This project is not covered by Drupal’s security advisory policy.
A module for loosely integrating Provision (part of the Aegir hosting system) with Parallels Plesk.
New Drush Commands
This module provides the following new commands for Drush:
- plesk-setup-drupal
-
Set-up the specified client's document root folder to access the current Drupal site. This is done by means of symlinks to the shared Drupal platform/install; the Drupal site remains in its current location to allow it to be maintained by Aegir.
- plesk-discover-db
-
Inform Plesk about the database that corresponds to the current Drupal site, so that the database is associated with the appropriate client's account and can be managed and monitored within Plesk. This is useful if Aegir automatically created the database for the site (as is the typical case) because it allows you to leverage the additional quota and reporting tools Plesk offers, while freeing you from having to create each database and user account manually for each site.
- plesk-reset-pf-perm
-
Reset all of the permissions and ownership of the current Drupal install to default values appropriate for your Aegir and Plesk environment. This is useful if the current permissions are causing clients to have trouble accessing their Drupal sites.
This will cause all sites under the
sites/
folder to lose their owners. After running this command, you will need to restore appropriate ownership to clients.
New Drush Sub-Modules
In addition, this module provides the following sub-modules that make it easier to use Aegir to maintain Drupal sites that are monitored by Plesk and owned by hosting customers:
- site_owner_preservation
-
Extends Provision to allow it to work with Drupal sites that are not owned by the Aegir user account. To do this, this module allows Provision to take ownership of a site before it performs any operation (verify, clone, migrate, etc), and then to restore ownership to the original user at the end of the operation.
This makes it easier to give a user control over his or her Drupal install and to enforce hard, user-based quotas, while still giving the administrator the flexibility to use Aegir for maintenance.
- hardened_modules
-
Provides a Drupal core patch and functionality for restricting Provision from loading custom user modules during provisioning operations. This prevents users from being able to write custom modules that take advantage of having elevated privileges when bootstrapped by Aegir and Provision.
- ownership_utils
-
A module that provides Provision with an API for taking ownership of files and folders. This is used by
site_owner_preservation
.
Installation
More detailed documentation, including step-by-step documentation on how to set-up Aegir, install this module, and use it in conjunction with mpm-itk will be forthcoming shortly. In the mean time, you will need to perform the following steps:
- Install Aegir 0.4 Alpha 6, if you haven't already.
- Ensure that the Apache configuration files generated by Aegir are processed before the ones generated by Plesk. To do this, symlink
/etc/httpd/conf.d/zz005_aegir.conf
to~aegir/config/apache.conf
. This should take the place of whatever symlink you created when installing Aegir. - Set-up Apache to use mpm_itk. This is necessary so that each Drupal site runs with its owner's credentials.
- Download this module and extract it in a safe, temporary place.
- Copy the
provision_plesk
folder that was extracted in the previous step to the.drush
folder used by Aegir (~aegir/.drush
). - Optionally copy the file
sbin/aegir_chown.php
to/usr/local/sbin/aegir_chown
(note the lack of the.php
extension), and set the mode on the file so that it is executable. This wrapper script restricts which files Aegir can take ownership of, in case Aegir is compromised. - Give the Aegir user account (usually "aegir") permission to use sudo without a password to run "/usr/local/sbin/aegir_chown" (or "/usr/bin/sudo" if you skipped the previous step). This is required in order for Aegir to be able to take ownership of sites during provisioning operations.
- Apply the patch in
patches/provision-0.4/platform_AllowOverride.patch
to Provision to allow users to use.htaccess
files. This patch is required because this setup still requires the use of the Drupal.htaccess
file for each site. - Optionally apply the patch in
modules/hardened_modules/patches/drupal-6.16/module.inc.patch
to lock-down what modules are loaded by Provision. This patch is strongly recommended as it prevents a code execution vulnerability. - Overwrite the templates in
~aegir/.drush/provision
with the corresponding templates from~aegir/.drush/provision_plesk/templates
. These template files have been customized to produce virtual host configuration files that are compatible with what Plesk normally generates. - Have Aegir Verify all existing sites to re-generate their configuration files.
This module is a work-in-progress, but has been tested with Aegir 0.4 Alpha 6 and Plesk 8.6 running on CentOS 5.2. The module may also work with Aegir 0.3, though it is discouraged.
This project is developed and sponsored by Red Bottle Design, LLC.
If you like this module, please consider making a donation to Red Bottle Design, LLC.
Project information
- Unsupported
Not supported (i.e. abandoned), and no longer being developed. Learn more about dealing with unsupported (abandoned) projects - No further development
No longer developed by its maintainers. - Created by GuyPaddock on , updated
- This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.