Isolate Users (#431)

* WIP to isolate users

* Resolved issue with SSH AsUser

Updated Isolated User Script to use Server User for Team Access
Updated Path creation script to simplify for running as the isolated user

* Included the server user

* PHPMyAdmin script updated

Wordpress Script Updated
Updated Execute Script to support executing as isolated users

* Issue Resolution & Resolved Failing Unit Tests

* Fix for isolated_username vs user

* Run the deploy as the isolated user

* queue updates for isolated user

* Support isolated users in cronjobs

* script tests for isolated users

* Queue tests for isolated users

* Cronjob tests for isolated user

* Removed default queue command for laravel apps

* add default user to factory

* laravel pint fixes

* ensure echos are consistent

* removed unneeded parameter

* update

* fix queues for isolated users

* revert addslashes

---------

Co-authored-by: Saeed Vaziry <mr.saeedvaziry@gmail.com>

app/Actions/Site/CreateSite.php

@@ -23,12 +23,14 @@ public function create(Server $server, array $input): Site
     {
         DB::beginTransaction();
         try {
+            $user = $input['user'] ?? $server->getSshUser();
             $site = new Site([
                 'server_id' => $server->id,
                 'type' => $input['type'],
                 'domain' => $input['domain'],
                 'aliases' => $input['aliases'] ?? [],
-                'path' => '/home/'.$server->getSshUser().'/'.$input['domain'],
+                'user' => $user,
+                'path' => '/home/'.$user.'/'.$input['domain'],
                 'status' => SiteStatus::INSTALLING,
             ]);
 
@@ -108,6 +110,13 @@ public static function rules(Server $server, array $input): array
             'aliases.*' => [
                 new DomainRule,
             ],
+            'user' => [
+                'regex:/^[a-z_][a-z0-9_-]*[a-z0-9]$/',
+                'min:3',
+                'max:32',
+                'unique:sites,user',
+                Rule::notIn($server->getSshUsers()),
+            ],
         ];
 
         return array_merge($rules, self::typeRules($server, $input));

app/Actions/Site/DeleteSite.php

@@ -3,6 +3,7 @@
 namespace App\Actions\Site;
 
 use App\Models\Site;
+use App\SSH\Services\PHP\PHP;
 use App\SSH\Services\Webserver\Webserver;
 
 class DeleteSite
@@ -12,6 +13,16 @@ public function delete(Site $site): void
         /** @var Webserver $webserverHandler */
         $webserverHandler = $site->server->webserver()->handler();
         $webserverHandler->deleteSite($site);
+
+        if ($site->isIsolated()) {
+            /** @var PHP $php */
+            $php = $site->server->php()->handler();
+            $php->removeFpmPool($site->user, $site->php_version, $site->id);
+
+            $os = $site->server->os();
+            $os->deleteIsolatedUser($site->user);
+        }
+
         $site->delete();
     }
 }

app/Actions/Site/Deploy.php

@@ -48,7 +48,8 @@ public function run(Site $site): Deployment
                 path: $site->path,
                 script: $site->deploymentScript->content,
                 serverLog: $log,
-                variables: $site->environmentVariables($deployment)
+                user: $site->user,
+                variables: $site->environmentVariables($deployment),
             );
             $deployment->status = DeploymentStatus::FINISHED;
             $deployment->save();