Force ISPC3 to update apache2 vhost files

Discussion in 'Developers' Forum' started by archerjd, Nov 26, 2008.

  1. archerjd

    archerjd ISPConfig Developer ISPConfig Developer

    I am working with the latest SVN of ISPC3 and wanted to know if there is a way to force ISPConfig to update/rewrite all of apache2's vhost files.

    The thing is, I have been configuring ISPC3 on Debian Lenny.
    I know I know, not a good idea. But I am using mod_gnutls with it and so far everything works out well. Even so, when configuring the system with a little tweak here a little tweak there the change doesn't take effect right away.

    To give you an idea of what I have done here, I have modified the /usr/local/ispconfig/server/conf/vhost.conf.master file to make use of mod_gnutls. Below is a diff of the file.
    Code:
    --- /usr/local/ispconfig/server/conf/vhost.conf.master  2008-11-26 10:26:51.000000000 -0600
    +++ vhost.conf.master   2008-11-26 12:04:20.000000000 -0600
    @@ -98,12 +98,15 @@
    
    
     <tmpl_if name='ssl_enabled'>
    -<IfModule mod_ssl.c>
    +<IfModule mod_gnutls.c>
     ###########################################################
    -# SSL Vhost
    +# GnuTLS Vhost
     ###########################################################
    
     <VirtualHost <tmpl_var name='ip_address'>:443>
    +  GnuTLSEnable On
    +  GnuTLSExportCertificates on
    +  GnuTLSPriorities NORMAL
       DocumentRoot <tmpl_var name='web_document_root'>
       ServerName <tmpl_var name='domain'>
     <tmpl_if name='alias'>
    @@ -123,11 +126,10 @@
            ErrorDocument 503 /error/overloaded.html
    
     </tmpl_if>
    -       SSLEngine on
    -       SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.crt
    -       SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.key
    +       GnuTLSCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.crt
    +       GnuTLSKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.key
     <tmpl_if name='has_bundle_cert'>
    -       SSLCACertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.bundle
    +       GnuTLSClientCAFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.bundle
     </tmpl_if>
    
     <tmpl_if name='cgi'op='==' value='y'>
    @@ -192,4 +194,4 @@
     </VirtualHost>
     </IfModule>
    
    -</tmpl_if>
    \ No newline at end of file
    +</tmpl_if>
    I would also like to add the following code to enable WebDAV for clients that have an ssl cert and FTP access.
    Code:
    Alias /webdav <tmpl_var name='document_root'>
    <Location />
        DAV On
        AuthBasicAuthoritative Off
        AuthUserFile /dev/null
        AuthMySQL On
        AuthName "WebDAV Authering Service"
        AuthType Basic
        Auth_MySQL_Host localhost
        Auth_MySQL_User ispconfig
        Auth_MySQL_Password ispconfig_password # No variable found for this as of yet.
        AuthMySQL_DB dbispconfig
        AuthMySQL_Password_Table ftp_user
        Auth_MySQL_Username_Field username
        Auth_MySQL_Password_Field password
        Auth_MySQL_Group_Field gid
        Auth_MySQL_Encryption_Types Crypt
        Auth_MySQL_Empty_Passwords Off
        Auth_MySQL_Authoritative On
        Auth_MySQL_Password_Clause " AND active=y"
        <LimitExcept GET HEAD OPTIONS>
            require group <tmpl_var name='system_group'>
        </LimitExcept>
    </Location>
    But that is beside the point.

    Thanks guys,

    -Archer
     
    Last edited: Nov 26, 2008
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You can not force a rewrite of all vhost files. If you want to rewrite the config for a site, edit the site settings, change a value and click on save.
     
  3. archerjd

    archerjd ISPConfig Developer ISPConfig Developer

    Thanks Till,
    From your description my config should have already updated and it's not.
    Can you give me some pointers to start looking for what caused this issue? :confused:

    I have checked the ISPC log and have found it empty. Is there a way to enable verbose logging for ISPC3?

    Also, since ISPC3 has the ability to apply additional apache directives, does ISPC3 do an 'apache2ctl -t' check before applying the configuration?
    If not, should this be a feature request to parse the output of 'apache2ctl -t' before reloading Apache2 and notify you of the (error)s?

    Just a few thoughts...

    -Archer
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You can set the log level in the file /usr/local/ispconfig/server/lib/config.inc.php
     
  5. quentusrex

    quentusrex New Member

    Till, Is there a way to add a 'custom lines' setting so that when a vhost file is rebuilt that the custom lines are included? Like a certain client would have svn and trac settings in the vhost file.
     
  6. archerjd

    archerjd ISPConfig Developer ISPConfig Developer

    Quentusrex,

    Could you be talking about the additional Apache directives option under Sites -> Domain -> $website -> Options -> Apache directives?

    BTW, I think I may have stumbled upon a possible bug.
    When I insert the following code ISPC3 chokes on it (no updates to the vhost file). But if I place the code in a file and then use the 'Include /path/to/file' directive everything works.
    Code:
    DAVLockDB /var/clients/client0/web1/tmp/DAVLock
    
    Alias /webdav /var/clients/client0/web1/
    <Location /webdav>
      DAV On
      AuthBasicAuthoritative Off
      AuthUserFile /dev/null
      AuthMySQL On
      AuthName "WebDAV Authering Service"
      AuthType Basic
      Auth_MySQL_Host localhost
      Auth_MySQL_User ispconfig
      Auth_MySQL_Password ***************************
      AuthMySQL_DB dbispconfig
      AuthMySQL_Password_Table ftp_user
      Auth_MySQL_Username_Field username
      Auth_MySQL_Password_Field password
    # Auth_MySQL_Password_Clause " AND active=y" ## Haven't got this working as of yet. ##
      Auth_MySQL_Group_Table ftp_user
      Auth_MySQL_Group_Field gid
      Auth_MySQL_Encryption_Types Crypt
      Auth_MySQL_Empty_Passwords Off
      Auth_MySQL_Authoritative On
      require group client0
    
      # Disable all server side processing.
      ForceType text/plain
    </Location>
    
    <IfModule mpm_itk_module>
      AssignUserId web1 client0
    </IfModule>
    The above code works well. :D
    Now if mpm-peruser was just a little easier to install...
     

Share This Page