check ssl certificates
if (count($matches) >= 2) {
$result['ssl'] = true;
// @TODO find a regex that ignore the ";"
foreach($matches as $index => $match) {
$matches[$index] = str_replace(';', '', $match);
}
if (file_exists($matches[0]) && file_exists($matches[1])) {
$result['ssl_certificate_exists'] = true;
// getting expired
exec('openssl x509 -noout -dates -in '.$matches[0], $openssl);
if (isset($openssl[1])) {
$result['ssl_certificate_expired_at'] = str_replace('notAfter=', '', $openssl[1]);
}
}
}
return $result;
}
/**
*
* @return
*/
private function getRedirect($path, $domain)
{
// getting .conf-file
$content = file_get_contents($path);
// result
$result = false;
preg_match('/server_name www.'.$domain.'/', $content, $matches);
if (count($matches) > 0) {
$result = true;
}
return $result;
}
/**
* get vhost
*
* @param string $filename
* @param array $enabled
* @return array
*/
private function getVhost($filename, $enabled)
{
// getting full path
$path = self::SITES_AVAILABLE.'/'.$filename;
// getting certificates from a configuration
$certificate = $this->getCertificate($path);
// domain
$domain = str_replace('.conf', '', $filename);
$result = array_merge([
'domain' => $domain,
'path' => $path,
'file' => $filename,
'redirect_www' => $this->getRedirect($path, $domain),
'enabled' => in_array($filename, $enabled),
], $certificate);
return $result;
}
/**
* find single vhost by filename
*
* @param string $filename
* @return array
*/
public function findOneByFilename($filename)
{
// getting enabled
$enabled = $this->getSitesEnabled();
return $this->getVhost($filename, $enabled);
}
/**
* find all vhost
*
* @return array
*/
public function find()
{
$results = [];
// getting available
$available = $this->getSitesAvailable();
// getting enabled
$enabled = $this->getSitesEnabled();
foreach($available as $filename)
{
if (!in_array($filename, self::IGNORE_FILES)) {
$results[] = $this->getVhost($filename, $enabled);
}
}
return $results;
}
}