init

TestClient.php

@@ -0,0 +1,222 @@
+<?php
+
+
+class ApiClient {
+    private string $apiUrl;
+    private string $apiKey;
+
+    /**
+     * @param $apiUrl
+     * @param $apiKey
+     */
+    public function __construct($apiUrl, $apiKey)  {
+        $this->apiUrl = rtrim($apiUrl, '/');
+        $this->apiKey = $apiKey;
+    }
+
+    /**
+     * Initially deploy the development site for the customer
+     *
+     * @param $userName :        The username under which the domain is deployed
+     * @param $domain :          The Domain to migrate
+     * @param $adminName :       The Super-Admin User of the CRM System (usually the e-mail of the customer
+     * @param $adminPassword :   A self randomly generated password
+     *
+     * @return array            a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                          or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     *
+     * Attention: The given parameters username, adminName and adminPassword must be
+     *            stored locally for the Single Sign on from whcms plugin
+     */
+    public function deployDev($userName, $domain, $adminName, $adminPassword): array {
+        $url = "$this->apiUrl/deploydev/$userName/$domain";
+        $data = [
+            'admin_name' => $adminName,
+            'admin_password' => $adminPassword
+        ];
+        return $this->sendRequest('POST', $url, $data);
+    }
+
+
+    /**
+     * Migrate dev site to prod site
+     *
+     * @param $userName:        The username under which the domain is deployed
+     * @param $domain:          The Domain to migrate
+     * @param $adminName:       The Super-Admin User of the CRM System (usually the e-mail of the customer
+     * @param $adminPassword:   A self randomly generated password
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                          or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     *
+     * Attention: The given parameters adminName and adminPassword must be stored locally for the
+     *            Single Sign on from whcms plugin
+     */
+    public function migrateprod($userName, $domain, $adminName, $adminPassword): array {
+        $url = "$this->apiUrl/migrateprod/$userName/$domain";
+        $data = [
+            'admin_name' => $adminName,
+            'admin_password' => $adminPassword
+        ];
+        return $this->sendRequest('POST', $url, $data);
+    }
+
+
+    /**
+     * Disables the prod webpage
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                          or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     */
+    public function disableprod($domain, $userName): array {
+        $url = "$this->apiUrl/disableprod/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+    /**
+     * Enables the prod webpage
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['isenabled' => 'YES']];
+     *                          or a json with ['status' => $httpCode,'response' => ['isenabled' => 'NO']];
+     */
+    public function enableprod($domain, $userName): array {
+        $url = "$this->apiUrl/enableprod/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+
+    /**
+     * Disables the prod webpage
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                          or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     */
+    public function isprodenabled($domain, $userName): array {
+        $url = "$this->apiUrl/isprodenabled/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+    /**
+     * Disables the prod webpage
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['ssl_expiry' => 'Datum des Ablaufs des Zertifikats', 'ssl_remaining' => 'Anzahl der Tage bis zum Ablauf des Zertifikats']];
+     */
+    public function getSSLDays($domain, $userName): array {
+        $url = "$this->apiUrl/getssldays/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+    /**
+     * Lists the Prod Backups for the prod webpage
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => [
+     *                                          'backups' =>
+     * [
+     *                                              ['backup_date' => 'ISO Backup Datum',
+     *                                              'swiss_date' => 'Datum im Schweizer Format',
+     *                                              'size_mb' => 'Grösse in Megabyte',
+     *                                              'filename' => 'Dateiname des tar.gz's'
+     *                                          ]
+     *                                      ];
+     *
+     */
+    public function listbackups($domain, $userName): array  {
+        $url = "$this->apiUrl/listbackups/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+
+    /**
+     * Restores a Backup with the given ISO Date
+     *
+     * @param username:        The username under which the domain is deployed
+     * @param domain:          The Domain to migrate
+     * @param backupDate:      The ISO-Date of the backup (backup_date from listBackups) to restore
+     *
+     * @return                  a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                          or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     */
+    public function restorebackup($domain, $userName, $backupDate): array {
+        $url = "$this->apiUrl/restorebackup/$userName/$domain";
+        $data = [
+            'backup_date' => $backupDate
+        ];
+        return $this->sendRequest('POST', $url, $data);
+    }
+
+
+    /**
+     * Terminates a Website permanently
+     *
+     * @param $domain    : The domain to terminate (terminates dev and prod website)
+     * @param $userName  : The username under which the domain is deployed
+     * @return array     : a json with ['status' => $httpCode,'response' => ['success' => 'Text']];
+     *                     or a json with ['status' => $httpCode,'response' => ['error' => 'Error-Description']];
+     */
+    public function terminate($domain, $userName): array {
+        $url = "$this->apiUrl/terminate/$userName/$domain";
+        return $this->sendRequest('GET', $url);
+    }
+
+
+    private function sendRequest($method, $url, $data = []): array     {
+        $ch = curl_init();
+
+        error_log("SEND REQUEST: " . print_r($data, true));
+
+        $options = [
+            CURLOPT_URL => $url,
+            CURLOPT_RETURNTRANSFER => true,
+            CURLOPT_HTTPHEADER => [
+                "X-Api-Key: $this->apiKey",
+                "Content-Type: application/json"
+            ],
+            CURLOPT_CONNECTTIMEOUT => 0,
+            CURLOPT_TIMEOUT => 400,
+            //CURLOPT_CUSTOMREQUEST => $method,
+            CURLOPT_SSL_VERIFYPEER => false, // Deaktiviert die Überprüfung des SSL-Zertifikats
+            CURLOPT_SSL_VERIFYHOST => false  // Akzeptiert alle Hostnamen
+        ];
+
+        if ($method === 'POST' && !empty($data)) {
+            $options[CURLOPT_POST] = true;
+           // $options[CURLOPT_POSTFIELDS] = $data;
+            $options[CURLOPT_POSTFIELDS] = json_encode($data,true);
+        }
+
+        curl_setopt_array($ch, $options);
+        $response = curl_exec($ch);
+        $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+        curl_close($ch);
+
+        return [
+            'status' => $httpCode,
+            'response' => json_decode($response, true)
+        ];
+    }
+}
+
+
+// Beispielnutzung mit HTTPS
+$apiClient = new ApiClient('https://vm-dc-builderhost-01.thurdata.local', 'your-secure-password');
+//$response = $apiClient->getSSLDays('exampleuser', 'example.com');
+$response = $apiClient->deployDev('roka101', 'tech-design.ch', 'info@tech-design.ch', 'Technics2312');
+
+print_r($response);
+
+

controllers/BackupController.php

@@ -0,0 +1,100 @@
+<?php
+namespace application\controllers;
+
+class BackupController {
+
+    // BackupFile: YYYY-MM-DD-prod_domain.tar.gz
+    // DBBackupFile: YYYY-MM-DD-prod_domain.sql
+
+    public static function listBackups($data):void {
+        $username = $data['username'] ?? '';
+        $domain = $data['domain'] ?? '';
+
+        if (empty($username) || empty($domain)) {
+            error_log("listBackups: ERROR: No username or domain provided");
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameters: username or domainname']);
+            return;
+        }
+
+        $backupDir = "/home/$username/backups";
+        error_log(" Starting function listbackups for " . $username . " and " . $domain . " : BackupDir " . $backupDir);
+        if (!is_dir($backupDir)) {
+            error_log(" ERROR: Backup Dir does not exist");
+            http_response_code(404);
+            echo json_encode(['error' => 'Backup directory not found']);
+            return;
+        }
+
+        $files = array_diff(scandir($backupDir), ['.', '..']);
+        $backupList = [];
+
+        foreach ($files as $file) {
+            if (preg_match('/^(\d{4}-\d{2}-\d{2})-' . preg_quote($domain, '/') . '\.tar\.gz$/', $file, $matches)) {
+		        $originalDate = $matches[1];
+                $swissDate = DateTime::createFromFormat('Y-m-d', $originalDate)->format('d.m.Y');
+                $sizeMB = round(filesize("$backupDir/$file") / (1024 * 1024), 2);
+                $backupList[] = [
+                    'backup_date' => $originalDate,
+                    'swiss_date' => $swissDate,
+                    'size_mb' => $sizeMB,
+                    'filename' => $file
+                ];
+            }
+        }
+        echo json_encode(['backups' => $backupList]);
+    }
+
+    // BackupFile: YYYY-MM-DD-prod_domain.tar.gz
+    // DBBackupFile: YYYY-MM-DD-prod_domain.sql
+    public static function restoreBackup($data):void {
+        $username = $data['username'] ?? '';
+        $domain = $data['domain'] ?? '';
+        if (empty($username) || empty($data['backup_date']) || empty($domain)) {
+            error_log("restoreBackup: ERROR: No username, domain provided or backup_date provided");
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameters']);
+            return;
+        }
+        error_log(" Starting function restoreBackup for " . $username . " and " . $domain . " : Backup-Date " . $data['backup_date']);
+
+        $backupDir = "/home/$username/backups";
+        $webrootDir = "/home/$username/prod.$domain";
+        $backupFile = $data['backup_date'] ?? '';
+	    $backupFile = $backupFile . "-" . $domain . ".tar.gz";
+        $dbBackupFile = $backupDir ." /" . $data['backup_date'] . "-prod_" . str_replace(['-', '.'], ["_", "_"], $domain);
+        $prodDatabaseName = $username . "_prod_";
+        $prodDatabaseName = $prodDatabaseName  . str_replace(['-', '.'], ["_", "_"], $domain);
+
+        if (!file_exists($backupFile)) {
+            error_log("restoreBackup: ERROR: Backup file $backupFile does not exist");
+            http_response_code(404);
+            echo json_encode(['error' => 'Web Backup file not found']);
+            return;
+        }
+
+        if (!file_exists($dbBackupFile)) {
+            error_log("restoreBackup: ERROR: Database backup file $dbBackupFile does not exist");
+            http_response_code(404);
+            echo json_encode(['error' => 'Database Backup file not found']);
+            return;
+        }
+
+        exec("sudo /usr/bin/tar -xzf $backupFile -C $webrootDir", $output, $returnCode);
+        if ($returnCode !== 0) {
+                error_log("restoreBackup: ERROR: Failed to restore webroot, details' =>" . implode("\n", $output));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to restore webroot', 'details' => implode("\n", $output)]);
+                return;
+        }
+
+        exec("sudo /usr/bin/mysql $prodDatabaseName < $dbBackupFile", $output, $returnCode);
+        if ($returnCode !== 0) {
+            error_log("restoreBackup: ERROR: Failed to restore database, details' =>" . implode("\n", $output));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to restore database', 'details' => implode("\n", $output)]);
+            return;
+        }
+        echo json_encode(['success' => 'Backup restored successfully']);
+    }
+}

controllers/DeployDevController.php

@@ -0,0 +1,321 @@
+<?php 
+namespace application\controllers;
+
+class DeployDevController {
+    public static function deploy($data): void {
+        $username =  $data['username'];
+        $domain =    $data['domain'];
+        $adminName = $data['admin_name'] ?? '';
+        $adminPassword = $data['admin_password'];
+	    $databaseName = $username . "_dev_";
+	    $databaseName = $databaseName  . str_replace(['-', '.'], ["_", "_"], $domain);
+        $webDir = "/home/$username/dev.$domain";
+        $configTemplate = '/etc/apache2/site-config.in';
+        $configFile = "/etc/apache2/sites-enabled/dev.$domain.conf";
+
+        if (empty($username) || empty($domain) || empty($adminName) || empty($adminPassword)) {
+            error_log("deploy: ERROR: No username, domain, admin_name or admin_password provided");
+            http_response_code(400);
+            error_log("deploy: ERROR: UserName 1 " .    $username);
+            error_log("deploy: ERROR: Domain   1 " .    $domain);
+            error_log("deploy: ERROR: UserName 2 " .    $data['username'] );
+            error_log("deploy: ERROR: Domain   2 " .    $data['domain']   );
+            error_log("deploy: ERROR: AdminName  " .    $adminName);
+            error_log("deploy: ERROR: AdminPasswd" . $adminPassword);
+
+            error_log(print_r($data,true));
+            echo json_encode(['error' => 'Missing required parameters']);
+            return;
+        }
+
+        error_log(" Starting function deploy for " . $username . " and " . $domain . "  DebugMode: " . $GLOBALS['debug']);
+
+        $userExisted = false;
+        if( strpos(file_get_contents("/etc/passwd"),$username) !== false) {
+            $userExisted = true;
+        }
+
+        if ($userExisted != true) {
+            // Create user without login access
+            if ($GLOBALS['debug'] == true) {error_log("Adding User: " . $username); }
+            exec("sudo /usr/sbin/useradd -m -k -M -s /usr/sbin/nologin $username  2>&1", $userOutput, $userReturnCode);
+            if ($userReturnCode !== 0) {
+                error_log("deploy: ERROR: Useradd for  $username failed, details => " . implode("\n", $userOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to create user', 'details' => implode("\n", $userOutput)]);
+                return;
+            }
+        }
+
+        if ($GLOBALS['debug'] == true) { error_log("Creating Webdir ($webDir) for : " . $username); }
+        exec("sudo /usr/bin/mkdir $webDir 2>&1", $mkdirOutput, $mkdirReturnCode);
+            if ($mkdirReturnCode !== 0) {
+                error_log("deploy: ERROR: Create Webdir for  $username failed, details => ". implode("\n", $mkdirOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to create web dir', 'details' => implode("\n", $mkdirOutput)]);
+                return;
+            }
+
+        if ($GLOBALS['debug'] == true) { error_log("Creating logdir for : " . $username); }
+        if (is_dir("/home/$username/logs") != true) {
+             exec("sudo /usr/bin/mkdir /home/$username/logs  2>&1", $mkdirOutput, $mkdirReturnCode);
+                if ($mkdirReturnCode !== 0) {
+                    error_log("deploy: ERROR: Failed to create log directory for  $username failed, details => " . implode("\n", $mkdirOutput));
+                    http_response_code(500);
+                    echo json_encode(['error' => 'Failed to create logs dir', 'details' => implode("\n", $mkdirOutput)]);
+                    return;
+                }
+        }
+        if ($GLOBALS['debug'] == true) { error_log("Creating backup dir for : " . $username); }
+        if (is_dir("/home/$username/backups") != true) {
+           exec("sudo /usr/bin/mkdir /home/$username/backups  2>&1", $mkdirOutput, $mkdirReturnCode);
+           if ($mkdirReturnCode !== 0) {
+               error_log("deploy: ERROR: mkdir /home/$username/backups failed, details => " . implode("\n", $mkdirOutput));
+               http_response_code(500);
+               echo json_encode(['error' => 'Failed to create backups dir', 'details' => implode("\n", $mkdirOutput)]);
+               return;
+           }
+        }
+
+        if ($GLOBALS['debug'] == true) { error_log("Chown homedir: " . $username); }
+        exec("sudo /usr/bin/chown $username:$username /home/$username -R 2>&1", $chownOutput, $chownReturnCode);
+        if ($chownReturnCode !== 0) {
+            error_log("deploy: ERROR: chown on /home/$username failed, details => " . implode("\n", $chownOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chown backups dir', 'details' => implode("\n", $chownOutput)]);
+            return;
+        }
+
+        if ($GLOBALS['debug'] == true) { error_log("Reading Apache Config Template /etc/apache2/site-config.in"); }
+        $configContent = file_get_contents($configTemplate);
+
+        if ($GLOBALS['debug'] == true) { error_log("Replace config settings in Apache Config Template"); }
+        $configContent = str_replace(['DOCUMENTROOT', 'SERVERNAME','USERNAME', 'DOMAINNAME', 'SERVERALIAS'], [$webDir, "dev.$domain",$username,"dev.$domain", "" ], $configContent);
+
+        /*
+        if ($GLOBALS['debug'] == true) { error_log("Running Certbot for Domain " . $domain); }
+        exec("sudo /usr/bin/certbot certonly --webroot -w /etc/apache2/letsencrypt -d dev.$domain --non-interactive --agree-tos --email admin@$domain 2>&1", $output, $returnCode);
+        if ($returnCode !== 0) {
+            error_log("deploy: ERROR: certbot failed to create certificate  on dev.$domain, details => " . implode("\n", $output));
+            http_response_code(500);
+            echo json_encode(['error' => 'Certbot failed', 'details' => implode("\n", $output)]);
+            return;
+        }
+        */
+        if ($GLOBALS['debug'] == true) { error_log("Replace sslsettings in in Apache Config Template"); }
+        $certDir = "/etc/letsencrypt/live/dev.$domain";
+        $configContent = str_replace('DOMAINNAME', $domain, $configContent);
+
+        if ($GLOBALS['debug'] == true) { error_log("Writing apache config file to " . $configFile); }
+        if (file_put_contents($configFile, $configContent) != true) {
+            error_log("deploy: ERROR: while writing apache config");
+            echo json_encode(['error' => 'Failed to write Apache config', 'details' => []]);
+        }
+
+        exec('sudo /usr/bin/systemctl reload apache2  2>&1', $apacheOutput, $apacheReturnCode);
+        if ($GLOBALS['debug'] == true) { error_log("Restarting Apache"); }
+        if ($apacheReturnCode !== 0) {
+            error_log("deploy: ERROR: Apache Reload error, details => " . implode("\n", $apacheOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to reload Apache', 'details' => implode("\n", $apacheOutput)]);
+            return;
+        }
+
+        // Create PHP-FPM User
+        // /etc/php/8.2/fpm/user.in
+        if ($userExisted != true) {
+            if ($GLOBALS['debug'] == true) {error_log("Writing PHP-FPM Config for : " . $username); }
+            $phpContent = file_get_contents("/etc/php/8.2/fpm/user.in");
+            $phpContent = str_replace("USERNAME", $username, $phpContent);
+            file_put_contents("/etc/php/8.2/fpm/pool.d/" . $username . ".conf", $phpContent);
+
+            if ($GLOBALS['debug'] == true) {error_log("Restarting PHP-FPM : " . $username);}
+            exec('sudo /usr/bin/systemctl reload php8.2-fpm', $phpOutput, $phpReturnCode);
+            if ($phpReturnCode !== 0) {
+                error_log("deploy: ERROR: PHP-FPM reload error, details => " . implode("\n", $phpOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to reload PHP-FPM', 'details' => implode("\n", $phpOutput)]);
+                return;
+            }
+        }
+        //Create MySQL Database
+        if ($GLOBALS['debug'] == true) { error_log("creating database: " . $databaseName); }
+        $sqlCommand = "sudo mysql -e \"create database $databaseName;\"  2>&1";
+        exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+            if ($mysqlReturnCode !== 0) {
+                error_log("deploy: MySQL create database error, details => " . implode("\n", $mysqlOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to create database $databaseName', 'details' => implode("\n", $mysqlOutput)]);
+                return;
+            }
+        //Create MySQL User
+
+        $sqlCommand = "sudo mysql -e \"create user '" . $username . "'@'localhost' identified by '" . $username . "'\"  2>&1";
+        if ($GLOBALS['debug'] == true) { error_log("creating database user: " . $sqlCommand); }
+        exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+            if ($mysqlReturnCode !== 0) {
+                error_log("deploy: MySQL create user $username error, details => " . implode("\n", $mysqlOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to create databaseuser $username', 'details' => implode("\n", $mysqlOutput)]);
+                return;
+            }
+
+        //Grant permission
+        if ($GLOBALS['debug'] == true) { error_log("granting permission on $databaseName to: " . $username); }
+        $sqlCommand = "sudo mysql -e  \"grant all on " . $databaseName . ".* to '" . $username . "'@'localhost';\"  2>&1";
+        exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+            if ($mysqlReturnCode !== 0) {
+                error_log("deploy: MySQL grant permission to user $username error, details => " . implode("\n", $mysqlOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to grant permission on $databaseName ot $username', 'details' => implode("\n", $mysqlOutput)]);
+                return;
+            }
+
+        // Deployment of the Concrete CMS Application
+        if ($GLOBALS['debug'] == true) { error_log("Copy master directory to $webDir"); }
+        exec("sudo /usr/bin/cp -r /var/www/master/* $webDir  2>&1",$cpOutput,$cpReturnCode);
+            if ($cpReturnCode !== 0) {
+                error_log("deploy: Error while copying master installation to $webDir, details => " . implode("\n", $cpOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to copy master installation into web dir', 'details' => implode("\n", $cpOutput)]);
+                return;
+            }
+
+        if ($GLOBALS['debug'] == true) { error_log("Chown WebDir $webDir"); }
+        exec("sudo /usr/bin/chown $username:$username $webDir -R  2>&1", $chownOutput, $chownReturnCode);
+            if ($chownReturnCode !== 0) {
+                error_log("deploy: chown error on $webDir, details => " . implode("\n", $chownOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+                return;
+            }
+
+        if ($GLOBALS['debug'] == true) { error_log("Writing install script to: /home/" . $username . "/" . $databaseName ."-inst.sh"); }
+        $installCommand = "#!/bin/bash\n";
+        $installCommand .= "$webDir/concrete/bin/concrete5 c5:install --starting-point=restaurantly --db-server='localhost' --db-username='" . $username . "' --db-password='" . $username ."' --db-database='" . $databaseName . "' --timezone='Europe/Zurich' --admin-email='" . $adminName . "' --admin-password='" . $adminPassword . "' --site-locale=ch_DE --language=ch_DE --site='" . $domain . "' -n  2>&1 \n";
+        $installCommand .= "$webDir/concrete/bin/concrete5 c5:package-install studio_templates 2>&1 \n";
+        $installCommand .= "$webDir/concrete/bin/concrete5 studio:setup 2>&1 \n";
+        file_put_contents("/var/www/scripts/" . $databaseName ."-inst.sh",$installCommand);
+
+        if ($GLOBALS['debug'] == true) { error_log("Chmod install script: /home/" . $username . "/" . $databaseName ." -inst.sh"); }
+        exec("sudo /usr/bin/chmod a+x /var/www/scripts/" . $databaseName ."-inst.sh 2>&1", $chmodOutput, $chmodReturnCode);
+        if ($chmodReturnCode !== 0) {
+            error_log("deploy: ERROR: chmod on /var/www/scripts/" . $databaseName ."-inst.sh failed, details => " . implode("\n", $chmodOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chmod on /var/www/scripts/' . $databaseName .'-inst.sh', 'details' => implode("\n", $chmodOutput)]);
+            return;
+        }
+
+        if ($GLOBALS['debug'] == true) { error_log("Executing Concrete 5 installation: " . $installCommand); }
+        exec("sudo -u $username /var/www/sudo-concrete5.sh /var/www/scripts/" . $databaseName ."-inst.sh",$createOutput, $createReturnCode);
+            if ($createReturnCode !== 0) {
+                error_log("deploy: cms installation error, details => " . implode("\n", $createOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to install cms system', 'details' => implode("\n", $createOutput)]);
+                return;
+            }
+
+        echo json_encode(['success' => 'Development site deployed successfully','details' => implode("\n", $createOutput)]);
+    }
+
+
+
+
+//exec("php /path/to/scripts/post_install_setup.php", $output, $code);
+
+
+    public static function revert($data): void {
+        $username = $data['username'] ?? '';
+        $domain = $data['domain'] ?? '';
+        $adminName = $data['admin_name'] ?? '';
+        $adminPassword = $data['admin_password'] ?? '';
+        $webDir = "/home/$username/dev.$domain";
+	    $databaseName = $username . "_dev_";
+	    $databaseName = $databaseName  . str_replace(['-', '.'], ["_", "_"], $domain);
+
+
+	exec("sudo /usr/bin/rm -rf $webDir 2>&1", $rmOutput, $rmReturnCode);
+        if ($rmReturnCode !== 0) {
+            error_log("revert: error on rm $webDir -r, details => " . implode("\n", $rmOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to remove webdir dir', 'details' => implode("\n", $rmOutput)]);
+            return;
+        }
+
+	exec("sudo /usr/bin/mkdir $webDir  2>&1", $mkdirOutput, $mkdirReturnCode);
+        error_log("revert: error on mkdir $webDir, details => " . implode("\n", $mkdirOutput));
+        if ($mkdirReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to create web dir', 'details' => implode("\n", $mkdirOutput)]);
+            return;
+        }
+
+	exec("sudo /usr/bin/chown $username:$username $webDir  2>&1", $chownOutput, $chownReturnCode);
+        if ($chownReturnCode !== 0) {
+            error_log("revert: chown error on $webDir, details => " . implode("\n", $chownOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+            return;
+        }
+    $sqlCommand = "sudo mysql \"drop database $databaseName;\"  2>&1";
+	exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            error_log("revert: MySQL drop database error, details => " . implode("\n", $mysqlOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to drop database $usernmae', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+    $sqlCommand = "sudo mysql \"create database $databaseName;\"  2>&1";
+	exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            error_log("revert: MySQL create database error, details => " . implode("\n", $mysqlOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to create database $usernmae', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+
+	// Deployment of the Concrete CMS Application
+	exec("sudo /usr/bin/cp -r /var/www/master/* $webDir  2>&1",$cpOutput,$cpReturnCode);
+        if ($cpReturnCode !== 0) {
+            error_log("revert: Error while copying master installation to $webDir, details => " . implode("\n", $cpOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to copy master installation into web dir', 'details' => implode("\n", $cpOutput)]);
+            return;
+        }
+
+
+    exec("sudo /usr/bin/chown $username:$username $webDir -R  2>&1", $chownOutput, $chownReturnCode);
+        if ($chownReturnCode !== 0) {
+            error_log("revert: chown error on $webDir, details => " . implode("\n", $chownOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+            return;
+        }
+
+	exec("sudo -u $username /var/www/sudo-concrete5.sh $webDir/concrete/bin/concrete5 c5:install  --db-server=localhost --db-username=$username --db-password=$username --db-database=$databaseName --timezone=\"Europe/Zurich\" --admin-email=$adminName  --admin-password=$adminPassword --site-locale=ch_DE --language=ch_DE --site=$domain --starting-point=atomik_blank -n -vv 2>&1",$createOutput, $createReturnCode);
+        if ($createReturnCode !== 0) {
+            error_log("revert: cms installation error, details => " . implode("\n", $createOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to install cms system', 'details' => implode("\n", $createOutput)]);
+            return;
+        }
+
+	exec("sudo /usr/bin/chown $username:$username $webDir  2>&1", $chownOutput, $chownReturnCode);
+        if ($chownReturnCode !== 0) {
+            error_log("revert: chown error on $webDir, details => " . implode("\n", $chownOutput));
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+            return;
+        }
+
+        echo json_encode(['success' => 'Development site deployed successfully']);
+    }
+
+
+    public static function terminate($data): void {
+
+    }
+
+}

controllers/GetSSLDaysController.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace application\controllers;
+
+class GetSSLDaysController {
+    public static function getSSLDays($data): void {
+        $domain = $data['domain'] ?? '';
+
+        if (empty($domain)) {
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameter: domain']);
+            return;
+        }
+
+        $certFile = "/etc/letsencrypt/live/$domain/fullchain.pem";
+        if (!file_exists($certFile)) {
+            http_response_code(404);
+            echo json_encode(['error' => 'SSL certificate not found']);
+            return;
+        }
+
+        $certData = openssl_x509_parse(file_get_contents($certFile));
+        if (!$certData || !isset($certData['validTo_time_t'])) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to parse SSL certificate']);
+            return;
+        }
+
+        $expiryTimestamp = $certData['validTo_time_t'];
+        $expiryDate = date('Y-m-d', $expiryTimestamp);
+        $daysRemaining = ceil(($expiryTimestamp - time()) / 86400);
+
+        echo json_encode([
+	        'ssl_expiry' => $expiryDate,
+	        'ssl_remaining' => $daysRemaining
+	    ]);
+    }
+}

controllers/ProdController.php

@@ -0,0 +1,206 @@
+<?php
+namespace application\controllers;
+
+class ProdController {
+    public static function disable($data): void {
+        $domain = $data['domain'] ?? '';
+
+        if (empty($domain)) {
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameter: domainname']);
+            return;
+        }
+
+        $enabledConfig = "/etc/apache2/sites-enabled/prod.$domain.conf";
+        $availableConfig = "/etc/apache2/sites-available/prod.$domain.conf";
+
+        if (!file_exists($enabledConfig)) {
+            http_response_code(404);
+            echo json_encode(['error' => 'Configuration file not found']);
+            return;
+        }
+
+        if (!rename($enabledConfig, $availableConfig)) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to move configuration file']);
+            return;
+        }
+
+        exec('systemctl reload apache2', $output, $returnCode);
+        if ($returnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to reload Apache', 'details' => implode("\n", $output)]);
+            return;
+        }
+
+        echo json_encode(['success' => 'Production site disabled successfully']);
+    }
+    
+    
+    public static function enable($data): void  {
+        $domain = $data['domain'] ?? '';
+
+        if (empty($domain)) {
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameter: domainname']);
+            return;
+        }
+
+        $availableConfig = "/etc/apache2/sites-available/prod.$domain.conf";
+        $enabledConfig = "/etc/apache2/sites-enabled/prod.$domain.conf";
+
+        if (!file_exists($availableConfig)) {
+            http_response_code(404);
+            echo json_encode(['error' => 'Configuration file not found']);
+            return;
+        }
+
+        if (!rename($availableConfig, $enabledConfig)) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to move configuration file']);
+            return;
+        }
+
+        exec('systemctl reload apache2', $output, $returnCode);
+        if ($returnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to reload Apache', 'details' => implode("\n", $output)]);
+            return;
+        }
+
+        echo json_encode(['success' => 'Production site enabled successfully']);
+    }
+
+    public static function isenabled($data): void {
+        $domain = $data['domain'] ?? '';
+
+        if (file_exists("/etc/apache2/sites-enabled/prod.$domain.conf")) {
+            echo json_encode(['isenabled' => 'YES']);
+        } else {
+            echo json_encode(['isenabled' => 'NO']);
+        }
+    }
+
+
+
+
+
+    public static function migrateFromDev($data): void {
+        $username = $data['username'] ?? '';
+        $domain = $data['domain'] ?? '';
+        $adminName = $data['admin_name'] ?? '';
+        $adminPassword = $data['admin_password'] ?? '';
+        if (empty($username) || empty($domain) || empty($adminName) || empty($adminPassword)) {
+            http_response_code(400);
+            echo json_encode(['error' => 'Missing required parameters']);
+            return;
+        }
+	    $webDir = "/home/$username/prod.$domain";
+        $configFile = "/etc/apache2/sites-enabled/prod.$domain.conf";
+	    $configTemplate = '/etc/apache2/site-config.in';
+        $devDatabaseName = $username . "_dev_";
+        $devDatabaseName = $devDatabaseName  . str_replace(['-', '.'], ["_", "_"], $domain);
+
+        $prodDatabaseName = $username . "_prod_";
+        $prodDatabaseName = $prodDatabaseName  . str_replace(['-', '.'], ["_", "_"], $domain);
+
+
+
+        exec("sudo /usr/bin/mkdir $webDir", $mkdirOutput, $mkdirReturnCode);
+        if ($mkdirReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to create web dir', 'details' => implode("\n", $mkdirOutput)]);
+            return;
+        }
+
+        exec("sudo /usr/bin/chown $username:$username $webDir", $chownOutput, $chownReturnCode);
+        if ($chownReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+            return;
+        }
+
+	    $configContent = file_get_contents($configTemplate);
+        $configContent = str_replace(['DOCUMENTROOT', 'SERVERNAME','USERNAME','DOMAINNAME', 'SERVERALIAS'], [$webDir, "prod.$domain","prod.$domain", "www.$domain" ], $configContent);
+        file_put_contents($configFile, $configContent);
+
+
+        exec("sudo /usr/bin/certbot certonly --webroot -w /etc/apache/letsencrypt -d www.$domain -d $domain --non-interactive --agree-tos --email admin@$domain", $output, $returnCode);
+        if ($returnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Certbot failed', 'details' => implode("\n", $output)]);
+            return;
+        }
+
+        exec('sudo /usr/bin/systemctl reload apache2', $apacheOutput, $apacheReturnCode);
+        if ($apacheReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to reload Apache', 'details' => implode("\n", $apacheOutput)]);
+            return;
+        }
+
+
+       //Create MySQL Database
+        $sqlCommand = "sudo mysql \"create database $prodDatabaseName;\"";
+        exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to create database $username', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+        //Grant permission
+        $sqlCommand = "sudo mysql \"grant all on " . $prodDatabaseName . ".* to '" . $username . "'@'localhost';\"";
+        exec($sqlCommand,$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to grant permission on $prodDatabaseName ot $username', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+
+        exec("sudo /usr/bin/mysqldump $devDatabaseName > /home/$username/$domain-dev-export.sql';",$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to dump development database', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+        exec("sudo /usr/bin/mysql $prodDatabaseName < /home/$username/$domain-dev-export.sql';",$mysqlOutput,$mysqlReturnCode);
+        if ($mysqlReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to import development database to prod database', 'details' => implode("\n", $mysqlOutput)]);
+            return;
+        }
+
+
+        // Deployment of the Concrete CMS Application
+        exec("sudo /usr/bin/cp -r /home/$username/dev.$domain/* $webDir",$cpOutput,$cpReturnCode);
+        if ($cpReturnCode !== 0) {
+            http_response_code(500);
+            echo json_encode(['error' => 'Failed to copy dev installation into prod directory', 'details' => implode("\n", $cpOutput)]);
+            return;
+        }
+
+        //TODO Replace Settings in Prod Environment
+
+        if ($GLOBALS['debug'] == true) { error_log("Chown WebDir $webDir"); }
+        exec("sudo /usr/bin/chown $username:$username $webDir -R  2>&1", $chownOutput, $chownReturnCode);
+            if ($chownReturnCode !== 0) {
+                error_log("deploy: chown error on $webDir, details => " . implode("\n", $chownOutput));
+                http_response_code(500);
+                echo json_encode(['error' => 'Failed to chown web dir', 'details' => implode("\n", $chownOutput)]);
+                return;
+            }
+
+	    echo json_encode(['success' => 'Production site successfully from dev']);
+
+    }
+
+
+    public static function terminate($data): void {
+
+    }
+
+
+}

index.php

@@ -0,0 +1,169 @@
+<?php
+
+$debug = true;
+
+/*
+RewriteEngine On
+
+# Erlaubt den direkten Zugriff auf bestehende Dateien und Verzeichnisse
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+
+# Leitet alle anderen Anfragen an index.php weiter
+RewriteRule ^(.*)$ index.php [QSA,L]
+*/
+
+require_once __DIR__ . '/controllers/BackupController.php';
+require_once __DIR__ . '/controllers/DeployDevController.php';
+require_once __DIR__ . '/controllers/GetSSLDaysController.php';
+require_once __DIR__ . '/controllers/ProdController.php';
+
+use application\controllers\BackupController;
+use application\controllers\DeployDevController;
+use application\controllers\GetSSLDaysController;
+use application\controllers\ProdController;
+
+
+
+const API_PASSWORD = 'your-secure-password';
+
+function authenticateRequest() {
+    $headers = getallheaders();
+    $providedPassword = $headers['X-Api-Key'] ?? '';
+
+    if ($providedPassword !== API_PASSWORD) {
+        http_response_code(403);
+        echo json_encode(['error' => 'Unauthorized']);
+        exit;
+    }
+}
+
+header('Content-Type: application/json');
+
+$requestMethod = $_SERVER['REQUEST_METHOD'];
+$requestUri = explode('/', trim($_SERVER['REQUEST_URI'], '/'));
+$endpoint = $requestUri[0] ?? '';
+$username = $requestUri[1] ?? '';
+$domain = $requestUri[2] ?? '';
+if(isset($_SERVER['CONTENT_TYPE'])) {
+    $content_type = $_SERVER['CONTENT_TYPE'];
+}
+if ( $GLOBALS['debug'] == true) {
+    error_log("ContentType: " . $content_type);
+}
+$phpData = file_get_contents("php://input");
+if ($GLOBALS['debug'] == true) {
+    error_log("phpData: " . $phpData);
+}
+$inputData = json_decode($phpData) ?? [];
+$parameters = array();
+if($inputData) {
+    foreach($inputData as $param_name => $param_value) {
+        $parameters[$param_name] = $param_value;
+    }
+}
+
+
+
+authenticateRequest();
+
+switch ($endpoint) {
+
+    case 'deploydev':
+        error_log("Request deploydev from " . get_client_ip());
+        if ($GLOBALS['debug'] == true) {
+            error_log("POST");
+            error_log("Parameters: " . print_r($parameters, true));
+            error_log("Admin-Name: \"" . $parameters["admin_name"] . "\"");
+        }
+        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
+            DeployDevController::deploy(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'revertdev':
+        error_log("Request revertdev from " . get_client_ip());
+        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
+            DeployDevController::revert(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'migrateprod':
+        error_log("Request migrateprod from " . get_client_ip());
+        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
+            ProdController::migrateFromDev(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'disableprod':
+        error_log("Request disableprod from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
+            ProdController::disable(array_merge($_POST, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+
+    case 'enableprod':
+        error_log("Request enableprod from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
+            ProdController::enable(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+
+    case 'isprodenabled':
+        error_log("Request isprodenabled from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
+            ProdController::isenabled(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'getssldays':
+        error_log("Request getssldays from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
+            GetSSLDaysController::getSSLDays(['username' => $username, 'domain' => $domain]);
+        }
+        break;
+    case 'listbackups':
+        error_log("Request listbackups from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username)) {
+            BackupController::listBackups(['username' => $username, 'domain' => $domain]);
+        }
+        break;
+    case 'restorebackup':
+        error_log("Request restorebackup from " . get_client_ip());
+        if ($requestMethod === 'POST' && !empty($username) && !empty($domain)) {
+            BackupController::restoreBackup(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'terminate':
+        error_log("Request terminate from " . get_client_ip());
+        if ($requestMethod === 'GET' && !empty($username) && !empty($domain)) {
+            ProdController::terminate(array_merge($_POST, ['username' => $username, 'domain' => $domain]));
+            DeployDevController::terminate(array_merge($parameters, ['username' => $username, 'domain' => $domain]));
+        }
+        break;
+    case 'ping':
+        error_log("Request ping from " . get_client_ip());
+        echo json_encode(['answer' => 'pong']);
+        break;
+    default:
+        error_log("Error Request: " . $endpoint . " / " . $username ." / " . $domain);
+        http_response_code(404);
+        echo json_encode(['error' => 'Endpoint not found']);
+        break;
+}
+
+
+function get_client_ip():string {
+    $ipaddress = '';
+    if (getenv('HTTP_CLIENT_IP'))
+        $ipaddress = getenv('HTTP_CLIENT_IP');
+    else if(getenv('HTTP_X_FORWARDED_FOR'))
+        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
+    else if(getenv('HTTP_X_FORWARDED'))
+        $ipaddress = getenv('HTTP_X_FORWARDED');
+    else if(getenv('HTTP_FORWARDED_FOR'))
+        $ipaddress = getenv('HTTP_FORWARDED_FOR');
+    else if(getenv('HTTP_FORWARDED'))
+        $ipaddress = getenv('HTTP_FORWARDED');
+    else if(getenv('REMOTE_ADDR'))
+        $ipaddress = getenv('REMOTE_ADDR');
+    else
+        $ipaddress = 'UNKNOWN';
+    return $ipaddress;
+}