Skip to content
Hide whitespace changes
Inline Side-by-side
server/conf/nginx_vhost.conf.master
View file @ 3e0cb809
......@@ -12,7 +12,7 @@ server {
listen [::]:<tmpl_var name='http_port'>;
</tmpl_if>
<tmpl_if name='ssl_enabled'>
listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl http2;
<tmpl_if name='use_proxy_protocol' op='==' value='y'>
<tmpl_if name='proxy_protocol_https' op='>' value='0'>
listen <tmpl_var name='ip_address'>:<tmpl_var name='proxy_protocol_https'> ssl proxy_protocol;
......@@ -22,19 +22,20 @@ server {
# ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# ssl_prefer_server_ciphers on;
<tmpl_if name='ipv6_enabled'>
listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl http2;
</tmpl_if>
<tmpl_if name='ipv6_wildcard'>
listen [::]:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
listen [::]:<tmpl_var name='https_port'> ssl http2;
</tmpl_if>
ssl_certificate <tmpl_var name='ssl_crt_file'>;
ssl_certificate_key <tmpl_var name='ssl_key_file'>;
</tmpl_if>
server_name <tmpl_var name='domain'> <tmpl_var name='alias'>;
root <tmpl_var name='web_document_root_www'>;
disable_symlinks if_not_owner from=$document_root;
<tmpl_if name='ssl_enabled'>
<tmpl_if name='rewrite_to_https' op='==' value='y'>
if ($scheme != "https") {
......@@ -72,16 +73,16 @@ server {
}
</tmpl_if>
</tmpl_loop>
<tmpl_if name='use_proxy' op='!=' value='y'>
<tmpl_if name='use_proxy' op='!=' value='y'>
index index.html index.htm index.php index.cgi index.pl index.xhtml;
<tmpl_if name='ssi' op='==' value='y'>
<tmpl_if name='ssi' op='==' value='y'>
location ~ \.shtml$ {
ssi on;
}
</tmpl_if>
<tmpl_if name='errordocs'>
<tmpl_if name='errordocs'>
error_page 400 /error/400.html;
error_page 401 /error/401.html;
error_page 403 /error/403.html;
......@@ -124,7 +125,7 @@ server {
internal;
}
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log;
access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined;
......@@ -149,7 +150,7 @@ server {
index index.html;
try_files $uri $uri/ =404;
}
location = /favicon.ico {
log_not_found off;
access_log off;
......@@ -162,12 +163,13 @@ server {
log_not_found off;
access_log off;
}
location /stats/ {
<tmpl_var name='web_document_root_www_proxy'>
index index.html index.php;
auth_basic "Members Only";
auth_basic_user_file <tmpl_var name='stats_auth_passwd_file'>;
add_header Content-Security-Policy "default-src * 'self' 'unsafe-inline';";
}
location ^~ /awstats-icon {
......@@ -325,13 +327,13 @@ server {
location <tmpl_var name='htpasswd_location'> { ##merge##
auth_basic "Members Only";
auth_basic_user_file <tmpl_var name='htpasswd_path'>.htpasswd;
location ~ \.php$ {
try_files <tmpl_var name='rnd_php_dummy_file'> @php;
}
}
</tmpl_loop>
</tmpl_if>
</tmpl_if>
}
<tmpl_loop name="redirects">
......@@ -340,7 +342,7 @@ server {
<tmpl_if name='ipv6_enabled'>
listen [<tmpl_var name='ipv6_address'>]:80;
</tmpl_if>
<tmpl_if name='ssl_enabled'>
listen <tmpl_var name='ip_address'>:443 ssl;
<tmpl_if name='ipv6_enabled'>
......@@ -349,7 +351,7 @@ server {
ssl_certificate <tmpl_var name='ssl_crt_file'>;
ssl_certificate_key <tmpl_var name='ssl_key_file'>;
</tmpl_if>
server_name <tmpl_var name='rewrite_domain'>;
<tmpl_if name='alias_seo_redirects2'>
......
server/conf/sieve_filter.master
View file @ 3e0cb809
require ["fileinto", "regex", "date", "relational", "vacation", "imap4flags", "envelope", "subaddress", "copy", "reject"];
<tmpl_if name="sieve_script" op="==" value="before">
# This sieve script is generated by ISPConfig, any changes made will be overwritten.
# You can create and activate a per-user sieve script (manually or via managesieve),
# which will execute after this.
require ["fileinto", "mailbox", "regex", "date", "relational", "vacation", "imap4flags", "envelope", "subaddress", "copy", "reject"];
<tmpl_if name="move_junk" op="==" value="y">
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
fileinto :create "Junk";
# Stop here so that we do not reply on spams
stop;
}
</tmpl_if>
<tmpl_if name="cc">
# Send a copy of email to
......@@ -7,19 +21,23 @@ redirect "<tmpl_var name='address'>";
</tmpl_loop>
</tmpl_if>
<tmpl_if name="move_junk" op="==" value="y">
<tmpl_var name='custom_mailfilter'>
</tmpl_if>
<tmpl_if name="sieve_script" op="==" value="after">
# This sieve script is generated by ISPConfig, any changes made will be overwritten.
# You can create and activate a per-user sieve script (manually or via managesieve),
# which will execute before this.
<tmpl_if name="move_junk" op="==" value="a">
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
fileinto "Junk";
fileinto :create "Junk";
# Stop here so that we do not reply on spams
stop;
}
</tmpl_if>
<tmpl_var name='custom_mailfilter'>
keep;
<tmpl_if name="autoresponder" op="==" value="y">
#################################################################
# Autoreply
......@@ -27,13 +45,28 @@ keep;
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
fileinto "Junk";
# Stop here so that we do not reply on spams
stop;
}
<tmpl_if name="start_date">
if currentdate :value "ge" "iso8601" "<tmpl_var name='start_date'>" {
</tmpl_if>
<tmpl_if name="end_date">
if currentdate :value "le" "iso8601" "<tmpl_var name='end_date'>" {
</tmpl_if>
vacation :days 1
:subject "<tmpl_var name='autoresponder_subject'>"
# :addresses ["test@test.int", "till@test.int"]
<tmpl_var name='addresses'>
"<tmpl_var name='autoresponder_text'>";
</tmpl_if>
\ No newline at end of file
<tmpl_if name="end_date">
}
</tmpl_if>
<tmpl_if name="start_date">
}
</tmpl_if>
</tmpl_if>
</tmpl_if>
server/conf/sieve_filter_1.2.master deleted 100644 → 0
View file @ c5b28475
require ["fileinto", "regex", "date", "relational", "vacation", "imap4flags", "envelope", "subaddress", "copy", "reject"];
<tmpl_if name="move_junk" op="==" value="y">
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
fileinto "Junk";
# Stop here so that we do not reply on spams
stop;
}
</tmpl_if>
<tmpl_if name="cc">
# Send a copy of email to
<tmpl_loop name="ccloop">
redirect "<tmpl_var name='address'>";
</tmpl_loop>
</tmpl_if>
<tmpl_var name='custom_mailfilter'>
keep;
<tmpl_if name="autoresponder" op="==" value="y">
#################################################################
# Autoreply
#################################################################
# Move spam to spam folder
if anyof (header :contains "X-Spam-Flag" "YES", header :contains "X-Spam" "Yes", header :contains "subject" "*** SPAM ***", header :contains "subject" "***SPAM***") {
# Stop here so that we do not reply on spams
stop;
}
<tmpl_if name="autoresponder_date_limit">
if allof(currentdate :value "ge" "iso8601" "<tmpl_var name='start_date'>", currentdate :value "le" "iso8601" "<tmpl_var name='end_date'>") {
</tmpl_if>
vacation :days 1
:subject "<tmpl_var name='autoresponder_subject'>"
<tmpl_var name='addresses'>
"<tmpl_var name='autoresponder_text'>";
<tmpl_if name="autoresponder_date_limit">
}
</tmpl_if>
</tmpl_if>
server/conf/vhost.conf.master
View file @ 3e0cb809
......@@ -50,12 +50,12 @@
ServerAdmin webmaster@<tmpl_var name='domain'>
<tmpl_if name='ssl_enabled'>
<tmpl_if name='enable_http2' op='==' value='y'>
Protocols h2 http/1.1
<IfModule mod_http2.c>
Protocols h2 http/1.1
</IfModule>
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS'
</tmpl_if>
</tmpl_if>
<tmpl_if name='logging' op='==' value='anon'>
ErrorLog "|/usr/local/ispconfig/server/scripts/vlogger -e -n -P -t \"error.log\" /var/log/ispconfig/httpd/<tmpl_var name='domain'>"
......@@ -387,7 +387,7 @@
Action php-fcgi /php-fcgi virtual
Alias /php-fcgi {tmpl_var name='document_root'}/cgi-bin/php-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
<tmpl_if name='use_tcp'>
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -host 127.0.0.1:<tmpl_var name='fpm_port'> -pass-header Authorization -pass-header Content-Type
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -host 127.0.0.1:<tmpl_var name='fpm_port'> -pass-header Authorization -pass-header Content-Type
</tmpl_if>
<tmpl_if name='use_socket'>
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket <tmpl_var name='fpm_socket'> -pass-header Authorization -pass-header Content-Type
......@@ -513,9 +513,9 @@
RewriteCond %{REQUEST_URI} !^/php-fcgi/
RewriteCond %{REQUEST_URI} !^<tmpl_var name='rewrite_target'>
</tmpl_if>
RewriteRule ^/(.*)$ <tmpl_var name='rewrite_target'><tmpl_if name="rewrite_add_path" op="==" value="y">$1</tmpl_if> <tmpl_var name='rewrite_type'>
</tmpl_loop>
<tmpl_if name='ssl_enabled'>
<tmpl_else>
......
server/cron.php
View file @ 3e0cb809
......@@ -128,6 +128,6 @@ $app->services->processDelayedActions();
@unlink($conf['temppath'] . $conf['fs_div'] . '.ispconfig_cron_lock');
$app->log('Remove Lock: ' . $conf['temppath'] . $conf['fs_div'] . '.ispconfig_cron_lock', LOGLEVEL_DEBUG);
if($conf['log_priority'] <= LOGLEVEL_DEBUG) die("finished.\n");
if($conf['log_priority'] <= LOGLEVEL_DEBUG) die("finished cron run.\n");
?>
server/cron_debug.php
View file @ 3e0cb809
......@@ -39,25 +39,20 @@ ini_set('error_reporting', E_ALL & ~E_NOTICE);
$conf['server_id'] = intval($conf['server_id']);
// Load required base-classes
$app->uses('ini_parser,file,services,getconf,system,cron,functions');
$app->uses('modules,plugins,ini_parser,file,services,getconf,system,cron,functions');
$app->load('libdatetime,cronjob');
// Path settings
$path = SCRIPT_PATH . '/lib/classes/cron.d';
//** Get commandline options
$cmd_opt = getopt('', array('cronjob::', 'force', 'firstrun'));
$cmd_opt = getopt('', array('cronjob::'));
if(isset($cmd_opt['cronjob']) && is_file($path.'/'.$cmd_opt['cronjob'])) {
// Cronjob that shell be run
$cronjob_file = $cmd_opt['cronjob'];
} else {
echo "Usage example: php cron_debug.php --cronjob=100-mailbox_stats.inc.php [--force] [--firstrun]\n" ;
echo "Available cronjobs:\n";
foreach(glob($path.'/*-*.inc.php') as $cronjob) {
echo basename($cronjob)."\n";
}
die();
die('Usage example: php cron_debug.php --cronjob=100-mailbox_stats.inc.php');
}
// Load and run the cronjob
......@@ -66,20 +61,8 @@ if(preg_match('/^\d+\-(.*)$/', $name, $match)) $name = $match[1]; // strip numer
include $path . '/' . $cronjob_file;
$class_name = 'cronjob_' . $name;
$cronjob = new $class_name();
$cronjob->run(true);
if(isset($cmd_opt['force'])) {
$app->db->query("UPDATE `sys_cron` SET `running` = 0 WHERE `name` = ?", $class_name);
}
$cronjob->onPrepare();
$cronjob->onBeforeRun(isset($cmd_opt['firstrun']));
if(!$cronjob->isRunning()) {
$app->db->query("UPDATE `sys_cron` SET `running` = ? WHERE `name` = ?", ($cronjob->canBeRunInParallel() !== true ? "1" : "0"), $class_name);
$cronjob->onRunJob();
$cronjob->onAfterRun();
$cronjob->onCompleted();
}
die("finished.\n");
die("finished cron debug.\n");
?>
\ No newline at end of file
?>
server/lib/classes/backup.inc.php
View file @ 3e0cb809
......@@ -856,6 +856,10 @@ class backup
if (is_null($endings_list))
$endings_list = $default_endings_list;
if (!is_dir($directory)) {
return array();
}
$dir_handle = dir($directory);
$files = array();
while (false !== ($entry = $dir_handle->read())) {
......@@ -1143,7 +1147,7 @@ class backup
$records = $app->db->queryAllRecords("SELECT * FROM web_database WHERE server_id = ? AND parent_domain_id = ?", $server_id, $domain_id);
if (empty($records)){
$app->log('Skipping database backup for domain ' . $web_domain['domain_id'] . ', because no related databases found.', LOGLEVEL_ERROR);
$app->log('Skipping database backup for domain ' . $web_domain['domain_id'] . ', because no related databases found.', LOGLEVEL_DEBUG);
return true;
}
......@@ -1446,4 +1450,3 @@ class backup
}
?>
server/lib/classes/cron.d/100-monitor_email_quota.inc.php
View file @ 3e0cb809
......@@ -79,30 +79,40 @@ class cronjob_monitor_email_quota extends cronjob {
if(is_array($mailboxes)) {
//* with dovecot we can use doveadm instead of 'du -s'
$dovecot = false;
if (isset($mail_config['pop3_imap_daemon']) && $mail_config ['pop3_imap_daemon'] = 'dovecot' && is_executable('doveadm')) {
exec('doveadm quota 2>&1', $tmp_output, $tmp_retval); // with dovecot 2.2.x 'doveadm quota' is unuseable
if ($retval = 64) $dovecot = true;
$dovecotQuotaUsage = array();
if (isset($mail_config['pop3_imap_daemon']) && $mail_config ['pop3_imap_daemon'] = 'dovecot') {
exec("doveadm quota get -A 2>&1", $res, $retval);
if ($retval = 64) {
foreach ($res as $v) {
$s = preg_split('/\s+/', $v);
if ($s[2] == 'STORAGE') {
$dovecotQuotaUsage[$s[0]] = $s[3] * 1024; // doveadm output is in kB
} elseif ($s[3] == 'STORAGE') {
$dovecotQuotaUsage[$s[0]] = $s[4] * 1024; // doveadm output is in kB
}
}
}
}
foreach($mailboxes as $mb) {
$email = $mb['email'];
$email_parts = explode('@', $mb['email']);
$filename = $mb['maildir'].'/.quotausage';
if(!file_exists($filename) && $dovecot) {
$app->system->exec_safe('doveadm quota recalc -u ?', $email);
}
if(file_exists($filename) && !is_link($filename)) {
if(count($dovecotQuotaUsage) > 0 && isset($dovecotQuotaUsage[$email])) {
$data[$email]['used'] = $dovecotQuotaUsage[$email];
$app->log("Mail storage $email: " . $data[$email]['used'], LOGLEVEL_DEBUG);
} elseif(file_exists($filename) && !is_link($filename)) {
$quotafile = file($filename);
preg_match('/storage.*?([0-9]+)/s', implode('',$quotafile), $storage_value);
$data[$email]['used'] = $storage_value[1];
$app->log("Mail storage $email: " . $storage_value[1], LOGLEVEL_DEBUG);
$app->log("Mail storage $email: " . $data[$email]['used'], LOGLEVEL_DEBUG);
unset($quotafile);
} else {
$app->system->exec_safe('du -s ?', $mb['maildir']);
$out = $app->system->last_exec_out();
$parts = explode(' ', $out[0]);
$data[$email]['used'] = intval($parts[0])*1024;
$app->log("Mail storage $email: " . $data[$email]['used'], LOGLEVEL_DEBUG);
unset($out);
unset($parts);
}
......@@ -110,6 +120,7 @@ class cronjob_monitor_email_quota extends cronjob {
}
unset($mailboxes);
unset($dovecotQuotaUsage);
//* Dovecot quota check Courier in progress lathama@gmail.com
/*
......@@ -132,8 +143,8 @@ class cronjob_monitor_email_quota extends cronjob {
$res['state'] = $state;
/*
* Insert the data into the database
*/
* Insert the data into the database
*/
$sql = 'REPLACE INTO monitor_data (server_id, type, created, data, state) ' .
'VALUES (?, ?, UNIX_TIMESTAMP(), ?, ?)';
$app->dbmaster->query($sql, $res['server_id'], $res['type'], serialize($res['data']), $res['state']);
......
server/lib/classes/cron.d/100-monitor_fail2ban.inc.php
View file @ 3e0cb809
......@@ -67,10 +67,8 @@ class cronjob_monitor_fail2ban extends cronjob {
$type = 'log_fail2ban';
/* This monitoring is only available if fail2ban is installed */
system('which fail2ban-client', $retval); // Debian, Ubuntu, Fedora
if ($retval !== 0)
system('which fail2ban', $retval); // CentOS
if ($retval === 0) {
if ($app->system->is_installed('fail2ban-client') // Debian, Ubuntu, Fedora
|| $app->system->is_installed('fail2ban')) { // CentOS
/* Get the data of the log */
$data = $this->_tools->_getLogData($type);
......
server/lib/classes/cron.d/100-monitor_iptables.inc.php
View file @ 3e0cb809
......@@ -67,8 +67,7 @@ class cronjob_monitor_iptables extends cronjob {
$type = 'iptables_rules';
/* This monitoring is only available if fail2ban is installed */
system('which iptables', $retval); // Debian, Ubuntu, Fedora
if ($retval === 0) {
if ($app->system->is_installed('iptables')) {
/* Get the data of the log */
$data['output'] = '<h2>iptables -S (ipv4)</h2>'.shell_exec('iptables -S 2>/dev/null');
......@@ -83,8 +82,7 @@ class cronjob_monitor_iptables extends cronjob {
/* This monitoring is only available if fail2ban is installed */
system('which ip6tables', $retval); // Debian, Ubuntu, Fedora
if ($retval === 0) {
if ($app->system->is_installed('ip6tables')) {
/* Get the data of the log */
$data['output'] .= '<br><h2>ip6tables -S (ipv6)</h2>'.shell_exec('ip6tables -S 2>/dev/null');
......
server/lib/classes/cron.d/100-monitor_raid.inc.php
View file @ 3e0cb809
......@@ -126,8 +126,7 @@ class cronjob_monitor_raid extends cronjob {
* Check, if we have mpt-status installed (LSIsoftware-raid)
*/
if (file_exists('/proc/mpt/summary')) {
system('which mpt-status', $retval);
if ($retval === 0) {
if ($app->system->is_installed('mpt-status')) {
/*
* Fetch the output
*/
......@@ -174,8 +173,7 @@ class cronjob_monitor_raid extends cronjob {
/*
* 3ware Controller
*/
system('which tw_cli', $retval);
if($retval === 0) {
if($app->system->is_installed('tw_cli')) {
// TYPOWORX FIX | Determine Controler-ID
$availableControlers = shell_exec('tw_cli info | grep -Eo "c[0-9]+"');
......@@ -232,8 +230,7 @@ class cronjob_monitor_raid extends cronjob {
/*
* HP Proliant
*/
system('which hpacucli', $retval);
if($retval === 0) {
if($app->system->is_installed('hpacucli')) {
$state = 'ok';
$data['output'] = shell_exec('/usr/sbin/hpacucli ctrl all show config');
$tmp = explode("\n", $data['output']);
......@@ -278,10 +275,14 @@ class cronjob_monitor_raid extends cronjob {
/*
* LSI MegaRaid
*/
system('which megacli', $retval);
system('which megacli64', $retval64);
if($retval === 0 || $retval64 === 0) {
$binary=@($retval === 0)?'megacli':'megacli64';
$binary = FALSE;
if ($app->system->is_installed('megacli')) {
$binary = 'megacli';
}
if ($app->system->is_installed('megacli64')) {
$binary = 'megacli64';
}
if($binary) {
$state = 'ok';
$data['output'] = shell_exec($binary.' -LDInfo -Lall -aAll -NoLog');
if (strpos($data['output'], 'Optimal') !== false) {
......@@ -298,8 +299,7 @@ class cronjob_monitor_raid extends cronjob {
/*
* Adaptec-RAID
*/
system('which arcconf', $retval);
if($retval === 0) {
if($app->system->is_installed('arcconf')) {
$state = 'ok';
$data['output'] = shell_exec('arcconf GETCONFIG 1 LD');
if(is_array($data['output'])) {
......
server/lib/classes/cron.d/100-monitor_rkhunter.inc.php
View file @ 3e0cb809
......@@ -67,8 +67,7 @@ class cronjob_monitor_rkhunter extends cronjob {
$type = 'rkhunter';
/* This monitoring is only available if rkhunter is installed */
system('which rkhunter', $retval);
if ($retval === 0) {
if ($app->system->is_installed('rkhunter')) {
/*
* Fetch the output
*/
......
server/lib/classes/cron.d/150-awstats.inc.php
View file @ 3e0cb809
......@@ -60,7 +60,6 @@ class cronjob_awstats extends cronjob {
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
foreach($records as $rec) {
//$yesterday = date('Ymd',time() - 86400);
$yesterday = date('Ymd', strtotime("-1 day", time()));
$log_folder = 'log';
......@@ -135,9 +134,6 @@ class cronjob_awstats extends cronjob {
}
}
// awstats_buildstaticpages.pl -update -config=mydomain.com -lang=en -dir=/var/www/domain.com/'.$web_folder.'/stats -awstatsprog=/path/to/awstats.pl
// $command = "$awstats_buildstaticpages_pl -update -config='$domain' -lang=".$conf['language']." -dir='$statsdir' -awstatsprog='$awstats_pl'";
$command = escapeshellcmd($awstats_buildstaticpages_pl) . ' -month=' . escapeshellarg($awmonth) . ' -year=' . escapeshellarg($awyear) . ' -update -config=' . escapeshellarg($domain) . ' -lang=' . escapeshellarg($conf['language']) . ' -dir=' . escapeshellarg($statsdir) . ' -awstatsprog=' . escapeshellarg($awstats_pl);
if (date("d") == 2) {
......
server/lib/classes/cron.d/150-goaccess.inc.php 0 → 100644
View file @ 3e0cb809
<?php
/*
Copyright (c) 2013, Marius Cramer, pixcept KG
Copyright (c) 2020, Michael Seevogel
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class cronjob_goaccess extends cronjob {
// job schedule
protected $_schedule = '0 0 * * *';
/* this function is optional if it contains no custom code */
public function onPrepare() {
global $app;
parent::onPrepare();
}
/* this function is optional if it contains no custom code */
public function onBeforeRun() {
global $app;
return parent::onBeforeRun();
}
public function onRunJob() {
global $app, $conf;
//######################################################################################################
// Create goaccess statistics
//######################################################################################################
$sql = "SELECT domain_id, sys_groupid, domain, document_root, web_folder, type, system_user, system_group, parent_domain_id FROM web_domain WHERE (type = 'vhost' or type = 'vhostsubdomain' or type = 'vhostalias') and stats_type = 'goaccess' AND server_id = ?";
$records = $app->db->queryAllRecords($sql, $conf['server_id']);
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
if(is_array($records) && !empty($records)) {
/* Check if goaccess binary is in path/installed */
if($app->system->is_installed('goaccess')) {
$goaccess_conf_locs = array('/etc/goaccess.conf', '/etc/goaccess/goaccess.conf');
$count = 0;
foreach($goaccess_conf_locs as $goa_loc) {
if(is_file($goa_loc) && (filesize($goa_loc) > 0)) {
$goaccess_conf_main = $goa_loc;
break;
} else {
$count++;
if($count == 2) {
$app->log("No GoAccess base config found. Make sure that GoAccess is installed and that the goaccess.conf does exist in /etc or /etc/goaccess", LOGLEVEL_ERROR);
}
}
}
foreach($records as $rec) {
$yesterday = date('Ymd', strtotime("-1 day", time()));
$log_folder = 'log';
if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
$tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $rec['parent_domain_id']);
$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $rec['domain']);
if($subdomain_host == '') $subdomain_host = 'web'.$rec['domain_id'];
$log_folder .= '/' . $subdomain_host;
unset($tmp);
}
$logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log';
if(!@is_file($logfile)) {
$logfile = $rec['document_root'].'/' . $log_folder . '/'.$yesterday.'-access.log.gz';
if(!@is_file($logfile)) {
continue;
}
}
$web_folder = (($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') ? $rec['web_folder'] : 'web');
$domain = $rec['domain'];
$statsdir = $rec['document_root'].'/'.$web_folder.'/stats';
$goaccess_conf = $rec['document_root'].'/log/goaccess.conf';
/*
In case that you use a different log format, you should use a custom goaccess.conf which you'll have to put into /usr/local/ispconfig/server/conf-custom/.
By default the originally, with GoAccess shipped goaccess.conf from /etc/ or /etc/goaccess will be used along with the log-format value COMBINED.
*/
if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master") && (!file_exists($goaccess_conf))) {
$app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess.conf.master", $goaccess_conf);
} elseif(!file_exists($goaccess_conf)) {
/*
By default the goaccess.conf should get copied by the webserver plugin but in case it wasn't, or it got deleted by accident we gonna copy it again to the destination dir.
Also there was no /usr/local/ispconfig/server/conf-custom/goaccess.conf.master, so we gonna use /etc/goaccess.conf or /etc/goaccess/goaccess.conf as the base conf.
*/
$app->system->copy($goaccess_conf_main, $goaccess_conf);
$content = $app->system->file_get_contents($goaccess_conf, true);
$content = preg_replace('/^(#)?log-format COMBINED/m', "log-format COMBINED", $content);
$app->system->file_put_contents($goaccess_conf, $content, true);
unset($content);
}
$username = $rec['system_user'];
$groupname = $rec['system_group'];
$docroot = $rec['document_root'];
if(!@is_dir($statsdir)) $app->system->mkdirpath($statsdir, 0755, $username, $groupname);
$goa_db_dir = $docroot.'/log/goaccess_db';
$output_html = $docroot.'/'.$web_folder.'/stats/goaindex.html';
if(!@is_dir($goa_db_dir)) $app->system->mkdirpath($goa_db_dir);
if(is_link('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log')) $app->system->unlink('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
symlink($logfile, '/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
$app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
$goamonth = date("n");
$goayear = date("Y");
if (date("d") == 1) {
$goamonth = date("m")-1;
if (date("m") == 1) {
$goayear = date("Y")-1;
$goamonth = "12";
}
}
if (date("d") == 2) {
$goamonth = date("m")-1;
if (date("m") == 1) {
$goayear = date("Y")-1;
$goamonth = "12";
}
$statsdirold = $statsdir."/".$goayear."-".$goamonth."/";
if(!is_dir($statsdirold)) {
$app->system->mkdirpath($statsdirold, 0755, $username, $groupname);
}
$files = scandir($statsdir);
foreach ($files as $file) {
if (substr($file, 0, 1) != "." && !is_dir("$statsdir"."/"."$file") && substr($file, 0, 1) != "w" && substr($file, 0, 1) != "i") $app->system->copy("$statsdir"."/"."$file", "$statsdirold"."$file");
}
}
// Get the GoAccess version
$match = array();
$goaccess_version = $app->system->system_safe('goaccess --version 2>&1');
if(preg_match('/[0-9]\.[0-9]{1,2}/', $goaccess_version, $match)) {
$goaccess_version = $match[0];
}
$sql_user = "SELECT client_id FROM sys_group WHERE groupid = ?";
$rec_user = $app->db->queryOneRecord($sql_user, $rec['sys_groupid']);
$lang_query = "SELECT country,language FROM client WHERE client_id = ?";
$lang_user = $app->db->queryOneRecord($lang_query, $rec_user['client_id']);
$cust_lang = $lang_user['language']."_".strtoupper($lang_user['language']).".UTF-8";
switch($lang_user['language'])
{
case 'en':
$cust_lang = 'en_UK.UTF-8';
break;
case 'br':
$cust_lang = 'pt_PT.UTF-8';
break;
case 'ca':
$cust_lang = 'en_US.UTF-8';
break;
case 'ja':
$cust_lang = 'ja_JP.UTF-8';
break;
case 'ar':
$cust_lang = 'es_ES.UTF-8';
break;
case 'el':
$cust_lang = 'el_GR.UTF-8';
break;
case 'se':
$cust_lang = 'sv_SE.UTF-8';
break;
case 'dk':
$cust_lang = 'da_DK.UTF-8';
break;
case 'cz':
$cust_lang = 'cs_CZ.UTF-8';
break;
}
/*
* GoAccess removed with 1.4 B+Tree support and supports from this version on only "In-Memory with On-Disk Persistance Storage".
* For versions prior 1.4 you need GoAccess with B+Tree support compiled!
*/
if(version_compare($goaccess_version,1.4) >= 0) {
$app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --restore --persist --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
} else {
$output = $app->system->system_safe('goaccess --help 2>&1');
preg_match('/keep-db-files/', $output, $match);
if($match[0] == "keep-db-files") {
$app->system->exec_safe("LANG=? goaccess -f ? --config-file ? --load-from-disk --keep-db-files --db-path=? --output=?", $cust_lang, $logfile, $goaccess_conf, $goa_db_dir, $output_html);
} else {
$app->log("Stats couldn't be generated. The GoAccess binary wasn't compiled with B+Tree support. Please recompile/reinstall GoAccess with B+Tree support, or install GoAccess version >= 1.4! (recommended)", LOGLEVEL_ERROR);
}
unset($output);
}
unset($cust_lang);
unset($sql_user);
unset($rec_user);
unset($lang_query);
unset($lang_user);
if(!is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
if(file_exists("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master")) {
$app->system->copy("/usr/local/ispconfig/server/conf-custom/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
} else {
$app->system->copy("/usr/local/ispconfig/server/conf/goaccess_index.php.master", $rec['document_root']."/".$web_folder."/stats/index.php");
}
}
$app->log('Created GoAccess statistics for ' . $domain, LOGLEVEL_DEBUG);
if(is_file($rec['document_root']."/".$web_folder."/stats/index.php")) {
$app->system->chown($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_user']);
$app->system->chgrp($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_group']);
}
$app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
}
} else {
$app->log("Stats couldn't be generated. The GoAccess binary couldn't be found. Make sure that GoAccess is installed and that it is in \$PATH", LOGLEVEL_ERROR);
}
}
parent::onRunJob();
}
/* this function is optional if it contains no custom code */
public function onAfterRun() {
global $app;
parent::onAfterRun();
}
}
?>
server/lib/classes/cron.d/150-webalizer.inc.php
View file @ 3e0cb809
......@@ -127,8 +127,8 @@ class cronjob_webalizer extends cronjob {
chown($statsdir, $username);
chgrp($statsdir, $groupname);
$app->system->exec_safe("$webalizer -c ? -n ? -s ? -r ? -q -T -p -o ? ?", $webalizer_conf, $domain, $domain, $domain, $statsdir, $logfile);
exec('chown -R ?:? ?', $username, $groupname, $statsdir);
$app->system->exec_safe('chown -R ?:? ?', $username, $groupname, $statsdir);
}
......
server/lib/classes/cron.d/200-logfiles.inc.php
View file @ 3e0cb809
......@@ -49,10 +49,10 @@ class cronjob_logfiles extends cronjob {
public function onRunJob() {
global $app, $conf;
$app->uses('getconf');
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
if($server_config['log_retention'] > 0) {
$max_syslog = $app->functions->intval($server_config['log_retention']);
} else {
......@@ -121,18 +121,18 @@ class cronjob_logfiles extends cronjob {
$app->system->exec_safe("gzip -c ? > ?", $logfile, $logfile . '.gz');
unlink($logfile);
}
$cron_logfiles = array('cron.log', 'cron_error.log', 'cron_wget.log');
foreach($cron_logfiles as $cron_logfile) {
$cron_logfile = $rec['document_root'].'/' . $log_folder . '/' . $cron_logfile;
$cron_logfile = $rec['document_root'].'/private/' . $cron_logfile;
// rename older files (move up by one)
$num = $log_retention;
while($num >= 1) {
if(is_file($cron_logfile . '.' . $num . '.gz')) rename($cron_logfile . '.' . $num . '.gz', $cron_logfile . '.' . ($num + 1) . '.gz');
$num--;
}
// compress current logfile
if(is_file($cron_logfile)) {
$app->system->exec_safe("gzip -c ? > ?", $cron_logfile, $cron_logfile . '.1.gz');
......@@ -146,7 +146,7 @@ class cronjob_logfiles extends cronjob {
}
}
// rotate and compress the error.log
// rotate and compress the error.log
$error_logfile = $rec['document_root'].'/' . $log_folder . '/error.log';
// rename older files (move up by one)
$num = $log_retention;
......@@ -184,7 +184,7 @@ class cronjob_logfiles extends cronjob {
//######################################################################################################
$ispconfig_logfiles = array('ispconfig.log', 'cron.log', 'auth.log');
$ispconfig_logfiles = array('ispconfig.log', 'cron.log', 'auth.log', 'acme.log');
foreach($ispconfig_logfiles as $ispconfig_logfile) {
$num = $max_syslog;
$ispconfig_logfile = $conf['ispconfig_log_dir'].'/'.$ispconfig_logfile;
......@@ -193,7 +193,7 @@ class cronjob_logfiles extends cronjob {
if(is_file($ispconfig_logfile . '.' . $num . '.gz')) rename($ispconfig_logfile . '.' . $num . '.gz', $ispconfig_logfile . '.' . ($num + 1) . '.gz');
$num--;
}
// compress current logfile
//* compress current logfile
if(is_file($ispconfig_logfile)) {
$app->system->exec_safe("gzip -c ? > ?", $ispconfig_logfile, $ispconfig_logfile . '.1.gz');
$app->system->exec_safe("cat /dev/null > ?", $ispconfig_logfile);
......@@ -240,7 +240,7 @@ class cronjob_logfiles extends cronjob {
*/
$sql = "DELETE FROM sys_log WHERE tstamp < ? AND server_id != 0";
$app->dbmaster->query($sql, $tstamp);
/*
* now delete those entries without a linked datalog entry (datalog_id = 0)
*/
......
server/lib/classes/cron.d/500-backup_mail.inc.php
View file @ 3e0cb809
......@@ -78,8 +78,7 @@ class cronjob_backup_mail extends cronjob {
} else {
chmod($backup_dir, $backup_dir_permissions);
}
system('which pigz > /dev/null', $ret);
if($ret === 0) {
if($app->system->is_installed('pigz')) {
$use_pigz = true;
} else {
$use_pigz = false;
......
server/lib/classes/cron.d/500-clean_mailboxes.inc.php
View file @ 3e0cb809
......@@ -57,6 +57,7 @@ class cronjob_clean_mailboxes extends cronjob {
$junk_names=array('Junk', 'Junk Email', 'SPAM', 'INBOX.SPAM');
$purge_cmd = 'doveadm expunge -u ? mailbox ? sentbefore ';
$recalc_cmd = 'doveadm quota recalc -u ?';
$server_id = intval($conf['server_id']);
$records = $app->db->queryAllRecords("SELECT email, maildir, purge_trash_days, purge_junk_days FROM mail_user WHERE maildir_format = 'maildir' AND disableimap = 'n' AND server_id = ? AND (purge_trash_days > 0 OR purge_junk_days > 0)", $server_id);
......@@ -77,6 +78,7 @@ class cronjob_clean_mailboxes extends cronjob {
}
}
}
$app->system->exec_safe($recalc_cmd, $email['email']);
}
}
......
server/lib/classes/db_mysql.inc.php
View file @ 3e0cb809
......@@ -258,6 +258,8 @@ class db
private function _query($sQuery = '') {
global $app;
$aArgs = func_get_args();
if ($sQuery == '') {
$this->_sqlerror('Keine Anfrage angegeben / No query given');
......@@ -297,7 +299,6 @@ class db
}
} while($ok == false);
$aArgs = func_get_args();
$sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs);
$this->securityScan($sQuery);
$this->_iQueryId = mysqli_query($this->_iConnId, $sQuery);
......@@ -353,10 +354,17 @@ class db
* @return array result row or NULL if none found
*/
public function queryOneRecord($sQuery = '') {
if(!preg_match('/limit \d+\s*(,\s*\d+)?$/i', $sQuery)) $sQuery .= ' LIMIT 0,1';
$aArgs = func_get_args();
$oResult = call_user_func_array(array(&$this, 'query'), $aArgs);
if(!empty($aArgs)) {
$sQuery = array_shift($aArgs);
if($sQuery && !preg_match('/limit \d+(\s*,\s*\d+)?$/i', $sQuery)) {
$sQuery .= ' LIMIT 0,1';
}
array_unshift($aArgs, $sQuery);
}
$oResult = call_user_func_array([&$this, 'query'], $aArgs);
if(!$oResult) return null;
$aReturn = $oResult->get();
......@@ -1300,7 +1308,7 @@ class fakedb_result {
if(!is_array($this->aLimitedData)) return $aItem;
if(list($vKey, $aItem) = each($this->aLimitedData)) {
foreach($this->aLimitedData as $vKey => $aItem) {
if(!$aItem) $aItem = null;
}
return $aItem;
......
server/lib/classes/file.inc.php
View file @ 3e0cb809
......@@ -158,26 +158,6 @@ class file{
return $ret_val;
}
function edit_dist($var, $val){
global $$var;
$files = array('/root/ispconfig/dist.inc.php');
foreach($files as $file){
if(is_file($file)){
$file_content = $this->unix_nl($this->rf($file));
$lines = explode("\n", $file_content);
for($i=0;$i<sizeof($lines);$i++){
$parts = explode('=', $lines[$i]);
if($parts[0] == $var || $parts[0] == '$'.$var.' '){
$parts[1] = str_replace($$var, $val, $parts[1]);
}
$lines[$i] = implode('=', $parts);
}
$file_content = implode("\n", $lines);
$this->wf($file, $file_content);
}
}
}
function getDirectoryListing($dirname, $sortorder = 'a', $show_subdirs = 0, $show_subdirfiles = 0, $exts = '', $ext_save = 1){
// This function will return an array with filenames based on the criteria you can set in the variables
// @sortorder : a for ascending (the standard) or d for descending (you can use the "r" for reverse as well, works the same)
......