Skip to content
Expand all Hide whitespace changes
Inline Side-by-side
install/dist/lib/debian60.lib.php
View file @ d204dbb9
......@@ -61,7 +61,7 @@ class installer extends installer_base {
}
//* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($config_dir.'/master.cf', $deliver_content);
unset($content);
unset($deliver_content);
......@@ -109,6 +109,13 @@ class installer extends installer_base {
if(version_compare($dovecot_version,2.1) < 0) {
removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
}
if(version_compare($dovecot_version,2.2) >= 0) {
// Dovecot > 2.2 does not recognize !SSLv2 anymore on Debian 9
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('!SSLv2','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
}
} else {
if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master')) {
copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian6_dovecot.conf.master', $config_dir.'/'.$configfile);
......
install/dist/lib/fedora.lib.php
View file @ d204dbb9
......@@ -103,17 +103,17 @@ class installer_dist extends installer_base {
$this->process_postfix_config('mysql-virtual_uids.cf');
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
$full_file_name=$config_dir.'/tag_as_foreign.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
$filename='tag_as_originating.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
$filename='tag_as_foreign.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
//* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
......@@ -394,7 +394,7 @@ class installer_dist extends installer_base {
}
//* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
unset($content);
unset($deliver_content);
......@@ -443,6 +443,13 @@ class installer_dist extends installer_base {
if(version_compare($dovecot_version,2.1) < 0) {
removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
}
if(version_compare($dovecot_version,2.2) >= 0) {
// Dovecot > 2.2 does not recognize !SSLv2 anymore on Debian 9
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('!SSLv2','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
}
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
} else {
......@@ -502,13 +509,21 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir'], $content);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(!is_file($conf['amavis']['config_dir'].'/60-dkim')) {
touch($conf['amavis']['config_dir'].'/60-dkim');
chmod($conf['amavis']['config_dir'].'/60-dkim', 0640);
}
// for CentOS 7.2 only
if($dist['confid'] == 'centos72') {
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0750);
chgrp($conf['amavis']['config_dir'].'/amavisd.conf', 'amavis');
chmod($conf['amavis']['config_dir'].'/60-dkim', 0750);
chgrp($conf['amavis']['config_dir'].'/60-dkim', 'amavis');
}
......@@ -707,6 +722,12 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
......@@ -791,6 +812,17 @@ class installer_dist extends installer_base {
//* add a sshusers group
$command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
// add anonymized log option to nginxx.conf file
$nginx_conf_file = $conf['nginx']['config_dir'].'/nginx.conf';
if(is_file($nginx_conf_file)) {
$tmp = file_get_contents($nginx_conf_file);
if(!stristr($tmp, 'log_format anonymized')) {
copy($nginx_conf_file,$nginx_conf_file.'~');
replaceLine($nginx_conf_file, 'http {', "http {\n\n".file_get_contents('tpl/nginx_anonlog.master'), 0, 0);
}
}
}
public function configure_bastille_firewall()
......@@ -1068,6 +1100,8 @@ class installer_dist extends installer_base {
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang");
......@@ -1141,6 +1175,11 @@ class installer_dist extends installer_base {
$command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
......
install/dist/lib/gentoo.lib.php
View file @ d204dbb9
......@@ -212,17 +212,17 @@ class installer extends installer_base
}
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
$this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
$full_file_name=$config_dir.'/tag_as_foreign.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
$this->write_config_file($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
$filename='tag_as_originating.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
$filename='tag_as_foreign.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
//* Chmod and chown the .mailfilter file
$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
......@@ -303,7 +303,7 @@ class installer extends installer_base
}
//* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($config_dir.'/master.cf', $deliver_content);
unset($content);
unset($deliver_content);
......@@ -345,6 +345,7 @@ class installer extends installer_base
if(version_compare($dovecot_version,2, '>=')) {
$content = str_replace('# iterate_query', 'iterate_query', $content);
}
$content = str_replace('{server_id}', $conf['server_id'], $content);
$this->write_config_file($configfile, $content);
}
......@@ -602,6 +603,12 @@ class installer extends installer_base
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
......@@ -996,7 +1003,9 @@ class installer extends installer_base
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang");
......@@ -1076,6 +1085,11 @@ class installer extends installer_base
$command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel
$content = $this->get_template_file("apache_ispconfig.vhost", true);
......
install/dist/lib/opensuse.lib.php
View file @ d204dbb9
......@@ -100,17 +100,17 @@ class installer_dist extends installer_base {
$this->process_postfix_config('mysql-virtual_uids.cf');
//* postfix-dkim
$full_file_name=$config_dir.'/tag_as_originating.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
$full_file_name=$config_dir.'/tag_as_foreign.re';
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
$filename='tag_as_originating.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
$filename='tag_as_foreign.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
//* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
......@@ -404,7 +404,7 @@ class installer_dist extends installer_base {
}
//* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} -a ${original_recipient}'."\n";
af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
unset($content);
unset($deliver_content);
......@@ -507,6 +507,7 @@ class installer_dist extends installer_base {
$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{hostname}', $conf['hostname'], $content);
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir']);
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
......@@ -690,6 +691,12 @@ class installer_dist extends installer_base {
$tpl = new tpl('apache_ispconfig.conf.master');
$tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
$ip_addresses = array();
......@@ -816,6 +823,16 @@ class installer_dist extends installer_base {
//* add a sshusers group
$command = 'groupadd sshusers';
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
// add anonymized log option to nginxx.conf file
$nginx_conf_file = $conf['nginx']['config_dir'].'/nginx.conf';
if(is_file($nginx_conf_file)) {
$tmp = file_get_contents($nginx_conf_file);
if(!stristr($tmp, 'log_format anonymized')) {
copy($nginx_conf_file,$nginx_conf_file.'~');
replaceLine($nginx_conf_file, 'http {', "http {\n\n".file_get_contents('tpl/nginx_anonlog.master'), 0, 0);
}
}
}
public function configure_bastille_firewall()
......@@ -1093,7 +1110,9 @@ class installer_dist extends installer_base {
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make the global language file directory group writable
exec("chmod -R 770 $install_dir/interface/lib/lang");
......@@ -1169,6 +1188,11 @@ class installer_dist extends installer_base {
$command = "chmod +x $install_dir/server/scripts/*.sh";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if ($this->install_ispconfig_interface == true && isset($conf['interface_password']) && $conf['interface_password']!='admin') {
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
$this->db->query($sql, $conf['interface_password']);
}
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
......
install/dist/tpl/gentoo/amavisd-ispconfig.conf.master
View file @ d204dbb9
......@@ -55,7 +55,7 @@ $sql_select_policy =
$sql_select_white_black_list = 'SELECT wb FROM spamfilter_wblist'.
' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k))' .
' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k)) AND (spamfilter_wblist.active="y")' .
' ORDER BY spamfilter_wblist.priority DESC';
#
......@@ -112,9 +112,10 @@ $policy_bank{'ORIGINATING'} = {
# Allow SMTP access from IPs in @inet_acl to amvisd SMTP Port
@inet_acl = qw( 127.0.0.1 [::1] 192.168.0.0/16 );
$signed_header_fields{'received'} = 0; # turn off signing of Received
# DKIM
$enable_dkim_verification = 1;
$enable_dkim_signing = 1;
$enable_dkim_signing = 1; # load DKIM signing code
$signed_header_fields{'received'} = 0; # turn off signing of Received
@dkim_signature_options_bysender_maps = (
{ '.' => { ttl => 21*24*3600, c => 'relaxed/simple' } } );
......
install/install.php
View file @ d204dbb9
......@@ -57,19 +57,21 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
error_reporting(E_ALL|E_STRICT);
require_once realpath(dirname(__FILE__)) . '/lib/classes/libbashcolor.inc.php';
define('INSTALLER_RUN', true);
//** The banner on the command line
echo "\n\n".str_repeat('-', 80)."\n";
echo " _____ ___________ _____ __ _ ____
|_ _/ ___| ___ \ / __ \ / _(_) /__ \
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ /
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/
echo PXBashColor::getString( "<darkgrey>
<strong> _____ ___________</strong> _____ __ _ ____
<strong>|_ _/ ___| ___ \</strong> / __ \ / _(_) /__ \
<strong> | | \ `--.| |_/ /</strong> | / \/ ___ _ __ | |_ _ __ _ _/ /
<strong> | | `--. \ __/</strong> | | / _ \| '_ \| _| |/ _` | |_ |
<strong> _| |_/\__/ / | </strong> | \__/\ (_) | | | | | | | (_| | ___\ \
<strong> \___/\____/\_| </strong> \____/\___/|_| |_|_| |_|\__, | \____/
__/ |
|___/ ";
|___/ </darkgrey>");
echo "\n".str_repeat('-', 80)."\n";
echo "\n\n>> Initial configuration \n\n";
......@@ -97,6 +99,9 @@ require_once 'lib/classes/tpl.inc.php';
die('We will stop here. There is already a ISPConfig installation, use the update script to update this installation.');
}*/
// Patch is required to reapir latest amavis versions
if(is_installed('amavisd-new') && !is_installed('patch')) die('The patch command is missing. Install patch command and start installation again.');
//** Get distribution identifier
$dist = get_distname();
......@@ -114,7 +119,11 @@ if(isset($cmd_opt['autoinstall']) && is_file($cmd_opt['autoinstall'])) {
if($path_parts['extension'] == 'php') {
include_once $cmd_opt['autoinstall'];
} elseif($path_parts['extension'] == 'ini') {
$tmp = ini_to_array(file_get_contents($cmd_opt['autoinstall']));
if(is_file('autoinstall.ini')) {
$tmp = ini_to_array(file_get_contents('autoinstall.ini'));
} else {
$tmp = ini_to_array(file_get_contents($cmd_opt['autoinstall']));
}
if(!is_array($tmp['install'])) $tmp['install'] = array();
if(!is_array($tmp['ssl_cert'])) $tmp['ssl_cert'] = array();
if(!is_array($tmp['expert'])) $tmp['expert'] = array();
......@@ -144,12 +153,12 @@ $retval=shell_exec("which which");
if (empty($retval)) die ("ISPConfig requieres which \n");
swriteln($inst->lng(' Following will be a few questions for primary configuration so be careful.'));
swriteln($inst->lng(' Default values are in [brackets] and can be accepted with <ENTER>.'));
swriteln($inst->lng(' Tap in "quit" (without the quotes) to stop the installer.'."\n\n"));
swriteln($inst->lng(' Default values are in <strong>[brackets]</strong> and can be accepted with <em><ENTER></em>.'));
swriteln($inst->lng(' Tap in "<em>quit</em>" (without the quotes) to stop the installer.'."\n\n"));
//** Check log file is writable (probably not root or sudo)
if(!is_writable(dirname(ISPC_LOG_FILE))){
die("ERROR: Cannot write to the ".dirname(ISPC_LOG_FILE)." directory. Are you root or sudo ?\n\n");
die(PXBashColor::getString("<strong><red>[ERROR]</red></strong> Cannot write to the ".dirname(ISPC_LOG_FILE)." directory. Are you root or sudo ?\n\n"));
}
if(is_dir('/root/ispconfig') || is_dir('/home/admispconfig')) {
......@@ -441,6 +450,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure DNS
}
if($install_mode == 'expert') swriteln('The Web Server option has to be enabled when you want run a web server or when this node shall host the ISPConfig interface.');
if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Web Server', array('y', 'n'), 'y','configure_webserver')) == 'y') {
//* Configure Apache
if($conf['apache']['installed']){
......@@ -510,12 +520,20 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Fire
}
}
//* Configure XMPP
$force = @($conf['xmpp']['installed']) ? true : $inst->force_configure_app('Metronome XMPP Server', ($install_mode == 'expert'));
if($force) {
swriteln('Configuring Metronome XMPP Server');
$inst->configure_xmpp();
$conf['services']['xmpp'] = true;
if($install_mode == 'standard' || strtolower($inst->simple_query('Configure XMPP Server', array('y', 'n') , 'y','configure_xmpp') ) == 'y') {
//* Configure XMPP Metronome
if ($conf['metronome']['installed']) {
swriteln('Configuring Metronome XMPP Server');
$inst->configure_metronome();
$conf['services']['xmpp'] = true;
}
//* Configure XMPP Prosody
if ($conf['prosody']['installed']) {
swriteln('Configuring Prosody XMPP Server');
$inst->configure_prosody();
$conf['services']['xmpp'] = true;
}
}
//* Configure Fail2ban
......@@ -552,8 +570,9 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon
//** Customise the port ISPConfig runs on
$ispconfig_vhost_port = $inst->free_query('ISPConfig Port', '8080','ispconfig_port');
$conf['interface_password'] = $inst->free_query('Admin password', 'admin','ispconfig_admin_password');
if(!AUTOINSTALL && $conf['interface_password'] != 'admin') {
$temp_admin_password = str_shuffle(bin2hex(openssl_random_pseudo_bytes(4)));
$conf['interface_password'] = $inst->free_query('Admin password', $temp_admin_password, 'ispconfig_admin_password');
if($conf['interface_password'] != $temp_admin_password) {
$check = false;
do {
unset($temp_password);
......@@ -564,6 +583,7 @@ if($install_mode == 'standard' || strtolower($inst->simple_query('Install ISPCon
}
unset($check);
unset($temp_password);
unset($temp_admin_password);
if($conf['apache']['installed'] == true) $conf['apache']['vhost_port'] = $ispconfig_vhost_port;
if($conf['nginx']['installed'] == true) $conf['nginx']['vhost_port'] = $ispconfig_vhost_port;
unset($ispconfig_vhost_port);
......@@ -621,7 +641,7 @@ if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') sys
//if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null');
if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
if($conf['metronome']['installed'] == true && $conf['metronome']['init_script'] != '') system($inst->getinitcommand($conf['metronome']['init_script'], 'restart').' &> /dev/null');
//* test tRNG
if($conf['tRNG']) tRNG();
......
install/lib/classes/libbashcolor.inc.php 0 → 100644
View file @ d204dbb9
<?php
/*
(c) 2017 by Marius Burkard, pixcept KG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
abstract class PXBashColor {
private static $markers = array(
'black' => 30,
'red' => 31,
'green' => 32,
'yellow' => 33,
'blue' => 34,
'magenta' => 35,
'cyan' => 36,
'lightgrey' => 37,
'default' => 39,
'darkgrey' => 90,
'lightred' => 91,
'lightgreen' => 92,
'lightyellow' => 93,
'lightblue' => 94,
'lightmagenta' => 95,
'lightcyan' => 96,
'white' => 97,
'bg:black' => 40,
'bg:red' => 41,
'bg:green' => 42,
'bg:yellow' => 43,
'bg:blue' => 44,
'bg:magenta' => 45,
'bg:cyan' => 46,
'bg:lightgrey' => 47,
'bg:default' => 49,
'bg:darkgrey' => 100,
'bg:lightred' => 101,
'bg:lightgreen' => 102,
'bg:lightyellow' => 103,
'bg:lightblue' => 104,
'bg:lightmagenta' => 105,
'bg:lightcyan' => 106,
'bg:white' => 107,
'bold' => 1,
'dim' => 2,
'italic' => 3,
'underlined' => 4,
'blink' => 5,
'invert' => 7,
'hidden' => 8
);
private static function getCode($active) {
$code = "\033[0;";
if(count($active) > 0) {
$tmp = array();
for($i = 0; $i < count($active); $i++) {
$tmp[] = self::$markers[$active[$i]];
}
sort($tmp);
$code .= implode(';', $tmp);
unset($tmp);
} else {
$code .= "0";
}
$code .= "m";
return $code;
}
public static function getString($string, $ignore_unknown_tags = false) {
$active = array();
$echo_string = "";
while(preg_match('/<(\/?(?:bg:)?\w+)>/i', $string, $match, PREG_OFFSET_CAPTURE)) {
$pos = $match[0][1];
$tag = $match[1][0];
$len = strlen($match[0][0]);
$close = false;
if(substr($tag, 0, 1) == '/') {
$close = true;
$tag = substr($tag, 1);
}
$key = $tag;
if($key == 'strong' || $key == 'b') $key = 'bold';
elseif($key == 'em' || $key == 'i') $key = 'italic';
elseif($key == 'u') $key = 'underlined';
elseif($key == 'inv') $key = 'invert';
if(!array_key_exists($key, self::$markers)) {
if($ignore_unknown_tags == false) {
throw new Exception('unknown tag: ' . $tag);
} else {
$echo_string .= self::getCode($active);
$echo_string .= substr($string, 0, $pos + $len);
$string = substr($string, $pos + $len);
continue;
}
}
if($pos > 0) {
$echo_string .= self::getCode($active);
$echo_string .= substr($string, 0, $pos);
}
if($close == true) {
$last = end($active);
if($key != $last) {
throw new Exception('unbalanced tag: ' . $tag . ' (' . $last . ' expected), ' . var_export($active, true));
}
array_pop($active);
} else {
array_push($active, $key);
}
$string = substr($string, $pos + $len);
}
if($string != '') {
$echo_string .= self::getCode($active);
$echo_string .= $string;
}
$echo_string .= "\e[0m";
return $echo_string;
}
}
\ No newline at end of file
install/lib/install.lib.php
View file @ d204dbb9
......@@ -32,6 +32,8 @@ error_reporting(E_ALL|E_STRICT);
$FILE = realpath('../install.php');
require_once realpath(dirname(__FILE__)) . '/classes/libbashcolor.inc.php';
//** Get distribution identifier
//** IMPORTANT!
// This is the same code as in server/lib/classes/monitor_tools.inc.php
......@@ -90,8 +92,19 @@ function get_distname() {
$ver = explode(" ", $ver, 2);
$ver = reset($ver);
$mainver = $ver;
$mainver = explode('.', $ver);
$mainver = array_filter($mainver);
$mainver = current($mainver).'.'.next($mainver);
}
switch ($mainver){
case "18.04":
$relname = "(Bionic Beaver)";
$distconfid = 'ubuntu1804';
break;
case "17.10":
$relname = "(Artful Aardvark)";
$distconfid = 'ubuntu1710';
break;
case "17.04":
$relname = "(Zesty Zapus)";
$distconfid = 'ubuntu1604';
......@@ -175,6 +188,7 @@ function get_distname() {
break;
default:
$relname = "UNKNOWN";
$distconfid = 'ubuntu1604';
}
$distver = $ver.$lts." ".$relname;
swriteln("Operating System: ".$distname.' '.$distver."\n");
......@@ -214,18 +228,19 @@ function get_distname() {
$distconfid = 'debian90';
$distid = 'debian60';
$distbaseid = 'debian';
swriteln("Operating System: Debian 9.0 (Stretch) or compatible\n");
swriteln("Operating System: <strong>Debian 9.0 (Stretch)</strong> or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) {
$distname = 'Debian';
$distver = 'Testing';
$distid = 'debian90';
$distid = 'debian60';
$distconfid = 'debiantesting';
$distbaseid = 'debian';
swriteln("Operating System: Debian Testing\n");
} else {
$distname = 'Debian';
$distver = 'Unknown';
$distid = 'debian40';
$distid = 'debian60';
$distconfid = 'debian90';
$distbaseid = 'debian';
swriteln("Operating System: Debian or compatible, unknown version.\n");
}
......@@ -319,7 +334,7 @@ function get_distname() {
$distid = 'centos53';
$distbaseid = 'fedora';
swriteln("Operating System: CentOS 5 or compatible\n");
} elseif(stristr($content, 'CentOS Linux release 6')) {
} elseif(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
$distname = 'CentOS';
$distver = 'Unknown';
$distid = 'centos53';
......@@ -379,7 +394,7 @@ function swrite($text = '') {
}
function swriteln($text = '') {
echo $text."\n";
echo PXBashColor::getString($text, true)."\n";
}
function ilog($msg){
......@@ -656,6 +671,7 @@ function ini_to_array($ini) {
$section = strtolower($matches[1]);
} elseif(preg_match("/^([\w\d_]+)=(.*)$/", $line, $matches) && $section != null) {
$item = trim($matches[1]);
if(!isset($config[$section])) $config[$section] = array();
$config[$section][$item] = trim($matches[2]);
}
}
......@@ -862,6 +878,28 @@ function is_ispconfig_ssl_enabled() {
}
}
/*
* Is anonymization enabled in ispconfig.conf file
*/
function get_logging_state() {
global $conf;
$ispconfig_conf_file = $conf['apache']['vhost_conf_dir'].'/ispconfig.conf';
if(is_file($ispconfig_conf_file)) {
$tmp = file_get_contents($ispconfig_conf_file);
if(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -p -s access.log')) {
return 'anon';
} elseif(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -s access.log')) {
return 'yes';
} else {
return 'no';
}
} else {
return 'yes';
}
}
/**
Function to find the hash file for timezone detection
(c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de
......
install/lib/installer_base.lib.php
View file @ d204dbb9
This diff is collapsed.
install/lib/mysql.lib.php
View file @ d204dbb9
......@@ -27,7 +27,7 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class db extends mysqli
class db
{
/**#@+
* @access private
......@@ -36,6 +36,7 @@ class db extends mysqli
private $_iConnId;
private $dbHost = ''; // hostname of the MySQL server
private $dbPort = ''; // port of the MySQL server
private $dbName = ''; // logical database name on that server
private $dbUser = ''; // database authorized user
private $dbPass = ''; // user's password
......@@ -68,7 +69,8 @@ class db extends mysqli
global $conf;
if($this->_iConnId) return true;
$this->dbHost = $conf["mysql"]["host"];
$this->dbHost = $conf['mysql']['host'];
$this->dbPort = $conf['mysql']['port'];
$this->dbName = false;//$conf["mysql"]["database"];
$this->dbUser = $conf["mysql"]["admin_user"];
$this->dbPass = $conf["mysql"]["admin_password"];
......@@ -76,13 +78,13 @@ class db extends mysqli
$this->dbNewLink = false;
$this->dbClientFlags = null;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass);
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
$try = 0;
while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) {
if($try > 0) sleep(1);
$try++;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass);
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
}
if(!is_object($this->_iConnId) || mysqli_connect_error()) {
......@@ -101,11 +103,12 @@ class db extends mysqli
$this->dbPort = $port;
$this->dbUser = $user;
$this->dbPass = $password;
$this->dbPort = $port;
}
public function setDBName($name) {
$this->dbName = $name;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', $this->dbPort);
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) {
$this->close();
$this->_sqlerror('Datenbank nicht gefunden / Database not found');
......@@ -202,7 +205,7 @@ class db extends mysqli
$try++;
$ok = mysqli_ping($this->_iConnId);
if(!$ok) {
if(!mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName)) {
if(!mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort)) {
if($this->errorNumber == '111') {
// server is not available
if($try > 9) {
......
install/lib/update.lib.php
View file @ d204dbb9
......@@ -59,6 +59,8 @@ function prepareDBDump() {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -c -t --add-drop-table --create-options --quick --result-file=existing_db.sql ".$conf['mysql']['database']);
}
chmod('existing_db.sql', 0400);
chown('existing_db.sql', 'root');
/*
* If we have a server with nothing in it except VE's then the database of thie server is empty.
......@@ -80,9 +82,9 @@ function prepareDBDump() {
if ($conf['powerdns']['installed']) {
//** export the current PowerDNS database data
if( !empty($conf["mysql"]["admin_password"]) ) {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
} else {
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
system("mysqldump -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -P ".escapeshellarg($conf['mysql']['port'])." -c -t --add-drop-table --create-options --quick --result-file=existing_powerdns_db.sql ".$conf['powerdns']['database']);
}
// create a backup copy of the PowerDNS database in the root folder
......@@ -101,7 +103,7 @@ function checkDbHealth() {
$notok = array();
echo "Checking ISPConfig database .. ";
exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -r ".escapeshellarg($conf["mysql"]["database"]), $result);
exec("mysqlcheck -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." -r ".escapeshellarg($conf["mysql"]["database"]), $result);
for( $i=0; $i<sizeof($result);$i++) {
if ( substr($result[$i], -2) != "OK" ) {
$notok[] = $result[$i];
......@@ -123,8 +125,22 @@ function checkDbHealth() {
function updateDbAndIni() {
global $inst, $conf;
//* ensure no modes with errors for ENGINE=MyISAM
$inst->db->query("SET sql_mode = ''");
//* check sql-mode
/*
$check_sql_mode = $inst->db->queryOneRecord("SELECT @@sql_mode");
if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') {
echo "Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION. Add\n\n";
echo " sql-mode=\"NO_ENGINE_SUBSTITUTION\"\n\n";
echo"to the mysqld-section in your mysql-config on this server and restart mysqld afterwards\n";
die();
}*/
$unwanted_sql_plugins = array('validate_password');
$sql_plugins = $inst->db->queryAllRecords("SELECT plugin_name FROM information_schema.plugins WHERE plugin_status='ACTIVE' AND plugin_name IN ?", $unwanted_sql_plugins);
if(is_array($sql_plugins) && !empty($sql_plugins)) {
foreach ($sql_plugins as $plugin) echo "Login in to MySQL and disable $plugin[plugin_name] with:\n\n UNINSTALL PLUGIN $plugin[plugin_name];";
die();
}
//* Update $conf array with values from the server.ini that shall be preserved
$tmp = $inst->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
......@@ -194,9 +210,9 @@ function updateDbAndIni() {
//* Load patch file into database
if( !empty($conf["mysql"]["admin_password"]) ) {
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." -P ".escapeshellarg($conf['mysql']['port'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
} else {
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
$cmd = "mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." --force -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -P ".escapeshellarg($conf['mysql']['port'])." ".escapeshellarg($conf['mysql']['database'])." < ".$sql_patch_filename;
}
if(in_array($next_db_version,explode(',',$silent_update_versions))) {
......@@ -336,6 +352,8 @@ function updateDbAndIni() {
$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
$tpl_ini_array['xmpp']['xmpp_daemon'] = ($conf['metronome']['installed'] == true)?'metronome':'prosody';
if ($conf['nginx']['installed'] == true) {
$tpl_ini_array['web']['server_type'] = 'nginx';
$tpl_ini_array['global']['webserver'] = 'nginx';
......
install/patches/upd_0085.php 0 → 100644
View file @ d204dbb9
<?php
if(!defined('INSTALLER_RUN')) die('Patch update file access violation.');
/*
Example installer patch update class. the classname must match
the php and the sql patch update filename. The php patches are
only executed when a corresponding sql patch exists.
*/
class upd_0085 extends installer_patch_update {
public function onAfterSQL() {
global $inst, $conf;
$cron_files = $conf['cron']['crontab_dir'] . '/ispc_*';
$check_suffix = '';
if (file_exists('/etc/gentoo-release')) {
$cron_files .= '.cron';
$check_suffix = '.cron';
}
$file_list = glob($cron_files);
if(is_array($file_list) && !empty($file_list)) {
for($f = 0; $f < count($file_list); $f++) {
$cron_file = $file_list[$f];
$fp = fopen($cron_file, 'r');
while($fp && !feof($fp)) {
$line = trim(fgets($fp));
if($line == '') continue;
elseif(substr($line, 0, 1) === '#') continue; // commented out
$fields = preg_split('/\s+/', $line);
if(trim($fields[0]) == '') {
// invalid line
swriteln($inst->lng('[INFO] Invalid cron line in file ' . $cron_file));
} elseif(preg_match('/^\w+=/', $line)) {
if(preg_match('/\s/', $line)) {
// warning line with env var and space!
swriteln($inst->lng("\n" . '[WARNING] Cron line in file ' . $cron_file . ' contains environment variable.' . "\n"));
}
} elseif(!isset($fields[5])) {
// invalid line (missing user)
swriteln($inst->lng("\n" . '[WARNING] Cron line in file ' . $cron_file . ' misses user field.' . "\n"));
} else {
$check_filename = trim($fields[5]) . $check_suffix;
if(substr($cron_file, -strlen($check_filename)) != $check_filename) {
// warning user not equal to file name
swriteln($inst->lng("\n" . '[WARNING] SUSPECT USER IN CRON FILE ' . $cron_file . '! CHECK CRON FILE FOR MALICIOUS ENTRIES!' . "\n"));
}
}
}
fclose($fp);
}
}
}
}
?>
install/patches/upd_0086.php 0 → 100644
View file @ d204dbb9
<?php
if(!defined('INSTALLER_RUN')) die('Patch update file access violation.');
/*
Example installer patch update class. the classname must match
the php and the sql patch update filename. The php patches are
only executed when a corresponding sql patch exists.
*/
class upd_0086 extends installer_patch_update {
public function onAfterSQL() {
global $inst;
// delete all the files that were deleted on previous updates
$delete = array(
'interface/web/js/mail_domain_dkim.js',
'interface/web/mail/mail_domain_dkim_create.php'
);
$curpath = dirname(dirname(realpath(dirname(__FILE__))));
$c = 0;
$del_all = false;
foreach($delete as $file) {
if(strpos($file, '..') !== false) continue; // security!
if($del_all == false) {
$answer = $inst->simple_query('Delete obsolete file ' . $file . '?', array('y', 'n', 'a', 'all', 'none'), 'y');
if($answer == 'n') continue;
elseif($answer == 'a' || $answer == 'all') $del_all = true;
elseif($answer == 'none') break;
}
if(@is_file('/usr/local/ispconfig/' . $file) && !@is_file($curpath . '/' . $file)) {
// be sure this is not a file contained in installation!
@unlink('/usr/local/ispconfig/' . $file);
ilog('Deleted obsolete file /usr/local/ispconfig/' . $file);
$c++;
}
}
ilog($c . 'obsolete files deleted.');
}
}
?>
install/sql/incremental/upd_0085.sql 0 → 100644
View file @ d204dbb9
ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' AFTER `https_port`;
ALTER TABLE `web_domain` CHANGE `stats_type` `stats_type` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT 'awstats';
ALTER TABLE `spamfilter_policy`
CHANGE `virus_lover` `virus_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_lover` `spam_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `banned_files_lover` `banned_files_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bad_header_lover` `bad_header_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_virus_checks` `bypass_virus_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_spam_checks` `bypass_spam_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_banned_checks` `bypass_banned_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_header_checks` `bypass_header_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_modifies_subj` `spam_modifies_subj` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnvirusrecip` `warnvirusrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbannedrecip` `warnbannedrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbadhrecip` `warnbadhrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N';
ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL;
ALTER TABLE `web_database` CHANGE `database_quota` `database_quota` INT(11) NULL DEFAULT NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' ;
ALTER TABLE spamfilter_policy CHANGE spam_tag_level spam_tag_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_tag2_level spam_tag2_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_kill_level spam_kill_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_dsn_cutoff_level spam_dsn_cutoff_level DECIMAL(5,2) NULL DEFAULT NULL, CHANGE spam_quarantine_cutoff_level spam_quarantine_cutoff_level DECIMAL(5,2) NULL DEFAULT NULL;
UPDATE `web_database` as d LEFT JOIN `web_domain` as w ON (w.domain_id = d.parent_domain_id) SET d.parent_domain_id = 0 WHERE w.domain_id IS NULL AND d.parent_domain_id != 0 AND (SELECT EXISTS(SELECT * FROM web_domain));
\ No newline at end of file
install/sql/incremental/upd_0086.sql 0 → 100644
View file @ d204dbb9
ALTER TABLE `web_domain` ADD COLUMN `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n' AFTER `ssl_letsencrypt`;
ALTER TABLE `remote_user` ADD `remote_access` ENUM('y','n') NOT NULL DEFAULT 'y' AFTER `remote_password`;
ALTER TABLE `remote_user` ADD `remote_ips` TEXT AFTER `remote_access`;
ALTER TABLE `server_php` ADD `active` enum('y','n') NOT NULL DEFAULT 'y' AFTER `php_fpm_pool_dir`;
ALTER TABLE `web_domain` CHANGE `log_retention` `log_retention` INT(11) NOT NULL DEFAULT '10';
\ No newline at end of file
install/sql/incremental/upd_dev_collection.sql
View file @ d204dbb9
......@@ -12,22 +12,6 @@ ALTER TABLE `mail_mailinglist` ADD `posting_policy` enum('closed','moderated','f
ALTER TABLE `sys_user` ADD `last_login_ip` VARCHAR(50) NULL AFTER `lost_password_reqtime`;
ALTER TABLE `sys_user` ADD `last_login_at` BIGINT(20) NULL AFTER `last_login_ip`;
ALTER TABLE `sys_remoteaction` CHANGE `action_state` `action_state` ENUM('pending','processing','ok','warning','error') NOT NULL DEFAULT 'pending';
ALTER TABLE `web_domain` CHANGE `folder_directive_snippets` `folder_directive_snippets` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' AFTER `https_port`;
ALTER TABLE `web_domain` CHANGE `stats_type` `stats_type` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT 'awstats';
ALTER TABLE `spamfilter_policy`
CHANGE `virus_lover` `virus_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_lover` `spam_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `banned_files_lover` `banned_files_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bad_header_lover` `bad_header_lover` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_virus_checks` `bypass_virus_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_spam_checks` `bypass_spam_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_banned_checks` `bypass_banned_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `bypass_header_checks` `bypass_header_checks` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `spam_modifies_subj` `spam_modifies_subj` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnvirusrecip` `warnvirusrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbannedrecip` `warnbannedrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N',
CHANGE `warnbadhrecip` `warnbadhrecip` ENUM('N','Y') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'N';
CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
......@@ -42,21 +26,81 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
ALTER TABLE `dns_ssl_ca` ADD UNIQUE(`ca_issue`);
UPDATE `dns_ssl_ca` SET `ca_issue` = 'comodo.com' WHERE `ca_issue` = 'comodoca.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'geotrust.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'thawte.com';
UPDATE `dns_ssl_ca` SET `ca_name` = 'Symantec / Thawte / GeoTrust' WHERE `ca_issue` = 'symantec.com';
INSERT IGNORE INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GeoTrust (Symantec)', 'geotrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'N', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Thawte (Symantec)', 'thawte.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
ALTER TABLE `dns_rr` CHANGE `type` `type` ENUM('A','AAAA','ALIAS','CAA','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;
ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL;
ALTER TABLE `web_database` CHANGE `database_quota` `database_quota` INT(11) NULL DEFAULT NULL;
ALTER TABLE `web_domain` ADD `log_retention` INT NOT NULL DEFAULT '30' ;
ALTER TABLE `web_domain` ADD COLUMN `ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n' AFTER `ssl_letsencrypt`;
ALTER TABLE `remote_user` ADD `remote_access` ENUM('y','n') NOT NULL DEFAULT 'y' AFTER `remote_password`;
ALTER TABLE `remote_user` ADD `remote_ips` TEXT AFTER `remote_access`;
ALTER TABLE `web_domain` ADD `php_fpm_chroot` enum('n','y') NOT NULL DEFAULT 'n' AFTER `php_fpm_use_socket`;
ALTER TABLE `client_template`
ADD COLUMN `limit_xmpp_webpresence` ENUM( 'n', 'y' ) NOT NULL default 'y',
ADD COLUMN `limit_xmpp_http_upload` ENUM( 'n', 'y' ) NOT NULL default 'n';
ALTER TABLE `client`
ADD COLUMN `limit_xmpp_webpresence` ENUM( 'n', 'y' ) NOT NULL default 'y',
ADD COLUMN `limit_xmpp_http_upload` ENUM( 'n', 'y' ) NOT NULL default 'n';
ALTER TABLE `xmpp_domain`
ADD COLUMN `use_webpresence` enum('n','y') NOT NULL DEFAULT 'y',
ADD COLUMN `use_http_upload` enum('n','y') NOT NULL DEFAULT 'n';
install/sql/ispconfig3.sql
View file @ d204dbb9
......@@ -519,18 +519,57 @@ CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)
PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodo.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GeoTrust (Symantec)', 'geotrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'N', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Thawte (Symantec)', 'thawte.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
......@@ -1291,6 +1330,8 @@ CREATE TABLE `remote_user` (
`sys_perm_other` varchar(5) default NULL,
`remote_username` varchar(64) NOT NULL DEFAULT '',
`remote_password` varchar(64) NOT NULL DEFAULT '',
`remote_access` enum('y','n') NOT NULL DEFAULT 'y',
`remote_ips` TEXT,
`remote_functions` text,
PRIMARY KEY (`remote_userid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......@@ -1389,6 +1430,7 @@ CREATE TABLE `server_php` (
`php_fpm_init_script` varchar(255) DEFAULT NULL,
`php_fpm_ini_dir` varchar(255) DEFAULT NULL,
`php_fpm_pool_dir` varchar(255) DEFAULT NULL,
`active` enum('n','y') NOT NULL DEFAULT 'y',
PRIMARY KEY (`server_php_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......@@ -1532,11 +1574,11 @@ CREATE TABLE `spamfilter_policy` (
`bad_header_quarantine_to` varchar(255) default NULL,
`clean_quarantine_to` varchar(255) default NULL,
`other_quarantine_to` varchar(255) default NULL,
`spam_tag_level` float default NULL,
`spam_tag2_level` float default NULL,
`spam_kill_level` float default NULL,
`spam_dsn_cutoff_level` float default NULL,
`spam_quarantine_cutoff_level` float default NULL,
`spam_tag_level` DECIMAL(5,2) default NULL,
`spam_tag2_level` DECIMAL(5,2) default NULL,
`spam_kill_level` DECIMAL(5,2) default NULL,
`spam_dsn_cutoff_level` DECIMAL(5,2) default NULL,
`spam_quarantine_cutoff_level` DECIMAL(5,2) default NULL,
`addr_extension_virus` varchar(64) default NULL,
`addr_extension_spam` varchar(64) default NULL,
`addr_extension_banned` varchar(64) default NULL,
......@@ -1990,6 +2032,7 @@ CREATE TABLE `web_domain` (
`rewrite_to_https` ENUM('y','n') NOT NULL DEFAULT 'n',
`ssl` enum('n','y') NOT NULL default 'n',
`ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n',
`ssl_letsencrypt_exclude` enum('n','y') NOT NULL DEFAULT 'n',
`ssl_state` varchar(255) NULL,
`ssl_locality` varchar(255) NULL,
`ssl_organisation` varchar(255) NULL,
......@@ -2007,6 +2050,7 @@ CREATE TABLE `web_domain` (
`apache_directives` mediumtext,
`nginx_directives` mediumtext,
`php_fpm_use_socket` ENUM('n','y') NOT NULL DEFAULT 'y',
`php_fpm_chroot` ENUM('n','y') NOT NULL DEFAULT 'n',
`pm` enum('static','dynamic','ondemand') NOT NULL DEFAULT 'dynamic',
`pm_max_children` int(11) NOT NULL DEFAULT '10',
`pm_start_servers` int(11) NOT NULL DEFAULT '2',
......@@ -2033,7 +2077,7 @@ CREATE TABLE `web_domain` (
`http_port` int(11) unsigned NOT NULL DEFAULT '80',
`https_port` int(11) unsigned NOT NULL DEFAULT '443',
`folder_directive_snippets` text,
`log_retention` int(11) NOT NULL DEFAULT '30',
`log_retention` int(11) NOT NULL DEFAULT '10',
PRIMARY KEY (`domain_id`),
UNIQUE KEY `serverdomain` ( `server_id` , `ip_address`, `domain` )
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
......
install/tpl/apache_apps.vhost.master
View file @ d204dbb9
......@@ -34,6 +34,21 @@
</Directory>
</IfModule>
<IfModule mod_php7.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
AddType application/x-httpd-php .php
<Directory {tmpl_var name='apps_vhost_dir'}>
Options FollowSymLinks
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_fcgid.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
SuexecUserGroup ispapps ispapps
......
install/tpl/apache_ispconfig.conf.master
View file @ d204dbb9
......@@ -18,8 +18,12 @@ SSLStaplingCache shmcb:/var/run/ocsp(128000)
LogFormat '%v %h %l %u %t "%r" %>s %S "%{Referer}i" "%{User-Agent}i"' combined_ispconfig
<tmpl_else>
LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
<tmpl_if name='logging' op='==' value='anon'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig
<Directory /var/www/clients>
AllowOverride None
......@@ -129,9 +133,7 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m
</tmpl_if>
</Directory>
<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
Alias /awstats-icon "/usr/share/awstats/icon"
</tmpl_if>
Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
<Directory /usr/local/ispconfig/interface/acme/.well-known/acme-challenge>
......
install/tpl/apache_ispconfig.vhost.master
View file @ d204dbb9
......@@ -8,6 +8,9 @@
<VirtualHost _default_:<tmpl_var name="vhost_port">>
ServerAdmin webmaster@localhost
<tmpl_if name='http2_module' op='==' value='true'>
Protocols h2 h2c http/1.1
</tmpl_if>
<Directory /var/www/ispconfig/>
<FilesMatch "\.ph(p3?|tml)$">
......