335 lines
9.9 KiB
PHP
335 lines
9.9 KiB
PHP
<?php declare(strict_types=1);
|
|
|
|
namespace App\Controller;
|
|
|
|
use App\Entity\Domain;
|
|
use App\Repository\DomainRepository;
|
|
use App\Repository\NameserverRepository;
|
|
use App\Repository\PanelRepository;
|
|
use Monolog\Logger;
|
|
|
|
error_reporting(error_level: E_ALL);
|
|
|
|
// TODO check include "/etc/bind/local.zones";
|
|
|
|
/**
|
|
*
|
|
*/
|
|
class DomainController
|
|
{
|
|
public string $localZoneFile;
|
|
public string $localZonesDir;
|
|
public string $namedConfLocalFile;
|
|
private string $zoneCachePath;
|
|
|
|
|
|
public function __construct(
|
|
private readonly NameserverRepository $nameserverRepository,
|
|
private readonly ApiController $checkController,
|
|
private readonly DomainRepository $domainRepository,
|
|
private readonly PanelRepository $panelRepository,
|
|
private readonly ConfigController $configController,
|
|
private readonly Logger $logger)
|
|
{
|
|
$this->localZoneFile = '/etc/bind/local.zones';
|
|
$this->localZonesDir = '/etc/bind/zones/';
|
|
$this->namedConfLocalFile = '/etc/bind/named.conf.local';
|
|
$this->zoneCachePath = '/var/cache/bind/';
|
|
}
|
|
|
|
|
|
function createIncludeFile(): void
|
|
{
|
|
$this->logger->debug(message: "createIncludeFile()");
|
|
|
|
$domains = $this->domainRepository->findAll();
|
|
|
|
$oFile = fopen(filename: $this->localZoneFile, mode: 'w');
|
|
foreach ($domains as $domain) {
|
|
if (!$this->isMasterZone(domain: $domain)) {
|
|
fputs(stream: $oFile, data: 'include "' . $this->localZonesDir . $domain->getName() . '";' . PHP_EOL);
|
|
}
|
|
}
|
|
fclose(stream: $oFile);
|
|
|
|
exec(command: '/usr/sbin/named-checkconf', output: $output, result_code: $resultCode);
|
|
if ($resultCode != 0) {
|
|
echo 'There was an error:' . PHP_EOL;
|
|
foreach ($output as $line) {
|
|
echo $line . PHP_EOL;
|
|
}
|
|
echo 'You need to fix the error before the configuration can be activated.' . PHP_EOL;
|
|
exit(1);
|
|
}
|
|
|
|
exec(command: '/usr/sbin/rndc reload');
|
|
}
|
|
|
|
|
|
function updateSlaveZones(): void
|
|
{
|
|
$this->logger->debug(message: 'Delete all slave zones');
|
|
|
|
$zones = glob(pattern: $this->localZonesDir . '*');
|
|
foreach ($zones as $zone) {
|
|
unlink(filename: $zone);
|
|
}
|
|
|
|
$domains = $this->domainRepository->findAll();
|
|
|
|
foreach ($domains as $domain) {
|
|
if ($this->configController->getConfig(configKey: 'verbose')) {
|
|
echo 'Create zone: ' . $domain->getName() . PHP_EOL;
|
|
}
|
|
$this->createSlaveZoneFile(domain: $domain);
|
|
}
|
|
|
|
$this->createIncludeFile();
|
|
}
|
|
|
|
|
|
function deleteOnNameservers(Domain $domain): void
|
|
{
|
|
$this->logger->debug(message: "deleteOnNameserver()");
|
|
|
|
$nameservers = $this->nameserverRepository->findAll();
|
|
foreach ($nameservers as $nameserver) {
|
|
$body = [
|
|
'name' => $domain->getName()
|
|
];
|
|
if (!empty($nameserver->getAaaa())) {
|
|
$this->checkController->sendCommand(
|
|
requestType: 'DELETE',
|
|
serverName: $nameserver->getName(),
|
|
versionIP: 6,
|
|
apiKey: $nameserver->getApikey(),
|
|
command: 'delete',
|
|
serverType: 'nameserver',
|
|
body: $body);
|
|
} else {
|
|
$this->checkController->sendCommand(
|
|
requestType: 'DELETE',
|
|
serverName: $nameserver->getName(),
|
|
versionIP: 4,
|
|
apiKey: $nameserver->getApikey(),
|
|
command: 'delete',
|
|
serverType: 'nameserver',
|
|
body: $body);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
* @param Domain $domain
|
|
*
|
|
* @return void
|
|
*/
|
|
function deleteZone(Domain $domain): void
|
|
{
|
|
$this->logger->debug(message: "deleteZone()");
|
|
|
|
$zoneFile = $this->localZonesDir . $domain->getName();
|
|
if (file_exists(filename: "$zoneFile")) {
|
|
unlink(filename: $zoneFile);
|
|
}
|
|
$this->createIncludeFile();
|
|
$this->deleteOnNameservers(domain: $domain);
|
|
}
|
|
|
|
|
|
/**
|
|
* @return bool
|
|
*/
|
|
function checkPermissions(bool $verbose = false, bool $quiet = false): bool
|
|
{
|
|
$this->logger->debug(message: "checkPermissions()");
|
|
$setupIsValid = true;
|
|
|
|
if (!$verbose) {
|
|
$verbose = $this->configController->getConfig(configKey: 'verbose');
|
|
}
|
|
|
|
if (!$quiet) {
|
|
$quiet = $this->configController->getConfig(configKey: 'quiet');
|
|
}
|
|
|
|
// echo 'verbose: ' . ($verbose ? 'true' : 'false') . PHP_EOL;
|
|
// echo 'quiet: ' . ($quiet ? 'true' : 'false') . PHP_EOL;
|
|
|
|
if ($verbose && !$quiet) {
|
|
echo 'Checking permissions...' . PHP_EOL;
|
|
}
|
|
$uid = posix_geteuid();
|
|
if ($verbose && !$quiet) {
|
|
echo "UID:\t" . COLOR_YELLOW . $uid . PHP_EOL;
|
|
}
|
|
$pwuid = posix_getpwuid(user_id: $uid);
|
|
$name = $pwuid['name'];
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_DEFAULT . "Name:\t" . COLOR_YELLOW . $name . PHP_EOL;
|
|
}
|
|
|
|
$bindGroup = posix_getgrnam(name: 'bind');
|
|
$members = $bindGroup['members'];
|
|
if (in_array(needle: $name, haystack: $members)) {
|
|
if ($verbose && !$quiet) {
|
|
echo "\t✅ $name" . COLOR_DEFAULT . ' is in group ' . COLOR_YELLOW . 'bind' . PHP_EOL;
|
|
}
|
|
} else {
|
|
$setupIsValid = false;
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_RED . "\t❌$name needs to be in group " . COLOR_YELLOW . 'bind' . COLOR_DEFAULT . '!' . PHP_EOL;
|
|
}
|
|
}
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_DEFAULT . 'Checking ' . COLOR_YELLOW . $this->localZoneFile . PHP_EOL;
|
|
}
|
|
$localZoneFilePermissions = @fileperms(filename: $this->localZoneFile);
|
|
if ($localZoneFilePermissions & 0x0010) {
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_DEFAULT . "\t✅ Group has write access." . PHP_EOL;
|
|
}
|
|
} else {
|
|
$setupIsValid = false;
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_RED . "\t❌Group needs write permission!" . COLOR_DEFAULT . PHP_EOL;
|
|
}
|
|
}
|
|
if ($verbose && !$quiet) {
|
|
echo 'Checking ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
|
|
}
|
|
if ($namedConfLocal = file_get_contents(filename: $this->namedConfLocalFile)) {
|
|
if (!str_contains(haystack: $namedConfLocal, needle: $this->localZoneFile)) {
|
|
$setupIsValid = false;
|
|
if ($verbose && !$quiet) {
|
|
echo "\t❌ $this->localZoneFile" . COLOR_RED . ' needs to be included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
|
|
}
|
|
} else {
|
|
if ($verbose && !$quiet) {
|
|
echo "\t✅ $this->localZoneFile" . COLOR_DEFAULT . ' is included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
|
|
}
|
|
}
|
|
} else {
|
|
$setupIsValid = false;
|
|
if ($verbose && !$quiet) {
|
|
echo "\t❌ No access to '$this->namedConfLocalFile' . Please check permissions" . PHP_EOL;
|
|
}
|
|
}
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_DEFAULT . 'Checking directory: ' . COLOR_YELLOW . $this->localZonesDir . PHP_EOL;
|
|
}
|
|
$localZoneDirPermissions = @fileperms(filename: $this->localZonesDir);
|
|
if ($localZoneDirPermissions & 0x0010) {
|
|
if ($verbose && !$quiet) {
|
|
echo "\t✅ Group has write access." . PHP_EOL;
|
|
}
|
|
} else {
|
|
$setupIsValid = false;
|
|
if ($verbose && !$quiet) {
|
|
echo COLOR_RED . "\t❌Group needs write permission!" . PHP_EOL;
|
|
}
|
|
}
|
|
return $setupIsValid;
|
|
}
|
|
|
|
|
|
/**
|
|
* @return void
|
|
*/
|
|
function checkDomains(): void
|
|
{
|
|
if (!file_exists(filename: $this->localZoneFile)) {
|
|
echo COLOR_DEFAULT . 'Local Zone file ' . COLOR_YELLOW . $this->localZoneFile . COLOR_DEFAULT . ' does not exist.' . PHP_EOL;
|
|
exit(1);
|
|
}
|
|
$localZones = file_get_contents(filename: $this->localZoneFile);
|
|
$maxNameLength = $this->domainRepository->getLongestEntry(field: 'name');
|
|
$domains = $this->domainRepository->findAll();
|
|
|
|
foreach ($domains as $domain) {
|
|
$idString = '(' . strval(value: $domain->getId()) . ') ';
|
|
echo COLOR_YELLOW .
|
|
str_pad(string: $domain->getName(), length: $maxNameLength + 1)
|
|
. COLOR_DEFAULT
|
|
. str_pad(string: $idString, length: 7, pad_type: STR_PAD_LEFT);
|
|
|
|
$hasError = false;
|
|
if ($this->isMasterZone(domain: $domain)) {
|
|
echo 'Master Zone lies on this panel.';
|
|
} else {
|
|
if (!str_contains(haystack: $localZones, needle: $domain->getName())) {
|
|
echo COLOR_RED . 'is missing in ' . COLOR_YELLOW . $this->localZoneFile . COLOR_DEFAULT;
|
|
$hasError = true;
|
|
} else {
|
|
echo COLOR_GREEN . 'OK';
|
|
}
|
|
|
|
$zoneFile = $this->localZonesDir . $domain->getName();
|
|
|
|
if (!file_exists(filename: $zoneFile)) {
|
|
echo ' Missing zone file for ' . COLOR_YELLOW . $zoneFile . COLOR_DEFAULT;
|
|
$hasError = true;
|
|
}
|
|
|
|
if ($hasError) {
|
|
echo " Update zone (Domain) to create it.";
|
|
}
|
|
}
|
|
echo COLOR_DEFAULT . PHP_EOL;
|
|
}
|
|
|
|
}
|
|
|
|
|
|
/**
|
|
* @param Domain $domain
|
|
*
|
|
* @return void
|
|
*/
|
|
public function createSlaveZoneFile(Domain $domain): void
|
|
{
|
|
$domainName = $domain->getName();
|
|
$this->logger->info(message: "createZoneFile($domainName)");
|
|
|
|
// check if we're a master zone
|
|
if ($this->isMasterZone(domain: $domain)) {
|
|
//echo 'We are zone master for ' . $domainName . PHP_EOL;
|
|
return;
|
|
}
|
|
|
|
if ($zoneFile = fopen(filename: $this->localZonesDir . $domainName, mode: 'w')) {
|
|
$panelName = $domain->getPanel();
|
|
if (!$panel = $this->panelRepository->findByName(name: $panelName)) {
|
|
echo "Error: Panel $panelName doesn't exist." . PHP_EOL;
|
|
die();
|
|
}
|
|
$a = $panel->getA();
|
|
$aaaa = $panel->getAaaa();
|
|
fputs(stream: $zoneFile, data: 'zone "' . $domainName . '"' . ' IN {' . PHP_EOL);
|
|
fputs(stream: $zoneFile, data: "\ttype slave;" . PHP_EOL);
|
|
fputs(stream: $zoneFile, data: "\tfile \"" . $this->zoneCachePath . $domainName . '.db";' . PHP_EOL);
|
|
fputs(stream: $zoneFile, data: "\tmasters {" . PHP_EOL);
|
|
if (!empty($a)) {
|
|
fputs(stream: $zoneFile, data: "\t\t" . $a . ';' . PHP_EOL);
|
|
}
|
|
if (!empty($aaaa)) {
|
|
fputs(stream: $zoneFile, data: "\t\t" . $aaaa . ';' . PHP_EOL);
|
|
}
|
|
fputs(stream: $zoneFile, data: "\t};" . PHP_EOL);
|
|
fputs(stream: $zoneFile, data: "};" . PHP_EOL);
|
|
}
|
|
}
|
|
|
|
|
|
public function isMasterZone(Domain $domain): bool
|
|
{
|
|
if (file_exists(filename: '/etc/bind/keyhelp_domains/' . $domain->getName())) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
}
|