tony
/
mb-admin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix JPS syntax error

main
Anthony 2025-03-22 02:06:51 +08:00
parent 1e8109006c
commit f58d45c72a
2 changed files with 204 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
mbadmin.jps
View File

@ -143,6 +143,22 @@ menu:
action: remove_ssl_cert action: remove_ssl_cert
settings: sslRemoveConfig settings: sslRemoveConfig
successText: "SSL certificate for '${settings.domain}' has been successfully removed." successText: "SSL certificate for '${settings.domain}' has been successfully removed."
- confirmText: Do you want to fix LiteSpeed configuration XML tags?
loadingText: Fixing LiteSpeed Configuration...
caption: Fix LiteSpeed XML
action: fix_litespeed_xml
successText: "LiteSpeed configuration XML tags have been fixed."
- confirmText: Do you want to analyze the LiteSpeed configuration?
loadingText: Analyzing LiteSpeed configuration...
caption: Diagnose LiteSpeed Config
action: diagnose_litespeed_config
successText: "LiteSpeed configuration analysis complete."
- confirmText: Clean up certificate references in shared listeners?
loadingText: Cleaning up certificate references...
caption: Clean Certificate References
action: clean_cert_references
settings: cleanCertConfig
successText: "Certificate references have been cleaned up."
settings: settings:
checkDomainConfig: checkDomainConfig:
@ -263,6 +279,13 @@ settings:
caption: Email Address caption: Email Address
required: true required: true
sslRemoveConfig: sslRemoveConfig:
submitUnchanged: true
fields:
- name: domainremove
type: text
caption: Domain Name
required: true
cleanCertConfig:
submitUnchanged: true submitUnchanged: true
fields: fields:
- name: domain - name: domain
@ -587,16 +610,131 @@ actions:
- cmd[cp]: - cmd[cp]:
user: root user: root
commands: commands:
- bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --domain="${settings.domain}" --remove-cert=yes --confirm=yes - bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --domain="${settings.domainremove}" --remove-cert=yes --confirm=yes
- if: ${response.exitcode} == 0 - if: ${response.exitcode} == 0
return: return:
type: success type: success
message: "SSL certificate for '${settings.domain}' has been successfully removed." message: "SSL certificate for '${settings.domainremove}' has been successfully removed."
- else: - else:
return: return:
type: error type: error
message: "Failed to remove SSL certificate: ${response.out}" message: "Failed to remove SSL certificate: ${response.out}"
fix_litespeed_xml:
- cmd[cp]:
user: root
commands:
- CONF_FILE="/var/www/conf/httpd_config.xml"
- echo "Backing up LiteSpeed configuration..."
- cp "$CONF_FILE" "${CONF_FILE}.backup.$(date +%Y%m%d%H%M%S)"
- echo "Fixing XML tag inconsistencies..."
- awk '{gsub(/<n>/, "<name>"); gsub(/<\/n>/, "</name>"); print}' "$CONF_FILE" > "${CONF_FILE}.new"
- cat "${CONF_FILE}.new" > "$CONF_FILE"
- rm "${CONF_FILE}.new"
- systemctl restart lsws
- return:
type: success
message: "LiteSpeed configuration XML tags have been normalized. The web server has been restarted."
diagnose_litespeed_config:
- cmd[cp]:
user: root
commands:
- |
CONF_FILE="/var/www/conf/httpd_config.xml"
echo "Analyzing LiteSpeed configuration tags..."
echo "-----------------------------------"
echo "Number of <n> tags: $(grep -c "<n>" $CONF_FILE)"
echo "Number of </n> tags: $(grep -c "</n>" $CONF_FILE)"
echo "Number of <name> tags: $(grep -c "<name>" $CONF_FILE)"
echo "Number of </name> tags: $(grep -c "</name>" $CONF_FILE)"
echo "-----------------------------------"
echo "First 5 instances of <n> tags:"
grep -n "<n>" $CONF_FILE | head -5
echo "-----------------------------------"
echo "Testing sed command effectiveness:"
cp $CONF_FILE /tmp/test_config.xml
sed -i 's/<n>/<name>/g' /tmp/test_config.xml
sed -i 's/<\/n>/<\/name>/g' /tmp/test_config.xml
echo "After sed, remaining <n> tags: $(grep -c "<n>" /tmp/test_config.xml)"
echo "After sed, remaining </n> tags: $(grep -c "</n>" /tmp/test_config.xml)"
echo "-----------------------------------"
- return:
type: info
message: "${response.out}"
clean_cert_references:
- cmd[cp]:
user: root
commands:
- |
DOMAIN="${settings.domain}"
CONF_FILE="/var/www/conf/httpd_config.xml"
BACKUP_FILE="${CONF_FILE}.bak.$(date +%Y%m%d%H%M%S)"
# Create backup
cp "$CONF_FILE" "$BACKUP_FILE"
echo "Created backup at $BACKUP_FILE"
# Create temp file for processing
TEMP_FILE=$(mktemp)
# Clean up certificate references
echo "Cleaning up certificate references for $DOMAIN..."
# Use awk to process the file
awk -v domain="$DOMAIN" '
BEGIN { in_listener = 0; is_shared = 0; }
/<listener>/ {
in_listener = 1;
print;
next;
}
in_listener && (/<name>HTTPS<\/name>/ || /<name>HTTPS-ipv6<\/name>/) {
is_shared = 1;
print;
next;
}
in_listener && is_shared && /<keyFile>.*live\/'"$DOMAIN"'\/.*<\/keyFile>/ {
print " <keyFile>/var/www/conf/default.key</keyFile>";
next;
}
in_listener && is_shared && /<certFile>.*live\/'"$DOMAIN"'\/.*<\/certFile>/ {
print " <certFile>/var/www/conf/default.crt</certFile>";
next;
}
/<\/listener>/ {
in_listener = 0;
is_shared = 0;
print;
next;
}
{ print; }
' "$CONF_FILE" > "$TEMP_FILE"
# Verify the file is valid
if grep -q "<httpServerConfig>" "$TEMP_FILE" && grep -q "</httpServerConfig>" "$TEMP_FILE"; then
# Apply changes
cat "$TEMP_FILE" > "$CONF_FILE"
rm -f "$TEMP_FILE"
echo "Certificate references cleaned up successfully."
# Restart LiteSpeed
echo "Restarting LiteSpeed..."
systemctl restart lsws
else
echo "ERROR: Generated config is invalid. Keeping original configuration."
rm -f "$TEMP_FILE"
exit 1
fi
- return:
type: success
message: "Certificate references for '${settings.domain}' have been cleaned up from shared listeners."
responses: responses:
enableSuccess: enableSuccess:

66
scripts/ssl-manager/ssl_manager.sh
View File

@ -122,16 +122,26 @@ update_litespeed_config() {
cp "$config_file" "$backup_file" cp "$config_file" "$backup_file"
log "Created backup of LiteSpeed configuration at $backup_file" log "Created backup of LiteSpeed configuration at $backup_file"
# Normalize XML tags - replace <n> with <name> throughout the config
log "Normalizing XML tags in configuration..."
if grep -q "<n>" "$config_file"; then
log "Found <n> tags in config, normalizing to <name>..."
sed -i 's/<n>/<name>/g' "$config_file"
sed -i 's/<\/n>/<\/name>/g' "$config_file"
fi
# Clean up any redundant listeners for this domain # Clean up any redundant listeners for this domain
cleanup_redundant_listeners "$config_file" "$DOMAIN" cleanup_redundant_listeners "$config_file" "$DOMAIN"
# Create domain-specific virtual host # Create domain-specific virtual host - MUST create before listener so it exists
log "Creating domain-specific virtual host for $DOMAIN..."
if ! create_domain_virtual_host "$DOMAIN"; then if ! create_domain_virtual_host "$DOMAIN"; then
log "ERROR: Failed to create virtual host for $DOMAIN. Aborting configuration update." log "ERROR: Failed to create virtual host for $DOMAIN. Aborting configuration update."
return 1 return 1
fi fi
# Create domain-specific listener # Create domain-specific listener - depends on virtual host already existing
log "Creating domain-specific listener for $DOMAIN..."
if ! create_domain_listener "$DOMAIN"; then if ! create_domain_listener "$DOMAIN"; then
log "ERROR: Failed to create listener for $DOMAIN. Aborting configuration update." log "ERROR: Failed to create listener for $DOMAIN. Aborting configuration update."
return 1 return 1
@ -839,6 +849,53 @@ remove_ssl_certificate() {
{ print; } { print; }
' "${temp_file}.new" > "${temp_file}.final" ' "${temp_file}.new" > "${temp_file}.final"
# 4a. Clean up certificate references in shared listeners
log "Cleaning up certificate references in shared listeners..."
local cert_path="/etc/letsencrypt/live/$domain/"
# Create a temporary file for processing
local cert_cleanup_temp=$(mktemp)
# Replace certificate paths in shared listeners
awk -v domain="$domain" -v cert_path="$cert_path" '
# Inside a listener section
/<listener>/,/<\/listener>/ {
# Look for HTTPS or HTTPS-ipv6 listeners (shared listeners)
if ($0 ~ /<name>(HTTPS|HTTPS-ipv6)<\/name>/ || $0 ~ /<n>(HTTPS|HTTPS-ipv6)<\/n>/) {
in_shared_listener = 1;
}
# If in shared listener and line contains certificate paths for this domain, replace them
if (in_shared_listener && $0 ~ cert_path) {
if ($0 ~ /keyFile/) {
print " <keyFile>/var/www/conf/default.key</keyFile>";
next;
}
if ($0 ~ /certFile/) {
print " <certFile>/var/www/conf/default.crt</certFile>";
next;
}
}
# End of listener section
if ($0 ~ /<\/listener>/) {
in_shared_listener = 0;
}
}
# Print all other lines unchanged
{ print; }
' "${temp_file}.final" > "$cert_cleanup_temp"
# If the temporary file is valid, use it
if [ -s "$cert_cleanup_temp" ] && grep -q "<httpServerConfig>" "$cert_cleanup_temp"; then
mv "$cert_cleanup_temp" "${temp_file}.final"
log "Certificate references in shared listeners cleaned up."
else
log "WARNING: Failed to clean up certificate references. Keeping original configuration."
rm -f "$cert_cleanup_temp"
fi
# Verify the processed file is valid # Verify the processed file is valid
if [ ! -s "${temp_file}.final" ]; then if [ ! -s "${temp_file}.final" ]; then
log "ERROR: Generated configuration is empty. Keeping original configuration." log "ERROR: Generated configuration is empty. Keeping original configuration."
@ -1035,6 +1092,11 @@ install_xml_tools
if $CERTBOT_CMD; then if $CERTBOT_CMD; then
log "SSL certificate issued successfully for $DOMAIN." log "SSL certificate issued successfully for $DOMAIN."
# Fix any inconsistent XML tags first
log "Ensuring XML tag consistency in LiteSpeed configuration..."
sed -i 's/<n>/<name>/g' /var/www/conf/httpd_config.xml
sed -i 's/<\/n>/<\/name>/g' /var/www/conf/httpd_config.xml
# Update LiteSpeed config with enhanced safety # Update LiteSpeed config with enhanced safety
if update_litespeed_config; then if update_litespeed_config; then
restart_litespeed restart_litespeed