installer_base.lib.php 133 KB
Newer Older
latham's avatar
latham committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
<?php

/*
Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

class installer_base {

	var $wb = array();
	var $language = 'en';
	var $db;
	public $conf;
	public $install_ispconfig_interface = true;
	public $is_update = false; // true if it is an update, falsi if it is a new install
39
	public $min_php = '5.3.3'; // minimal php-version for update / install
40
	protected $mailman_group = 'list';
latham's avatar
latham committed
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57


	public function __construct() {
		global $conf; //TODO: maybe $conf  should be passed to constructor
		//$this->conf = $conf;
	}

	//: TODO  Implement the translation function and language files for the installer.
	public function lng($text) {
		return $text;
	}

	public function error($msg) {
		die('ERROR: '.$msg."\n");
	}

	public function warning($msg) {
58
		echo 'WARNING: '.$msg."\n";
latham's avatar
latham committed
59
	}
maddinxx's avatar
maddinxx committed
60

Till Brehm's avatar
Till Brehm committed
61
62
	public function simple_query($query, $answers, $default, $name = '') {
		global $autoinstall;
latham's avatar
latham committed
63
64
		$finished = false;
		do {
Till Brehm's avatar
Till Brehm committed
65
66
67
68
69
70
			if($name != '' && $autoinstall[$name] != '') {
				if($autoinstall[$name] == 'default') {
					$input = $default;
				} else {
					$input = $autoinstall[$name];
				}
71
72
73
74
75
76
			} elseif($name != '' && $autoupdate[$name] != '') {
				if($autoupdate[$name] == 'default') {
					$input = $default;
				} else {
					$input = $autoupdate[$name];
				}
Till Brehm's avatar
Till Brehm committed
77
78
79
80
81
			} else {
				$answers_str = implode(',', $answers);
				swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
				$input = sread();
			}
latham's avatar
latham committed
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

			//* Stop the installation
			if($input == 'quit') {
				swriteln($this->lng("Installation terminated by user.\n"));
				die();
			}

			//* Select the default
			if($input == '') {
				$answer = $default;
				$finished = true;
			}

			//* Set answer id valid
			if(in_array($input, $answers)) {
				$answer = $input;
				$finished = true;
			}

		} while ($finished == false);
		swriteln();
		return $answer;
	}

Till Brehm's avatar
Till Brehm committed
106
107
108
109
110
111
112
113
	public function free_query($query, $default, $name = '') {
		global $autoinstall;
		if($name != '' && $autoinstall[$name] != '') {
			if($autoinstall[$name] == 'default') {
				$input = $default;
			} else {
				$input = $autoinstall[$name];
			}
114
115
116
117
118
119
		} elseif($name != '' && $autoupdate[$name] != '') {
			if($autoupdate[$name] == 'default') {
				$input = $default;
			} else {
				$input = $autoupdate[$name];
			}
Till Brehm's avatar
Till Brehm committed
120
121
122
123
		} else {
			swrite($this->lng($query).' ['.$default.']: ');
			$input = sread();
		}
latham's avatar
latham committed
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

		//* Stop the installation
		if($input == 'quit') {
			swriteln($this->lng("Installation terminated by user.\n"));
			die();
		}

		$answer =  ($input == '') ? $default : $input;
		swriteln();
		return $answer;
	}

	/*
	// TODO: this function is not used atmo I think - pedro
	function request_language(){
maddinxx's avatar
maddinxx committed
139

latham's avatar
latham committed
140
141
		swriteln(lng('Enter your language'));
		swriteln(lng('de, en'));
maddinxx's avatar
maddinxx committed
142

latham's avatar
latham committed
143
144
145
	}
	*/

146
147
	//** Detect PHP-Version
	public function get_php_version() {
148
149
		if(version_compare(PHP_VERSION, $this->min_php, '<')) return false;
		else return true;
150
151
	}

latham's avatar
latham committed
152
153
154
155
156
157
	//** Detect installed applications
	public function find_installed_apps() {
		global $conf;

		if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
		if(is_installed('postfix')) $conf['postfix']['installed'] = true;
Dominik's avatar
Dominik committed
158
		if(is_installed('postgrey')) $conf['postgrey']['installed'] = true;
159
		if(is_installed('mailman') || is_installed('mmsitepass')) $conf['mailman']['installed'] = true;
160
		if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
latham's avatar
latham committed
161
		if(is_installed('getmail')) $conf['getmail']['installed'] = true;
162
		if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
latham's avatar
latham committed
163
		if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
164
		if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
tbrehm's avatar
tbrehm committed
165
		if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
latham's avatar
latham committed
166
167
168
169
170
171
		if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
		if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
		if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
		if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
		if(is_installed('pdns_server') || is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
		if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
172
173
		if(is_installed('squid')) $conf['squid']['installed'] = true;
		if(is_installed('nginx')) $conf['nginx']['installed'] = true;
174
		if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
175
		if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
tbrehm's avatar
tbrehm committed
176
		if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
177
178
		if(is_installed('iptables') && is_installed('bastille-netfilter')) $conf['bastille']['installed'] = true;
		if(is_installed('metronome') && is_installed('metronomectl')) $conf['xmpp']['installed'] = true;
179
		if(is_installed('spamassassin')) $conf['spamassassin']['installed'] = true;
180
181
		if(is_installed('vlogger')) $conf['vlogger']['installed'] = true;
		if(is_installed('cron')) $conf['cron']['installed'] = true;
maddinxx's avatar
maddinxx committed
182

183
		if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) || ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
latham's avatar
latham committed
184
185
	}

186
    public function force_configure_app($service, $enable_force=true) {
187
188
		$force = false;
        swriteln("[WARN] autodetect for $service failed");
189
190
191
192
193
		if($enable_force) {
	        if(strtolower($this->simple_query("Force configure $service", array('y', 'n'), 'n') ) == 'y') {
	            $force = true;
			} else swriteln("Skipping $service\n");
		}
194
195
196
		return $force;
    }

197
198
199
200
201
202
203
204
205
206
207
208
209
	public function reconfigure_app($service, $reconfigure_services_answer) {
		$reconfigure = false;
		if ($reconfigure_services_answer != 'selected') {
			$reconfigure = true;
		} else {
			if(strtolower($this->simple_query("Reconfigure $service", array('y', 'n'), 'y') ) == 'y') {
				$reconfigure = true;
			} else {
				swriteln("Skip reconfigure $service\n");
			}
		}
		return $reconfigure;
	}
210

latham's avatar
latham committed
211
	/** Create the database for ISPConfig */
212
213


latham's avatar
latham committed
214
215
216
	public function configure_database() {
		global $conf;

217
218
219
220
221
		//* check sql-mode
		$check_sql_mode = $this->db->queryOneRecord("SELECT @@sql_mode");

		if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') die('Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION');

latham's avatar
latham committed
222
		//** Create the database
223
		if(!$this->db->query('CREATE DATABASE IF NOT EXISTS ?? DEFAULT CHARACTER SET ?', $conf['mysql']['database'], $conf['mysql']['charset'])) {
latham's avatar
latham committed
224
225
226
227
			$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
		}

		//* Set the database name in the DB library
228
		$this->db->setDBName($conf['mysql']['database']);
latham's avatar
latham committed
229
230
231
232
233
234
235

		//* Load the database dump into the database, if database contains no tables
		$db_tables = $this->db->getTables();
		if(count($db_tables) > 0) {
			$this->error('Stopped: Database already contains some tables.');
		} else {
			if($conf['mysql']['admin_password'] == '') {
236
				caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
237
					__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
latham's avatar
latham committed
238
			} else {
239
				caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
240
					__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
latham's avatar
latham committed
241
242
243
244
245
246
247
			}
			$db_tables = $this->db->getTables();
			if(count($db_tables) == 0) {
				$this->error('Unable to load SQL-Dump into database table.');
			}

			//* Load system.ini into the sys_ini table
248
249
			$system_ini = rf('tpl/system.ini.master');
			$this->db->query("UPDATE sys_ini SET config = ? WHERE sysini_id = 1", $system_ini);
latham's avatar
latham committed
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265

		}
	}

	//** Create the server record in the database
	public function add_database_server_record() {

		global $conf;

		if($conf['mysql']['host'] == 'localhost') {
			$from_host = 'localhost';
		} else {
			$from_host = $conf['hostname'];
		}

		// Delete ISPConfig user in the local database, in case that it exists
266
267
268
		$this->db->query("DELETE FROM mysql.user WHERE User = ? AND Host = ?", $conf['mysql']['ispconfig_user'], $from_host);
		$this->db->query("DELETE FROM mysql.db WHERE Db = ? AND Host = ?", $conf['mysql']['database'], $from_host);
		$this->db->query('FLUSH PRIVILEGES');
latham's avatar
latham committed
269
270

		//* Create the ISPConfig database user in the local database
271
272
		$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON ?? TO ?@? IDENTIFIED BY ?';
		if(!$this->db->query($query, $conf['mysql']['database'] . ".*", $conf['mysql']['ispconfig_user'], $from_host, $conf['mysql']['ispconfig_password'])) {
latham's avatar
latham committed
273
274
275
276
277
278
279
			$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
		}

		//* Reload database privelages
		$this->db->query('FLUSH PRIVILEGES;');

		//* Set the database name in the DB library
280
		$this->db->setDBName($conf['mysql']['database']);
latham's avatar
latham committed
281
282
283
284
285
286
287
288
289
290

		$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));

		//* Update further distribution specific parameters for server config here
		//* HINT: Every line added here has to be added in update.lib.php too!!
		$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
		$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
		$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
		$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
		$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
291
		$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
latham's avatar
latham committed
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
		$tpl_ini_array['server']['hostname'] = $conf['hostname'];
		$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
		$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
		$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
		$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
		$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
		$tpl_ini_array['web']['security_level'] = 20;
		$tpl_ini_array['web']['user'] = $conf['apache']['user'];
		$tpl_ini_array['web']['group'] = $conf['apache']['group'];
		$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
		$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
		$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
		$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
		$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
		$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
		$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
		$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
		$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
maddinxx's avatar
maddinxx committed
310

311
312
313
314
315
316
317
318
319
320
		$tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
		$tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
		$tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
		$tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
		$tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
		$tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
		$tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
		$tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
		$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
		$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
maddinxx's avatar
maddinxx committed
321

322
		if ($conf['nginx']['installed'] == true) {
323
324
			$tpl_ini_array['web']['server_type'] = 'nginx';
			$tpl_ini_array['global']['webserver'] = 'nginx';
325
		}
maddinxx's avatar
maddinxx committed
326

latham's avatar
latham committed
327
328
329
330
331
332
333
		if (array_key_exists('awstats', $conf)) {
			foreach ($conf['awstats'] as $aw_sett => $aw_value) {
				$tpl_ini_array['web']['awstats_'.$aw_sett] = $aw_value;
			}
		}

		$server_ini_content = array_to_ini($tpl_ini_array);
Marius Cramer's avatar
Marius Cramer committed
334
		
latham's avatar
latham committed
335
336
337
338
339
		$mail_server_enabled = ($conf['services']['mail'])?1:0;
		$web_server_enabled = ($conf['services']['web'])?1:0;
		$dns_server_enabled = ($conf['services']['dns'])?1:0;
		$file_server_enabled = ($conf['services']['file'])?1:0;
		$db_server_enabled = ($conf['services']['db'])?1:0;
tbrehm's avatar
tbrehm committed
340
		$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
341
342
		$proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
		$firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
maddinxx's avatar
maddinxx committed
343

latham's avatar
latham committed
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
		//** Get the database version number based on the patchfiles
		$found = true;
		$current_db_version = 1;
		while($found == true) {
			$next_db_version = intval($current_db_version + 1);
			$patch_filename = realpath(dirname(__FILE__).'/../').'/sql/incremental/upd_'.str_pad($next_db_version, 4, '0', STR_PAD_LEFT).'.sql';
			if(is_file($patch_filename)) {
				$current_db_version = $next_db_version;
			} else {
				$found = false;
			}
		}
		$current_db_version = intval($current_db_version);


		if($conf['mysql']['master_slave_setup'] == 'y') {

			//* Insert the server record in master DB
362
363
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
			$this->dbmaster->query($sql, $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);
latham's avatar
latham committed
364
365
366
367
			$conf['server_id'] = $this->dbmaster->insertID();
			$conf['server_id'] = $conf['server_id'];

			//* Insert the same record in the local DB
Florian Schaal's avatar
Florian Schaal committed
368
			$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (?,1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
369
			$this->db->query($sql, $conf['server_id'], $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);
latham's avatar
latham committed
370
371
372
373
374
375
376
377

			//* username for the ispconfig user
			$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];

			$this->grant_master_database_rights();

		} else {
			//* Insert the server, if its not a mster / slave setup
378
379
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', ?, ?, ?, ?, ?, ?, ?, ?, 0, 1, ?, ?, ?);";
			$this->db->query($sql, $conf['hostname'], $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $server_ini_content, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);
latham's avatar
latham committed
380
381
382
383
384
385
			$conf['server_id'] = $this->db->insertID();
			$conf['server_id'] = $conf['server_id'];
		}


	}
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
	
	public function detect_ips(){
		global $conf;

		exec("ip addr show | awk '/global/ { print $2 }' | cut -d '/' -f 1", $output, $retval);
		
		if($retval == 0){
			if(is_array($output) && !empty($output)){
				foreach($output as $line){
					$line = trim($line);
					$ip_type = '';
					if (filter_var($line, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
						$ip_type = 'IPv4';
					}
					if (filter_var($line, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
						$ip_type = 'IPv6';
					}
					if($ip_type == '') continue;
					if($this->db->dbHost != $this->dbmaster->dbHost){
						$this->dbmaster->query('INSERT INTO server_ip (
							sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
							sys_perm_other, server_id, client_id, ip_type, ip_address,
							virtualhost, virtualhost_port
						) VALUES (
							1,
							1,
							"riud",
							"riud",
							"",
415
							?,
416
							0,
417
418
							?,
							?,
419
420
							"y",
							"80,443"
421
						)', $conf['server_id'], $ip_type, $line);
422
423
424
425
426
427
						$server_ip_id = $this->dbmaster->insertID();
						$this->db->query('INSERT INTO server_ip (
							server_php_id, sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
							sys_perm_other, server_id, client_id, ip_type, ip_address,
							virtualhost, virtualhost_port
						) VALUES (
428
							?,
429
430
431
432
433
							1,
							1,
							"riud",
							"riud",
							"",
434
							?,
435
							0,
436
437
							?,
							?,
438
439
							"y",
							"80,443"
440
						)', $server_ip_id, $conf['server_id'], $ip_type, $line);
441
442
443
444
445
446
447
448
449
450
451
					} else {
						$this->db->query('INSERT INTO server_ip (
							sys_userid, sys_groupid, sys_perm_user, sys_perm_group,
							sys_perm_other, server_id, client_id, ip_type, ip_address,
							virtualhost, virtualhost_port
						) VALUES (
							1,
							1,
							"riud",
							"riud",
							"",
452
							?,
453
							0,
454
455
							?,
							?,
456
457
							"y",
							"80,443"
458
						)', $conf['server_id'], $ip_type, $line);
459
460
461
462
463
					}
				}
			}
		}
	}
latham's avatar
latham committed
464

465
	public function grant_master_database_rights($verbose = false) {
latham's avatar
latham committed
466
467
468
469
470
471
472
473
474
475
476
		global $conf;

		/*
		 * The following code is a little bit tricky:
		 * * If we HAVE a master-slave - Setup then the client has to grant the rights for himself
		 *   at the master.
		 * * If we DO NOT have a master-slave - Setup then we have two possibilities
		 *   1) it is a single server
		 *   2) it is the MASTER of n clients
		*/
		$hosts = array();
maddinxx's avatar
maddinxx committed
477

latham's avatar
latham committed
478
479
480
481
482
483
484
485
486
		if($conf['mysql']['master_slave_setup'] == 'y') {
			/*
			 * it is a master-slave - Setup so the slave has to grant its rights in the master
			 * database
			 */

			//* insert the ispconfig user in the remote server
			$from_host = $conf['hostname'];
			$from_ip = gethostbyname($conf['hostname']);
maddinxx's avatar
maddinxx committed
487

latham's avatar
latham committed
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
			$hosts[$from_host]['user'] = $conf['mysql']['master_ispconfig_user'];
			$hosts[$from_host]['db'] = $conf['mysql']['master_database'];
			$hosts[$from_host]['pwd'] = $conf['mysql']['master_ispconfig_password'];

			$hosts[$from_ip]['user'] = $conf['mysql']['master_ispconfig_user'];
			$hosts[$from_ip]['db'] = $conf['mysql']['master_database'];
			$hosts[$from_ip]['pwd'] = $conf['mysql']['master_ispconfig_password'];
		} else{
			/*
			 * it is NOT a master-slave - Setup so we have to find out all clients and their
			 * host
			 */
			$query = "SELECT Host, User FROM mysql.user WHERE User like 'ispcsrv%' ORDER BY User, Host";
			$data = $this->dbmaster->queryAllRecords($query);
			if($data === false) {
				$this->error('Unable to get the user rights: '.$value['db'].' Error: '.$this->dbmaster->errorMessage);
			}
			foreach ($data as $item){
				$hosts[$item['Host']]['user'] = $item['User'];
				$hosts[$item['Host']]['db'] = $conf['mysql']['master_database'];
				$hosts[$item['Host']]['pwd'] = ''; // the user already exists, so we need no pwd!
			}
		}
maddinxx's avatar
maddinxx committed
511

latham's avatar
latham committed
512
		if(count($hosts) > 0) {
513
514
			foreach($hosts as $host => $value) {
				/*
latham's avatar
latham committed
515
516
517
			 * If a pwd exists, this means, we have to add the new user (and his pwd).
			 * if not, the user already exists and we do not need the pwd
			 */
518
				if ($value['pwd'] != ''){
519
					$query = "CREATE USER ?@? IDENTIFIED BY ?";
520
521
522
					if ($verbose){
						echo "\n\n" . $query ."\n";
					}
523
					$this->dbmaster->query($query, $value['user'], $host, $value['pwd']); // ignore the error
524
				}
latham's avatar
latham committed
525

526
				/*
latham's avatar
latham committed
527
528
529
			 *  Try to delete all rights of the user in case that it exists.
			 *  In Case that it will not exist, do nothing (ignore the error!)
			 */
530
				$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM ?@?";
531
				if ($verbose){
532
					echo "\n\n" . $query ."\n";
533
				}
534
				$this->dbmaster->query($query, $value['user'], $host); // ignore the error
latham's avatar
latham committed
535

536
				//* Create the ISPConfig database user in the remote database
537
				$query = "GRANT SELECT ON ?? TO ?@?";
538
539
540
				if ($verbose){
					echo $query ."\n";
				}
541
				if(!$this->dbmaster->query($query, $value['db'] . '.server', $value['user'], $host)) {
542
543
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
544

545
				$query = "GRANT SELECT, INSERT ON ?? TO ?@?";
546
547
548
				if ($verbose){
					echo $query ."\n";
				}
549
				if(!$this->dbmaster->query($query, $value['db'] . '.sys_log', $value['user'], $host)) {
550
551
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
552

553
				$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ?? TO ?@?";
554
555
556
				if ($verbose){
					echo $query ."\n";
				}
557
				if(!$this->dbmaster->query($query, $value['db'] . '.sys_datalog', $value['user'], $host)) {
558
559
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
560

561
				$query = "GRANT SELECT, UPDATE(`status`) ON ?? TO ?@?";
562
563
564
				if ($verbose){
					echo $query ."\n";
				}
565
				if(!$this->dbmaster->query($query, $value['db'] . '.software_update_inst', $value['user'], $host)) {
566
567
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
568

569
				$query = "GRANT SELECT, UPDATE(`updated`) ON ?? TO ?@?";
570
571
572
				if ($verbose){
					echo $query ."\n";
				}
573
				if(!$this->dbmaster->query($query, $value['db'] . '.server', $value['user'], $host)) {
574
575
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
576

577
				$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ?? TO ?@?";
578
579
580
				if ($verbose){
					echo $query ."\n";
				}
581
				if(!$this->dbmaster->query($query, $value['db'] . '.web_domain', $value['user'], $host)) {
582
583
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
584

585
				$query = "GRANT SELECT ON ?? TO ?@?";
586
587
588
				if ($verbose){
					echo $query ."\n";
				}
589
				if(!$this->dbmaster->query($query, $value['db'] . '.sys_group', $value['user'], $host)) {
590
591
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
592

593
				$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ?? TO ?@?";
594
595
596
				if ($verbose){
					echo $query ."\n";
				}
597
				if(!$this->dbmaster->query($query, $value['db'] . '.sys_remoteaction', $value['user'], $host)) {
598
599
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
600

601
				$query = "GRANT SELECT, INSERT , DELETE ON ?? TO ?@?";
602
603
604
				if ($verbose){
					echo $query ."\n";
				}
605
				if(!$this->dbmaster->query($query, $value['db'] . '.monitor_data', $value['user'], $host)) {
606
607
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
608

609
				$query = "GRANT SELECT, INSERT, UPDATE ON ?? TO ?@?";
610
611
612
				if ($verbose){
					echo $query ."\n";
				}
613
				if(!$this->dbmaster->query($query, $value['db'] . '.mail_traffic', $value['user'], $host)) {
614
615
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
616

617
				$query = "GRANT SELECT, INSERT, UPDATE ON ?? TO ?@?";
618
619
620
				if ($verbose){
					echo $query ."\n";
				}
621
				if(!$this->dbmaster->query($query, $value['db'] . '.web_traffic', $value['user'], $host)) {
622
623
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
maddinxx's avatar
maddinxx committed
624

625
				$query = "GRANT SELECT, UPDATE, DELETE ON ?? TO ?@?";
626
627
628
				if ($verbose){
					echo $query ."\n";
				}
629
				if(!$this->dbmaster->query($query, $value['db'] . '.aps_instances', $value['user'], $host)) {
630
631
632
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
				
633
				$query = "GRANT SELECT, DELETE ON ?? TO ?@?";
634
635
636
				if ($verbose){
					echo $query ."\n";
				}
637
				if(!$this->dbmaster->query($query, $value['db'] . '.aps_instances_settings', $value['user'], $host)) {
638
639
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
maddinxx's avatar
maddinxx committed
640

641
				$query = "GRANT SELECT, INSERT, DELETE ON ?? TO ?@?";
642
643
644
				if ($verbose){
					echo $query ."\n";
				}
645
				if(!$this->dbmaster->query($query, $value['db'] . '.web_backup', $value['user'], $host)) {
646
647
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
latham's avatar
latham committed
648

649
				$query = "GRANT SELECT, INSERT, DELETE ON ?? TO ?@?";
650
651
652
				if ($verbose){
					echo $query ."\n";
				}
653
				if(!$this->dbmaster->query($query, $value['db'] . '.mail_backup', $value['user'], $host)) {
654
655
					$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
				}
656
657
658
			}

			/*
latham's avatar
latham committed
659
660
		 * It is all done. Relod the rights...
		 */
661
			$this->dbmaster->query('FLUSH PRIVILEGES');
latham's avatar
latham committed
662
663
664
665
666
667
668
669
670
671
672
673
674
675
		}

	}

	//** writes postfix configuration files
	public function process_postfix_config($configfile) {
		global $conf;

		$config_dir = $conf['postfix']['config_dir'].'/';
		$full_file_name = $config_dir.$configfile;
		//* Backup exiting file
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.$configfile.'~');
		}
676
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
latham's avatar
latham committed
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
		$content = str_replace('{server_id}', $conf['server_id'], $content);
		wf($full_file_name, $content);
	}

	public function configure_jailkit() {
		global $conf;

		$cf = $conf['jailkit'];
		$config_dir = $cf['config_dir'];
		$jk_init = $cf['jk_init'];
		$jk_chrootsh = $cf['jk_chrootsh'];

		if (is_dir($config_dir)) {
			if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
			if(is_file($config_dir.'/'.$jk_chrootsh.'.master')) copy($config_dir.'/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh.'~');
696
697
698
699
700
701
702
703
704
705
706

			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master')) {
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
			} else {
				copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
			}
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master')) {
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
			} else {
				copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
			}
latham's avatar
latham committed
707
		}
maddinxx's avatar
maddinxx committed
708

709
710
711
		//* help jailkit fo find its ini files
		if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
		if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
latham's avatar
latham committed
712
713

	}
maddinxx's avatar
maddinxx committed
714

latham's avatar
latham committed
715
716
717
718
719
720
721
722
723
	public function configure_mailman($status = 'insert') {
		global $conf;

		$config_dir = $conf['mailman']['config_dir'].'/';
		$full_file_name = $config_dir.'mm_cfg.py';
		//* Backup exiting file
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.'mm_cfg.py~');
		}
maddinxx's avatar
maddinxx committed
724

latham's avatar
latham committed
725
		// load files
726
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
latham's avatar
latham committed
727
		$old_file = rf($full_file_name);
maddinxx's avatar
maddinxx committed
728

latham's avatar
latham committed
729
		$old_options = array();
maddinxx's avatar
maddinxx committed
730
		$lines = explode("\n", $old_file);
latham's avatar
latham committed
731
732
		foreach ($lines as $line)
		{
733
			if (trim($line) != '' && substr($line, 0, 1) != '#')
latham's avatar
latham committed
734
			{
735
				@list($key, $value) = @explode("=", $line);
736
				if (isset($value) && $value !== '')
latham's avatar
latham committed
737
738
739
740
741
742
				{
					$key = rtrim($key);
					$old_options[$key] = trim($value);
				}
			}
		}
maddinxx's avatar
maddinxx committed
743

latham's avatar
latham committed
744
745
746
747
748
		$virtual_domains = '';
		if($status == 'update')
		{
			// create virtual_domains list
			$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
maddinxx's avatar
maddinxx committed
749

750
			if(is_array($domainAll)) {
751
752
753
754
755
756
757
				foreach($domainAll as $domain)
				{
					if ($domainAll[0]['domain'] == $domain['domain'])
						$virtual_domains .= "'".$domain['domain']."'";
					else
						$virtual_domains .= ", '".$domain['domain']."'";
				}
758
			}
latham's avatar
latham committed
759
760
761
		}
		else
			$virtual_domains = "' '";
maddinxx's avatar
maddinxx committed
762

latham's avatar
latham committed
763
		$content = str_replace('{hostname}', $conf['hostname'], $content);
tbrehm's avatar
Typo    
tbrehm committed
764
		if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
latham's avatar
latham committed
765
766
		$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
		$content = str_replace('{virtual_domains}', $virtual_domains, $content);
767

latham's avatar
latham committed
768
		wf($full_file_name, $content);
769

770
771
772
		//* Write virtual_to_transport.sh script
		$config_dir = $conf['mailman']['config_dir'].'/';
		$full_file_name = $config_dir.'virtual_to_transport.sh';
773

774
775
776
777
		//* Backup exiting virtual_to_transport.sh script
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
		}
778

779
		if(is_dir('/etc/mailman')) {
780
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
781
782
783
784
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
			} else {
				copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
			}
785
			chgrp($full_file_name, $this->mailman_group);
786
			chmod($full_file_name, 0755);
787
788
		}

789
790
		//* Create aliasaes
		exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
791

792
793
		if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
		exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
latham's avatar
latham committed
794
795
	}

796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
	public function get_postfix_service($service, $type) {
		global $conf;

		exec("postconf -M", $out, $ret);

		if ($ret === 0) { //* with postfix >= 2.9 we can detect configured services with postconf
			unset($out);
			exec ("postconf -M $service/$type 2> /dev/null", $out, $ret); //* Postfix >= 2.11
			if (!isset($out[0])) { //* try Postfix 2.9
				exec ("postconf -M $service.$type 2> /dev/null", $out, $ret);
			}
			$postfix_service = @($out[0]=='')?false:true;
        } else { //* fallback - Postfix < 2.9
			rf($conf['postfix']['config_dir'].'/master.cf');
			$regex = '/[^#]'.$service.'.*.'.$type.'.*/';
			$postfix_service = @(!preg_match($regex, $content))?true:false;
		}

		return $postfix_service;
815
816
	}

latham's avatar
latham committed
817
	public function configure_postfix($options = '') {
Till Brehm's avatar
Till Brehm committed
818
		global $conf,$autoinstall;
latham's avatar
latham committed
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
		$cf = $conf['postfix'];
		$config_dir = $cf['config_dir'];

		if(!is_dir($config_dir)) {
			$this->error("The postfix configuration directory '$config_dir' does not exist.");
		}

		//* mysql-virtual_domains.cf
		$this->process_postfix_config('mysql-virtual_domains.cf');

		//* mysql-virtual_forwardings.cf
		$this->process_postfix_config('mysql-virtual_forwardings.cf');

		//* mysql-virtual_mailboxes.cf
		$this->process_postfix_config('mysql-virtual_mailboxes.cf');

		//* mysql-virtual_email2email.cf
		$this->process_postfix_config('mysql-virtual_email2email.cf');

		//* mysql-virtual_transports.cf
		$this->process_postfix_config('mysql-virtual_transports.cf');

		//* mysql-virtual_recipient.cf
		$this->process_postfix_config('mysql-virtual_recipient.cf');

		//* mysql-virtual_sender.cf
		$this->process_postfix_config('mysql-virtual_sender.cf');

847
848
849
		//* mysql-virtual_sender_login_maps.cf
		$this->process_postfix_config('mysql-virtual_sender_login_maps.cf');

latham's avatar
latham committed
850
851
852
853
854
855
856
857
		//* mysql-virtual_client.cf
		$this->process_postfix_config('mysql-virtual_client.cf');

		//* mysql-virtual_relaydomains.cf
		$this->process_postfix_config('mysql-virtual_relaydomains.cf');

		//* mysql-virtual_relayrecipientmaps.cf
		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
Rescue9's avatar
Rescue9 committed
858
859
860
		
		//* mysql-virtual_outgoing_bcc.cf
		$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');
latham's avatar
latham committed
861

Dominik's avatar
Dominik committed
862
863
864
                //* mysql-virtual_policy_greylist.cf
                $this->process_postfix_config('mysql-virtual_policy_greylist.cf');

865
866
		//* postfix-dkim
		$full_file_name=$config_dir.'/tag_as_originating.re';
Florian Schaal's avatar
Florian Schaal committed
867
		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
868
		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
869
870

		$full_file_name=$config_dir.'/tag_as_foreign.re';
Florian Schaal's avatar
Florian Schaal committed
871
		if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
872
		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
873

latham's avatar
latham committed
874
875
		//* Changing mode and group of the new created config files.
		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
876
			__FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
latham's avatar
latham committed
877
		caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
878
			__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
latham's avatar
latham committed
879
880
881
882
883
884
885

		//* Creating virtual mail user and group
		$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
		if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

		$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
		if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
maddinxx's avatar
maddinxx committed
886

887
		//* These postconf commands will be executed on installation and update
888
		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
marknl's avatar
marknl committed
889
890
891
892
893
		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
		unset($server_ini_rec);

		//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
		$rbl_list = '';
894
		if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
895
			$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
marknl's avatar
marknl committed
896
897
898
899
900
			foreach ($rbl_hosts as $key => $value) {
				$rbl_list .= ", reject_rbl_client ". $value;
			}
		}
		unset($rbl_hosts);
901

Dominik's avatar
Dominik committed
902
903
904
		//* If Postgrey is installed, configure it
		$greylisting = '';
		if($conf['postgrey']['installed'] == true) {
905
			$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
Dominik's avatar
Dominik committed
906
907
		}
		
908
909
910
		$reject_sender_login_mismatch = '';
		if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
			$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
Dominik's avatar
Dominik committed
911
		}
912
		unset($server_ini_array);
Dominik's avatar
Dominik committed
913
		
914
915
		$tmp = str_replace('.','\.',$conf['hostname']);

916
917
918
919
		$postconf_placeholders = array('{config_dir}' => $config_dir,
			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
			'{vmail_userid}' => $cf['vmail_userid'],
			'{vmail_groupid}' => $cf['vmail_groupid'],
Dominik's avatar
Dominik committed
920
921
			'{rbl_list}' => $rbl_list,
			'{greylisting}' => $greylisting,
922
			'{reject_slm}' => $reject_sender_login_mismatch,
923
			'{myhostname}' => $tmp,
Dominik's avatar
Dominik committed
924
		);
925
926
927
928

		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
maddinxx's avatar
maddinxx committed
929

930
931
		//* These postconf commands will be executed on installation only
		if($this->is_update == false) {
932
933
934
935
936
			$postconf_commands = array_merge($postconf_commands, array(
					'myhostname = '.$conf['hostname'],
					'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
					'mynetworks = 127.0.0.0/8 [::1]/128'
				));
937
		}
latham's avatar
latham committed
938
939
940
941
942
943

		//* Create the header and body check files
		touch($config_dir.'/header_checks');
		touch($config_dir.'/mime_header_checks');
		touch($config_dir.'/nested_header_checks');
		touch($config_dir.'/body_checks');
maddinxx's avatar
maddinxx committed
944

latham's avatar
latham committed
945
		//* Create the mailman files
946
		if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
947
948
949
		if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
		exec('postalias /var/lib/mailman/data/aliases');
		if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
tbrehm's avatar
tbrehm committed
950
		exec('postmap /var/lib/mailman/data/virtual-mailman');
951
952
		if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
		exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
latham's avatar
latham committed
953

Jesse Norell's avatar
Jesse Norell committed
954
955
956
957
		//* Create auxillary postfix conf files
		$configfile = 'helo_access';
		if(is_file($config_dir.'/'.$configfile)) {
			copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
958
			chmod($config_dir.'/'.$configfile.'~', 0400);
Jesse Norell's avatar
Jesse Norell committed
959
960
961
962
963
964
965
966
967
968
		}
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
		$content = strtr($content, $postconf_placeholders);
		# todo: look up this server's ip addrs and loop through each
		# todo: look up domains hosted on this server and loop through each
		wf($config_dir.'/'.$configfile, $content);

		$configfile = 'blacklist_helo';
		if(is_file($config_dir.'/'.$configfile)) {
			copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
969
			chmod($config_dir.'/'.$configfile.'~', 0400);
Jesse Norell's avatar
Jesse Norell committed
970
971
972
973
974
		}
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
		$content = strtr($content, $postconf_placeholders);
		wf($config_dir.'/'.$configfile, $content);

latham's avatar
latham committed
975
976
977
978
979
980
981
982
983
		//* Make a backup copy of the main.cf file
		copy($config_dir.'/main.cf', $config_dir.'/main.cf~');

		//* Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}

984
		if(!stristr($options, 'dont-create-certs')) {
latham's avatar
latham committed
985
			//* Create the SSL certificate
Till Brehm's avatar
Till Brehm committed
986
			if(AUTOINSTALL){
987
				$command = 'cd '.$config_dir.'; '
Till Brehm's avatar
Till Brehm committed
988
					."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
989
990
991
992
			} else {
				$command = 'cd '.$config_dir.'; '
					.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
			}
latham's avatar
latham committed
993
994
995
996
997
998
999
1000
			exec($command);

			$command = 'chmod o= '.$config_dir.'/smtpd.key';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}

		//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
		$command = 'chmod 755  /var/run/courier/authdaemon/';
For faster browsing, not all history is shown. View entire blame