Skip to content
Expand all Show whitespace changes
Inline Side-by-side
install/dist/lib/debian60.lib.php
View file @ d204dbb9
...@@ -61,7 +61,7 @@ class installer extends installer_base { ...@@ -61,7 +61,7 @@ class installer extends installer_base {
} }
//* Configure master.cf and add a line for deliver //* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf'); $content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n"; $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($config_dir.'/master.cf', $deliver_content); af($config_dir.'/master.cf', $deliver_content);
unset($content); unset($content);
unset($deliver_content); unset($deliver_content);
...@@ -109,6 +109,13 @@ class installer extends installer_base { ...@@ -109,6 +109,13 @@ class installer extends installer_base {
if(version_compare($dovecot_version,2.1) < 0) { if(version_compare($dovecot_version,2.1) < 0) {
removeLine($config_dir.'/'.$configfile, 'ssl_protocols ='); removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
} }
if(version_compare($dovecot_version,2.2) >= 0) {
// Dovecot > 2.2 does not recognize !SSLv2 anymore on Debian 9
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('!SSLv2','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
}
} else { } else {
if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master')) { if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master')) {
copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master', $config_dir.'/'.$configfile); copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master', $config_dir.'/'.$configfile);
......
install/dist/lib/fedora.lib.php
View file @ d204dbb9
...@@ -103,17 +103,17 @@ class installer_dist extends installer_base { ...@@ -103,17 +103,17 @@ class installer_dist extends installer_base {
$this->process_postfix_config('mysql-virtual_uids.cf'); $this->process_postfix_config('mysql-virtual_uids.cf');
//* postfix-dkim //* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re'; $filename='tag_as_originating.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026'); wf($full_file_name, $content);
$full_file_name=$config_dir.'/tag_as_foreign.re'; $filename='tag_as_foreign.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024'); wf($full_file_name, $content);
//* Changing mode and group of the new created config files. //* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
...@@ -394,7 +394,7 @@ class installer_dist extends installer_base { ...@@ -394,7 +394,7 @@ class installer_dist extends installer_base {
} }
//* Configure master.cf and add a line for deliver //* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf'); $content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n"; $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content); af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
unset($content); unset($content);
unset($deliver_content); unset($deliver_content);
...@@ -443,6 +443,13 @@ class installer_dist extends installer_base { ...@@ -443,6 +443,13 @@ class installer_dist extends installer_base {
if(version_compare($dovecot_version,2.1) < 0) { if(version_compare($dovecot_version,2.1) < 0) {
removeLine($config_dir.'/'.$configfile, 'ssl_protocols ='); removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
} }
if(version_compare($dovecot_version,2.2) >= 0) {
// Dovecot > 2.2 does not recognize !SSLv2 anymore on Debian 9
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('!SSLv2','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
}
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0); replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0); replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
} else { } else {
...@@ -502,13 +509,21 @@ class installer_dist extends installer_base { ...@@ -502,13 +509,21 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content); $content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{hostname}', $conf['hostname'], $content); $content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir'], $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content); wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640); chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(!is_file($conf['amavis']['config_dir'].'/60-dkim')) {
touch($conf['amavis']['config_dir'].'/60-dkim');
chmod($conf['amavis']['config_dir'].'/60-dkim', 0640);
}
// for CentOS 7.2 only // for CentOS 7.2 only
if($dist['confid'] == 'centos72') { if($dist['confid'] == 'centos72') {
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0750); chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0750);
chgrp($conf['amavis']['config_dir'].'/amavisd.conf', 'amavis'); chgrp($conf['amavis']['config_dir'].'/amavisd.conf', 'amavis');
chmod($conf['amavis']['config_dir'].'/60-dkim', 0750);
chgrp($conf['amavis']['config_dir'].'/60-dkim', 'amavis');
} }
...@@ -707,6 +722,12 @@ class installer_dist extends installer_base { ...@@ -707,6 +722,12 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master'); $tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion()); $tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']); $records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array(); $ip_addresses = array();
...@@ -791,6 +812,17 @@ class installer_dist extends installer_base { ...@@ -791,6 +812,17 @@ class installer_dist extends installer_base {
//* add a sshusers group //* add a sshusers group
$command = 'groupadd sshusers'; $command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
// add anonymized log option to nginxx.conf file
$nginx_conf_file = $conf['nginx']['config_dir'].'/nginx.conf';
if(is_file($nginx_conf_file)) {
$tmp = file_get_contents($nginx_conf_file);
if(!stristr($tmp, 'log_format anonymized')) {
copy($nginx_conf_file,$nginx_conf_file.'~');
replaceLine($nginx_conf_file, 'http {', "http {\n\n".file_get_contents('tpl/nginx_anonlog.master'), 0, 0);
}
}
} }
public function configure_bastille_firewall() public function configure_bastille_firewall()
...@@ -1068,6 +1100,8 @@ class installer_dist extends installer_base { ...@@ -1068,6 +1100,8 @@ class installer_dist extends installer_base {
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist'; $command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable //* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang"); exec("chmod -R 770 $install_dir/interface/lib/lang");
...@@ -1141,6 +1175,11 @@ class installer_dist extends installer_base { ...@@ -1141,6 +1175,11 @@ class installer_dist extends installer_base {
$command = "chmod +x $install_dir/server/scripts/*.sh"; $command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){ if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel //* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ? // TODO: These are missing! should they be "vhost_dist_*_dir" ?
......
install/dist/lib/gentoo.lib.php
View file @ d204dbb9
...@@ -212,17 +212,17 @@ class installer extends installer_base ...@@ -212,17 +212,17 @@ class installer extends installer_base
} }
//* postfix-dkim //* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re'; $filename='tag_as_originating.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
$this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026'); wf($full_file_name, $content);
$full_file_name=$config_dir.'/tag_as_foreign.re'; $filename='tag_as_foreign.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
$this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024'); wf($full_file_name, $content);
//* Chmod and chown the .mailfilter file //* Chmod and chown the .mailfilter file
$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter'; $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
...@@ -303,7 +303,7 @@ class installer extends installer_base ...@@ -303,7 +303,7 @@ class installer extends installer_base
} }
//* Configure master.cf and add a line for deliver //* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf'); $content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n"; $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($config_dir.'/master.cf', $deliver_content); af($config_dir.'/master.cf', $deliver_content);
unset($content); unset($content);
unset($deliver_content); unset($deliver_content);
...@@ -345,6 +345,7 @@ class installer extends installer_base ...@@ -345,6 +345,7 @@ class installer extends installer_base
if(version_compare($dovecot_version,2, '>=')) { if(version_compare($dovecot_version,2, '>=')) {
$content = str_replace('# iterate_query', 'iterate_query', $content); $content = str_replace('# iterate_query', 'iterate_query', $content);
} }
$content = str_replace('{server_id}', $conf['server_id'], $content);
$this->write_config_file($configfile, $content); $this->write_config_file($configfile, $content);
} }
...@@ -602,6 +603,12 @@ class installer extends installer_base ...@@ -602,6 +603,12 @@ class installer extends installer_base
$tpl = new tpl('apache_ispconfig.conf.master'); $tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion()); $tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']); $records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array(); $ip_addresses = array();
...@@ -996,6 +1003,8 @@ class installer extends installer_base ...@@ -996,6 +1003,8 @@ class installer extends installer_base
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist'; $command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable //* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang"); exec("chmod -R 770 $install_dir/interface/lib/lang");
...@@ -1076,6 +1085,11 @@ class installer extends installer_base ...@@ -1076,6 +1085,11 @@ class installer extends installer_base
$command = "chmod +x $install_dir/server/scripts/*.sh"; $command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){ if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel //* Copy the ISPConfig vhost for the controlpanel
$content = $this->get_template_file("apache_ispconfig.vhost", true); $content = $this->get_template_file("apache_ispconfig.vhost", true);
......
install/dist/lib/opensuse.lib.php
View file @ d204dbb9
...@@ -100,17 +100,17 @@ class installer_dist extends installer_base { ...@@ -100,17 +100,17 @@ class installer_dist extends installer_base {
$this->process_postfix_config('mysql-virtual_uids.cf'); $this->process_postfix_config('mysql-virtual_uids.cf');
//* postfix-dkim //* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re'; $filename='tag_as_originating.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026'); wf($full_file_name, $content);
$full_file_name=$config_dir.'/tag_as_foreign.re'; $filename='tag_as_foreign.re';
if(is_file($full_file_name)) { $full_file_name=$config_dir.'/'.$filename;
copy($full_file_name, $config_dir.$configfile.'~'); if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
} $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024'); wf($full_file_name, $content);
//* Changing mode and group of the new created config files. //* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
...@@ -404,7 +404,7 @@ class installer_dist extends installer_base { ...@@ -404,7 +404,7 @@ class installer_dist extends installer_base {
} }
//* Configure master.cf and add a line for deliver //* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf'); $content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n"; $deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content); af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
unset($content); unset($content);
unset($deliver_content); unset($deliver_content);
...@@ -507,6 +507,7 @@ class installer_dist extends installer_base { ...@@ -507,6 +507,7 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content); $content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content); $content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{hostname}', $conf['hostname'], $content); $content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir']);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content); wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640); chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
...@@ -690,6 +691,12 @@ class installer_dist extends installer_base { ...@@ -690,6 +691,12 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master'); $tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion()); $tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']); $records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array(); $ip_addresses = array();
...@@ -816,6 +823,16 @@ class installer_dist extends installer_base { ...@@ -816,6 +823,16 @@ class installer_dist extends installer_base {
//* add a sshusers group //* add a sshusers group
$command = 'groupadd sshusers'; $command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
// add anonymized log option to nginxx.conf file
$nginx_conf_file = $conf['nginx']['config_dir'].'/nginx.conf';
if(is_file($nginx_conf_file)) {
$tmp = file_get_contents($nginx_conf_file);
if(!stristr($tmp, 'log_format anonymized')) {
copy($nginx_conf_file,$nginx_conf_file.'~');
replaceLine($nginx_conf_file, 'http {', "http {\n\n".file_get_contents('tpl/nginx_anonlog.master'), 0, 0);
}
}
} }
public function configure_bastille_firewall() public function configure_bastille_firewall()
...@@ -1093,6 +1110,8 @@ class installer_dist extends installer_base { ...@@ -1093,6 +1110,8 @@ class installer_dist extends installer_base {
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist'; $command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable //* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang"); exec("chmod -R 770 $install_dir/interface/lib/lang");
...@@ -1169,6 +1188,11 @@ class installer_dist extends installer_base { ...@@ -1169,6 +1188,11 @@ class installer_dist extends installer_base {
$command = "chmod +x $install_dir/server/scripts/*.sh"; $command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){ if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel //* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ? // TODO: These are missing! should they be "vhost_dist_*_dir" ?
......
install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
View file @ d204dbb9
...@@ -55,7 +55,7 @@ $sql_select_policy = ...@@ -55,7 +55,7 @@ $sql_select_policy =
$sql_select_white_black_list = 'SELECT wb FROM spamfilter_wblist'. $sql_select_white_black_list = 'SELECT wb FROM spamfilter_wblist'.
' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k))' . ' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k)) AND (spamfilter_wblist.active="y")' .
' ORDER BY spamfilter_wblist.priority DESC'; ' ORDER BY spamfilter_wblist.priority DESC';
# #
...@@ -112,9 +112,10 @@ $policy_bank{'ORIGINATING'} = { ...@@ -112,9 +112,10 @@ $policy_bank{'ORIGINATING'} = {
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port # Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 ); @inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
$signed_header_fields{'received'} = 0; # turn off signing of Received # DKIM
$enable_dkim_verification = 1; $enable_dkim_verification = 1;
$enable_dkim_signing = 1; $enable_dkim_signing = 1; # load DKIM signing code
$signed_header_fields{'received'} = 0; # turn off signing of Received
@dkim_signature_options_bysender_maps = ( @dkim_signature_options_bysender_maps = (
{ '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } ); { '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
......
install/install.php
View file @ d204dbb9
...@@ -57,19 +57,21 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ...@@ -57,19 +57,21 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
error_reporting(E_ALL|E_STRICT); error_reporting(E_ALL|E_STRICT);
require_once realpath(dirname(__FILE__)) . '/lib/classes/libbashcolor.inc.php';
define('INSTALLER_RUN', true); define('INSTALLER_RUN', true);
//** The banner on the command line //** The banner on the command line
echo "\n\n".str_repeat('-', 80)."\n"; echo "\n\n".str_repeat('-', 80)."\n";
echo " _____ ___________ _____ __ _ ____ echo PXBashColor::getString( "<darkgrey>
|_ _/ ___| ___ \ / __ \ / _(_) /__ \ <strong> _____ ___________</strong> _____ __ _ ____
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ / <strong>|_ _/ ___| ___ \</strong> / __ \ / _(_) /__ \
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ | <strong> | | \ `--.| |_/ /</strong> | / \/ ___ _ __ | |_ _ __ _ _/ /
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \ <strong> | | `--. \ __/</strong> | | / _ \| '_ \| _| |/ _` | |_ |
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/ <strong> _| |_/\__/ / | </strong> | \__/\ (_) | | | | | | | (_| | ___\ \
<strong> \___/\____/\_| </strong> \____/\___/|_| |_|_| |_|\__, | \____/
__/ | __/ |
|___/ "; |___/ </darkgrey>");
echo "\n".str_repeat('-', 80)."\n"; echo "\n".str_repeat('-', 80)."\n";
echo "\n\n>> Initial configuration \n\n"; echo "\n\n>> Initial configuration \n\n";
...@@ -97,6 +99,9 @@ require_once 'lib/classes/tpl.inc.php'; ...@@ -97,6 +99,9 @@ require_once 'lib/classes/tpl.inc.php';
die('We will stop here. There is already a ISPConfig installation, use the update script to update this installation.'); die('We will stop here. There is already a ISPConfig installation, use the update script to update this installation.');
}*/ }*/
// Patch is required to reapir latest amavis versions
if(is_installed('amavisd-new') && !is_installed('patch')) die('The patch command is missing. Install patch command and start installation again.');
//** Get distribution identifier //** Get distribution identifier
$dist = get_distname(); $dist = get_distname();
...@@ -114,7 +119,11 @@ if(isset($cmd_opt['autoinstall']) && is_file($cmd_opt['autoinstall'])) { ...@@ -114,7 +119,11 @@ if(isset($cmd_opt['autoinstall']) && is_file($cmd_opt['autoinstall'])) {
if($path_parts['extension'] == 'php') { if($path_parts['extension'] == 'php') {
include_once $cmd_opt['autoinstall']; include_once $cmd_opt['autoinstall'];
} elseif($path_parts['extension'] == 'ini') { } elseif($path_parts['extension'] == 'ini') {
if(is_file('autoinstall.ini')) {
$tmp = ini_to_array(file_get_contents('autoinstall.ini'));
} else {
$tmp = ini_to_array(file_get_contents($cmd_opt['autoinstall'])); $tmp = ini_to_array(file_get_contents($cmd_opt['autoinstall']));
}
if(!is_array($tmp['install'])) $tmp['install'] = array(); if(!is_array($tmp['install'])) $tmp['install'] = array();
if(!is_array($tmp['ssl_cert'])) $tmp['ssl_cert'] = array(); if(!is_array($tmp['ssl_cert'])) $tmp['ssl_cert'] = array();
if(!is_array($tmp['expert'])) $tmp['expert'] = array(); if(!is_array($tmp['expert'])) $tmp['expert'] = array();
...@@ -144,12 +153,12 @@ $retval=shell_exec("which which"); ...@@ -144,12 +153,12 @@ $retval=shell_exec("which which");
if (empty($retval)) die ("ISPConfig requieres which \n"); if (empty($retval)) die ("ISPConfig requieres which \n");
swriteln($inst->lng(' Following will be a few questions for primary configuration so be careful.')); swriteln($inst->lng(' Following will be a few questions for primary configuration so be careful.'));
swriteln($inst->lng(' Default values are in [brackets] and can be accepted with <ENTER>.')); swriteln($inst->lng(' Default values are in <strong>[brackets]</strong> and can be accepted with <em><ENTER></em>.'));
swriteln($inst->lng(' Tap in "quit" (without the quotes) to stop the installer.'."\n\n")); swriteln($inst->lng(' Tap in "<em>quit</em>" (without the quotes) to stop the installer.'."\n\n"));
//** Check log file is writable (probably not root or sudo) //** Check log file is writable (probably not root or sudo)
if(!is_writable(dirname(ISPC_LOG_FILE))){ if(!is_writable(dirname(ISPC_LOG_FILE))){
die("ERROR: Cannot write to the ".dirname(ISPC_LOG_FILE)." directory. Are you root or sudo ?\n\n"); die(PXBashColor::getString("<strong><red>[ERROR]</red></strong> Cannot write to the ".dirname(ISPC_LOG_FILE)." directory. Are you root or sudo ?\n\n"));
} }
if(is_dir('/root/ispconfig') || is_dir('/home/admispconfig')) { if(is_dir('/root/ispconfig') || is_dir('/home/admispconfig')) {
...@@ -441,6 +450,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure DNS ...@@ -441,6 +450,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure DNS
} }
if($install_mode == 'expert') swriteln('The Web Server option has to be enabled when you want run a web server or when this node shall host the ISPConfig interface.');
if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Web Server', array('y', 'n'), 'y','configure_webserver')) == 'y') { if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Web Server', array('y', 'n'), 'y','configure_webserver')) == 'y') {
//* Configure Apache //* Configure Apache
if($conf['apache']['installed']){ if($conf['apache']['installed']){
...@@ -510,14 +520,22 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Fire ...@@ -510,14 +520,22 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Fire
} }
} }
//* Configure XMPP if($install_mode == 'standard' || strtolower($inst->simple_query('Configure XMPP Server', array('y', 'n') , 'y','configure_xmpp') ) == 'y') {
$force = @($conf['xmpp']['installed']) ? true : $inst->force_configure_app('Metronome XMPP Server', ($install_mode == 'expert')); //* Configure XMPP Metronome
if($force) { if ($conf['metronome']['installed']) {
swriteln('Configuring Metronome XMPP Server'); swriteln('Configuring Metronome XMPP Server');
$inst->configure_xmpp(); $inst->configure_metronome();
$conf['services']['xmpp'] = true; $conf['services']['xmpp'] = true;
} }
//* Configure XMPP Prosody
if ($conf['prosody']['installed']) {
swriteln('Configuring Prosody XMPP Server');
$inst->configure_prosody();
$conf['services']['xmpp'] = true;
}
}
//* Configure Fail2ban //* Configure Fail2ban
$force = @($conf['fail2ban']['installed']) ? true : $inst->force_configure_app('Fail2ban', ($install_mode == 'expert')); $force = @($conf['fail2ban']['installed']) ? true : $inst->force_configure_app('Fail2ban', ($install_mode == 'expert'));
if($force) { if($force) {
...@@ -552,8 +570,9 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon ...@@ -552,8 +570,9 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon
//** Customise the port ISPConfig runs on //** Customise the port ISPConfig runs on
$ispconfig_vhost_port = $inst->free_query('ISPConfig Port', '8080','ispconfig_port'); $ispconfig_vhost_port = $inst->free_query('ISPConfig Port', '8080','ispconfig_port');
$conf['interface_password'] = $inst->free_query('Admin password', 'admin','ispconfig_admin_password'); $temp_admin_password = str_shuffle(bin2hex(openssl_random_pseudo_bytes(4)));
if(!AUTOINSTALL && $conf['interface_password'] != 'admin') { $conf['interface_password'] = $inst->free_query('Admin password', $temp_admin_password, 'ispconfig_admin_password');
if($conf['interface_password'] != $temp_admin_password) {
$check = false; $check = false;
do { do {
unset($temp_password); unset($temp_password);
...@@ -564,6 +583,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon ...@@ -564,6 +583,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon
} }
unset($check); unset($check);
unset($temp_password); unset($temp_password);
unset($temp_admin_password);
if($conf['apache']['installed'] == true) $conf['apache']['vhost_port'] = $ispconfig_vhost_port; if($conf['apache']['installed'] == true) $conf['apache']['vhost_port'] = $ispconfig_vhost_port;
if($conf['nginx']['installed'] == true) $conf['nginx']['vhost_port'] = $ispconfig_vhost_port; if($conf['nginx']['installed'] == true) $conf['nginx']['vhost_port'] = $ispconfig_vhost_port;
unset($ispconfig_vhost_port); unset($ispconfig_vhost_port);
...@@ -621,7 +641,7 @@ if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') sys ...@@ -621,7 +641,7 @@ if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') sys
//if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null'); //if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null'); if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null'); if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null');
if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null'); if($conf['metronome']['installed'] == true && $conf['metronome']['init_script'] != '') system($inst->getinitcommand($conf['metronome']['init_script'], 'restart').' &> /dev/null');
//* test tRNG //* test tRNG
if($conf['tRNG']) tRNG(); if($conf['tRNG']) tRNG();
......
install/lib/classes/libbashcolor.inc.php 0 → 100644
View file @ d204dbb9
<?php
/*
(c) 2017 by Marius Burkard, pixcept KG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
abstract class PXBashColor {
private static $markers = array(
'black' => 30,
'red' => 31,
'green' => 32,
'yellow' => 33,
'blue' => 34,
'magenta' => 35,
'cyan' => 36,
'lightgrey' => 37,
'default' => 39,
'darkgrey' => 90,
'lightred' => 91,
'lightgreen' => 92,
'lightyellow' => 93,
'lightblue' => 94,
'lightmagenta' => 95,
'lightcyan' => 96,
'white' => 97,
'bg:black' => 40,
'bg:red' => 41,
'bg:green' => 42,
'bg:yellow' => 43,
'bg:blue' => 44,
'bg:magenta' => 45,
'bg:cyan' => 46,
'bg:lightgrey' => 47,
'bg:default' => 49,
'bg:darkgrey' => 100,
'bg:lightred' => 101,
'bg:lightgreen' => 102,
'bg:lightyellow' => 103,
'bg:lightblue' => 104,
'bg:lightmagenta' => 105,
'bg:lightcyan' => 106,
'bg:white' => 107,
'bold' => 1,
'dim' => 2,
'italic' => 3,
'underlined' => 4,
'blink' => 5,
'invert' => 7,
'hidden' => 8
);
private static function getCode($active) {
$code = "\033[0;";
if(count($active) > 0) {
$tmp = array();
for($i = 0; $i < count($active); $i++) {
$tmp[] = self::$markers[$active[$i]];
}
sort($tmp);
$code .= implode(';', $tmp);
unset($tmp);
} else {
$code .= "0";
}
$code .= "m";
return $code;
}
public static function getString($string, $ignore_unknown_tags = false) {
$active = array();
$echo_string = "";
while(preg_match('/<(\/?(?:bg:)?\w+)>/i', $string, $match, PREG_OFFSET_CAPTURE)) {
$pos = $match[0][1];
$tag = $match[1][0];
$len = strlen($match[0][0]);
$close = false;
if(substr($tag, 0, 1) == '/') {
$close = true;
$tag = substr($tag, 1);
}
$key = $tag;
if($key == 'strong' || $key == 'b') $key = 'bold';
elseif($key == 'em' || $key == 'i') $key = 'italic';
elseif($key == 'u') $key = 'underlined';
elseif($key == 'inv') $key = 'invert';
if(!array_key_exists($key, self::$markers)) {
if($ignore_unknown_tags == false) {
throw new Exception('unknown tag: ' . $tag);
} else {
$echo_string .= self::getCode($active);
$echo_string .= substr($string, 0, $pos + $len);
$string = substr($string, $pos + $len);
continue;
}
}
if($pos > 0) {
$echo_string .= self::getCode($active);
$echo_string .= substr($string, 0, $pos);
}
if($close == true) {
$last = end($active);
if($key != $last) {
throw new Exception('unbalanced tag: ' . $tag . ' (' . $last . ' expected), ' . var_export($active, true));
}
array_pop($active);
} else {
array_push($active, $key);
}
$string = substr($string, $pos + $len);
}
if($string != '') {
$echo_string .= self::getCode($active);
$echo_string .= $string;
}
$echo_string .= "\e[0m";
return $echo_string;
}
}
\ No newline at end of file
install/lib/install.lib.php
View file @ d204dbb9
...@@ -32,6 +32,8 @@ error_reporting(E_ALL|E_STRICT); ...@@ -32,6 +32,8 @@ error_reporting(E_ALL|E_STRICT);
$FILE = realpath('../install.php'); $FILE = realpath('../install.php');
require_once realpath(dirname(__FILE__)) . '/classes/libbashcolor.inc.php';
//** Get distribution identifier //** Get distribution identifier
//** IMPORTANT! //** IMPORTANT!
// This is the same code as in server/lib/classes/monitor_tools.inc.php // This is the same code as in server/lib/classes/monitor_tools.inc.php
...@@ -90,8 +92,19 @@ function get_distname() { ...@@ -90,8 +92,19 @@ function get_distname() {
$ver = explode(" ", $ver, 2); $ver = explode(" ", $ver, 2);
$ver = reset($ver); $ver = reset($ver);
$mainver = $ver; $mainver = $ver;
$mainver = explode('.', $ver);
$mainver = array_filter($mainver);
$mainver = current($mainver).'.'.next($mainver);
} }
switch ($mainver){ switch ($mainver){
case "18.04":
$relname = "(Bionic Beaver)";
$distconfid = 'ubuntu1804';
break;
case "17.10":
$relname = "(Artful Aardvark)";
$distconfid = 'ubuntu1710';
break;
case "17.04": case "17.04":
$relname = "(Zesty Zapus)"; $relname = "(Zesty Zapus)";
$distconfid = 'ubuntu1604'; $distconfid = 'ubuntu1604';
...@@ -175,6 +188,7 @@ function get_distname() { ...@@ -175,6 +188,7 @@ function get_distname() {
break; break;
default: default:
$relname = "UNKNOWN"; $relname = "UNKNOWN";
$distconfid = 'ubuntu1604';
} }
$distver = $ver.$lts." ".$relname; $distver = $ver.$lts." ".$relname;
swriteln("Operating System: ".$distname.' '.$distver."\n"); swriteln("Operating System: ".$distname.' '.$distver."\n");
...@@ -214,18 +228,19 @@ function get_distname() { ...@@ -214,18 +228,19 @@ function get_distname() {
$distconfid = 'debian90'; $distconfid = 'debian90';
$distid = 'debian60'; $distid = 'debian60';
$distbaseid = 'debian'; $distbaseid = 'debian';
swriteln("Operating System: Debian 9.0 (Stretch) or compatible\n"); swriteln("Operating System: <strong>Debian 9.0 (Stretch)</strong> or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) { } elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) {
$distname = 'Debian'; $distname = 'Debian';
$distver = 'Testing'; $distver = 'Testing';
$distid = 'debian90'; $distid = 'debian60';
$distconfid = 'debiantesting'; $distconfid = 'debiantesting';
$distbaseid = 'debian'; $distbaseid = 'debian';
swriteln("Operating System: Debian Testing\n"); swriteln("Operating System: Debian Testing\n");
} else { } else {
$distname = 'Debian'; $distname = 'Debian';
$distver = 'Unknown'; $distver = 'Unknown';
$distid = 'debian40'; $distid = 'debian60';
$distconfid = 'debian90';
$distbaseid = 'debian'; $distbaseid = 'debian';
swriteln("Operating System: Debian or compatible, unknown version.\n"); swriteln("Operating System: Debian or compatible, unknown version.\n");
} }
...@@ -319,7 +334,7 @@ function get_distname() { ...@@ -319,7 +334,7 @@ function get_distname() {
$distid = 'centos53'; $distid = 'centos53';
$distbaseid = 'fedora'; $distbaseid = 'fedora';
swriteln("Operating System: CentOS 5 or compatible\n"); swriteln("Operating System: CentOS 5 or compatible\n");
} elseif(stristr($content, 'CentOS Linux release 6')) { } elseif(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
$distname = 'CentOS'; $distname = 'CentOS';
$distver = 'Unknown'; $distver = 'Unknown';
$distid = 'centos53'; $distid = 'centos53';
...@@ -379,7 +394,7 @@ function swrite($text = '') { ...@@ -379,7 +394,7 @@ function swrite($text = '') {
} }
function swriteln($text = '') { function swriteln($text = '') {
echo $text."\n"; echo PXBashColor::getString($text, true)."\n";
} }
function ilog($msg){ function ilog($msg){
...@@ -656,6 +671,7 @@ function ini_to_array($ini) { ...@@ -656,6 +671,7 @@ function ini_to_array($ini) {
$section = strtolower($matches[1]); $section = strtolower($matches[1]);
} elseif(preg_match("/^([\w\d_]+)=(.*)$/", $line, $matches) && $section != null) { } elseif(preg_match("/^([\w\d_]+)=(.*)$/", $line, $matches) && $section != null) {
$item = trim($matches[1]); $item = trim($matches[1]);
if(!isset($config[$section])) $config[$section] = array();
$config[$section][$item] = trim($matches[2]); $config[$section][$item] = trim($matches[2]);
} }
} }
...@@ -862,6 +878,28 @@ function is_ispconfig_ssl_enabled() { ...@@ -862,6 +878,28 @@ function is_ispconfig_ssl_enabled() {
} }
} }
/*
* Is anonymization enabled in ispconfig.conf file
*/
function get_logging_state() {
global $conf;
$ispconfig_conf_file = $conf['apache']['vhost_conf_dir'].'/ispconfig.conf';
if(is_file($ispconfig_conf_file)) {
$tmp = file_get_contents($ispconfig_conf_file);
if(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -p -s access.log')) {
return 'anon';
} elseif(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -s access.log')) {
return 'yes';
} else {
return 'no';
}
} else {
return 'yes';
}
}
/** /**
Function to find the hash file for timezone detection Function to find the hash file for timezone detection
(c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de (c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de
......
install/lib/installer_base.lib.php
View file @ d204dbb9
This diff is collapsed.
install/lib/mysql.lib.php
View file @ d204dbb9
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
class db extends mysqli class db
{ {
/**#@+ /**#@+
* @access private * @access private
...@@ -36,6 +36,7 @@ class db extends mysqli ...@@ -36,6 +36,7 @@ class db extends mysqli
private $_iConnId; private $_iConnId;
private $dbHost = ''; // hostname of the MySQL server private $dbHost = ''; // hostname of the MySQL server
private $dbPort = ''; // port of the MySQL server
private $dbName = ''; // logical database name on that server private $dbName = ''; // logical database name on that server
private $dbUser = ''; // database authorized user private $dbUser = ''; // database authorized user
private $dbPass = ''; // user's password private $dbPass = ''; // user's password
...@@ -68,7 +69,8 @@ class db extends mysqli ...@@ -68,7 +69,8 @@ class db extends mysqli
global $conf; global $conf;
if($this->_iConnId) return true; if($this->_iConnId) return true;
$this->dbHost = $conf["mysql"]["host"]; $this->dbHost = $conf['mysql']['host'];
$this->dbPort = $conf['mysql']['port'];
$this->dbName = false;//$conf["mysql"]["database"]; $this->dbName = false;//$conf["mysql"]["database"];
$this->dbUser = $conf["mysql"]["admin_user"]; $this->dbUser = $conf["mysql"]["admin_user"];
$this->dbPass = $conf["mysql"]["admin_password"]; $this->dbPass = $conf["mysql"]["admin_password"];
...@@ -76,13 +78,13 @@ class db extends mysqli ...@@ -76,13 +78,13 @@ class db extends mysqli
$this->dbNewLink = false; $this->dbNewLink = false;
$this->dbClientFlags = null; $this->dbClientFlags = null;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass); $this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
$try = 0; $try = 0;
while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) { while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) {
if($try > 0) sleep(1); if($try > 0) sleep(1);
$try++; $try++;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass); $this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
} }
if(!is_object($this->_iConnId) || mysqli_connect_error()) { if(!is_object($this->_iConnId) || mysqli_connect_error()) {
...@@ -101,11 +103,12 @@ class db extends mysqli ...@@ -101,11 +103,12 @@ class db extends mysqli
$this->dbPort = $port; $this->dbPort = $port;
$this->dbUser = $user; $this->dbUser = $user;
$this->dbPass = $password; $this->dbPass = $password;
$this->dbPort = $port;
} }
public function setDBName($name) { public function setDBName($name) {
$this->dbName = $name; $this->dbName = $name;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', $this->dbPort); $this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) { if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) {
$this->close(); $this->close();
$this->_sqlerror('Datenbank nicht gefunden / Database not found'); $this->_sqlerror('Datenbank nicht gefunden / Database not found');
...@@ -202,7 +205,7 @@ class db extends mysqli ...@@ -202,7 +205,7 @@ class db extends mysqli
$try++; $try++;
$ok = mysqli_ping($this->_iConnId); $ok = mysqli_ping($this->_iConnId);
if(!$ok) { if(!$ok) {
if(!mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName)) { if(!mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort)) {
if($this->errorNumber == '111') { if($this->errorNumber == '111') {
// server is not available // server is not available
if($try > 9) { if($try > 9) {
......
install/lib/update.lib.php
View file @ d204dbb9
...@@ -59,6 +59,8 @@ function prepareDBDump() { ...@@ -59,6 +59,8 @@ function prepareDBDump() {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -c -t --add-drop-table --create-options --quick --result-file=existing_db.sql ".$conf['mysql']['database']); system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -c -t --add-drop-table --create-options --quick --result-file=existing_db.sql ".$conf['mysql']['database']);
} }
chmod('existing_db.sql', 0400);
chown('existing_db.sql', 'root');
/* /*
* If we have a server with nothing in it except VE's then the database of thie server is empty. * If we have a server with nothing in it except VE's then the database of thie server is empty.
...@@ -80,9 +82,9 @@ function prepareDBDump() { ...@@ -80,9 +82,9 @@ function prepareDBDump() {
if ($conf['powerdns']['installed']) { if ($conf['powerdns']['installed']) {
//** export the current PowerDNS database data //** export the current PowerDNS database data
if( !empty($conf["mysql"]["admin_password"]) ) { if( !empty($conf["mysql"]["admin_password"]) ) {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']); system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
} else { } else {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']); system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -P ".escapeshellarg($conf['mysql']['port'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
} }
// create a backup copy of the PowerDNS database in the root folder // create a backup copy of the PowerDNS database in the root folder
...@@ -101,7 +103,7 @@ function checkDbHealth() { ...@@ -101,7 +103,7 @@ function checkDbHealth() {
$notok = array(); $notok = array();
echo "Checking ISPConfig database .. "; echo "Checking ISPConfig database .. ";
exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -r ".escapeshellarg($conf["mysql"]["database"]), $result); exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." -r ".escapeshellarg($conf["mysql"]["database"]), $result);
for( $i=0; $i<sizeof($result);$i++) { for( $i=0; $i<sizeof($result);$i++) {
if ( substr($result[$i], -2) != "OK" ) { if ( substr($result[$i], -2) != "OK" ) {
$notok[] = $result[$i]; $notok[] = $result[$i];
...@@ -123,8 +125,22 @@ function checkDbHealth() { ...@@ -123,8 +125,22 @@ function checkDbHealth() {
function updateDbAndIni() { function updateDbAndIni() {
global $inst, $conf; global $inst, $conf;
//* ensure no modes with errors for ENGINE=MyISAM //* check sql-mode
$inst->db->query("SET sql_mode = ''"); /*
$check_sql_mode = $inst->db->queryOneRecord("SELECT @@sql_mode");
if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') {
echo "Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION. Add\n\n";
echo " sql-mode=\"NO_ENGINE_SUBSTITUTION\"\n\n";
echo"to the mysqld-section in your mysql-config on this server and restart mysqld afterwards\n";
die();
}*/
$unwanted_sql_plugins = array('validate_password');
$sql_plugins = $inst->db->queryAllRecords("SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN ?", $unwanted_sql_plugins);
if(is_array($sql_plugins) && !empty($sql_plugins)) {
foreach ($sql_plugins as $plugin) echo "Login in to MySQL and disable $plugin[plugin_name] with:\n\n UNINSTALL PLUGIN $plugin[plugin_name];";
die();
}
//* Update $conf array with values from the server.ini that shall be preserved //* Update $conf array with values from the server.ini that shall be preserved
$tmp = $inst->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']); $tmp = $inst->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
...@@ -194,9 +210,9 @@ function updateDbAndIni() { ...@@ -194,9 +210,9 @@ function updateDbAndIni() {
//* Load patch file into database //* Load patch file into database
if( !empty($conf["mysql"]["admin_password"]) ) { if( !empty($conf["mysql"]["admin_password"]) ) {
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename; $cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
} else { } else {
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename; $cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -P ".escapeshellarg($conf['mysql']['port'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
} }
if(in_array($next_db_version,explode(',',$silent_update_versions))) { if(in_array($next_db_version,explode(',',$silent_update_versions))) {
...@@ -336,6 +352,8 @@ function updateDbAndIni() { ...@@ -336,6 +352,8 @@ function updateDbAndIni() {
$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port']; $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir']; $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
$tpl_ini_array['xmpp']['xmpp_daemon'] = ($conf['metronome']['installed'] == true)?'metronome':'prosody';
if ($conf['nginx']['installed'] == true) { if ($conf['nginx']['installed'] == true) {
$tpl_ini_array['web']['server_type'] = 'nginx'; $tpl_ini_array['web']['server_type'] = 'nginx';
$tpl_ini_array['global']['webserver'] = 'nginx'; $tpl_ini_array['global']['webserver'] = 'nginx';
......
install/patches/upd_0085.php 0 → 100644
View file @ d204dbb9
<?php
if(!defined('INSTALLER_RUN')) die('Patch update file access violation.');
/*
Example installer patch update class. the classname must match
the php and the sql patch update filename. The php patches are
only executed when a corresponding sql patch exists.
*/
class upd_0085 extends installer_patch_update {
public function onAfterSQL() {
global $inst, $conf;
$cron_files = $conf['cron']['crontab_dir'] . '/ispc_*';
$check_suffix = '';
if (file_exists('/etc/gentoo-release')) {
$cron_files .= '.cron';
$check_suffix = '.cron';
}
$file_list = glob($cron_files);
if(is_array($file_list) && !empty($file_list)) {
for($f = 0; $f < count($file_list); $f++) {
$cron_file = $file_list[$f];
$fp = fopen($cron_file, 'r');
while($fp && !feof($fp)) {
$line = trim(fgets($fp));
if($line == '') continue;
elseif(substr($line, 0, 1) === '#') continue; // commented out
$fields = preg_split('/\s+/', $line);
if(trim($fields[0]) == '') {
// invalid line
swriteln($inst->lng('[INFO] Invalid cron line in file ' . $cron_file));
} elseif(preg_match('/^\w+=/', $line)) {
if(preg_match('/\s/', $line)) {
// warning line with env var and space!
swriteln($inst->lng("\n" . '[WARNING] Cron line in file ' . $cron_file . ' contains environment variable.' . "\n"));
}
} elseif(!isset($fields[5])) {
// invalid line (missing user)
swriteln($inst->lng("\n" . '[WARNING] Cron line in file ' . $cron_file . ' misses user field.' . "\n"));
} else {
$check_filename = trim($fields[5]) . $check_suffix;
if(substr($cron_file, -strlen($check_filename)) != $check_filename) {
// warning user not equal to file name
swriteln($inst->lng("\n" . '[WARNING] SUSPECT USER IN CRON FILE ' . $cron_file . '! CHECK CRON FILE FOR MALICIOUS ENTRIES!' . "\n"));
}
}
}
fclose($fp);
}
}
}
}
?>
install/patches/upd_0086.php 0 → 100644
View file @ d204dbb9
<?php
if(!defined('INSTALLER_RUN')) die('Patch update file access violation.');
/*
Example installer patch update class. the classname must match
the php and the sql patch update filename. The php patches are
only executed when a corresponding sql patch exists.
*/
class upd_0086 extends installer_patch_update {
public function onAfterSQL() {
global $inst;
// delete all the files that were deleted on previous updates
$delete = array(
'interface/web/js/mail_domain_dkim.js',
'interface/web/mail/mail_domain_dkim_create.php'
);
$curpath = dirname(dirname(realpath(dirname(__FILE__))));
$c = 0;
$del_all = false;
foreach($delete as $file) {
if(strpos($file, '..') !== false) continue; // security!
if($del_all == false) {
$answer = $inst->simple_query('Delete obsolete file ' . $file . '?', array('y', 'n', 'a', 'all', 'none'), 'y');
if($answer == 'n') continue;
elseif($answer == 'a' || $answer == 'all') $del_all = true;
elseif($answer == 'none') break;
}
if(@is_file('/usr/local/ispconfig/' . $file) && !@is_file($curpath . '/' . $file)) {
// be sure this is not a file contained in installation!
@unlink('/usr/local/ispconfig/' . $file);
ilog('Deleted obsolete file /usr/local/ispconfig/' . $file);
$c++;
}
}
ilog($c . 'obsolete files deleted.');
}
}
?>
install/sql/incremental/upd_0085.sql 0 → 100644
View file @ d204dbb9
ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' AFTER `https_port`;
ALTER TABLE `web_domain` CHANGE `stats_type` `stats_type` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT 'awstats';
ALTER TABLE `spamfilter_policy`
CHANGE `virus_lover` `virus_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_lover` `spam_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `banned_files_lover` `banned_files_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bad_header_lover` `bad_header_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_virus_checks` `bypass_virus_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_spam_checks` `bypass_spam_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_banned_checks` `bypass_banned_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_header_checks` `bypass_header_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_modifies_subj` `spam_modifies_subj` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnvirusrecip` `warnvirusrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbannedrecip` `warnbannedrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbadhrecip` `warnbadhrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N';
ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL;
ALTER TABLE `web_database` CHANGE `database_quota` `database_quota` INT(11) NULL DEFAULT NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' ;
ALTER TABLE spamfilter_policy CHANGE spam_tag_level spam_tag_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_tag2_level spam_tag2_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_kill_level spam_kill_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_dsn_cutoff_level spam_dsn_cutoff_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_quarantine_cutoff_level spam_quarantine_cutoff_level DECIMAL(5,2) NULL DEFAULT NULL;
UPDATE `web_database` as d LEFT JOIN `web_domain` as w ON (w.domain_id = d.parent_domain_id) SET d.parent_domain_id = 0 WHERE w.domain_id IS NULL AND d.parent_domain_id != 0 AND (SELECT EXISTS(SELECT * FROM web_domain));
\ No newline at end of file
install/sql/incremental/upd_0086.sql 0 → 100644
View file @ d204dbb9
ALTER TABLE `web_domain` ADD COLUMN `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n' AFTER `ssl_letsencrypt`;
ALTER TABLE `remote_user` ADD `remote_access` ENUM('y','n') NOT NULL DEFAULT 'y' AFTER `remote_password`;
ALTER TABLE `remote_user` ADD `remote_ips` TEXT AFTER `remote_access`;
ALTER TABLE `server_php` ADD `active` enum('y','n') NOT NULL DEFAULT 'y' AFTER `php_fpm_pool_dir`;
ALTER TABLE `web_domain` CHANGE `log_retention` `log_retention` INT(11) NOT NULL DEFAULT '10';
\ No newline at end of file
install/sql/incremental/upd_dev_collection.sql
View file @ d204dbb9
...@@ -12,22 +12,6 @@ ALTER TABLE `mail_mailinglist` ADD `posting_policy` enum('closed','moderated','f ...@@ -12,22 +12,6 @@ ALTER TABLE `mail_mailinglist` ADD `posting_policy` enum('closed','moderated','f
ALTER TABLE `sys_user` ADD `last_login_ip` VARCHAR(50) NULL AFTER `lost_password_reqtime`; ALTER TABLE `sys_user` ADD `last_login_ip` VARCHAR(50) NULL AFTER `lost_password_reqtime`;
ALTER TABLE `sys_user` ADD `last_login_at` BIGINT(20) NULL AFTER `last_login_ip`; ALTER TABLE `sys_user` ADD `last_login_at` BIGINT(20) NULL AFTER `last_login_ip`;
ALTER TABLE `sys_remoteaction` CHANGE `action_state` `action_state` ENUM('pending','processing','ok','warning','error') NOT NULL DEFAULT 'pending'; ALTER TABLE `sys_remoteaction` CHANGE `action_state` `action_state` ENUM('pending','processing','ok','warning','error') NOT NULL DEFAULT 'pending';
ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' AFTER `https_port`;
ALTER TABLE `web_domain` CHANGE `stats_type` `stats_type` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT 'awstats';
ALTER TABLE `spamfilter_policy`
CHANGE `virus_lover` `virus_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_lover` `spam_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `banned_files_lover` `banned_files_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bad_header_lover` `bad_header_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_virus_checks` `bypass_virus_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_spam_checks` `bypass_spam_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_banned_checks` `bypass_banned_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_header_checks` `bypass_header_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_modifies_subj` `spam_modifies_subj` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnvirusrecip` `warnvirusrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbannedrecip` `warnbannedrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbadhrecip` `warnbadhrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N';
CREATE TABLE IF NOT EXISTS `dns_ssl_ca` ( CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
...@@ -42,21 +26,81 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` ( ...@@ -42,21 +26,81 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N', `ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL, `ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0', `ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES ALTER TABLE `dns_ssl_ca` ADD UNIQUE(`ca_issue`);
UPDATE `dns_ssl_ca` SET `ca_issue` = 'comodo.com' WHERE `ca_issue` = 'comodoca.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'geotrust.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'thawte.com';
UPDATE `dns_ssl_ca` SET `ca_name` = 'Symantec / Thawte / GeoTrust' WHERE `ca_issue` = 'symantec.com';
INSERT IGNORE INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GeoTrust (Symantec)', 'geotrust.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'N', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec', 'symantec.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Thawte (Symantec)', 'thawte.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0); (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
ALTER TABLE `dns_rr` CHANGE `type` `type` ENUM('A','AAAA','ALIAS','CAA','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL; ALTER TABLE `dns_rr` CHANGE `type` `type` ENUM('A','AAAA','ALIAS','CAA','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;
ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL; ALTER TABLE `web_domain` ADD COLUMN `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n' AFTER `ssl_letsencrypt`;
ALTER TABLE `web_database` CHANGE `database_quota` `database_quota` INT(11) NULL DEFAULT NULL; ALTER TABLE `remote_user` ADD `remote_access` ENUM('y','n') NOT NULL DEFAULT 'y' AFTER `remote_password`;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' ; ALTER TABLE `remote_user` ADD `remote_ips` TEXT AFTER `remote_access`;
ALTER TABLE `web_domain` ADD `php_fpm_chroot` enum('n','y') NOT NULL DEFAULT 'n' AFTER `php_fpm_use_socket`;
ALTER TABLE `client_template`
ADD COLUMN `limit_xmpp_webpresence` ENUM( 'n', 'y' ) NOT NULL default 'y',
ADD COLUMN `limit_xmpp_http_upload` ENUM( 'n', 'y' ) NOT NULL default 'n';
ALTER TABLE `client`
ADD COLUMN `limit_xmpp_webpresence` ENUM( 'n', 'y' ) NOT NULL default 'y',
ADD COLUMN `limit_xmpp_http_upload` ENUM( 'n', 'y' ) NOT NULL default 'n';
ALTER TABLE `xmpp_domain`
ADD COLUMN `use_webpresence` enum('n','y') NOT NULL DEFAULT 'y',
ADD COLUMN `use_http_upload` enum('n','y') NOT NULL DEFAULT 'n';
install/sql/ispconfig3.sql
View file @ d204dbb9
...@@ -519,18 +519,57 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` ( ...@@ -519,18 +519,57 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N', `ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL, `ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0', `ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`) PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodo.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GeoTrust (Symantec)', 'geotrust.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'N', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec', 'symantec.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Thawte (Symantec)', 'thawte.com', 'Y', '', 0), (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0); (NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
...@@ -1291,6 +1330,8 @@ CREATE TABLE `remote_user` ( ...@@ -1291,6 +1330,8 @@ CREATE TABLE `remote_user` (
`sys_perm_other` varchar(5) default NULL, `sys_perm_other` varchar(5) default NULL,
`remote_username` varchar(64) NOT NULL DEFAULT '', `remote_username` varchar(64) NOT NULL DEFAULT '',
`remote_password` varchar(64) NOT NULL DEFAULT '', `remote_password` varchar(64) NOT NULL DEFAULT '',
`remote_access` enum('y','n') NOT NULL DEFAULT 'y',
`remote_ips` TEXT,
`remote_functions` text, `remote_functions` text,
PRIMARY KEY (`remote_userid`) PRIMARY KEY (`remote_userid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
...@@ -1389,6 +1430,7 @@ CREATE TABLE `server_php` ( ...@@ -1389,6 +1430,7 @@ CREATE TABLE `server_php` (
`php_fpm_init_script` varchar(255) DEFAULT NULL, `php_fpm_init_script` varchar(255) DEFAULT NULL,
`php_fpm_ini_dir` varchar(255) DEFAULT NULL, `php_fpm_ini_dir` varchar(255) DEFAULT NULL,
`php_fpm_pool_dir` varchar(255) DEFAULT NULL, `php_fpm_pool_dir` varchar(255) DEFAULT NULL,
`active` enum('n','y') NOT NULL DEFAULT 'y',
PRIMARY KEY (`server_php_id`) PRIMARY KEY (`server_php_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
...@@ -1532,11 +1574,11 @@ CREATE TABLE `spamfilter_policy` ( ...@@ -1532,11 +1574,11 @@ CREATE TABLE `spamfilter_policy` (
`bad_header_quarantine_to` varchar(255) default NULL, `bad_header_quarantine_to` varchar(255) default NULL,
`clean_quarantine_to` varchar(255) default NULL, `clean_quarantine_to` varchar(255) default NULL,
`other_quarantine_to` varchar(255) default NULL, `other_quarantine_to` varchar(255) default NULL,
`spam_tag_level` float default NULL, `spam_tag_level` DECIMAL(5,2) default NULL,
`spam_tag2_level` float default NULL, `spam_tag2_level` DECIMAL(5,2) default NULL,
`spam_kill_level` float default NULL, `spam_kill_level` DECIMAL(5,2) default NULL,
`spam_dsn_cutoff_level` float default NULL, `spam_dsn_cutoff_level` DECIMAL(5,2) default NULL,
`spam_quarantine_cutoff_level` float default NULL, `spam_quarantine_cutoff_level` DECIMAL(5,2) default NULL,
`addr_extension_virus` varchar(64) default NULL, `addr_extension_virus` varchar(64) default NULL,
`addr_extension_spam` varchar(64) default NULL, `addr_extension_spam` varchar(64) default NULL,
`addr_extension_banned` varchar(64) default NULL, `addr_extension_banned` varchar(64) default NULL,
...@@ -1990,6 +2032,7 @@ CREATE TABLE `web_domain` ( ...@@ -1990,6 +2032,7 @@ CREATE TABLE `web_domain` (
`rewrite_to_https` ENUM('y','n') NOT NULL DEFAULT 'n', `rewrite_to_https` ENUM('y','n') NOT NULL DEFAULT 'n',
`ssl` enum('n','y') NOT NULL default 'n', `ssl` enum('n','y') NOT NULL default 'n',
`ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n', `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n',
`ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n',
`ssl_state` varchar(255) NULL, `ssl_state` varchar(255) NULL,
`ssl_locality` varchar(255) NULL, `ssl_locality` varchar(255) NULL,
`ssl_organisation` varchar(255) NULL, `ssl_organisation` varchar(255) NULL,
...@@ -2007,6 +2050,7 @@ CREATE TABLE `web_domain` ( ...@@ -2007,6 +2050,7 @@ CREATE TABLE `web_domain` (
`apache_directives` mediumtext, `apache_directives` mediumtext,
`nginx_directives` mediumtext, `nginx_directives` mediumtext,
`php_fpm_use_socket` ENUM('n','y') NOT NULL DEFAULT 'y', `php_fpm_use_socket` ENUM('n','y') NOT NULL DEFAULT 'y',
`php_fpm_chroot` ENUM('n','y') NOT NULL DEFAULT 'n',
`pm` enum('static','dynamic','ondemand') NOT NULL DEFAULT 'dynamic', `pm` enum('static','dynamic','ondemand') NOT NULL DEFAULT 'dynamic',
`pm_max_children` int(11) NOT NULL DEFAULT '10', `pm_max_children` int(11) NOT NULL DEFAULT '10',
`pm_start_servers` int(11) NOT NULL DEFAULT '2', `pm_start_servers` int(11) NOT NULL DEFAULT '2',
...@@ -2033,7 +2077,7 @@ CREATE TABLE `web_domain` ( ...@@ -2033,7 +2077,7 @@ CREATE TABLE `web_domain` (
`http_port` int(11) unsigned NOT NULL DEFAULT '80', `http_port` int(11) unsigned NOT NULL DEFAULT '80',
`https_port` int(11) unsigned NOT NULL DEFAULT '443', `https_port` int(11) unsigned NOT NULL DEFAULT '443',
`folder_directive_snippets` text, `folder_directive_snippets` text,
`log_retention` int(11) NOT NULL DEFAULT '30', `log_retention` int(11) NOT NULL DEFAULT '10',
PRIMARY KEY (`domain_id`), PRIMARY KEY (`domain_id`),
UNIQUE KEY `serverdomain` ( `server_id` , `ip_address`, `domain` ) UNIQUE KEY `serverdomain` ( `server_id` , `ip_address`, `domain` )
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......
install/tpl/apache_apps.vhost.master
View file @ d204dbb9
...@@ -34,6 +34,21 @@ ...@@ -34,6 +34,21 @@
</Directory> </Directory>
</IfModule> </IfModule>
<IfModule mod_php7.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
AddType application/x-httpd-php .php
<Directory {tmpl_var name='apps_vhost_dir'}>
Options FollowSymLinks
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_fcgid.c> <IfModule mod_fcgid.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'} DocumentRoot {tmpl_var name='apps_vhost_dir'}
SuexecUserGroup ispapps ispapps SuexecUserGroup ispapps ispapps
......
install/tpl/apache_ispconfig.conf.master
View file @ d204dbb9
...@@ -18,8 +18,12 @@ SSLStaplingCache shmcb:/var/run/ocsp(128000) ...@@ -18,8 +18,12 @@ SSLStaplingCache shmcb:/var/run/ocsp(128000)
LogFormat '%v %h %l %u %t "%r" %>s %S "%{Referer}i" "%{User-Agent}i"' combined_ispconfig LogFormat '%v %h %l %u %t "%r" %>s %S "%{Referer}i" "%{User-Agent}i"' combined_ispconfig
<tmpl_else> <tmpl_else>
LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
<tmpl_if name='logging' op='==' value='anon'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if> </tmpl_if>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig
<Directory /var/www/clients> <Directory /var/www/clients>
AllowOverride None AllowOverride None
...@@ -129,9 +133,7 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m ...@@ -129,9 +133,7 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
</tmpl_if> </tmpl_if>
</Directory> </Directory>
<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
Alias /awstats-icon "/usr/share/awstats/icon" Alias /awstats-icon "/usr/share/awstats/icon"
</tmpl_if>
Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
<Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge> <Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge>
......
install/tpl/apache_ispconfig.vhost.master
View file @ d204dbb9
...@@ -8,6 +8,9 @@ ...@@ -8,6 +8,9 @@
<VirtualHost _default_:<tmpl_var name="vhost_port">> <VirtualHost _default_:<tmpl_var name="vhost_port">>
ServerAdmin webmaster@localhost ServerAdmin webmaster@localhost
<tmpl_if name='http2_module' op='==' value='true'>
Protocols h2 h2c http/1.1
</tmpl_if>
<Directory /var/www/ispconfig/> <Directory /var/www/ispconfig/>
<FilesMatch "\.ph(p3?|tml)$"> <FilesMatch "\.ph(p3?|tml)$">
......