From b60879d53f753e626c45221e64e068df66c59a14 Mon Sep 17 00:00:00 2001
From: Usman Nasir <usman@cyberpersons.com>
Date: Sat, 12 Feb 2022 20:04:30 +0500
Subject: [PATCH] bug fix: ssl

---
 plogical/sslUtilities.py |  6 +++---
 plogical/vhost.py        |  3 +++
 plogical/vhostConfs.py   | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/plogical/sslUtilities.py b/plogical/sslUtilities.py
index 3284498d5..84668c015 100755
--- a/plogical/sslUtilities.py
+++ b/plogical/sslUtilities.py
@@ -299,7 +299,7 @@ class sslUtilities:
 
                     command = acmePath + " --issue -d " + virtualHostName + " -d www." + virtualHostName \
                               + ' --cert-file ' + existingCertPath + '/cert.pem' + ' --key-file ' + existingCertPath + '/privkey.pem' \
-                              + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w ' + sslpath + ' -k ec-256 --force --server letsencrypt'
+                              + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt'
 
                     logging.CyberCPLogFileWriter.writeToFile(command, 0)
 
@@ -319,7 +319,7 @@ class sslUtilities:
                         logging.CyberCPLogFileWriter.writeToFile("Trying to obtain SSL for: " + virtualHostName, 0)
                         command = acmePath + " --issue -d " + virtualHostName + ' --cert-file ' + existingCertPath \
                                   + '/cert.pem' + ' --key-file ' + existingCertPath + '/privkey.pem' \
-                                  + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w ' + sslpath + ' -k ec-256 --force --server letsencrypt'
+                                  + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt'
                         output = subprocess.check_output(shlex.split(command)).decode("utf-8")
                         logging.CyberCPLogFileWriter.writeToFile("Successfully obtained SSL for: " + virtualHostName, 0)
                         finalText = '%s\nSuccessfully obtained SSL for: %s.' % (finalText, virtualHostName)
@@ -344,7 +344,7 @@ class sslUtilities:
                     command = acmePath + " --issue -d " + virtualHostName + " -d www." + virtualHostName \
                               + ' -d ' + aliasDomain + ' -d www.' + aliasDomain\
                               + ' --cert-file ' + existingCertPath + '/cert.pem' + ' --key-file ' + existingCertPath + '/privkey.pem' \
-                              + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w ' + sslpath + ' -k ec-256 --force --server letsencrypt'
+                              + ' --fullchain-file ' + existingCertPath + '/fullchain.pem' + ' -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt'
 
                     output = subprocess.check_output(shlex.split(command)).decode("utf-8")
                     logging.CyberCPLogFileWriter.writeToFile(
diff --git a/plogical/vhost.py b/plogical/vhost.py
index f97ec6898..2049b9f47 100755
--- a/plogical/vhost.py
+++ b/plogical/vhost.py
@@ -193,6 +193,9 @@ class vhost:
     @staticmethod
     def createDirectoryForVirtualHost(virtualHostName,administratorEmail,virtualHostUser, phpVersion, openBasedir):
 
+        if not os.path.exists('/usr/local/lsws/Example/html'):
+            os.mkdir('/usr/local/lsws/Example/html')
+
         path = "/home/" + virtualHostName
         pathHTML = "/home/" + virtualHostName + "/public_html"
         pathLogs = "/home/" + virtualHostName + "/logs"
diff --git a/plogical/vhostConfs.py b/plogical/vhostConfs.py
index 3dc00eed4..30b121484 100755
--- a/plogical/vhostConfs.py
+++ b/plogical/vhostConfs.py
@@ -84,6 +84,21 @@ rewrite  {
  enable                  1
   autoLoadHtaccess        1
 }
+
+context /.well-known/acme-challenge {
+  location                /usr/local/lsws/Example/html/.well-known/acme-challenge
+  allowBrowse             1
+
+  rewrite  {
+
+  }
+  addDefaultCharset       off
+
+  phpIniOverride  {
+
+  }
+}
+
 """
 
     olsChildMainConf = """virtualHost {virtualHostName} {
@@ -170,6 +185,21 @@ rewrite  {
   enable                  1
   autoLoadHtaccess        1
 }
+
+context /.well-known/acme-challenge {
+  location                /usr/local/lsws/Example/html/.well-known/acme-challenge
+  allowBrowse             1
+
+  rewrite  {
+
+  }
+  addDefaultCharset       off
+
+  phpIniOverride  {
+
+  }
+}
+
 """
 
     lswsMasterConf = """<VirtualHost *:80>
@@ -179,6 +209,7 @@ rewrite  {
     ServerAdmin {administratorEmail}
     SuexecUserGroup {externalApp} {externalApp}
     DocumentRoot /home/{virtualHostName}/public_html
+    Alias /.well-known/acme-challenge /usr/local/lsws/Example/html/.well-known/acme-challenge
     CustomLog /home/{virtualHostName}/logs/{virtualHostName}.access_log combined
     AddHandler application/x-httpd-php{php} .php .php7 .phtml
     <IfModule LiteSpeed>
@@ -189,6 +220,7 @@ rewrite  {
 </VirtualHost>
 """
 
+
     lswsChildConf = """<VirtualHost *:80>
 
     ServerName {virtualHostName}