Initial

bin/v-add-sys-pma-sso

@@ -0,0 +1,120 @@
+#!/bin/bash
+# info: enables support for single sign on phpMyAdmin
+# options: [mode]
+#
+# example: v-add-sys-pma-sso
+#
+# This function enables support for SSO to phpMyAdmin
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+MODE=$1
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+PMA_INSTALL="/usr/share/phpmyadmin"
+PMA_CONFIG="/etc/phpmyadmin"
+
+
+WWW_USER="www-data"
+if [ -f /etc/redhat-release ]; then
+    WWW_USER="apache"
+fi
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+# Checking root permissions
+if [ "x$(id -u)" != 'x0' ]; then
+	echo "Error: Script can be run executed only by root"
+	exit 10
+fi
+
+if [ -n "$PHPMYADMIN_KEY" ] && [ "$PHPMYADMIN_KEY" != "" ]; then
+	echo "Error: SSO has been installed before to reenable it please run v-delete-sys-pma-sso first"
+	exit 1
+fi
+
+if [ -f "/usr/share/phpmyadmin/hestia-sso.php" ]; then
+	echo "Error: hestia-sso.php is already installed"
+	exit 2
+fi
+
+if [ -f "/usr/local/hesta/web/api/index.php" ]; then
+	echo "Error: API script not installed"
+	exit 2
+fi
+
+if [ "API_SYSTEM" = "0" ]; then
+	echo "Error: API is not enabled"
+	exit 2
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Generate the keys to secure everything
+phpmyadminkey=$(generate_password)
+apikey=$($BIN/v-add-access-key 'admin' 'phpmyadmin-sso' 'phpMyAdmin' 'plain')
+
+# copy config dir to /usr/share/phpmyadmin/
+cp -f $HESTIA_COMMON_DIR/phpmyadmin/hestia-sso.php $PMA_INSTALL/hestia-sso.php
+chmod 640 $PMA_INSTALL/hestia-sso.php
+chown root:$WWW_USER $PMA_INSTALL/hestia-sso.php
+
+sed -i "s/%PHPMYADMIN_KEY%/$phpmyadminkey/g" $PMA_INSTALL/hestia-sso.php
+sed -i "s/%API_KEY%/$apikey/g" $PMA_INSTALL/hestia-sso.php
+sed -i "s/%API_HOST_NAME%/$(hostname)/g" $PMA_INSTALL/hestia-sso.php
+sed -i "s/%API_HESTIA_PORT%/$BACKEND_PORT/g" $PMA_INSTALL/hestia-sso.php
+
+# Check if config already contains the keys
+touch $PMA_CONFIG/hestia-sso.inc.php
+chmod 640 $PMA_CONFIG/hestia-sso.inc.php
+chown root:$WWW_USER $PMA_CONFIG/hestia-sso.inc.php
+
+echo "<?php
+if(isset(\$_GET['hestia_token']) || isset(\$_COOKIE['SignonSession'])){
+\$cfg['Servers'][\$i]['auth_type'] = 'signon';
+\$cfg['Servers'][\$i]['SignonSession'] = 'SignonSession';
+\$cfg['Servers'][\$i]['SignonURL'] = 'hestia-sso.php';
+\$cfg['Servers'][\$i]['LogoutURL'] = 'hestia-sso.php?logout=1';
+}
+?>" >> $PMA_CONFIG/hestia-sso.inc.php
+
+file=$(cat $PMA_CONFIG/config.inc.php)
+if ! [[ "$file" =~ hestia-sso.inc.php ]]; then
+	if [[ $file =~ "//Add Hestia SSO code here" ]]; then
+		sed -i "s|//Add Hestia SSO code here|//Add Hestia SSO code here\n     include ('$PMA_CONFIG/hestia-sso.inc.php');|g" $PMA_CONFIG/config.inc.php
+	else
+		echo "include ('$PMA_CONFIG/hestia-sso.inc.php');" >> $PMA_CONFIG/config.inc.php
+	fi
+fi
+
+$BIN/v-change-sys-config-value 'PHPMYADMIN_KEY' "$phpmyadminkey"
+
+if [ -z "$(echo $API_ALLOWED_IP | grep 127.0.0.1)" ]; then
+	$BIN/v-add-sys-api-ip "127.0.0.1"
+fi
+
+#----------------------------------------------------------#
+#                       Logging                            #
+#----------------------------------------------------------#
+
+if [ "$MODE" != "quiet" ]; then
+	echo "PMA Hestia-SSO plugin has been successfully installed"
+fi
+$BIN/v-log-action "system" "Info" "Plugins" "phpMyAdmin Single Sign-On has been enabled."
+log_event "$OK" "$ARGUMENTS"