We're currently performing maintenance/updates. The site will be back shortly.
- - -HTML; - exit(); - } - - // Print a 404 response and a small HTML page. - header("HTTP/1.0 404 Not Found"); - header('Content-type: text/html; charset=utf-8'); - if (!empty($GLOBALS['gardens_site_settings']['page_ttl']) - && is_numeric($GLOBALS['gardens_site_settings']['page_ttl']) - && $GLOBALS['gardens_site_settings']['page_ttl'] > 0) { - // Set alternative Cache-Control header. The other header is required - // because Acquia's Varnish will not allow max-age < 900 without it. - header("Cache-Control: max-age={$GLOBALS['gardens_site_settings']['page_ttl']}, public"); - header('X-Acquia-No-301-404-Caching-Enforcement: 1'); - } - - print << - - - -The site you are looking for could not be found.
- - -HTML; - - exit(); -} diff --git a/docroot/sites/default/settings.php b/docroot/sites/default/settings.php index 987f9df2d7..a292ad533b 100644 --- a/docroot/sites/default/settings.php +++ b/docroot/sites/default/settings.php @@ -2,241 +2,12 @@ // @codingStandardsIgnoreFile -/** - * Include our ACSF settings if we are on an ACSF environment. - */ -if (!empty($_ENV['AH_SITE_ENVIRONMENT']) && - function_exists('gardens_site_data_get_filepath')) { - // ===== Added by acsf-init, please do not delete. Section start. ===== -$_acsf_infrastructure = include dirname(__FILE__) . '/acsf.settings.php'; -if ($_acsf_infrastructure === 'acsf-infrastructure') { - return; -} -// ===== Added by acsf-init, please do not delete. Section end. ===== -} - /** * @file - * Drupal site-specific configuration file. - * - * IMPORTANT NOTE: - * This file may have been set to read-only by the Drupal installation program. - * If you make changes to this file, be sure to protect it again after making - * your modifications. Failure to remove write permissions to this file is a - * security risk. - * - * In order to use the selection rules below the multisite aliasing file named - * sites/sites.php must be present. Its optional settings will be loaded, and - * the aliases in the array $sites will override the default directory rules - * below. See sites/example.sites.php for more information about aliases. - * - * The configuration directory will be discovered by stripping the website's - * hostname from left to right and pathname from right to left. The first - * configuration file found will be used and any others will be ignored. If no - * other configuration file is found then the default configuration file at - * 'sites/default' will be used. - * - * For example, for a fictitious site installed at - * https://www.drupal.org:8080/mysite/test/, the 'settings.php' file is searched - * for in the following directories: - * - * - sites/8080.www.drupal.org.mysite.test - * - sites/www.drupal.org.mysite.test - * - sites/drupal.org.mysite.test - * - sites/org.mysite.test - * - * - sites/8080.www.drupal.org.mysite - * - sites/www.drupal.org.mysite - * - sites/drupal.org.mysite - * - sites/org.mysite - * - * - sites/8080.www.drupal.org - * - sites/www.drupal.org - * - sites/drupal.org - * - sites/org - * - * - sites/default - * - * Note that if you are installing on a non-standard port number, prefix the - * hostname with that number. For example, - * https://www.drupal.org:8080/mysite/test/ could be loaded from - * sites/8080.www.drupal.org.mysite.test/. - * - * @see example.sites.php - * @see \Drupal\Core\DrupalKernel::getSitePath() - * - * In addition to customizing application settings through variables in - * settings.php, you can create a services.yml file in the same directory to - * register custom, site-specific service definitions and/or swap out default - * implementations with custom ones. - */ - -/** - * Database settings: - * - * The $databases array specifies the database connection or - * connections that Drupal may use. Drupal is able to connect - * to multiple databases, including multiple types of databases, - * during the same request. - * - * One example of the simplest connection array is shown below. To use the - * sample settings, copy and uncomment the code below between the @code and - * @endcode lines and paste it after the $databases declaration. You will need - * to replace the database username and password and possibly the host and port - * with the appropriate credentials for your database system. - * - * The next section describes how to customize the $databases array for more - * specific needs. - * - * @code - * $databases['default']['default'] = array ( - * 'database' => 'databasename', - * 'username' => 'sqlusername', - * 'password' => 'sqlpassword', - * 'host' => 'localhost', - * 'port' => '3306', - * 'driver' => 'mysql', - * 'prefix' => '', - * 'collation' => 'utf8mb4_general_ci', - * ); - * @endcode - */ -$databases = []; - -/** - * Customizing database settings. - * - * Many of the values of the $databases array can be customized for your - * particular database system. Refer to the sample in the section above as a - * starting point. - * - * The "driver" property indicates what Drupal database driver the - * connection should use. This is usually the same as the name of the - * database type, such as mysql or sqlite, but not always. The other - * properties will vary depending on the driver. For SQLite, you must - * specify a database file name in a directory that is writable by the - * webserver. For most other drivers, you must specify a - * username, password, host, and database name. - * - * Transaction support is enabled by default for all drivers that support it, - * including MySQL. To explicitly disable it, set the 'transactions' key to - * FALSE. - * Note that some configurations of MySQL, such as the MyISAM engine, don't - * support it and will proceed silently even if enabled. If you experience - * transaction related crashes with such configuration, set the 'transactions' - * key to FALSE. - * - * For each database, you may optionally specify multiple "target" databases. - * A target database allows Drupal to try to send certain queries to a - * different database if it can but fall back to the default connection if not. - * That is useful for primary/replica replication, as Drupal may try to connect - * to a replica server when appropriate and if one is not available will simply - * fall back to the single primary server (The terms primary/replica are - * traditionally referred to as master/slave in database server documentation). - * - * The general format for the $databases array is as follows: - * @code - * $databases['default']['default'] = $info_array; - * $databases['default']['replica'][] = $info_array; - * $databases['default']['replica'][] = $info_array; - * $databases['extra']['default'] = $info_array; - * @endcode - * - * In the above example, $info_array is an array of settings described above. - * The first line sets a "default" database that has one primary database - * (the second level default). The second and third lines create an array - * of potential replica databases. Drupal will select one at random for a given - * request as needed. The fourth line creates a new database with a name of - * "extra". - * - * You can optionally set prefixes for some or all database table names - * by using the 'prefix' setting. If a prefix is specified, the table - * name will be prepended with its value. Be sure to use valid database - * characters only, usually alphanumeric and underscore. If no prefixes - * are desired, leave it as an empty string ''. - * - * To have all database names prefixed, set 'prefix' as a string: - * @code - * 'prefix' => 'main_', - * @endcode - * - * Per-table prefixes are deprecated as of Drupal 8.2, and will be removed in - * Drupal 9.0. After that, only a single prefix for all tables will be - * supported. - * - * To provide prefixes for specific tables, set 'prefix' as an array. - * The array's keys are the table names and the values are the prefixes. - * The 'default' element is mandatory and holds the prefix for any tables - * not specified elsewhere in the array. Example: - * @code - * 'prefix' => array( - * 'default' => 'main_', - * 'users' => 'shared_', - * 'sessions' => 'shared_', - * 'role' => 'shared_', - * 'authmap' => 'shared_', - * ), - * @endcode - * You can also use a reference to a schema/database as a prefix. This may be - * useful if your Drupal installation exists in a schema that is not the default - * or you want to access several databases from the same code base at the same - * time. - * Example: - * @code - * 'prefix' => array( - * 'default' => 'main.', - * 'users' => 'shared.', - * 'sessions' => 'shared.', - * 'role' => 'shared.', - * 'authmap' => 'shared.', - * ); - * @endcode - * NOTE: MySQL and SQLite's definition of a schema is a database. - * - * Advanced users can add or override initial commands to execute when - * connecting to the database server, as well as PDO connection settings. For - * example, to enable MySQL SELECT queries to exceed the max_join_size system - * variable, and to reduce the database connection timeout to 5 seconds: - * @code - * $databases['default']['default'] = array( - * 'init_commands' => array( - * 'big_selects' => 'SET SQL_BIG_SELECTS=1', - * ), - * 'pdo' => array( - * PDO::ATTR_TIMEOUT => 5, - * ), - * ); - * @endcode - * - * WARNING: The above defaults are designed for database portability. Changing - * them may cause unexpected behavior, including potential data loss. See - * https://www.drupal.org/developing/api/database/configuration for more - * information on these defaults and the potential issues. - * - * More details can be found in the constructor methods for each driver: - * - \Drupal\Core\Database\Driver\mysql\Connection::__construct() - * - \Drupal\Core\Database\Driver\pgsql\Connection::__construct() - * - \Drupal\Core\Database\Driver\sqlite\Connection::__construct() - * - * Sample Database configuration format for PostgreSQL (pgsql): - * @code - * $databases['default']['default'] = array( - * 'driver' => 'pgsql', - * 'database' => 'databasename', - * 'username' => 'sqlusername', - * 'password' => 'sqlpassword', - * 'host' => 'localhost', - * 'prefix' => '', - * ); - * @endcode + * CGDP Drupal configuration file. * - * Sample Database configuration format for SQLite (sqlite): - * @code - * $databases['default']['default'] = array( - * 'driver' => 'sqlite', - * 'database' => '/path/to/databasefilename', - * ); - * @endcode + * All commented out settings have been removed. See default.settings.php + * for a list of available settings. */ /** @@ -266,16 +37,6 @@ function_exists('gardens_site_data_get_filepath')) { */ $config_directories = []; -/** - * Settings: - * - * $settings contains environment-specific configuration, such as the files - * directory and reverse proxy address, and temporary configuration, such as - * security overrides. - * - * @see \Drupal\Core\Site\Settings::get() - */ - /** * Salt for one-time login links, cancel links, form tokens, etc. * @@ -295,16 +56,6 @@ function_exists('gardens_site_data_get_filepath')) { */ $settings['hash_salt'] = ''; -/** - * Deployment identifier. - * - * Drupal's dependency injection container will be automatically invalidated and - * rebuilt when the Drupal core version changes. When updating contributed or - * custom code that changes the container, changing this identifier will also - * allow the container to be invalidated as soon as code is deployed. - */ -# $settings['deployment_identifier'] = \Drupal::VERSION; - /** * Access control for update.php script. * @@ -318,430 +69,11 @@ function_exists('gardens_site_data_get_filepath')) { */ $settings['update_free_access'] = FALSE; -/** - * External access proxy settings: - * - * If your site must access the Internet via a web proxy then you can enter the - * proxy settings here. Set the full URL of the proxy, including the port, in - * variables: - * - $settings['http_client_config']['proxy']['http']: The proxy URL for HTTP - * requests. - * - $settings['http_client_config']['proxy']['https']: The proxy URL for HTTPS - * requests. - * You can pass in the user name and password for basic authentication in the - * URLs in these settings. - * - * You can also define an array of host names that can be accessed directly, - * bypassing the proxy, in $settings['http_client_config']['proxy']['no']. - */ -# $settings['http_client_config']['proxy']['http'] = 'http://proxy_user:proxy_pass@example.com:8080'; -# $settings['http_client_config']['proxy']['https'] = 'http://proxy_user:proxy_pass@example.com:8080'; -# $settings['http_client_config']['proxy']['no'] = ['127.0.0.1', 'localhost']; - -/** - * Reverse Proxy Configuration: - * - * Reverse proxy servers are often used to enhance the performance - * of heavily visited sites and may also provide other site caching, - * security, or encryption benefits. In an environment where Drupal - * is behind a reverse proxy, the real IP address of the client should - * be determined such that the correct client IP address is available - * to Drupal's logging, statistics, and access management systems. In - * the most simple scenario, the proxy server will add an - * X-Forwarded-For header to the request that contains the client IP - * address. However, HTTP headers are vulnerable to spoofing, where a - * malicious client could bypass restrictions by setting the - * X-Forwarded-For header directly. Therefore, Drupal's proxy - * configuration requires the IP addresses of all remote proxies to be - * specified in $settings['reverse_proxy_addresses'] to work correctly. - * - * Enable this setting to get Drupal to determine the client IP from - * the X-Forwarded-For header (or $settings['reverse_proxy_header'] if set). - * If you are unsure about this setting, do not have a reverse proxy, - * or Drupal operates in a shared hosting environment, this setting - * should remain commented out. - * - * In order for this setting to be used you must specify every possible - * reverse proxy IP address in $settings['reverse_proxy_addresses']. - * If a complete list of reverse proxies is not available in your - * environment (for example, if you use a CDN) you may set the - * $_SERVER['REMOTE_ADDR'] variable directly in settings.php. - * Be aware, however, that it is likely that this would allow IP - * address spoofing unless more advanced precautions are taken. - */ -# $settings['reverse_proxy'] = TRUE; - -/** - * Specify every reverse proxy IP address in your environment. - * This setting is required if $settings['reverse_proxy'] is TRUE. - */ -# $settings['reverse_proxy_addresses'] = ['a.b.c.d', ...]; - -/** - * Set this value if your proxy server sends the client IP in a header - * other than X-Forwarded-For. - */ -# $settings['reverse_proxy_header'] = 'X_CLUSTER_CLIENT_IP'; - -/** - * Set this value if your proxy server sends the client protocol in a header - * other than X-Forwarded-Proto. - */ -# $settings['reverse_proxy_proto_header'] = 'X_FORWARDED_PROTO'; - -/** - * Set this value if your proxy server sends the client protocol in a header - * other than X-Forwarded-Host. - */ -# $settings['reverse_proxy_host_header'] = 'X_FORWARDED_HOST'; - -/** - * Set this value if your proxy server sends the client protocol in a header - * other than X-Forwarded-Port. - */ -# $settings['reverse_proxy_port_header'] = 'X_FORWARDED_PORT'; - -/** - * Set this value if your proxy server sends the client protocol in a header - * other than Forwarded. - */ -# $settings['reverse_proxy_forwarded_header'] = 'FORWARDED'; - -/** - * Page caching: - * - * By default, Drupal sends a "Vary: Cookie" HTTP header for anonymous page - * views. This tells a HTTP proxy that it may return a page from its local - * cache without contacting the web server, if the user sends the same Cookie - * header as the user who originally requested the cached page. Without "Vary: - * Cookie", authenticated users would also be served the anonymous page from - * the cache. If the site has mostly anonymous users except a few known - * editors/administrators, the Vary header can be omitted. This allows for - * better caching in HTTP proxies (including reverse proxies), i.e. even if - * clients send different cookies, they still get content served from the cache. - * However, authenticated users should access the site directly (i.e. not use an - * HTTP proxy, and bypass the reverse proxy if one is used) in order to avoid - * getting cached pages from the proxy. - */ -# $settings['omit_vary_cookie'] = TRUE; - - -/** - * Cache TTL for client error (4xx) responses. - * - * Items cached per-URL tend to result in a large number of cache items, and - * this can be problematic on 404 pages which by their nature are unbounded. A - * fixed TTL can be set for these items, defaulting to one hour, so that cache - * backends which do not support LRU can purge older entries. To disable caching - * of client error responses set the value to 0. Currently applies only to - * page_cache module. - */ -# $settings['cache_ttl_4xx'] = 3600; - -/** - * Expiration of cached forms. - * - * Drupal's Form API stores details of forms in a cache and these entries are - * kept for at least 6 hours by default. Expired entries are cleared by cron. - * - * @see \Drupal\Core\Form\FormCache::setCache() - */ -# $settings['form_cache_expiration'] = 21600; - -/** - * Class Loader. - * - * If the APC extension is detected, the Symfony APC class loader is used for - * performance reasons. Detection can be prevented by setting - * class_loader_auto_detect to false, as in the example below. - */ -# $settings['class_loader_auto_detect'] = FALSE; - -/* - * If the APC extension is not detected, either because APC is missing or - * because auto-detection has been disabled, auto-loading falls back to - * Composer's ClassLoader, which is good for development as it does not break - * when code is moved in the file system. You can also decorate the base class - * loader with another cached solution than the Symfony APC class loader, as - * all production sites should have a cached class loader of some sort enabled. - * - * To do so, you may decorate and replace the local $class_loader variable. For - * example, to use Symfony's APC class loader without automatic detection, - * uncomment the code below. - */ -/* -if ($settings['hash_salt']) { - $prefix = 'drupal.' . hash('sha256', 'drupal.' . $settings['hash_salt']); - $apc_loader = new \Symfony\Component\ClassLoader\ApcClassLoader($prefix, $class_loader); - unset($prefix); - $class_loader->unregister(); - $apc_loader->register(); - $class_loader = $apc_loader; -} -*/ - -/** - * Authorized file system operations: - * - * The Update Manager module included with Drupal provides a mechanism for - * site administrators to securely install missing updates for the site - * directly through the web user interface. On securely-configured servers, - * the Update manager will require the administrator to provide SSH or FTP - * credentials before allowing the installation to proceed; this allows the - * site to update the new files as the user who owns all the Drupal files, - * instead of as the user the webserver is running as. On servers where the - * webserver user is itself the owner of the Drupal files, the administrator - * will not be prompted for SSH or FTP credentials (note that these server - * setups are common on shared hosting, but are inherently insecure). - * - * Some sites might wish to disable the above functionality, and only update - * the code directly via SSH or FTP themselves. This setting completely - * disables all functionality related to these authorized file operations. - * - * @see https://www.drupal.org/node/244924 - * - * Remove the leading hash signs to disable. - */ -# $settings['allow_authorize_operations'] = FALSE; - -/** - * Default mode for directories and files written by Drupal. - * - * Value should be in PHP Octal Notation, with leading zero. - */ -# $settings['file_chmod_directory'] = 0775; -# $settings['file_chmod_file'] = 0664; - -/** - * Public file base URL: - * - * An alternative base URL to be used for serving public files. This must - * include any leading directory path. - * - * A different value from the domain used by Drupal to be used for accessing - * public files. This can be used for a simple CDN integration, or to improve - * security by serving user-uploaded files from a different domain or subdomain - * pointing to the same server. Do not include a trailing slash. - */ -# $settings['file_public_base_url'] = 'http://downloads.example.com/files'; - -/** - * Public file path: - * - * A local file system path where public files will be stored. This directory - * must exist and be writable by Drupal. This directory must be relative to - * the Drupal installation directory and be accessible over the web. - */ -# $settings['file_public_path'] = 'sites/default/files'; - -/** - * Private file path: - * - * A local file system path where private files will be stored. This directory - * must be absolute, outside of the Drupal installation directory and not - * accessible over the web. - * - * Note: Caches need to be cleared when this value is changed to make the - * private:// stream wrapper available to the system. - * - * See https://www.drupal.org/documentation/modules/file for more information - * about securing private files. - */ -# $settings['file_private_path'] = ''; - -/** - * Session write interval: - * - * Set the minimum interval between each session write to database. - * For performance reasons it defaults to 180. - */ -# $settings['session_write_interval'] = 180; - -/** - * String overrides: - * - * To override specific strings on your site with or without enabling the Locale - * module, add an entry to this list. This functionality allows you to change - * a small number of your site's default English language interface strings. - * - * Remove the leading hash signs to enable. - * - * The "en" part of the variable name, is dynamic and can be any langcode of - * any added language. (eg locale_custom_strings_de for german). - */ -# $settings['locale_custom_strings_en'][''] = [ -# 'forum' => 'Discussion board', -# '@count min' => '@count minutes', -# ]; - -/** - * A custom theme for the offline page: - * - * This applies when the site is explicitly set to maintenance mode through the - * administration page or when the database is inactive due to an error. - * The template file should also be copied into the theme. It is located inside - * 'core/modules/system/templates/maintenance-page.html.twig'. - * - * Note: This setting does not apply to installation and update pages. - */ -# $settings['maintenance_theme'] = 'bartik'; - -/** - * PHP settings: - * - * To see what PHP settings are possible, including whether they can be set at - * runtime (by using ini_set()), read the PHP documentation: - * http://php.net/manual/ini.list.php - * See \Drupal\Core\DrupalKernel::bootEnvironment() for required runtime - * settings and the .htaccess file for non-runtime settings. - * Settings defined there should not be duplicated here so as to avoid conflict - * issues. - */ - -/** - * If you encounter a situation where users post a large amount of text, and - * the result is stripped out upon viewing but can still be edited, Drupal's - * output filter may not have sufficient memory to process it. If you - * experience this issue, you may wish to uncomment the following two lines - * and increase the limits of these variables. For more information, see - * http://php.net/manual/pcre.configuration.php. - */ -# ini_set('pcre.backtrack_limit', 200000); -# ini_set('pcre.recursion_limit', 200000); - -/** - * Active configuration settings. - * - * By default, the active configuration is stored in the database in the - * {config} table. To use a different storage mechanism for the active - * configuration, do the following prior to installing: - * - Create an "active" directory and declare its path in $config_directories - * as explained under the 'Location of the site configuration files' section - * above in this file. To enhance security, you can declare a path that is - * outside your document root. - * - Override the 'bootstrap_config_storage' setting here. It must be set to a - * callable that returns an object that implements - * \Drupal\Core\Config\StorageInterface. - * - Override the service definition 'config.storage.active'. Put this - * override in a services.yml file in the same directory as settings.php - * (definitions in this file will override service definition defaults). - */ -# $settings['bootstrap_config_storage'] = ['Drupal\Core\Config\BootstrapConfigStorageFactory', 'getFileStorage']; - -/** - * Configuration overrides. - * - * To globally override specific configuration values for this site, - * set them here. You usually don't need to use this feature. This is - * useful in a configuration file for a vhost or directory, rather than - * the default settings.php. - * - * Note that any values you provide in these variable overrides will not be - * viewable from the Drupal administration interface. The administration - * interface displays the values stored in configuration so that you can stage - * changes to other environments that don't have the overrides. - * - * There are particular configuration values that are risky to override. For - * example, overriding the list of installed modules in 'core.extension' is not - * supported as module install or uninstall has not occurred. Other examples - * include field storage configuration, because it has effects on database - * structure, and 'core.menu.static_menu_link_overrides' since this is cached in - * a way that is not config override aware. Also, note that changing - * configuration values in settings.php will not fire any of the configuration - * change events. - */ -# $config['system.file']['path']['temporary'] = '/tmp'; -# $config['system.site']['name'] = 'My Drupal site'; -# $config['system.theme']['default'] = 'stark'; -# $config['user.settings']['anonymous'] = 'Visitor'; - -/** - * Fast 404 pages: - * - * Drupal can generate fully themed 404 pages. However, some of these responses - * are for images or other resource files that are not displayed to the user. - * This can waste bandwidth, and also generate server load. - * - * The options below return a simple, fast 404 page for URLs matching a - * specific pattern: - * - $config['system.performance']['fast_404']['exclude_paths']: A regular - * expression to match paths to exclude, such as images generated by image - * styles, or dynamically-resized images. The default pattern provided below - * also excludes the private file system. If you need to add more paths, you - * can add '|path' to the expression. - * - $config['system.performance']['fast_404']['paths']: A regular expression to - * match paths that should return a simple 404 page, rather than the fully - * themed 404 page. If you don't have any aliases ending in htm or html you - * can add '|s?html?' to the expression. - * - $config['system.performance']['fast_404']['html']: The html to return for - * simple 404 pages. - * - * Remove the leading hash signs if you would like to alter this functionality. - */ -# $config['system.performance']['fast_404']['exclude_paths'] = '/\/(?:styles)|(?:system\/files)\//'; -# $config['system.performance']['fast_404']['paths'] = '/\.(?:txt|png|gif|jpe?g|css|js|ico|swf|flv|cgi|bat|pl|dll|exe|asp)$/i'; -# $config['system.performance']['fast_404']['html'] = 'The requested URL "@path" was not found on this server.
'; - /** * Load services definition file. */ $settings['container_yamls'][] = $app_root . '/' . $site_path . '/services.yml'; -/** - * Override the default service container class. - * - * This is useful for example to trace the service container for performance - * tracking purposes, for testing a service container with an error condition or - * to test a service container that throws an exception. - */ -# $settings['container_base_class'] = '\Drupal\Core\DependencyInjection\Container'; - -/** - * Override the default yaml parser class. - * - * Provide a fully qualified class name here if you would like to provide an - * alternate implementation YAML parser. The class must implement the - * \Drupal\Component\Serialization\SerializationInterface interface. - */ -# $settings['yaml_parser_class'] = NULL; - -/** - * Trusted host configuration. - * - * Drupal core can use the Symfony trusted host mechanism to prevent HTTP Host - * header spoofing. - * - * To enable the trusted host mechanism, you enable your allowable hosts - * in $settings['trusted_host_patterns']. This should be an array of regular - * expression patterns, without delimiters, representing the hosts you would - * like to allow. - * - * For example: - * @code - * $settings['trusted_host_patterns'] = array( - * '^www\.example\.com$', - * ); - * @endcode - * will allow the site to only run from www.example.com. - * - * If you are running multisite, or if you are running your site from - * different domain names (eg, you don't redirect http://www.example.com to - * http://example.com), you should specify all of the host patterns that are - * allowed by your site. - * - * For example: - * @code - * $settings['trusted_host_patterns'] = array( - * '^example\.com$', - * '^.+\.example\.com$', - * '^example\.org$', - * '^.+\.example\.org$', - * ); - * @endcode - * will allow the site to run off of all variants of example.com and - * example.org, with all subdomains included. - */ - /** * The default list of directories that will be ignored by Drupal's file API. * @@ -767,24 +99,15 @@ function_exists('gardens_site_data_get_filepath')) { */ $settings['entity_update_batch_size'] = 50; -/** - * Load local development override configuration, if available. - * - * Use settings.local.php to override variables on secondary (staging, - * development, etc) installations of this site. Typically used to disable - * caching, JavaScript/CSS compression, re-routing of outgoing emails, and - * other things that should not happen on development and testing sites. - * - * Keep this code block at the end of this file to take full effect. - */ -# -# if (file_exists($app_root . '/' . $site_path . '/settings.local.php')) { -# include $app_root . '/' . $site_path . '/settings.local.php'; -# } -$config_directories['sync'] = '../config/sync'; - require DRUPAL_ROOT . "/../vendor/acquia/drupal-recommended-settings/settings/acquia-recommended.settings.php"; +// Set config directories to default location. This is required for MEO, but it should also +// work fine in non-MEO environments. +// Setting it here ensures that nothing can override it. +$config_directories['vcs'] = '../config/default'; +$config_directories['sync'] = '../config/default'; +$settings['config_sync_directory'] = '../config/default'; + /** * IMPORTANT. * diff --git a/docroot/sites/default/settings/default.local.settings.php b/docroot/sites/default/settings/default.local.settings.php index 3c2cf9dedb..31891bbedc 100644 --- a/docroot/sites/default/settings/default.local.settings.php +++ b/docroot/sites/default/settings/default.local.settings.php @@ -8,9 +8,6 @@ use Drupal\Component\Assertion\Handle; $db_name = '${drupal.db.database}'; -if (isset($_acsf_site_name)) { - $db_name .= '_' . $_acsf_site_name; -} /** * Database configuration. @@ -162,10 +159,6 @@ * Private file path. */ $settings['file_private_path'] = $dir . '/files-private'; -if (isset($_acsf_site_name)) { - $settings['file_public_path'] = "sites/default/files/$_acsf_site_name"; - $settings['file_private_path'] = "$repo_root/files-private/$_acsf_site_name"; -} /** * Trusted host configuration. diff --git a/docroot/sites/g/.gitignore b/docroot/sites/g/.gitignore deleted file mode 100644 index a6748ababa..0000000000 --- a/docroot/sites/g/.gitignore +++ /dev/null @@ -1,11 +0,0 @@ -# We assume a docroot/.gitignore could be added to the Drupal docroot which -# excludes files like sites/*/settings*.php. (This is not standard in D8; it was -# in D7.) The ACSF files must be included in the repository, so we explicitly -# make them visible here. In fact we will list all ACSF files here, just to make -# sure. -!.gitignore -!apc_rebuild.php -!services.yml -!settings.php -!SimpleRest.php -!sites.inc diff --git a/docroot/sites/g/SimpleRest.php b/docroot/sites/g/SimpleRest.php deleted file mode 100644 index 85ee82e2aa..0000000000 --- a/docroot/sites/g/SimpleRest.php +++ /dev/null @@ -1,223 +0,0 @@ -name = $name; - $this->password = $password; - $this->url = $url; - } - -} - -/** - * Class SimpleRestMessage. - * - * A simple class used to send REST requests to the Site Factory. - */ -class SimpleRestMessage { - - /** - * Maximum amount of retries before giving up sending a message. - */ - private int $retryMax = 3; - - /** - * Number of seconds to wait before trying again after sending failed. - */ - private int $retryWait = 5; - - /** - * The hosting sitegroup name. - */ - private string $site; - - /** - * The hosting environment name. - */ - private string $env; - - /** - * Creates a new instance of SimpleRestMessage. - * - * @param string $site - * The hosting sitegroup name. - * @param string $env - * The hosting environment name. - */ - public function __construct($site, $env) { - $this->site = $site; - $this->env = $env; - } - - /** - * Sends a request. - * - * @param string $method - * The request method. Either 'POST' or 'GET'. - * @param string $endpoint - * The request endpoint. - * @param array $parameters - * Any required parameters for the request. Note: parameters are currently - * only implemented for POST requests. To add support for GET parameters - * would require changes in this method. - * @param SimpleRestCreds $creds - * The credentials to use for the Site Factory request. - * - * @throws Exception - * If the request fails. - * - * @return \SimpleRestResponse - * The response. - */ - public function send($method, $endpoint, array $parameters, SimpleRestCreds $creds) { - $error = ''; - $user_agent = sprintf('%s.%s %s', $this->site, $this->env, gethostname()); - $curl = curl_init(); - - curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); - curl_setopt($curl, CURLOPT_USERAGENT, $user_agent); - curl_setopt($curl, CURLOPT_HEADER, 0); - curl_setopt($curl, CURLOPT_USERPWD, $creds->name . ":" . $creds->password); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); - - // If it is not a GET request, set the method here. - if ($method != 'GET') { - curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $method); - } - - // If we are sending parameters, set the query string or POST fields here. - $query_string = ''; - if ($method != 'GET' && !empty($parameters)) { - $data_string = json_encode($parameters, JSON_THROW_ON_ERROR); - curl_setopt($curl, CURLOPT_POSTFIELDS, $data_string); - curl_setopt($curl, CURLOPT_HTTPHEADER, [ - 'Content-Type: application/json', - 'Content-Length: ' . strlen($data_string), - ]); - } - - $full_url = sprintf('%s/%s%s', $creds->url, $endpoint, $query_string); - curl_setopt($curl, CURLOPT_URL, $full_url); - - $attempts = 0; - $response = FALSE; - - while (!$response && ++$attempts <= $this->retryMax) { - $response = curl_exec($curl); - if (!$response) { - $error = curl_error($curl); - sleep($this->retryWait); - } - } - - if (!$response) { - throw new Exception(sprintf('Error reaching url "%s" with method "%s." Returned error "%s."', $full_url, $method, $error)); - } - - $response_code = curl_getinfo($curl, CURLINFO_HTTP_CODE); - $response_body = json_decode($response, TRUE, 512, JSON_THROW_ON_ERROR); - - if (!is_array($response_body)) { - $response_body = []; - } - - curl_close($curl); - - return new SimpleRestResponse($endpoint, $response_code, $response_body); - } - -} - -/** - * Class SimpleRestResponse. - * - * Holds the response. - */ -class SimpleRestResponse { - /** - * The request endpoint. - * - * @var string - */ - public $endpoint; - - /** - * The response code. - * - * @var string - */ - public $code; - - /** - * The response body. - * - * @var array - */ - public $body; - - /** - * Constructs a new instance of SimpleRestResponse. - * - * @param string $endpoint - * The request endpoint. - * @param string $response_code - * The response code. - * @param array $response_body - * The response body. - */ - public function __construct($endpoint, $response_code, array $response_body) { - $this->endpoint = $endpoint; - $this->code = $response_code; - $this->body = $response_body; - } - -} diff --git a/docroot/sites/g/apc_rebuild.php b/docroot/sites/g/apc_rebuild.php deleted file mode 100644 index 9a0c8ba3e7..0000000000 --- a/docroot/sites/g/apc_rebuild.php +++ /dev/null @@ -1,41 +0,0 @@ -The requested URL "@path" was not found on this server.
'; - -// phpcs:enable - -/** - * Acquia Cloud Site Factory specific settings. - */ -if (file_exists('/var/www/site-php')) { - // This global variable is set during the 'configuration' (sites.php) - // bootstrap phase. Notes: - // - The 'env' value contains the 'canonical environment' which (unlike - // $_ENV['AH_SITE_ENVIRONMENT']) stays the same during code deployments - // where sites are moved between two environments. - // - post-settings-php hooks should use $GLOBALS['gardens_site_settings'] - // rather than the below 'local' variables which are in principle not - // guaranteed to stay defined. (We still define $env / $role for some - // existing customers' post-settings-php hooks that already use them.) - $site_settings = !empty($GLOBALS['gardens_site_settings']) - ? $GLOBALS['gardens_site_settings'] - : ['site' => '', 'env' => '', 'conf' => ['acsf_db_name' => '']]; - $env = $site_settings['env']; - $role = $site_settings['conf']['acsf_db_name']; - - $drupal_version = 8; - if (version_compare(\Drupal::VERSION, '9', '>=') && version_compare(\Drupal::VERSION, '10', '<')) { - $drupal_version = 9; - } - elseif (version_compare(\Drupal::VERSION, '10', '>=') && version_compare(\Drupal::VERSION, '11', '<')) { - $drupal_version = 10; - } - elseif (version_compare(\Drupal::VERSION, '11', '>=')) { - $drupal_version = 11; - } - $_acsf_include_file = "/var/www/site-php/{$site_settings['site']}.{$site_settings['env']}/D{$drupal_version}-{$site_settings['env']}-{$site_settings['conf']['acsf_db_name']}-settings.inc"; - if (file_exists($_acsf_include_file)) { - // Acquia rules disallow 'include/require' with dynamic arguments. - // phpcs:disable - include $_acsf_include_file; - // phpcs:enable - // Overwrite trusted_host_patterns setting, remove unnecessary hosts. - // Allowed hosts for D8: https://www.drupal.org/node/2410395. - // The overwrite doesn't cause any security problem because the valid hosts - // were checked before in our sites.json registry. - $settings['trusted_host_patterns'] = [ - '^' . str_replace('*', '.+', - str_replace('.', '\.', $_SERVER['HTTP_HOST']) - ) . '$', - ]; - } - elseif (PHP_SAPI === 'cli') { - throw new Exception("No database connection file was found for DB {$site_settings['conf']['acsf_db_name']}."); - } - else { - syslog(LOG_ERR, "GardensError: AN-22471 - No database connection file was found for DB {$site_settings['conf']['acsf_db_name']}."); - header($_SERVER['SERVER_PROTOCOL'] . ' 503 Service unavailable'); - print 'The website encountered an unexpected error. Please try again later.'; - exit; - } - // todo: this part needs to be rewritten, we might consider removing it - // entirely for the time being. - if (!class_exists('DrupalFakeCache')) { - $config['cache_backends'][] = 'includes/cache-install.inc'; - } - // Rely on the external Varnish cache for page caching. - $config['cache_class_cache_page'] = 'DrupalFakeCache'; - $config['cache'] = 1; - $config['page_cache_maximum_age'] = 300; - // We can't use an external cache if we are trying to invoke these hooks. - $config['page_cache_invoke_hooks'] = FALSE; - - // This section has been ported from D7 to D8 by mistake; the 'memcache_*' - // settings are not supposed to be set and the $config changes aren't generic. - // todo: reevaluate and possibly remove this. - if (!empty($site_settings['flags']['memcache_enabled']) && !empty($site_settings['memcache_inc'])) { - $config['cache_backends'][] = $site_settings['memcache_inc']; - $config['cache_default_class'] = 'MemCacheDrupal'; - $config['cache_class_cache_form'] = 'DrupalDatabaseCache'; - // The oembed cache in many cases should not evict data (given that data - // is obtained from costly API calls and is not expected to change when - // refreshed), so is more suited to the database than to memcache. - $config['cache_class_cache_oembed'] = 'DrupalDatabaseCache'; - } - - // Until the site installation finishes, noone should be able to visit the - // site, unless the site is being installed via install.php and the user has - // the correct token to access it. - if (PHP_SAPI !== 'cli' && !empty($site_settings['flags']['access_restricted']['enabled'])) { - $_tmp = !empty($site_settings['flags']['access_restricted']['token']) && !empty($_GET['site_install_token']) && $_GET['site_install_token'] === $site_settings['flags']['access_restricted']['token']; - if (!$_tmp || $_SERVER['SCRIPT_NAME'] !== $GLOBALS['base_path'] . 'install.php') { - header($_SERVER['SERVER_PROTOCOL'] . ' 503 Service unavailable'); - if (!empty($site_settings['flags']['access_restricted']['reason'])) { - print $site_settings['flags']['access_restricted']['reason']; - } - exit; - } - } - if (isset($_ENV['AH_SITE_ENVIRONMENT'])) { - // DG-10819: Enable Migrate background operations by default on all Acquia - // hosting environments. See https://drupal.org/node/1958170. The path here - // should be valid on all Acquia hosting servers, and will not take effect - // on non-Acquia environments since AH_SITE_ENVIRONMENT won't be set in that - // case. - $config['migrate_drush_path'] = '/usr/local/bin/drush'; - } - - // Do not override the private path if the customer has defined its value - // in a pre-settings-php hook. - if (empty($settings['file_private_path']) && !empty($site_settings['file_private_path'])) { - $settings['file_private_path'] = $site_settings['file_private_path']; - } - - // Do not override the public path if the customer has defined its value - // in a pre-settings-php hook. - if (empty($settings['file_public_path']) && !empty($site_settings['file_public_path'])) { - $settings['file_public_path'] = $site_settings['file_public_path']; - } - - // Propagate all configuration values in ACSF per-site storage into Drupal's - // configuration. - if (!empty($site_settings['conf']) && is_array($site_settings['conf'])) { - $config = $site_settings['conf'] + $config; - } -} - -/** - * Location of the site configuration files. - * - * The $config_directories array specifies the location of file system - * directories used for configuration data. On install, "active" and "sync" - * directories are created for configuration. The sync directory is used for - * configuration imports; the active directory is not used by default, since the - * default storage for active configuration is the database rather than the file - * system (this can be changed; see "Active configuration settings" below). - * - * The default location for the active and sync directories is inside a - * randomly-named directory in the public files path; this setting allows you to - * override these locations. If you use files for the active configuration, you - * can enhance security by putting the active configuration outside your - * document root. - * - * Example: - * @code - * $config_directories = array( - * CONFIG_SYNC_DIRECTORY => '/another/directory/outside/webroot', - * ); - * @endcode - */ -if (isset($config_directories['vcs'])) { - // The hosting settings include file adds a VCS config directory, but this can - // only work with livedeev enabled. Livedev is not supported on ACSF, and the - // addition of this directory breaks site installs, so the VCS config - // directory is removed for now. - // @see https://backlog.acquia.com/browse/CL-11815 - // @see https://github.com/drush-ops/drush/pull/1711 - if (class_exists('\Drush\Drush') && Drush::hasContainer()) { - try { - $_tmp = Drush::input()->getArgument('command'); - } - catch (InvalidArgumentException $e) { - $_tmp = FALSE; - } - - if ($_tmp === 'site-install') { - unset($config_directories['vcs']); - } - } -} - -// Include custom settings.php code from factory-hooks/post-settings-php. -if (function_exists('acsf_hooks_includes')) { - foreach (acsf_hooks_includes('post-settings-php') as $_acsf_include_file) { - // Acquia rules disallow 'include/require' with dynamic arguments. - // phpcs:disable - include $_acsf_include_file; - // phpcs:enable - } -} diff --git a/docroot/sites/g/sites.inc b/docroot/sites/g/sites.inc deleted file mode 100644 index 2c1f6b4c64..0000000000 --- a/docroot/sites/g/sites.inc +++ /dev/null @@ -1,868 +0,0 @@ - -// acsf.settings.php -> "Site not found" page), but that's better than having -// sites be unreachable for too long. -define('GARDENS_SITE_DATA_READ_FAILURE_TTL', 60); -// Note: a nonexistent sites.json leads to no caching at all. -// The path (template) to the lock file that should be checked when sites.json -// is unreadable. Sitegroup + env need to be filled. -define('GARDENS_SITE_JSON_ALERT_LOCK_TEMPLATE', '/mnt/tmp/%s.%s/.sites-json-alert'); - -// The PHP configuration is used to switch between the new and the legacy -// site.json usage. The new approach uses the interface provided by the -// Acquia Cloud layer, the legacy approach uses the file deployed to gluster. -define('GARDENS_SITE_JSON_LEGACY', empty(get_cfg_var('acsf.sites_json_on_ephemeral'))); - -// This fallback to populate $_ENV should not be necessary on Acquia Hosting -// anymore. Also, ah_site_info() is not a public API and not guaranteed to -// keep existing. Still, we keep it for exotic environments which may be using -// it to insert the environment values, e.g. local development environments. -if (!isset($_ENV['AH_SITE_NAME']) || !isset($_ENV['AH_SITE_GROUP']) || !isset($_ENV['AH_SITE_ENVIRONMENT'])) { - if (!function_exists('ah_site_info') && file_exists('/var/www/site-scripts/site-info.php')) { - require_once '/var/www/site-scripts/site-info.php'; - } - if (function_exists('ah_site_info')) { - list($name, $group, $stage, $secret) = ah_site_info(); - if (!isset($_ENV['AH_SITE_NAME'])) { - $_ENV['AH_SITE_NAME'] = $name; - } - if (!isset($_ENV['AH_SITE_GROUP'])) { - $_ENV['AH_SITE_GROUP'] = $group; - } - if (!isset($_ENV['AH_SITE_ENVIRONMENT'])) { - $_ENV['AH_SITE_ENVIRONMENT'] = $stage; - } - } -} - -/** - * Returns the sites data structure. - * - * @return bool|mixed - * An array of sites data on success, or FALSE on failure to load or parse the - * file. - */ -function gardens_site_data_load_file() { - if (GARDENS_SITE_JSON_LEGACY) { - // Retrieve sites.json data from a gluster file. - $json = @file_get_contents(gardens_site_data_get_filepath()); - return $json ? json_decode($json, TRUE) : FALSE; - } - else { - // Retrieve sites data using the interface provided by the Acquia Cloud - // layer. - $config = Config::getInstance(); - return empty($config) ? FALSE : $config->all(); - } -} - -/** - * Checks for a registered ACSF site based on Apache server variables. - * - * Prerequisite: $_SERVER and $_ENV are both populated as per Acquia practices. - * - * @return array|int|null - * 0 if no site was found for the given domain; NULL if a sites.json read - * failure was encountered; otherwise, an array of site data as constructed - * by gardens_site_data_build_data() - with an added key 'dir_key' containing - * the key where sites.php would expect to set this site's directory in its - * '$sites' variable. - * - * @see gardens_site_data_build_data() - */ -function gardens_site_data_get_site_from_server_info() { - // First derive the 'site uri' (the base domain with possibly a sub path). - if (PHP_SAPI === 'cli' && class_exists('\Drush\Drush') && Drush::hasContainer()) { - $acsf_drush_boot_manager = Drush::bootstrapManager(); - if ($acsf_drush_boot_manager->getUri()) { - $acsf_uri = $acsf_drush_boot_manager->getUri(); - } - // Drush site-install gets confused about the uri when we specify the - // --sites-subdir option. By specifying the --acsf-install-uri option with - // the value of the standard domain, we can catch that here and correct the - // uri argument for drush site installs. - $acsf_drush_input = Drush::input(); - try { - $acsf_install_uri = $acsf_drush_input->getOption('acsf-install-uri'); - if ($acsf_install_uri) { - $acsf_uri = $acsf_install_uri; - } - } - catch (InvalidArgumentException $e) { - } - if (!preg_match('|https?://|', $acsf_uri)) { - $acsf_uri = 'http://' . $acsf_uri; - } - $host = $_SERVER['HTTP_HOST'] = parse_url($acsf_uri, PHP_URL_HOST); - $path = parse_url($acsf_uri, PHP_URL_PATH); - } - else { - $host = rtrim($_SERVER['HTTP_HOST'], '.'); - $path = $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']; - // Path based domains are implemented by symlinking a subdirectory back to - // the docroot. To support these, we need to know which part of the script - // path is the domain sub path, and which is a URL path inside the website. - // (Note our only concern in 'supporting path based domains' is locating - // the right site. How the request would derive the right URL inside that - // site is not up to us, and the only thing that is actually known to work - // with path based domains -through HTTP requests or Drush- is the standard - // index.php.) - if (substr($path, -10) === '/index.php') { - // Assume the requested index.php is in the root, meaning that the full - // script path leading up to it is the domain sub path. In other words: - // we do not support index.php being anywhere else except the docroot. - // This goes for every customer, not just those using path based domains. - $path = substr($path, 0, strlen($path) - 10); - } - else { - // For any non-index.php path, assume the sub path is empty. In other - // words: simply do not support path based domains for these. - $path = ''; - } - } - - // Convert host/path to lower case because our registry stores data this way; - // upper cased paths may still not be recognized (by Drush commands, unless - // there is a symlink matching the specific case) though. - $host = strtolower($host); - - if (empty($path)) { - $path = ''; - } - - // The path may have a trailing slash (because PHP_URL_PATH can contain one, - // and because a script may have set SCRIPT_NAME to '//index.php'). Unify, so - // the result is either empty or a path with a leading slash. - $path = strtolower(rtrim($path, '/')); - - // Get data for the 'site uri' from APC. - if (GARDENS_SITE_DATA_USE_APC && GARDENS_SITE_JSON_LEGACY) { - // Check for data in APC: FALSE means no; 0 means "not found" cached in - // APC; NULL means "sites.json read failure" cached in APC. - $data = gardens_site_data_cache_get($host . $path); - if ($data === FALSE) { - // There's no guarantee about how many times this will be called, because - // Core doesn't do any caching around the 'conf path'. For instance Drush - // 7 would will call this file and logic around 19 times during each - // command; Drush 8 only once and Drush 9.6 increases this to around 4. To - // minimise gluster access, cache data to a local static cache. We assume - // that *if* we have data for a given domain at any point during a request - // on the command line then that data remains the same for the duration of - // the command execution. - // For some drush commands (that have bootstrap levels lower than - // 'configuration', only when run with drush6/drush7), we don't have - // drupal_static() available. We'll skip caching for those few commands, - // so sites.json will be read always (which used to be the case for all - // commands before we implemented this cache). - if (function_exists('drupal_static')) { - $static_cache = &drupal_static('acsf_sites_php_site_data'); - } - else { - $static_cache = []; - } - if (isset($static_cache[$host . $path])) { - $data = $static_cache[$host . $path]; - } - else { - $data = gardens_site_data_refresh_one($host . $path); - if ($data) { - // We only cache truthy data ourselves, because we don't want to - // assume that if a domain is not found (or there's a gluster error), - // that will stay the same during command execution. Note we also set - // the static cache if APC is active (which isn't necessary) because - // it doesn't really matter and because otherwise, we would have to - // - either replicate the check for APC which is now abstracted away - // into gardens_site_data_cache_get() - // - or move $static_cache into gardens_site_data_cache_get() & - // gardens_site_data_cache_set(), which isn't wrong but we prefer - // not caching every domain in memory when the full file gets read. - $static_cache[$host . $path] = $data; - } - } - } - } - // Get domain data. - else { - $data = gardens_site_data_refresh_one($host . $path); - } - - if (is_array($data)) { - // Generate the expected drupal sites.php key for this domain. - $data['dir_key'] = str_replace('/', '.', $host . $path); - } - - return $data; -} - -/** - * Returns the location of the sites data json file. - * - * We rely on the existence of the files-private directory that's created in - * /mnt/files next to the public files directory. - * - * @return string - * The json file location. - */ -function gardens_site_data_get_filepath() { - // Use the "real" path here rather than the canonical hosting path - // to minimize symlink traversal. - return "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/files-private/sites.json"; -} - -/** - * Returns the location of the private files directory. - * - * The private files directory is supposed to be kept outside of the docroot to - * make sure that its contents are not directly accessible. This directory - * should not have a symbolic link in the site's directory. - * - * @param string $db_role - * The site's db role. - * - * @return string - * The private files directory location. - */ -function gardens_site_data_get_private_files_directory($db_role) { - return "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/sites/g/files-private/{$db_role}"; -} - -/** - * Returns the location of the public files directory. - * - * @param string $db_role - * The site's db role. - * - * @return string - * The public files directory location. - */ -function gardens_site_data_get_public_files_directory($db_role) { - return "sites/g/files/{$db_role}/files"; -} - -/** - * Fully refreshes the APC cached site/domain data, rewriting every key. - */ -function gardens_site_data_refresh_all() { - if ($map = gardens_site_data_load_file()) { - foreach ($map['sites'] as $domain => $site) { - $data = gardens_site_data_build_data($site, $map); - gardens_site_data_cache_set($domain, $data); - } - } -} - -/** - * Returns the data structure for a single site. - * - * @param array $site - * An array of information about a specific site, containing keys including - * 'conf', 'flags', 'name' etc. - * @param array $map - * An array containing global information that applies to all sites (site, - * env, memcache_inc). - * - * @return array - * A data structure containing information about a single site. - */ -function gardens_site_data_build_data(array $site, array $map) { - $db_name = $site['conf']['acsf_db_name']; - $private_files_directory = gardens_site_data_get_private_files_directory($db_name); - $public_files_directory = gardens_site_data_get_public_files_directory($db_name); - - return [ - 'dir' => "g/files/{$site['name']}", - // Put some settings into a global used in settings.php. - 'gardens_site_settings' => [ - 'site' => $map['cloud']['site'], - 'env' => $map['cloud']['env'], - 'memcache_inc' => !empty($map["memcache_inc"]) ? $map["memcache_inc"] : '', - 'flags' => !empty($site['flags']) ? $site['flags'] : [], - 'conf' => !empty($site['conf']) ? $site['conf'] : [], - 'file_private_path' => file_exists($private_files_directory) ? $private_files_directory : NULL, - 'file_public_path' => file_exists($public_files_directory) ? $public_files_directory : NULL, - ], - ]; -} - -/** - * Parses the entire JSON sites file and returns a result for a single domain. - * - * Use gardens_site_data_refresh_one() for a faster near-equivalent. - * - * @param string $domain - * A domain name to search for in the JSON. - * - * @return array - * A gardens site data structure, or zero if the domain was not found. - */ -function gardens_site_data_get_site_from_file($domain) { - $result = 0; - // This function does not seem to be used. Issues with the sites.json in here - // is not handled. - if ($map = gardens_site_data_load_file()) { - if (!empty($map['sites'][$domain])) { - $result = gardens_site_data_build_data($map['sites'][$domain], $map); - } - } - return $result; -} - -/** - * Returns data for a single domain. - * - * Optionally also stores the data in APC. - * - * @param string $domain - * The domain name to look up. - * - * @return array|int|null - * An array of site data, 0 if no site was found for the given domain, or NULL - * if a sites.json read failure was encountered. - */ -function gardens_site_data_refresh_one($domain) { - if (GARDENS_SITE_JSON_LEGACY) { - // Using the legacy sites.json file from the gluster, and optionally also - // stores the data in APC. - $data = gardens_site_data_refresh_domains([$domain]); - } - else { - // Using interface provided by the Acquia Cloud layer, no APC cache handling - // in this case. - $data = gardens_site_data_from_multi_site_config([$domain]); - } - return isset($data[$domain]) ? $data[$domain] : NULL; -} - -/** - * Returns data for the specified domains directly from the JSON file. - * - * Optionally also stores the data in APC. - * - * @param array $domains - * The domain names to look up in the JSON file. - * - * @return array - * An array keyed by the specified domains, whose values are site data arrays - * or 0 if no site was found for the given domain. If a domain is not present - * in the array keys, this indicates a sites.json read failure. - */ -function gardens_site_data_refresh_domains(array $domains) { - $location = gardens_site_data_get_filepath(); - $data = []; - foreach ($domains as $domain) { - $domain = trim($domain); - // Below code expects the JSON file to contain newlines such that - // - all data except the 'sites' data and the closing brace are on the first - // line; - // - all data for a key/value pair representing one single site, on a single - // line. (See below for example.) - // This way we can isolate data for one site by performing a grep command, - // which is much quicker than reading all data into one JSON object. The - // code is built to keep working if the formatting changes by accident; it - // will just be much slower. Also, our grep command does not assume that the - // key for a site is included in double quotes (apparently for fear of - // having a file in illegal JSON format, which does not double-quote its - // object keys...) so we may hit false positives. - // Acquia rules disallow exec() with dynamic arguments. - // phpcs:disable - exec(sprintf("grep %s %s --no-filename --color=never --context=0", escapeshellarg($domain), escapeshellarg($location)), $output_array, $exit_code); - // phpcs:enable - $result = trim(implode("\n", $output_array)); - - if (empty($result)) { - // Log an explicit fail in APC if we cannot find the domain, so that we - // can take advantage of APC caching the "fail" also. Differentiate - // between values for "site not found" and "read failure" so future - // requests can emit different responses for them. (From the docs about - // Gnu grep: exit status is 0 if a line is selected -which should never - // happen here-, 1 if no line is selected, 2 if error encountered.) - if ($exit_code === 1) { - $data[$domain] = 0; - } - } - else { - // $result is in the form of - // "example.com": {"name": "g123", "flags": {}}, - // (with or without the trailing comma). Since we didn't include quotes, - // we may have more than 1 line returned from the grep command, typically - // if the searched-for site domain is a substring of another site domain. - // The "m" (multiline) modifier is used in the regular expression so that - // the begin and end anchors can match the beginning and end of any one of - // those lines, rather than having to match the entire string from - // beginning to end (which fails if there is more than 1 line of results). - $matches = []; - $pattern = '@^\s*"' . preg_quote($domain, '@') . '": ({.+}),?$@m'; - if (preg_match($pattern, $result, $matches)) { - $found_site = json_decode($matches[1], TRUE); - } - - // Retrieve the first line of the JSON file, which contains the global - // site settings data. - $f = fopen($location, 'r'); - $json = fgets($f); - fclose($f); - $json = rtrim($json, ",\n"); - $json .= "}"; - $global_map_data = json_decode($json, TRUE); - - if (empty($found_site) || empty($global_map_data)) { - // This will happen if the domain appears in the JSON file, but the - // format of the file has changed such that the grep-based single-line - // parsing no longer works. - if (class_exists('Drupal') && \Drupal::hasService('logger.factory')) { - \Drupal::logger('acsf')->alert('Unable to extract site data for site @site from sites.json line "@line".', ['@site' => $domain, '@line' => $result]); - } - elseif (function_exists('syslog')) { - syslog(LOG_ERR, sprintf('Unable to extract site data for site %s from sites.json line "%s".', $domain, $result)); - } - if ($map = gardens_site_data_load_file()) { - if (!empty($map['sites'][$domain])) { - $data[$domain] = gardens_site_data_build_data($map['sites'][$domain], $map); - } - else { - // The domain isn't actually present; apparently $domain is a - // substring of the domain(s) matched by grep. (Or, who knows: the - // string might appear somewhere else on the line than the 'key'.) - $data[$domain] = 0; - } - } - // If $data[$domain] was not set here, the file is readable (or there's - // a race condition and the error just appeared) because we did get a - // line of data returned earlier. So the JSON is invalid. - } - else { - $data[$domain] = gardens_site_data_build_data($found_site, $global_map_data); - } - } - - if (isset($data[$domain])) { - // Update the current record in place *if* we are using APC. - if (GARDENS_SITE_DATA_USE_APC) { - gardens_site_data_cache_set($domain, $data[$domain]); - } - } - else { - // Report the read failure, only if Drupal is bootstrapped. - if (function_exists('drupal_register_shutdown_function')) { - // Since reporting involves contacting the Site Factory it should be - // done in a way that does not affect pageload. - drupal_register_shutdown_function('gardens_site_data_json_alert_flag_set'); - } - // Stop processing further domains. - break; - } - } - - if (count($data) == count($domains)) { - // No read failure encountered; all domains were accounted for / cached. - if (gardens_site_data_json_alert_flag_check() && function_exists('drupal_register_shutdown_function')) { - // Clear the flag. Since it involves contacting the Site Factory it should - // be done in a way that does not affect pageload. - drupal_register_shutdown_function('gardens_site_data_json_alert_flag_clear'); - } - } - else { - // If we were checking several domains and any check reported a read failure - // then don't try reading the file again for other domains; cache the failed - // domain plus any that were not processed yet, as "read failure". (It's - // unlikely that we gathered data for some domains before encountering a - // read failure for another one, but account for it.) - if (GARDENS_SITE_DATA_USE_APC) { - foreach ($domains as $domain) { - if (!isset($data[$domain])) { - gardens_site_data_cache_set($domain, NULL); - } - } - } - } - - return $data; -} - -/** - * Returns data for the specified domains using hosting's php interface. - * - * @param array $domains - * The domain names to look up in the domain registry. - * - * @return array - * An array keyed by the specified domains, whose values are site data arrays - * or 0 if no site was found for the given domain. - */ -function gardens_site_data_from_multi_site_config(array $domains) { - $data = []; - $config = Config::getInstance(); - foreach ($domains as $domain) { - $domain = trim($domain); - if ($config) { - // Site config returns an associative array representation of one - // site object, selected by domain. - $found_site = $config->siteConfig($domain); - // Shared config returns an associative array with every key except sites. - $global_map_data = $config->sharedConfig(); - } - // In case of missing data, set the results to zero and report the failure. - if (empty($found_site) || empty($global_map_data)) { - $data[$domain] = 0; - if (class_exists('Drupal') && \Drupal::hasService('logger.factory')) { - \Drupal::logger('acsf')->alert('Unable to extract site data for site @site.', ['@site' => $domain]); - } - elseif (function_exists('syslog')) { - syslog(LOG_ERR, sprintf('Unable to extract data for site %s.', $domain)); - } - } - else { - $data[$domain] = gardens_site_data_build_data($found_site, $global_map_data); - } - } - return $data; -} - -/** - * Stores site info for a given domain in APC. - * - * @param string $domain - * The domain name used in the cache key to store. - * @param mixed $data - * An array of data about the site/domain containing keys 'dir' and - * 'gardens_site_settings'. If the domain was not found in the sites.json then - * a scalar 0; if sites.json could not be read, then NULL. - */ -function gardens_site_data_cache_set($domain, $data) { - if (extension_loaded('apcu') && ini_get('apc.enabled') && function_exists('apcu_store')) { - if ($data === NULL) { - $ttl = GARDENS_SITE_DATA_READ_FAILURE_TTL; - } - elseif ($data === 0) { - $ttl = GARDENS_SITE_DATA_NOT_FOUND_TTL; - } - else { - $ttl = GARDENS_SITE_DATA_TTL; - } - if ($ttl) { - $domain_key = "gardens_domain:$domain"; - apcu_store($domain_key, $data, $ttl); - } - } -} - -/** - * Retrieves cached site info from APC for a given domain. - * - * @param string $domain - * The domain associated with the cached data. - * - * @return mixed - * An object containing information about the site on success, or FALSE if no - * cached data was found for the domain. - */ -function gardens_site_data_cache_get($domain) { - $result = FALSE; - if (extension_loaded('apcu') && ini_get('apc.enabled') && function_exists('apcu_fetch')) { - $domain_key = "gardens_domain:$domain"; - $result = apcu_fetch($domain_key); - } - return $result; -} - -/** - * Re-checks for a fatal issue with the sites.json file. - * - * This function is not the only location where issues are determined; it's used - * to doublecheck the exact type of issue / doublecheck for a race condition, - * after an issue was initially detected outside this function. - * - * @return string - * Type of issue encountered. Empty string means the sites.json file is OK - * (or is missing, which is also OK). - */ -function gardens_site_data_sites_json_issue_type_get() { - $issue_type = ''; - $sites_json_path = gardens_site_data_get_filepath(); - // If sites.json is missing completely then this script is being executed - // outside of an ACSF infrastructure in which case no alert is needed. - if (file_exists($sites_json_path)) { - // Check if sites.json is readable. - if (!is_readable($sites_json_path)) { - $issue_type = 'file_unreadable'; - } - // Check if the file's contents are inaccessible. - if (!$issue_type) { - // Try to read sites.json and see if it succeeds and what kind of error - // we get back if it fails. There is a fail which we need to ignore: when - // the sites.json is being rewritten for a short period of time the - // following error will be returned: - // - // head: cannot open `/mnt/files/balazs.01live/files-private/sites.json' - // for reading: Structure needs cleaning - // - // To make sure we are only triggering an alert in case of a Gluster split - // brain, redirect the stderr to stdout and look for the indicator - // message: 'Input/output error'. - // - // Acquia rules disallow exec() with dynamic arguments. - // phpcs:disable - exec(sprintf('head -n1 %s 2>&1', escapeshellarg($sites_json_path)), $output_array, $exit_code); - // phpcs:enable - $output = implode('', $output_array); - if ($exit_code !== 0 && strpos($output, 'Input/output error') !== FALSE) { - $issue_type = 'gluster_split_brain'; - } - } - // Check for invalid JSON data. We treat empty file as invalid too here, - // because it doesn't matter much. It's not consistent with the initial - // check, though. (An empty file does not cause - // gardens_site_data_json_alert_flag_set() to be called.) - if (!$issue_type) { - $map = gardens_site_data_load_file(); - if (!$map) { - $issue_type = 'invalid_json_data'; - } - } - } - - return $issue_type; -} - -/** - * Tries to set a flag, marking that an issue with sites.json exists. - * - * This function is not supposed to be used for checking that there is an issue - * with sites.json; it should only be called if an issue exists. - * - * As we do not have a DB connection, and we assume gluster is the primary - * suspect for issues, the lock will live on the ephemeral disk. If something - * strange happens while setting the flag (like the file cannot be opened or - * written to), the function will always return empty string, and no logging/ - * alerting is done at all. We basically have a choice between this and flooding - * watchdog/syslog/the factory with alerts. - */ -function gardens_site_data_json_alert_flag_set() { - $lock_file = sprintf(GARDENS_SITE_JSON_ALERT_LOCK_TEMPLATE, $_ENV['AH_SITE_GROUP'], $_ENV['AH_SITE_ENVIRONMENT']); - - if (!file_exists($lock_file)) { - // Create/open file, do not generate an error in race conditions (two - // processes opening the file at the same time). - $fh = fopen($lock_file, 'c'); - if ($fh) { - // Get (exclusive, non-blocking) lock. Note we assume we can actually rely - // on flock; see multithreading notes in the php.net docs. - if (flock($fh, LOCK_EX | LOCK_NB)) { - // Something more evasive than the 'fopen()' race condition: what - // happens just around the time a sites.json issue stops existing? Could - // one slow process that still thinks there is an issue, be delayed and - // execute this code just _after_ another process removed the flag? That - // would result in a superfluous alert being sent out at that time. To - // prevent this, we repeat the check. (We often would need to do this - // check anyway, somewhere, if we did not know the issue type yet.) - $issue_type = gardens_site_data_sites_json_issue_type_get(); - - // Send the alert to the Site Factory. - $alert_sent = FALSE; - if ($issue_type) { - $response = gardens_site_data_alert_send('sites_json', $issue_type); - if ($response->code == 200 && !empty($response->body['received'])) { - $alert_sent = TRUE; - } - } - - // Remove the lock file if issue has gone away or the alert was not - // processed by the Site Factory. - if (!$alert_sent) { - // Remove the lock file (name; the file/handle itself is still - // locked/open, which is fine). - unlink($lock_file); - } - - // Release the lock. - flock($fh, LOCK_UN); - } - fclose($fh); - } - } -} - -/** - * Checks if a 'sites.json alert' flag exists. - * - * @return bool - * TRUE on if the flag exists. - */ -function gardens_site_data_json_alert_flag_check() { - $lock_file = sprintf(GARDENS_SITE_JSON_ALERT_LOCK_TEMPLATE, $_ENV['AH_SITE_GROUP'], $_ENV['AH_SITE_ENVIRONMENT']); - return file_exists($lock_file); -} - -/** - * Clears a 'sites.json alert' flag. - */ -function gardens_site_data_json_alert_flag_clear() { - $lock_file = sprintf(GARDENS_SITE_JSON_ALERT_LOCK_TEMPLATE, $_ENV['AH_SITE_GROUP'], $_ENV['AH_SITE_ENVIRONMENT']); - - if (file_exists($lock_file)) { - // To prevent a situation where a slow process would remove the file just - // after it was created (i.e. the reverse of what is documented in - // gardens_site_data_json_alert_flag_set()), we lock the file and check - // again, and only remove the file if no issues were encountered. This isn't - // exactly symmetric in the sense that we have no domain name, so: if domain - // specific information was just lost somehow, then a slow process has a - // higher chance of clearing the flag when it shouldn't. The effect: two - // alerts would be sent out in sequence (because the flag is set, cleared - // here, and then set again). That is less problematic than the reverse, - // which would send out an alert at the moment the domain specific error was - // just solved. - $fh = @fopen($lock_file, 'r+'); - if ($fh) { - if (flock($fh, LOCK_EX | LOCK_NB)) { - // Make sure that the issue is gone. - $issue_type = gardens_site_data_sites_json_issue_type_get(); - - // Send an all fine message to the Site Factory if the issue is gone. - $alert_sent = FALSE; - if (!$issue_type) { - $response = gardens_site_data_alert_send('sites_json', 'all_fine'); - if ($response->code == 200 && !empty($response->body['received'])) { - $alert_sent = TRUE; - } - } - - // Clear the flag if the all fine message was sent and processed. - if ($alert_sent) { - // There is no problem with unlinking a locked file; the file name - // gets freed up (while the 'orphaned' file itself is still locked). - // Removing a (locked) file like this does not introduce a race - // condition, if all processes try to lock the file in an exclusive - // and non-blocking manner. So unlinking the file should never fail. - // If it does, we could try to log to watchdog/syslog but that would - // completely flood the logs. - @unlink($lock_file); - } - // We could release the lock here but if the file is already unlinked - // that won't do much useful - and if it's not, we may be better off - // keeping it locked. - } - fclose($fh); - } - } -} - -/** - * Returns the shared credentials. - * - * @param string $site - * The hosting sitegroup name. - * @param string $env - * The hosting environment name. - * - * @return Acquia\SimpleRest\SimpleRestCreds - * The credentials. - * - * @throws Exception - * If the credentials cannot be read for any reason. - */ -function gardens_site_data_shared_creds_get($site, $env) { - $ini_file = sprintf('/mnt/files/%s.%s/nobackup/sf_shared_creds.ini', $site, $env); - if (file_exists($ini_file)) { - $data = parse_ini_file($ini_file, TRUE); - if (!empty($data) && !empty($data['gardener'])) { - return new SimpleRestCreds($data['gardener']['username'], - $data['gardener']['password'], - $data['gardener']['url']); - } - } - throw new Exception(sprintf('Unable to read credentials from %s.', $ini_file)); -} - -/** - * Alerts the Site Factory on possible sites.json issues. - * - * @param string $scope - * The scope type. (Currently only 'sites_json' scope type is accepted by the - * Site Factory.) - * @param string $issue_type - * The issue type. - * - * @return Acquia\SimpleRest\SimpleRestResponse - * The response. - */ -function gardens_site_data_alert_send($scope, $issue_type) { - // The SF REST API endpoint. - $endpoint = 'site-api/v1/sf-alert'; - // The hosting site group name. - $site = $_ENV['AH_SITE_GROUP']; - // The hosting environment name. - $env = $_ENV['AH_SITE_ENVIRONMENT']; - // The fully qualified webnode name. - $webnode = gethostname(); - - try { - $parameters = [ - 'scope' => $scope, - 'data' => [ - 'issue_type' => $issue_type, - 'site_group' => $site, - 'site_env' => $env, - 'server' => $webnode, - // Instead of \Drupal::time()->getRequestTime() we're going to use - // time() here because there is no definite usage of \Drupal at this - // point in the bootstrap. - // Rest of the code above also does a class_exists() check against - // 'Drupal', probably due to the same reason. - 'timestamp' => time(), - ], - ]; - $creds = gardens_site_data_shared_creds_get($site, $env); - $message = new SimpleRestMessage($site, $env); - $response = $message->send('POST', $endpoint, $parameters, $creds); - } - catch (Exception $e) { - $error_message = sprintf('Sending alert to Site Factory failed: %s', $e->getMessage()); - syslog(LOG_ERR, $error_message); - $response = new SimpleRestResponse($endpoint, 500, ['message' => $error_message]); - } - - return $response; -} diff --git a/docroot/sites/settings/cgov_caching.settings.php b/docroot/sites/settings/cgov_caching.settings.php index 140db5f7fd..5b8033a447 100644 --- a/docroot/sites/settings/cgov_caching.settings.php +++ b/docroot/sites/settings/cgov_caching.settings.php @@ -2,7 +2,7 @@ /** * @file - * Implementation of cache settings for ACE + ACSF. + * Implementation of cache settings for ACE + MEO. * * @see https://docs.acquia.com/site-factory/tiers/paas/workflow/hooks */ @@ -23,24 +23,14 @@ $config['system.performance']['js']['preprocess'] = TRUE; $config['system.performance']['js']['gzip'] = TRUE; - switch ($env) { - case 'dev': - case '01dev': - case 'int': - case '01test': - case 'test': - case '01live': - case 'ode': - // Cache settings. - $config['system.performance']['cache']['page']['max_age'] = 16588800; - break; - } + // All Acquia environments should have the same max cache age of 192 days. + $config['system.performance']['cache']['page']['max_age'] = 16588800; // ODEs are not behind Akamai, but everything else conceivably could be. if ($env != 'ode') { - // Setup proper .edgerc path for Akamai module + // Setup proper .edgerc path for Akamai module. $ah_group = isset($_ENV['AH_SITE_GROUP']) ? $_ENV['AH_SITE_GROUP'] : NULL; - $config['akamai.settings']['edgerc_path'] = "/mnt/gfs/home/$ah_group/common/.edgerc"; + $config['akamai.settings']['edgerc_path'] = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/cgdp/edgerc"; $config['akamai.settings']['basepath'] = 'https://' . $domain; } } diff --git a/docroot/sites/settings/cgov_core.settings.php b/docroot/sites/settings/cgov_core.settings.php index a7955475ac..11f172bdd1 100644 --- a/docroot/sites/settings/cgov_core.settings.php +++ b/docroot/sites/settings/cgov_core.settings.php @@ -13,15 +13,15 @@ $domain = CGovSettingsUtil::getDomain(); /* -* Set the translation path to allow for easy management of third-party -* translation files. The installer ignores the path for the initial install, -* but it will honor the use source. (It is here as configs will not be set -* before the installation starts.) -* -* There is a known issue where the installer will not honor the override for the -* path because it is hardcoded in the installer code. -* https://www.drupal.org/project/drupal/issues/2689305 -*/ + * Set the translation path to allow for easy management of third-party + * translation files. The installer ignores the path for the initial install, + * but it will honor the use source. (It is here as configs will not be set + * before the installation starts.) + * + * There is a known issue where the installer will not honor the override for the + * path because it is hardcoded in the installer code. + * https://www.drupal.org/project/drupal/issues/2689305 + */ $config['locale.settings']['translation']['use_source'] = 'local'; $config['locale.settings']['translation']['path'] = DRUPAL_ROOT . '/translations'; @@ -30,29 +30,23 @@ $config['simple_sitemap.settings']['base_url'] = 'https://' . $domain; // Settings for metatag attribute cgdp.domain. -if(CGovSettingsUtil::isACSF()) { - // For ACSF env. - $acsf_domains = array_keys(gardens_data_get_sites_from_file($GLOBALS['gardens_site_settings'])); - foreach ($acsf_domains as $domain_value) { - if(preg_match('/acsitefactory.com/', $domain_value)){ - $temp = explode('.', $domain_value); - if($temp[1] == $_ENV['AH_SITE_GROUP']){ - $domain_env = $temp[0]; - }else { - $acsf_env = str_replace('-' . $_ENV['AH_SITE_GROUP'], '', $temp[1]); - $domain_env = $temp[0] . '-' . $acsf_env; - } - } +if (CGovSettingsUtil::isMeo()) { + // For MEO environments, use the site name and environment directly. + if (isset($_ENV['AH_DRUPAL_SITE_NAME']) && isset($_ENV['AH_SITE_ENVIRONMENT'])) { + $settings['cgdp_domain'] = $_ENV['AH_DRUPAL_SITE_NAME'] . '-' . $_ENV['AH_SITE_ENVIRONMENT']; + } + else { + error_log("MEO environment variables AH_DRUPAL_SITE_NAME or AH_SITE_ENVIRONMENT not set"); + $settings['cgdp_domain'] = $env; } - $settings['cgdp_domain'] = $domain_env; } else { $settings['cgdp_domain'] = $env; } -// on non-prod environments, route emails to logger -if ($env !== "01live") { - // route e-mails to the logger. +// On non-prod environments, route emails to logger. +if ($env !== "meoprod") { + // Route e-mails to the logger. $config['system.mail']['interface']['default'] = 'cgov_mail_logger'; } @@ -67,19 +61,17 @@ 'user.reset.form', ]; -// Get the license dir from our current environment -$licenseDir = '/var/licenses'; +// Get the license dir from our current environment. +$licenseFilename = '/var/licenses/licenses.php'; if (CGovSettingsUtil::isAcquia()) { - $licenseDir = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/licenses"; + $licenseFilename = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/cgdp/licenses.php"; } - -$licenseFilename = sprintf('%s/licenses.php', $licenseDir); if (file_exists($licenseFilename)) { // Load the license keys file. - require($licenseFilename); + require $licenseFilename; - // Setup CKEditor LTS keys + // Setup CKEditor LTS keys. if (array_key_exists('ckeditor_lts', $cgdp_license_keys)) { // Set the default key if a specific environment key does not exist. diff --git a/docroot/sites/settings/cgov_saml_auth_config.settings.php b/docroot/sites/settings/cgov_saml_auth_config.settings.php index 29949cdd7c..c302d7cd8a 100644 --- a/docroot/sites/settings/cgov_saml_auth_config.settings.php +++ b/docroot/sites/settings/cgov_saml_auth_config.settings.php @@ -11,7 +11,7 @@ // Get our current environment if (CGovSettingsUtil::isAcquia()) { - $samlDir = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/saml"; + $samlDir = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/cgdp/saml"; } elseif (file_exists('/var/saml')) { $samlDir = "/var/saml"; } diff --git a/docroot/sites/settings/cgov_settings_utilities.inc b/docroot/sites/settings/cgov_settings_utilities.inc index b239eca941..2d3d4a4bfc 100644 --- a/docroot/sites/settings/cgov_settings_utilities.inc +++ b/docroot/sites/settings/cgov_settings_utilities.inc @@ -18,22 +18,20 @@ class CGovSettingsUtil { * Determines whether we are on an Acquia environment. * * @return bool - * True if this is an Acquia environment (ACSF or AC) + * True if this is an Acquia environment (MEO or ACE) */ public static function isAcquia() { return (file_exists('/var/www/site-php') && isset($_ENV['AH_SITE_ENVIRONMENT'])); } /** - * Determines whether we are on an ACSF environment. + * Determines whether we are on an Acquia MEO environment. * * @return bool - * True if this is an ACSF environment + * True if this is an Acquia MEO environment */ - public static function isACSF() { - $is_acsf_env = EnvironmentDetector::isAcsfEnv(); - $acsf_db_name = EnvironmentDetector::getAcsfDbName(); - return ($is_acsf_env && $acsf_db_name); + public static function isMeo() { + return (self::isAcquia() && $_ENV['AH_ENVIRONMENT_TYPE'] === 'meo'); } /** @@ -48,7 +46,13 @@ class CGovSettingsUtil { if (preg_match('/^ode\d*$/', $env)) { $env = 'ode'; } - } else { + if (self::isMeo()) { + // Prefixing MEO environments to avoid conflicts with ACE and matching + // BLT env names. + $env = 'meo' . $env; + } + } + else { $env = 'local'; } return $env; @@ -63,27 +67,38 @@ class CGovSettingsUtil { public static function getDomain() { // Default our domain to PROD. $domain = 'www.cancer.gov'; - // Check if this is an ACSF site first. - if (self::isACSF()) { - $domains = gardens_data_get_sites_from_file($GLOBALS['gardens_site_settings']['conf']['acsf_db_name']); - // You should always add the public domain first domain when creating a site, - // but just in case we will set to the default first. - $domain = array_keys($domains)[0]; - foreach ($domains as $site_name => $site_info) { - if (!empty($site_info['flags']['preferred_domain'])) { - $domain = $site_name; + + // Check if this is an MEO site first. + if (self::isMeo()) { + // Load the CDP mapping file to determine which MEO site we are on. + $cdp_mapping_path = "/mnt/files/{$_ENV['AH_SITE_GROUP']}.{$_ENV['AH_SITE_ENVIRONMENT']}/cgdp/sites.php"; + if (!is_file($cdp_mapping_path)) { + error_log("MEO CDP mapping file not found: $cdp_mapping_path."); + } + else { + require $cdp_mapping_path; + + // Check if the site name exists in the mapping file. + if (!isset($cgdpUrls) || !isset($_ENV['AH_DRUPAL_SITE_NAME']) || !isset($cgdpUrls[$_ENV['AH_DRUPAL_SITE_NAME']])) { + error_log("Site name '{$_ENV['AH_DRUPAL_SITE_NAME']}' not found in CDP mapping file."); + } + else { + $domain = $cgdpUrls[$_ENV['AH_DRUPAL_SITE_NAME']]; } } - // For non-ACSF sites, the domain depends on the environment name. - } else { + } + else { + // For non-MEO sites, the domain depends on the environment name. $env = self::getEnvironmentName(); switch ($env) { case 'local': $domain = 'www.devbox'; break; + case 'ode': $domain = 'ncigovcd' . $_ENV['AH_SITE_ENVIRONMENT'] . '.prod.acquia-sites.com'; break; + // Other AC environments have a standard domain format. default: $domain = 'www-' . $env . '-ac.cancer.gov'; @@ -92,6 +107,5 @@ class CGovSettingsUtil { } return $domain; } -} - +} diff --git a/docroot/sites/sites.php b/docroot/sites/sites.php index d324436b98..de13c41ee9 100644 --- a/docroot/sites/sites.php +++ b/docroot/sites/sites.php @@ -1,148 +1,71 @@ .