README.md

@@ -15,8 +15,9 @@ __You can then run a development version of the server by running the following
 ```console
 mkdir -p local-development/domain.tld
 cd local-development/domain.tld
-mkdir {user,logs}
-docker run -d -it -p 80:80 -p 443:443 -e PHPVER=81 -e environment=DEV --mount type=bind,source="$(pwd)"/user,target=/home/myuser -v"$name-mysql":/var/lib/mysql -e uid=30001 -e user=myuser -e domain=domain.tld -e serveralias=www.domain.tld --name local-dev  repo.anhonesthost.net/cloud-hosting-platform/cac:latest
+mkdir user
+mkdir -p user/logs/{apache,system}
+docker run -d -it -p 80:80 -p 443:443 -e PHPVER=81 -e environment=DEV --mount type=bind,source="$(pwd)"/user,target=/home/myuser --mount type=bind,source="$(pwd)"/user/logs/apache,target=/etc/httpd/logs --mount type=bind,source="$(pwd)"/user/logs/system,target=/var/log -v"$name-mysql":/var/lib/mysql -e uid=30001 -e user=myuser -e domain=domain.tld -e serveralias=www.domain.tld --name local-dev  repo.anhonesthost.net/cloud-hosting-platform/cac:latest
 ```
 
 *This will start the processes needed to run sites locally.*

configs/vhost-template.tpl

@@ -40,6 +40,42 @@
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
 </VirtualHost>
 
+#
+# When we also provide SSL we have to listen to the
+# standard HTTPS port in addition.
+#
+Listen 443 https
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+#   Pass Phrase Dialog:
+#   Configure the pass phrase gathering process.
+#   The filtering dialog program (`builtin' is a internal
+#   terminal dialog) has to provide the pass phrase on stdout.
+SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
+
+#   Inter-Process Session Cache:
+#   Configure the SSL Session Cache: First the mechanism
+#   to use and second the expiring timeout (in seconds).
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+
+#
+# Use "SSLCryptoDevice" to enable any supported hardware
+# accelerators. Use "openssl engine -v" to list supported
+# engine names.  NOTE: If you enable an accelerator and the
+# server does not start, consult the error logs and ensure
+# your accelerator is functioning properly.
+#
+SSLCryptoDevice builtin
+
+
+
 <IfModule mod_ssl.c>
   <VirtualHost _default_:443>
     ServerName "~~domain~~"

local-dev.sh

@@ -46,9 +46,10 @@ user=$(whoami)
 uid=$(id -u)
 if [ ! -d "$root_path/user" ]; then
   mkdir -p "$root_path/user";
+  mkdir -p "$root_path/user/logs/{apache,system}";
 fi
 $check_docker volume create "$name-mysql"
-$check_docker run --pull=always -d -p "$http_port":80 -p "$https_port":443 -e PHPVER=$phpver -e environment=DEV --mount type=bind,source="$root_path"/user,target=/home/"$user" -v"$name-mysql":/var/lib/mysql -e uid="$uid" -e user="$user" -e domain="$name-local.dev" --name "$name" repo.anhonesthost.net/cloud-hosting-platform/cac:latest
+$check_docker run --pull=always -d -p "$http_port":80 -p "$https_port":443 -e PHPVER=$phpver -e environment=DEV --mount type=bind,source="$root_path"/user,target=/home/"$user" --mount type=bind,source="$(pwd)"/user/logs/apache,target=/etc/httpd/logs --mount type=bind,source="$(pwd)"/user/logs/system,target=/var/log  -v"$name-mysql":/var/lib/mysql -e uid="$uid" -e user="$user" -e domain="$name-local.dev" --name "$name" repo.anhonesthost.net/cloud-hosting-platform/cac:latest
 echo "Creating management scripts in root directory..."
 echo "#!/usr/bin/env bash" > "$root_path/instance_start"
 echo "docker start $name" >> "$root_path/instance_start"

scripts/create-vhost.sh

@@ -34,6 +34,12 @@ cat <<EOF > /etc/httpd/conf.d/$domain.conf
     RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
 </VirtualHost>
 
+Listen 443 https
+SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
+SSLSessionCacheTimeout  300
+SSLCryptoDevice builtin
+
 <IfModule mod_ssl.c>
   <VirtualHost _default_:443>
     ServerName "$domain"

scripts/entrypoint.sh

@@ -7,26 +7,30 @@ fi
 adduser -u $uid $user
 
 mkdir -p /home/$user/public_html
-mkdir -p /home/$user/logs
-mkdir -p /home/$user/logs/{apache,system}
+mkdir -p /home/$user/logs/{apache,php-fpm}
 
-chown -R $user:$user /home/$user
-chmod -R 755 /home/$user
+mv /var/log/httpd /var/log/httpd.bak
+
+ln -s /home/$user/logs/apache /var/log/httpd
+ln -s /home/$user/logs/php-fpm /var/log/php-fpm
 
 /scripts/install-php$PHPVER.sh
 
 /scripts/create-vhost.sh
 /scripts/create-php-config.sh
 
-ln -s /etc/httpd/logs /home/$user/logs/apache
-ln -s /var/log /home/$user/logs/system
+if [ -f /etc/httpd/conf.d/ssl.conf ]; then
+  mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.bak
+fi
 
 /usr/sbin/httpd -k start
 /usr/sbin/php-fpm -y /etc/php-fpm.conf
+chown -R $user:$user /home/$user
+chmod -R 755 /home/$user
 
 if [[ $environment == 'DEV' ]]; then
   echo "Starting Dev Deployment"
-  mkdir -p /home/$user/public_html/_db_backups
+  mkdir -p /home/$user/_db_backups
   dnf install -y MariaDB-server MariaDB-client memcached
   nohup mysqld -umysql &
   if [ ! -f /home/$user/mysql_creds ]; then
@@ -39,7 +43,7 @@ if [[ $environment == 'DEV' ]]; then
     mysql -e "CREATE USER '"$mysql_user"'@'localhost' IDENTIFIED BY '"$mysql_password"';"
     mysql -e "GRANT ALL PRIVILEGES ON *.* TO '"$mysql_user"'@'localhost' WITH GRANT OPTION;"
     mysql -e "FLUSH PRIVILEGES;"
-    echo "*/15 * * * * root /scripts/mysql-backup.sh $user $mysql_db"  >> /etc/crontab
+    echo "*/15 * * * * root /scripts/mysql-backup.sh $user devdb_$mysql_db"  >> /etc/crontab
     echo "MySQL User: "$mysql_user > /home/$user/mysql_creds
     echo "MySQL Password: "$mysql_password >> /home/$user/mysql_creds
     echo "MySQL Database: devdb_"$mysql_db >> /home/$user/mysql_creds
@@ -54,7 +58,7 @@ if [[ $environment == 'PROD' ]]; then
     sed -r -i 's/;session.save_path="localhost:11211/session.save_path="memcache:11211/' /etc/php.d/50-memcached.ini
 fi
 /usr/sbin/crond
-tail -f /etc/httpd/logs/*
+tail -f /var/log/httpd/*
 
 exit 0
   

scripts/log-rotate.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 # Set the log directory
-LOG_DIR="/etc/httpd/logs"
+LOG_DIR="/var/log/httpd"
 
 # Get current date
 DATE=$(date +%Y%m%d)

scripts/mysql-backup.sh

@@ -7,7 +7,8 @@ if [ ! -d /home/$user/_db_backups ]; then
   mkdir -p /home/$user/_db_backups
 fi
 
-/usr/bin/mysqldump $mysql_db > /home/$user/_db_backups/$mysql_db.$dt.sql"
-/usr/bin/find /home/$user/_db_backups/ -type f -mmin +360 -delete"
+/usr/bin/mysqldump $mysql_db > /home/$user/_db_backups/$mysql_db.$dt.sql
+chown -R $user:$user /home/$user/_db_backups
+/usr/bin/find /home/$user/_db_backups/ -type f -mmin +360 -delete
 
 exit 0