Commit 3f497245 authored by Marius Burkard's avatar Marius Burkard
Browse files

- dont show admin pw on interactive install

- show mysql root pw before ISPConfig install on interactive mode
parent dda80f5d
......@@ -18,10 +18,10 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
}
}
}
return $version;
}
public function getPackageAlias($package) {
switch($package) {
case 'libssl':
......@@ -31,13 +31,13 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
$package = 'linux-image-[0-9]*';
break;
}
return $package;
}
public function getUpdateCommand($mode = 'update') {
$cmd = false;
if($mode == 'prepare') {
$cmd = 'DEBIAN_FRONTEND="noninteractive" apt-get update -qq -y';
} elseif($mode == 'update') {
......@@ -48,18 +48,18 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
$cmd = 'DEBIAN_FRONTEND="noninteractive" apt-get install -qq -y';
$cmd .= ' <PACKAGES>';
}
$cmd = 'while fuser /var/lib/dpkg/lock >/dev/null 2>&1 || fuser /var/lib/apt/lists/lock >/dev/null 2>&1 ; do sleep 2; done; ' . $cmd . ' 2>&1';
return $cmd;
}
public function getUpdatePackageRegex() {
$regex = '^\w+\s+(?P<package>\S+)\s+(?:\[(?P<oldversion>\S+)\]\s*)?(?:\((?P<newversion>\S+))?(?:\s|$)';
return $regex;
}
public function getInstallPackageRegex($mode = '') {
if($mode == 'oldversion') {
$regex = '(?P<package>\S+)\s+(?:(?P<oldversion>\d\S+)\s+)?\(.*\.deb';
......@@ -68,10 +68,10 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
} else {
$regex = ''; // not on debian!
}
return $regex;
}
public function getRestartServiceCommand($service, $command = 'restart') {
if($command != 'start' && $command != 'stop' && $command != 'status') {
$command = 'restart';
......@@ -85,16 +85,16 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
$service = 'pure-ftpd-mysql';
break;
}
return 'service ' . escapeshellarg($service) . ' ' . $command . ' 2>&1';
}
protected function updateMySQLConfig($mysql_root_pw) {
ISPConfigLog::info('Writing MySQL config files.', true);
$this->replaceContents('/etc/mysql/debian.cnf', array('/^password\s*=.*$/m' => 'password = ' . $mysql_root_pw));
$this->replaceContents('/etc/mysql/mariadb.conf.d/50-server.cnf', array('/^bind-address/m' => '#bind-address', '/^sql-mode\s*=.*?$/m' => 'sql-mode = "NO_ENGINE_SUBSTITUTION"'), true, 'mysqld');
}
protected function getPackagesToInstall($section) {
if($section === 'mail') {
$packages = array(
......@@ -122,7 +122,7 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
'bind9',
'dnsutils'
);
if(ISPConfig::shallInstall('mail')) {
$packages[] = 'spamassassin';
if(ISPConfig::wantsAmavis()) {
......@@ -134,16 +134,16 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
$packages[] = 'postgrey';
}
}
return $packages;
}
protected function getApacheModulesToEnable() {
$modules = array('suexec', 'rewrite', 'ssl', 'actions', 'include', 'dav_fs', 'dav', 'auth_digest', 'cgi', 'headers', 'proxy_fcgi', 'alias');
return $modules;
}
protected function setDefaultPHP() {
ISPConfigLog::info('Settings default system php version.', true);
$cmd = 'update-alternatives --set php /usr/bin/php7.0 ; update-alternatives --set php-cgi /usr/bin/php-cgi7.0';
......@@ -152,12 +152,12 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
}
protected function installPHPMyAdmin($mysql_root_pw) {
if(!ISPConfig::shallInstall('web') || !ISPConfig::shallInstall('pma')) {
return;
}
$cmd = 'APP_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
$cmd .= 'ROOT_PASS="' . $mysql_root_pw . '"' . "\n";
$cmd .= 'APP_DB_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
......@@ -171,10 +171,10 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$this->installPackages('phpmyadmin');
}
protected function fixDbconfigCommon() {
ISPConfigLog::info('Fixing dbconfig-common if neccessary');
$replacements = array(
......@@ -182,7 +182,7 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
);
$this->replaceContents('/usr/share/dbconfig-common/internal/mysql', $replacements, false);
}
protected function setPHPTimezone() {
if(!is_file('/etc/timezone')) {
return;
......@@ -191,7 +191,7 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
if(!in_array($tz, timezone_identifiers_list())) {
return;
}
// set in all php inis
$ini_files = array(
'/etc/php/5.6/cgi/php.ini',
......@@ -219,18 +219,18 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
'/etc/php/7.4/fpm/php.ini',
'/etc/php/7.4/apache2/php.ini'
);
$replace = array(
'/^;?\s*date\.timezone\s+=.*$/' => 'date.timezone = ' . $tz
);
foreach($ini_files as $ini) {
if(is_file($ini)) {
$this->replaceContents($ini, $replace);
}
}
}
protected function configureApt() {
// enable contrib and non-free
ISPConfigLog::info('Enabling contrib and non-free repositories.', true);
......@@ -240,16 +240,16 @@ class ISPConfigDebianOS extends ISPConfigBaseOS {
$this->replaceContents('/etc/apt/sources.list', $replacements);
}
protected function addSuryRepo() {
ISPConfigLog::info('Activating sury php repository.', true);
$cmd = 'wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg >/dev/null 2>&1 ; echo "deb https://packages.sury.org/php/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/php.list';
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
}
}
protected function getFail2BanJail() {
$jk_jail = '[pure-ftpd]
enabled = true
......@@ -272,14 +272,14 @@ logpath = /var/log/mail.log
maxretry = 3';
return $jk_jail;
}
protected function installMailman($host_name) {
if(!ISPConfig::shallInstall('mail') || !ISPConfig::shallInstall('mailman')) {
return;
}
ISPConfigLog::info('Installing Mailman', true);
$cmd = 'echo "mailman mailman/site_languages multiselect de (German), en (English)" | debconf-set-selections 2>&1' . "\n";
if(isset($_GET['lang']) && $_GET['lang'] === 'de') {
$cmd .= 'echo "mailman mailman/default_server_language select de (German)" | debconf-set-selections 2>&1';
......@@ -290,10 +290,10 @@ maxretry = 3';
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$package = 'mailman';
$this->installPackages($package);
$listpw = '';
if(!is_dir('/var/lib/mailman/lists/mailman')) {
$listpw = ISPConfigFunctions::generatePassword(12);
......@@ -303,7 +303,7 @@ maxretry = 3';
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
}
$add_content = '## mailman mailing list
mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
......@@ -332,28 +332,28 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
fwrite($fp, "\n\n" . $add_content);
}
fclose($fp);
$cmd = 'newaliases';
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
if(!is_link('/etc/apache2/conf-enabled/mailman.conf') && !is_file('/etc/apache2/conf-enabled/mailman.conf')) {
symlink('/etc/mailman/apache.conf', '/etc/apache2/conf-enabled/mailman.conf');
}
}
$this->restartService('postfix');
$this->restartService('mailman');
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$this->restartService('apache2');
}
return $listpw;
}
protected function installPackages($packages) {
if(is_string($packages)) {
$packages = array($packages);
......@@ -365,22 +365,22 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
} else {
throw new ISPConfigOSException('Installing packages failed.');
}
return $result;
}
public function runPerfectSetup() {
$log_filename = 'setup-' . strftime('%Y%m%d%H%M%S', time()) . '.log';
ISPConfigLog::setLogFile($log_filename);
if(is_file('/usr/local/ispconfig/server/lib/config.inc.php')) {
ISPConfigLog::error('The server already has ISPConfig installed. Aborting.', true);
return false;
}
$this->configureApt();
$this->updatePackageList();
ISPConfigLog::info('Updating packages', true);
$cmd = $this->getUpdateCommand('update');
$result = $this->exec($cmd);
......@@ -389,13 +389,13 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
} else {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
try {
$this->beforePackageInstall();
} catch (Exception $ex) {
throw $ex;
}
$packages = array(
'ssh',
'openssh-server',
......@@ -409,7 +409,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
'git'
);
$this->installPackages($packages);
if(ISPConfig::shallInstall('mail') && !ISPConfig::wantsAmavis()) {
ISPConfigLog::info('Activating rspamd repository.', true);
$cmd = 'wget -O - "https://rspamd.com/apt-stable/gpg.key" 2>/dev/null | apt-key add - 2>/dev/null ; echo "deb http://rspamd.com/apt-stable/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/rspamd.list';
......@@ -418,13 +418,13 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
}
if(ISPConfig::wantsPHP() !== 'system') {
$this->addSuryRepo();
}
$this->updatePackageList();
ISPConfigLog::info('Updating packages (after enabling 3rd party repos).', true);
$cmd = $this->getUpdateCommand('update');
$result = $this->exec($cmd);
......@@ -433,9 +433,9 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
} else {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
/*$hostname_changed = false;
ISPConfigLog::info('Setting hostname to ' . $host_name, true);
$dotpos = strpos($host_name, '.');
if($dotpos !== false) {
......@@ -449,7 +449,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
} else {
$use_hosts_file = '/etc/hosts';
}
$content = file_get_contents($use_hosts_file);
if(preg_match('/^\s*' . preg_quote($this->ip_address, '/') . ' (.*?)$/m', $content, $matches)) {
ISPConfigLog::info('Hostname is currently set to ' . $matches[1]);
......@@ -463,16 +463,16 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
$hostname_changed = true;
}
file_put_contents($use_hosts_file, $content);
$content = trim(file_get_contents('/etc/hostname'));
if($content != $short_hostname) {
ISPConfigLog::info('/etc/hostname is currently set to ' . $content, true);
$hostname_changed = true;
file_put_contents('/etc/hostname', $short_hostname);
}
ISPConfigLog::info('Hostname saved.', true);
if($hostname_changed) {
ISPConfigLog::info('Rebooting server.', true);
$ok = $this->exec('shutdown -r now >/dev/null 2>&1', array(0, 255));
......@@ -484,12 +484,12 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
if(!$ok) {
throw new ISPConfigOSException('Timeout waiting for server to come up.');
}
ISPConfigLog::info('Server online again.', true);
}*/
ISPConfigLog::info('Checking hostname.', true);
$host_name = false;
$cmd = 'hostname -f 2>&1';
$check = $this->exec($cmd);
......@@ -500,7 +500,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
}/* elseif(trim($check) !== $host_name) {
ISPConfigLog::warn('Hostname mismatch: ' . $check . ' != ' . $host_name);
}*/
$cmd = 'hostname 2>&1';
$check = $this->exec($cmd);
if($check === false) {
......@@ -508,7 +508,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
}/* elseif(trim($check) !== $short_hostname) {
ISPConfigLog::warn('Short hostname mismatch: ' . $check . ' != ' . $short_hostname);
}*/
if($host_name == '') {
ISPConfigLog::error('Could not read the host name of your server. Please check it is correctly set.', true);
throw new ISPConfigOSException('Invalid host name or host name not found.');
......@@ -516,16 +516,16 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
ISPConfigLog::error('The host name ' . $host_name . ' of your server is no fully qualified domain name (xyz.domain.com). Please check it is correctly set.', true);
throw new ISPConfigOSException('Host name is no FQDN.');
}
$cmd = 'readlink /bin/sh 2>&1';
$check = trim($this->exec($cmd));
if($check === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
} elseif($check !== 'bash') {
//debconf-show dash
ISPConfigLog::info('Default shell is currently ' . $check . '.', true);
ISPConfigLog::info('Setting bash as default shell.', true);
$cmd = 'echo "dash dash/sh boolean false" | debconf-set-selections && DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash 2>&1';
$result = $this->exec($cmd);
......@@ -537,14 +537,14 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
$check = trim($this->exec($cmd));
ISPConfigLog::info('Default shell is now ' . $check . '.', true);
}
$cmd = 'echo "postfix postfix/mailname string ' . $host_name . '" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections 2>&1';
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$packages = array(
'dbconfig-common',
'postfix',
......@@ -559,7 +559,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
'sudo'
);
$this->installPackages($packages);
if(ISPConfig::shallInstall('mail')) {
$packages = array(
'dovecot-imapd',
......@@ -571,13 +571,13 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
);
$this->installPackages($packages);
}
ISPConfigLog::info('Generating mySQL password.', true);
// generate random password
$mysql_root_pw = ISPConfigFunctions::generatePassword(20);
$escaped_pw = preg_replace('/[\'\\\\]/', '\\$1', $mysql_root_pw);
$queries = array(
'DELETE FROM mysql.user WHERE User=\'\';',
'DELETE FROM mysql.user WHERE User=\'root\' AND Host NOT IN (\'localhost\', \'127.0.0.1\', \'::1\');',
......@@ -587,7 +587,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
'UPDATE mysql.user SET plugin = \'mysql_native_password\' WHERE User=\'root\';',
'FLUSH PRIVILEGES;'
);
foreach($queries as $query) {
$cmd = 'mysql --defaults-file=/etc/mysql/debian.cnf -e ' . escapeshellarg($query) . ' 2>&1';
$result = $this->exec($cmd);
......@@ -595,9 +595,9 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
ISPConfigLog::warn('Query ' . $query . ' failed.', true);
}
}
$this->updateMySQLConfig($mysql_root_pw);
if(ISPConfig::shallInstall('mail')) {
ISPConfigLog::info('Configuring postfix.', true);
$entries = array(
......@@ -615,7 +615,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
)
);
$this->commentLines('/etc/postfix/master.cf', $entries);
$entries = array(
array(
'first_line' => '/^#?submission\s+inet/',
......@@ -642,10 +642,10 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
);
$this->uncommentLines('/etc/postfix/master.cf', $entries);
}
ISPConfigLog::info('Restarting postfix', true);
$this->restartService('postfix');
$replacements = array(
'/^mysql\s+soft\s+nofile\s+.*/' => 'mysql soft nofile 65535',
'/^mysql\s+hard\s+nofile\s+.*/' => 'mysql hard nofile 65535'
......@@ -655,7 +655,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
if(!is_dir('/etc/systemd/system/mysql.service.d/')) {
mkdir('/etc/systemd/system/mysql.service.d/', 0777, true);
}
$replacements = array(
'/^\s*LimitNOFILE\s*=.*?$/m' => 'LimitNOFILE=infinity'
);
......@@ -663,24 +663,24 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
$this->exec('systemctl daemon-reload 2>&1');
$this->restartService('mysql');
$packages = $this->getPackagesToInstall('mail');
$this->installPackages($packages);
if(ISPConfig::shallInstall('mail') && !ISPConfig::wantsAmavis()) {
ISPConfigLog::info('Stopping Rspamd.', true);
$this->stopService('rspamd');
}
ISPConfigLog::info('(Re)starting Bind.', true);
$this->restartService('bind9');
ISPConfigLog::info('Disabling spamassassin daemon.', true);
$this->stopService('spamassassin');
$this->exec('systemctl disable spamassassin 2>&1');
$this->afterPackageInstall('mail');
//$cmd = 'sudo -u unbound unbound-anchor -a /var/lib/unbound/root.key';
/*$result = $this->exec($cmd);
if($result === false) {
......@@ -697,7 +697,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
ISPConfigLog::info('Checking local dns resolver.', true);
$cmd = 'nslookup denic.de | grep Server';
$result = $this->exec($cmd);
......@@ -706,7 +706,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
} elseif(strpos($result, '127.0.0.1') === false) {
ISPConfigLog::warn('Unexpected resolver response: ' . $result, true);
}
if(ISPConfig::shallInstall('web')) {
$this->stopService('apache2');
$this->stopService('nginx');
......@@ -729,7 +729,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
);
}
$this->installPackages($packages);
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX) {
$this->stopService('apache2');
$cmd = 'systemctl disable apache2';
......@@ -737,7 +737,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
$this->startService('nginx');
}
}
$packages = array(
'php-pear',
'php-memcache',
......@@ -749,7 +749,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
'memcached',
'php-apcu'
);
if(ISPConfig::wantsPHP() === 'system') {
$php_versions = array($this->getSystemPHPVersion());
} else {
......@@ -762,7 +762,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
'7.4'
);
}
$php_modules = array(
'common',
'gd',
......@@ -802,7 +802,7 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
}
}
$this->installPackages($packages);
if(ISPConfig::shallInstall('web') && ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
ISPConfigLog::info('Enabling apache modules.', true);
$modules = $this->getApacheModulesToEnable();
......@@ -812,24 +812,24 @@ mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"';
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
}
try {
$this->setPHPTimezone();
$this->setDefaultPHP();
} catch (Exception $ex) {
throw $ex;
}
foreach($php_versions as $curver) {
$this->restartService('php' . $curver . '-fpm');
}
try{
$this->installPHPMyAdmin($mysql_root_pw);
} catch(Exception $ex) {
throw $ex;