Newer
Older
$cmd = 'openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -subj ' . escapeshellarg($ssl_subject) . ' -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem > /dev/null 2>&1';
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
chmod('/etc/ssl/private/pure-ftpd.pem', 0600);
// set passive port range if needed
$ftp_ports = ISPConfig::getFTPPassivePorts();
if($ftp_ports) {
file_put_contents('/etc/pure-ftpd/conf/PassivePortRange', $ftp_ports['from'] . ' ' . $ftp_ports['to']);
}
$this->restartService('pure-ftpd-mysql');
ISPConfigLog::info('Disabling awstats cron.', true);
$entries = array(
array(
'first_line' => '/.*/',
'last_line' => '/####nomatch###/',
'search' => '/.*/'
)
);
$this->commentLines('/etc/cron.d/awstats', $entries);
if($this->shallCompileJailkit()) {
$cmd = 'cd /tmp ; ( wget -O jailkit-2.20.tar.gz "http://olivier.sessink.nl/jailkit/jailkit-2.20.tar.gz" > /dev/null 2>&1 && tar xzf jailkit-2.20.tar.gz 2>&1 ) && ( cd jailkit-2.20 ; echo 5 > debian/compat ; ./debian/rules binary 2>&1 ) && ( cd /tmp ; dpkg -i jailkit_2.20-1_*.deb 2>&1 ; rm -rf jailkit-2.20* )';
$result = $this->exec($cmd, array(), 3);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
if(ISPConfig::shallInstall('firewall')) {
$packages[] = 'ufw';
$this->installPackages($packages);
file_put_contents('/etc/fail2ban/jail.local', $jk_jail);
$this->restartService('fail2ban');
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
if(ISPConfig::shallInstall('mail') && ISPConfig::shallInstall('roundcube')) {
ISPConfigLog::info('Installing roundcube.', true);
$cmd = 'APP_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
$cmd .= 'ROOT_PASS="' . $mysql_root_pw . '"' . "\n";
$cmd .= 'APP_DB_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
$cmd .= 'echo "roundcube-core roundcube/dbconfig-install boolean true" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/database-type select mysql" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/admin-user string root" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/admin-pass password $ROOT_PASS" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/app-pass password $APP_DB_PASS" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/reconfigure-webserver multiselect apache2" | debconf-set-selections 2>&1' . "\n";
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$packages = array(
'roundcube',
'roundcube-core',
'roundcube-mysql',
'roundcube-plugins'
);
$this->installPackages($packages);
$replacements = array(
'/^\s*\$config\s*\[["\']default_host["\']\]\s*=.*$/m' => '$config[\'default_host\'] = \'localhost\';',
'/^\s*\$config\s*\[["\']smtp_server["\']\]\s*=.*$/m' => '$config[\'smtp_server\'] = \'%h\';',
'/^\s*\$config\s*\[["\']smtp_user["\']\]\s*=.*$/m' => '$config[\'smtp_user\'] = \'%u\';',
'/^\s*\$config\s*\[["\']smtp_pass["\']\]\s*=.*$/m' => '$config[\'smtp_pass\'] = \'%p\';'
);
$result = $this->replaceContents('/etc/roundcube/config.inc.php', $replacements);
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$replacements = array(
'/^\s*#*\s*Alias\s+\/roundcube\s+\/var\/lib\/roundcube\s*$/m' => 'Alias /webmail /var/lib/roundcube'
);
$result = $this->replaceContents('/etc/apache2/conf-enabled/roundcube.conf', $replacements);
} elseif(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX) {
symlink('/usr/share/roundcube', '/usr/share/squirrelmail');
}
if(ISPConfig::shallInstall('web')) {
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$this->restartService('apache2');
} else {
$this->restartService('nginx');
}
ISPConfigLog::info('Installing ISPConfig3.', true);
$ispconfig_admin_pw = ISPConfigFunctions::generatePassword(15);
if(!ISPConfig::wantsInteractive()) {
$autoinstall = '[install]
language=' . (isset($_GET['lang']) && $_GET['lang'] === 'de' ? 'de' : 'en') . '
install_mode=expert
hostname=' . $host_name . '
mysql_hostname=localhost
mysql_port=3306
mysql_root_user=root
mysql_root_password=' . $mysql_root_pw . '
mysql_database=dbispconfig
mysql_charset=utf8
http_server=' . (ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE ? 'apache' : 'nginx') . '
ispconfig_port=8080
ispconfig_use_ssl=y
ispconfig_admin_password=' . $ispconfig_admin_pw . '
[ssl_cert]
ssl_cert_country=DE
ssl_cert_state=None
ssl_cert_locality=None
ssl_cert_organisation=None
ssl_cert_organisation_unit=IT
ssl_cert_common_name=' . $host_name . '
ssl_cert_email=
[expert]
mysql_ispconfig_user=ispconfig
mysql_ispconfig_password=' . ISPConfigFunctions::generatePassword(15) . '
join_multiserver_setup=n
mysql_master_hostname=
mysql_master_root_user=
mysql_master_root_password=
mysql_master_database=
configure_mail=' . (ISPConfig::shallInstall('mail') ? 'y' : 'n') . '
configure_jailkit=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
configure_ftp=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
configure_dns=' . (ISPConfig::shallInstall('dns') ? 'y' : 'n') . '
configure_apache=' . (ISPConfig::shallInstall('web') && ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE ? 'y' : 'n') . '
configure_nginx=' . (ISPConfig::shallInstall('web') && ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX ? 'y' : 'n') . '
configure_firewall=' . (ISPConfig::shallInstall('firewall') ? 'y' : 'n') . '
configure_webserver=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
install_ispconfig_web_interface=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
[update]
do_backup=yes
mysql_root_password=' . $mysql_root_pw . '
mysql_master_hostname=
mysql_master_root_user=
mysql_master_root_password=
mysql_master_database=
reconfigure_permissions_in_master_database=no
reconfigure_services=yes
ispconfig_port=8080
create_new_ispconfig_ssl_cert=no
reconfigure_crontab=yes
; These are for service-detection (defaulting to old behaviour where alle changes were automatically accepted)
svc_detect_change_mail_server=yes
svc_detect_change_web_server=yes
svc_detect_change_dns_server=yes
svc_detect_change_xmpp_server=yes
svc_detect_change_firewall_server=yes
svc_detect_change_vserver_server=yes
svc_detect_change_db_server=yes';
file_put_contents('/tmp/ispconfig.autoinstall.ini', $autoinstall);
$ai_argument = '--autoinstall=/tmp/ispconfig.autoinstall.ini';
} else {
$ai_argument = '';
}
if(ISPConfig::wantsInteractive()) {
ISPConfigLog::info('Your MySQL root password is: ' . $mysql_root_pw, true);
}
$cmd = 'cd /tmp ; rm -rf ispconfig3_install 2>&1';
if(ISPConfig::getISPConfigChannel() === 'dev') {
$cmd .= ' ; wget -O ispconfig.tar.gz "https://git.ispconfig.org/ispconfig/ispconfig3/-/archive/stable-3.1/ispconfig3-stable-3.1.tar.gz" >/dev/null 2>&1 ; tar xzf ispconfig.tar.gz ; mv ispconfig3-stable-3.1 ispconfig3_install';
} else {
$cmd .= ' ; wget -O ispconfig.tar.gz "https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz" >/dev/null 2>&1 ; tar xzf ispconfig.tar.gz';
}
$cmd .= ' ; cd ispconfig3_install ; cd install ; php -q install.php ' . $ai_argument . ' 2>&1 ; cd /tmp ; rm -rf ispconfig3_install 2>&1';
if(ISPConfig::wantsInteractive()) {
$result = $this->passthru($cmd);
} else {
$result = $this->exec($cmd);
}
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
if(!ISPConfig::wantsInteractive() && is_file('/tmp/ispconfig.autoinstall.ini')) {
unlink('/tmp/ispconfig.autoinstall.ini');
}
if(ISPConfig::shallInstall('web')) {
ISPConfigLog::info('Adding php versions to ISPConfig.', true);
$server_id = 0;
$ispc_config = ISPConfigConnector::getLocalConfig();
if(!$ispc_config || !isset($ispc_config['server_id']) || !$ispc_config['server_id']) {
throw new ISPConfigOSException('Could not read ISPConfig settings file.');
}
$server_id = $ispc_config['server_id'];
foreach($php_versions as $curver) {
$qry = 'INSERT IGNORE INTO `dbispconfig`.`server_php` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `client_id`, `name`, `php_fastcgi_binary`, `php_fastcgi_ini_dir`, `php_fpm_init_script`, `php_fpm_ini_dir`, `php_fpm_pool_dir`, `active`) VALUES (1, 1, \'riud\', \'riud\', \'\', ' . intval($server_id) . ', 0, \'PHP ' . $curver . '\', \'/usr/bin/php-cgi' . $curver . '\', \'/etc/php/' . $curver . '/cgi/php.ini\', \'/etc/init.d/php' . $curver . '-fpm\', \'/etc/php/' . $curver . '/fpm/php.ini\', \'/etc/php/' . $curver . '/fpm/pool.d\', \'y\')'; $cmd = 'mysql --defaults-file=/etc/mysql/debian.cnf -e ' . escapeshellarg($qry);
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$this->restartService('clamav-daemon');
if(ISPConfig::wantsAmavis()) {
$this->restartService('amavis');
} else {
$this->startService('rspamd');
}
ISPConfigLog::info('Checking all services are running.', true);
$check_services = array(
'mysql',
'clamav-daemon',
'postfix',
);
Marius Burkard
committed
if(ISPConfig::wantsUnbound()) {
$check_services[] = 'unbound';
} else {
$check_services[] = 'bind9';
}
Marius Burkard
committed
}
if(ISPConfig::shallInstall('web')) {
$check_services[] = 'pureftpd';
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$check_services[] = 'apache2';
} elseif(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX) {
$check_services[] = 'nginx';
}
}
if(ISPConfig::shallInstall('mail')) {
if(!ISPConfig::wantsAmavis()) {
$check_services[] = 'rspamd';
$check_services[] = 'redis-server';
} else {
$check_services[] = 'amavis';
}
$check_services[] = 'dovecot';
}
foreach($check_services as $service) {
$status = $this->isServiceRunning($service);
ISPConfigLog::info($service . ': ' . ($status ? '<green>OK</green>' : '<lightred>FAILED</lightred>'), true);
if(!$status) {
ISPConfigLog::warn($service . ' seems not to be running!', true);
}
}
ISPConfigLog::info('Installation ready.', true);
if(ISPConfig::shallInstall('mailman') && $mailman_password != '') {
ISPConfigLog::info('Your Mailman password is: ' . $mailman_password, true);
}
if(ISPConfig::shallInstall('web') && !ISPConfig::wantsInteractive()) {
ISPConfigLog::info('Your ISPConfig admin password is: ' . $ispconfig_admin_pw, true);
}
ISPConfigLog::info('Your MySQL root password is: ' . $mysql_root_pw, true);
protected function getSystemPHPVersion() {
return '7.0';
}