Skip to content
Commits on Source (74)
Hide whitespace changes
Inline Side-by-side
.gitignore
View file @ 16b96209
.idea
/nbproject/private/
.vscode
.phplint-cache
*.swp
......
docs/autoinstall_samples/autoinstall.conf_sample.php
View file @ 16b96209
......@@ -61,7 +61,7 @@ $autoupdate['ignore_hostname_dns'] = 'n';
$autoupdate['ispconfig_postfix_ssl_symlink'] = 'y';
$autoupdate['ispconfig_pureftpd_ssl_symlink'] = 'y';
/* These are for service-detection (defaulting to old behaviour where alle changes were automatically accepted) */
/* These are for service-detection (defaulting to old behaviour where all changes were automatically accepted) */
$autoupdate['svc_detect_change_mail_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_web_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_dns_server'] = 'yes'; // yes (default), no
......
docs/autoinstall_samples/autoinstall.ini.sample
View file @ 16b96209
......@@ -60,7 +60,7 @@ ignore_hostname_dns=n
ispconfig_postfix_ssl_symlink=y
ispconfig_pureftpd_ssl_symlink=y
; These are for service-detection (defaulting to old behaviour where alle changes were automatically accepted)
; These are for service-detection (defaulting to old behaviour where all changes were automatically accepted)
svc_detect_change_mail_server=yes
svc_detect_change_web_server=yes
svc_detect_change_dns_server=yes
......
install/dist/lib/gentoo.lib.php
View file @ 16b96209
......@@ -47,8 +47,7 @@ class installer extends installer_base
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_postfix($options = '')
{
public function configure_postfix($options = '') {
global $conf,$autoinstall;
$cf = $conf['postfix'];
......@@ -57,6 +56,11 @@ class installer extends installer_base
if(!is_dir($config_dir)){
$this->error("The postfix configuration directory '$config_dir' does not exist.");
}
//* Get postfix version
exec('postconf -d mail_version 2>&1', $out);
$postfix_version = preg_replace('/.*=\s*/', '', $out[0]);
unset($out);
//* Install virtual mappings
foreach (glob('tpl/mysql-virtual_*.master') as $filename) {
......@@ -65,30 +69,48 @@ class installer extends installer_base
//* mysql-verify_recipients.cf
$this->process_postfix_config('mysql-verify_recipients.cf');
// test if lmtp if available
$configure_lmtp = $this->get_postfix_service('lmtp','unix');
//* postfix-dkim
$filename='tag_as_originating.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
if($configure_lmtp) {
$content = preg_replace('/amavis:/', 'lmtp:', $content);
}
wf($full_file_name, $content);
$filename='tag_as_foreign.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
if($configure_lmtp) {
$content = preg_replace('/amavis:/', 'lmtp:', $content);
}
wf($full_file_name, $content);
//* Changing mode and group of the new created config files.
caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
/*caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
__FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');*/
//* Creating virtual mail user and group
$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
if (!is_group($cf['vmail_groupname'])) {
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
if (!is_user($cf['vmail_username'])) {
caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* These postconf commands will be executed on installation and update
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"].'.server', $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
unset($server_ini_rec);
//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removal after an update
$rbl_list = '';
if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
......@@ -107,7 +129,7 @@ class installer extends installer_base
$reject_sender_login_mismatch = '';
$reject_authenticated_sender_login_mismatch = '';
if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
$reject_sender_login_mismatch = ', reject_sender_login_mismatch';
$reject_sender_login_mismatch = ',reject_sender_login_mismatch,';
$reject_authenticated_sender_login_mismatch = 'reject_authenticated_sender_login_mismatch, ';
}
......@@ -145,7 +167,42 @@ class installer extends installer_base
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
//* Merge version-specific postfix config
if(version_compare($postfix_version , '2.5', '>=')) {
$configfile = 'postfix_2-5.conf';
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
if(version_compare($postfix_version , '2.10', '>=')) {
$configfile = 'postfix_2-10.conf';
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
if(version_compare($postfix_version , '3.0', '>=')) {
$configfile = 'postfix_3-0.conf';
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
if(version_compare($postfix_version , '3.3', '>=')) {
$configfile = 'postfix_3-3.conf';
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
$configfile = 'postfix_custom.conf';
if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/' . $configfile . '.master')) {
$content = file_get_contents($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master');
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
// Remove comment lines, these would give fatal errors when passed to postconf.
$postconf_commands = array_filter($postconf_commands, function($line) { return preg_match('/^[^#]/', $line); });
//* These postconf commands will be executed on installation only
if($this->is_update == false) {
$postconf_commands = array_merge($postconf_commands, array(
......@@ -161,6 +218,15 @@ class installer extends installer_base
touch($config_dir.'/nested_header_checks');
touch($config_dir.'/body_checks');
touch($config_dir.'/sasl_passwd');
//* Create the mailman files
if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
exec('postalias /var/lib/mailman/data/aliases');
if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
//* Create auxillary postfix conf files
$configfile = 'helo_access';
......@@ -189,13 +255,13 @@ class installer extends installer_base
//* Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
swriteln($command);
caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
}
//* Create the SSL certificate
if (!stristr($options, 'dont-create-certs'))
{
if(AUTOINSTALL){
if (!stristr($options, 'dont-create-certs')){
//* Create the SSL certificate
if(AUTOINSTALL){
$command = 'cd '.$config_dir.'; '
."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
} else {
......@@ -208,58 +274,59 @@ class installer extends installer_base
caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
}
//* We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
$command = 'chmod 755 /var/lib/courier/authdaemon/';
if (is_dir('/var/lib/courier/authdaemon')) {
caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
}
//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
$command = 'chmod 755 /var/run/courier/authdaemon/';
if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
//* Changing maildrop lines in posfix master.cf
//* Check maildrop service in posfix master.cf
$quoted_regex = '^maildrop unix.*pipe flags=DRhu user=vmail '.preg_quote('argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}', '/');
$configfile = $config_dir.'/master.cf';
$content = rf($configfile);
$content = preg_replace('/^#?maildrop/m', 'maildrop', $content);
$content = preg_replace('/^#?(\s+)flags=DRhu user=vmail argv=\/usr\/bin\/maildrop -d/m',
'$1flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail \${extension} \${recipient} \${user} \${nexthop} \${sender}',
$content);
$this->write_config_file($configfile, $content);
//* Writing the Maildrop mailfilter file
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailfilter.master', 'tpl/mailfilter.master');
if($this->get_postfix_service('maildrop', 'unix')) {
exec ("postconf -M maildrop.unix 2> /dev/null", $out, $ret);
$change_maildrop_flags = @(preg_match("/$quoted_regex/", $out[0]) && $out[0] !='')?false:true;
} else {
$change_maildrop_flags = @(preg_match("/$quoted_regex/", $configfile))?false:true;
}
if ($change_maildrop_flags) {
//* Change maildrop service in posfix master.cf
if(is_file($config_dir.'/master.cf')) {
copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
}
if(is_file($config_dir.'/master.cf~')) {
chmod($config_dir.'/master.cf~', 0400);
}
$configfile = $config_dir.'/master.cf';
$content = rf($configfile);
$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
$content);
wf($configfile, $content);
}
//* Writing the Maildrop mailfilter file
$configfile = 'mailfilter';
if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)) {
copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
$this->write_config_file($cf['vmail_mailbox_base'].'/.mailfilter', $content);
wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
//* Create the directory for the custom mailfilters
if (!is_dir($cf['vmail_mailbox_base'].'/mailfilters'))
{
if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) {
$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
//* postfix-dkim
$filename='tag_as_originating.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
$filename='tag_as_foreign.re';
$full_file_name=$config_dir.'/'.$filename;
if(is_file($full_file_name)) copy($full_file_name, $full_file_name.'~');
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/postfix-'.$filename.'.master', 'tpl/postfix-'.$filename.'.master');
wf($full_file_name, $content);
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
//* Chmod and chown the .mailfilter file
$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
$command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
$command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_saslauthd()
{
global $conf;
......@@ -297,17 +364,21 @@ class installer extends installer_base
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
public function configure_dovecot()
{
public function configure_dovecot() {
global $conf;
$virtual_transport = 'dovecot';
$configure_lmtp = false;
// use lmtp if installed
if($configure_lmtp = (is_file('/usr/lib/dovecot/lmtp') || is_file('/usr/libexec/dovecot/lmtp'))) {
$virtual_transport = 'lmtp:unix:private/dovecot-lmtp';
}
// check if virtual_transport must be changed
if ($this->is_update) {
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"].".server", $conf['server_id']);
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
......@@ -318,10 +389,13 @@ class installer extends installer_base
}
$config_dir = $conf['postfix']['config_dir'];
$quoted_config_dir = preg_quote($config_dir, '|');
$postfix_version = `postconf -d mail_version 2>/dev/null`;
$postfix_version = preg_replace( '/mail_version\s*=\s*(.*)\s*/', '$1', $postfix_version );
//* Configure master.cf and add a line for deliver
if(!$this->get_postfix_service('dovecot', 'unix')) {
//* backup
//* backup
if(is_file($config_dir.'/master.cf')){
copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
}
......@@ -329,14 +403,15 @@ class installer extends installer_base
chmod($config_dir.'/master.cf~2', 0400);
}
//* Configure master.cf and add a line for deliver
$content = rf($conf["postfix"]["config_dir"].'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
$content = rf($config_dir.'/master.cf');
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}'."\n";
af($config_dir.'/master.cf', $deliver_content);
unset($content);
unset($deliver_content);
}
//* Reconfigure postfix to use dovecot authentication
// Adding the amavisd commands to the postfix configuration
$postconf_commands = array (
'dovecot_destination_recipient_limit = 1',
'virtual_transport = '.$virtual_transport,
......@@ -344,25 +419,44 @@ class installer extends installer_base
'smtpd_sasl_path = private/auth'
);
//* Make a backup copy of the main.cf file
copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
// Make a backup copy of the main.cf file
copy($config_dir.'/main.cf', $config_dir.'/main.cf~3');
//* Executing the postconf commands
foreach($postconf_commands as $cmd)
{
$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
$new_options = array();
foreach ($options as $value) {
$value = trim($value);
if ($value == '') continue;
if (preg_match("|check_recipient_access\s+proxy:mysql:${quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
continue;
}
$new_options[] = $value;
}
if ($configure_lmtp && $conf['mail']['content_filter'] === 'amavisd') {
for ($i = 0; isset($new_options[$i]); $i++) {
if ($new_options[$i] == 'reject_unlisted_recipient') {
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${config_dir}/mysql-verify_recipients.cf"));
break;
}
}
# postfix < 3.3 needs this when using reject_unverified_recipient:
if(version_compare($postfix_version, 3.3, '<')) {
$postconf_commands[] = "enable_original_recipient = yes";
}
}
$postconf_commands[] = "smtpd_recipient_restrictions = ".implode(", ", $new_options);
// Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
//* backup dovecot.conf
$config_dir = $conf['dovecot']['config_dir'];
//* copy dovecot.conf
$configfile = $config_dir.'/dovecot.conf';
$content = $this->get_template_file('dovecot.conf', true);
$this->write_config_file($configfile, $content);
//* dovecot-lmtpd
if($configure_lmtp) {
replaceLine($config_dir.'/'.$configfile, 'protocols = imap pop3', 'protocols = imap pop3 lmtp', 1, 0);
$configfile = 'dovecot.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
//* Get the dovecot version
......@@ -370,15 +464,112 @@ class installer extends installer_base
$dovecot_version = $tmp[0];
unset($tmp);
//* Copy dovecot configuration file
if(version_compare($dovecot_version,1, '<=')) { //* Dovecot 1.x
if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_dovecot.conf.master')) {
copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_dovecot.conf.master', $config_dir.'/'.$configfile);
} else {
copy('dist/tpl/gentoo/dovecot.conf.master', $config_dir.'/'.$configfile);
}
} else { //* Dovecot 2.x
if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_dovecot2.conf.master')) {
copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_dovecot2.conf.master', $config_dir.'/'.$configfile);
} else {
copy('dist/tpl/gentoo/dovecot2.conf.master', $config_dir.'/'.$configfile);
}
// Copy custom config file
if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/dovecot_custom.conf.master')) {
if(!@is_dir($config_dir . '/conf.d')) {
mkdir($config_dir . '/conf.d');
}
copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/dovecot_custom.conf.master', $config_dir.'/conf.d/99-ispconfig-custom-config.conf');
}
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
if(version_compare($dovecot_version, 2.1, '<')) {
removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
}
if(version_compare($dovecot_version,2.2) >= 0) {
// Dovecot > 2.2 does not recognize !SSLv2 anymore on Debian 9
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('!SSLv2','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
}
if(version_compare($dovecot_version,2.3) >= 0) {
// Remove deprecated setting(s)
removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
// Check if we have a dhparams file and if not, create it
if(!file_exists('/etc/dovecot/dh.pem')) {
swriteln('Creating new DHParams file, this takes several minutes. Do not interrupt the script.');
if(file_exists('/var/lib/dovecot/ssl-parameters.dat')) {
// convert existing ssl parameters file
$command = 'dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
} else {
/*
Create a new dhparams file. We use 2048 bit only as it simply takes too long
on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
a 4096 bit file, create it manually before you install ISPConfig
*/
$command = 'openssl dhparam -out /etc/dovecot/dh.pem 2048';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
}
//remove #2.3+ comment
$content = file_get_contents($config_dir.'/'.$configfile);
$content = str_replace('#2.3+ ','',$content);
file_put_contents($config_dir.'/'.$configfile,$content);
unset($content);
} else {
// remove settings which are not supported in Dovecot < 2.3
removeLine($config_dir.'/'.$configfile, 'ssl_min_protocol =');
removeLine($config_dir.'/'.$configfile, 'ssl_dh =');
}
}
$dovecot_protocols = 'imap pop3';
//* dovecot-lmtpd
if($configure_lmtp) {
$dovecot_protocols .= ' lmtp';
}
//* dovecot-managesieved
if(is_file('/usr/lib/dovecot/managesieve') || is_file('/usr/libexec/dovecot/managesieve')) {
$dovecot_protocols .= ' sieve';
}
replaceLine($config_dir.'/'.$configfile, 'protocols = imap pop3', "protocols = $dovecot_protocols", 1, 0);
//* dovecot-sql.conf
$configfile = $config_dir.'/dovecot-sql.conf';
$content = $this->get_template_file('debian_dovecot-sql.conf', true, true);
$configfile = 'dovecot-sql.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot-sql.conf.master', 'tpl/debian_dovecot-sql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
# enable iterate_query for dovecot2
if(version_compare($dovecot_version,2, '>=')) {
$content = str_replace('# iterate_query', 'iterate_query', $content);
}
$content = str_replace('{server_id}', $conf['server_id'], $content);
$this->write_config_file($configfile, $content);
wf($config_dir.'/'.$configfile, $content);
chmod($config_dir.'/'.$configfile, 0600);
chown($config_dir.'/'.$configfile, 'root');
chgrp($config_dir.'/'.$configfile, 'root');
// Dovecot shall ignore mounts in website directory
if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
}
public function configure_spamassassin()
......@@ -515,6 +706,36 @@ class installer extends installer_base
$content = preg_replace('/MISC_OTHER="[^"]+"/', 'MISC_OTHER="-b -A -E -Z -D -H -O clf:'.$logdir.'/transfer.log'.$enable_tls.'"', $content);
$this->write_config_file($conf['pureftpd']['config_file'], $content);
//* Since version 1.0.50: Configuration through /etc/conf.d/pure-ftpd is now deprecated!
exec("/usr/sbin/pure-ftpd --help | head -1",$out);
if(preg_match("#v([0-9\.]+)\s#",$out[0],$matches)){
$pureftpd_version = $matches[1];
if(version_compare($pureftpd_version, '1.0.50', '>=')) {
$configfile = $conf['pureftpd']['main_config_file'];
if(is_file($configfile)) {
copy($configfile, $configfile.'~');
}
$content = rf($configfile);
$content = preg_replace('/BrokenClientsCompatibility\s+(yes|no)/', 'BrokenClientsCompatibility yes', $content);
$content = preg_replace('/ChrootEveryone\s+(yes|no)/', 'ChrootEveryone yes', $content);
$content = preg_replace('/NoAnonymous\s+(yes|no)/', 'NoAnonymous yes', $content);
$content = preg_replace('/#? AltLog\s+clf.*\s/', 'AltLog clf:/var/log/pureftpd.log', $content);
$content = preg_replace('/CustomerProof\s+(yes|no)/', 'CustomerProof yes', $content);
$content = preg_replace('/DisplayDotFiles\s+(yes|no)/', 'DisplayDotFiles yes', $content);
$content = preg_replace('/DontResolve\s+(yes|no)/', 'DontResolve yes', $content);
$content = preg_replace('/#? MySQLConfigFile\s+\/.*\s/', 'MySQLConfigFile ' . $conf['pureftpd']['mysql_config_file'], $content);
if(file_exists('/etc/ssl/private/pure-ftpd.pem')) {
$content = preg_replace('/(#?) TLS\s+(0|1)/', 'TLS 1', $content);
}
wf($configfile, $content);
}
}
}
public function configure_powerdns()
......@@ -845,39 +1066,46 @@ class installer extends installer_base
}
}
public function get_host_ips() {
$out = array();
exec("ip addr show | awk '/global/ { print $2 }' | cut -d '/' -f 1", $ret, $val);
if($val == 0) {
if(is_array($ret) && !empty($ret)){
foreach($ret as $ip) {
$ip = trim($ip);
$out[] = $ip;
}
}
}
public function install_ispconfig()
{
return $out;
}
public function install_ispconfig() {
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if(!is_dir($install_dir))
{
if(!@is_dir($install_dir)) {
$command = "mkdir $install_dir";
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
//* Create a ISPConfig user and group
if (!is_group('ispconfig'))
{
$command = 'groupadd ispconfig';
caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
$command = 'groupadd ispconfig';
if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if (!is_user('ispconfig'))
{
$command = "useradd -g ispconfig -d $install_dir ispconfig";
caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
$command = 'useradd -g ispconfig -d '.$install_dir.' ispconfig';
if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* copy the ISPConfig interface part
$command = "cp -rf ../interface $install_dir";
$command = 'cp -rf ../interface '.$install_dir;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* copy the ISPConfig server part
$command = "cp -rf ../server $install_dir";
$command = 'cp -rf ../server '.$install_dir;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Make a backup of the security settings
......@@ -887,28 +1115,29 @@ class installer extends installer_base
$command = 'cp -rf ../security '.$install_dir;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Apply changed security_settings.ini values to new security_settings.ini file
if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if(is_array($security_settings_new) && is_array($security_settings_old)) {
foreach($security_settings_new as $section => $sval) {
if(is_array($sval)) {
foreach($sval as $key => $val) {
if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));
}
$configfile = 'security_settings.ini';
if(is_file($install_dir.'/security/'.$configfile)) {
copy($install_dir.'/security/'.$configfile, $install_dir.'/security/'.$configfile.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
wf($install_dir.'/security/'.$configfile, $content);
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
$content = $this->get_template_file($configfile, true, true); //* get contents & insert db cred
if(is_file($install_dir.'/interface/lib/'.$configfile)) {
copy($install_dir.'/interface/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
......@@ -923,10 +1152,34 @@ class installer extends installer_base
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
$this->write_config_file("$install_dir/interface/lib/$configfile", $content);
wf($install_dir.'/interface/lib/'.$configfile, $content);
//* Create the config file for ISPConfig server
$this->write_config_file("$install_dir/server/lib/$configfile", $content);
$configfile = 'config.inc.php';
if(is_file($install_dir.'/server/lib/'.$configfile)) {
copy($install_dir.'/server/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{mysql_master_server_port}', $conf['mysql']['master_port'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
wf($install_dir.'/server/lib/'.$configfile, $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
......@@ -935,7 +1188,7 @@ class installer extends installer_base
wf($install_dir.'/server/lib/remote_action.inc.php', $content);
}
// Enable the server modules and plugins.
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir.'/server/mods-available/';
if (is_dir($dir)) {
......@@ -977,10 +1230,12 @@ class installer extends installer_base
if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
}
if (strpos($file, '_core_plugin') !== false) {
if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
}
}
}
......@@ -991,21 +1246,25 @@ class installer extends installer_base
}
}
//* Update the server config
// Update the server config
$mail_server_enabled = ($conf['services']['mail'])?1:0;
$web_server_enabled = ($conf['services']['web'])?1:0;
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
$xmpp_server_enabled = ($conf['services']['xmpp'])?1:0;
$sql = "UPDATE `server` SET mail_server = ?, web_server = ?, dns_server = ?, file_server = ?, db_server = ?, vserver_server = ? WHERE server_id = ?";
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled', xmpp_server = '$xmpp_server_enabled' WHERE server_id = ?";
$this->db->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
$this->db->query($sql, $conf['server_id']);
if($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql, $mail_server_enabled, $web_server_enabled, $dns_server_enabled, $file_server_enabled, $db_server_enabled, $vserver_server_enabled, $conf['server_id']);
$this->dbmaster->query($sql, $conf['server_id']);
}
// chown install dir to root and chmod 755
$command = 'chown root:root '.$install_dir;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
......@@ -1020,6 +1279,10 @@ class installer extends installer_base
$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Chmod the files and directories in the acme dir
$command = 'chmod -R 755 '.$install_dir.'/interface/acme';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* chown the server files to the root user and group
$command = 'chown -R root:root '.$install_dir.'/server';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
......@@ -1046,9 +1309,7 @@ class installer extends installer_base
exec("chmod -R 770 $install_dir/interface/lib/lang");
//* Make the temp directory for language file exports writable
if(is_dir($install_dir.'/interface/web/temp')) {
exec("chmod -R 770 $install_dir/interface/web/temp");
}
if(is_dir($install_dir.'/interface/web/temp')) exec("chmod -R 770 $install_dir/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir.'/interface/web');
......@@ -1101,18 +1362,18 @@ class installer extends installer_base
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if($conf['apache']['installed'] == true){
$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
$command = 'adduser '.$conf['apache']['user'].' ispconfig';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if(is_group('ispapps')){
$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
$command = 'adduser '.$conf['apache']['user'].' ispapps';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
}
if($conf['nginx']['installed'] == true){
$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
$command = 'adduser '.$conf['nginx']['user'].' ispconfig';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
if(is_group('ispapps')){
$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
$command = 'adduser '.$conf['nginx']['user'].' ispapps';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
}
......@@ -1128,43 +1389,62 @@ class installer extends installer_base
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
//* Copy the ISPConfig vhost for the controlpanel
$content = $this->get_template_file("apache_ispconfig.vhost", true);
$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
//$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
//* comment out the listen directive if port is 80 or 443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$content = str_replace('{vhost_port_listen}', '#', $content);
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl();
if (file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/apache_ispconfig.vhost.master")) {
$tpl->newTemplate($conf['ispconfig_install_dir']."/server/conf-custom/install/apache_ispconfig.vhost.master");
} else {
$tpl->newTemplate("dist/tpl/gentoo/apache_ispconfig.vhost.master");
}
$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 443
if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$tpl->setVar('vhost_port_listen','#');
} else {
$content = str_replace('{vhost_port_listen}', '', $content);
$tpl->setVar('vhost_port_listen','');
}
if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_comment}', '', $content);
$tpl->setVar('ssl_comment','');
} else {
$content = str_replace('{ssl_comment}', '#', $content);
$tpl->setVar('ssl_comment','#');
}
if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
$content = str_replace('{ssl_bundle_comment}', '', $content);
$tpl->setVar('ssl_bundle_comment','');
} else {
$content = str_replace('{ssl_bundle_comment}', '#', $content);
$tpl->setVar('ssl_bundle_comment','#');
}
$vhost_path = $conf['apache']['vhost_conf_dir'].'/ispconfig.vhost';
$this->write_config_file($vhost_path, $content);
if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', false);
wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755);
@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', true);
}
$tpl->setVar('apache_version',getapacheversion());
wf($vhost_conf_dir.'/ispconfig.vhost', $tpl->grab());
//* and create the symlink
/*if($this->is_update == false) {
if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
}
}*/
//if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', false);
wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', true);
//}
// unlink acme vhost symlink
if(is_link($vhost_conf_dir . '/999-acme.conf') && file_exists($vhost_conf_dir . '/acme.conf')) unlink($vhost_conf_dir . '/999-acme.conf');
}
if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
......@@ -1177,7 +1457,7 @@ class installer extends installer_base
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', 'ssl', $content);
$content = str_replace('{ssl_on}', 'ssl http2', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
......@@ -1219,44 +1499,41 @@ class installer extends installer_base
}
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
// chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
// chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
}
if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
if(!is_link('/usr/local/bin/ispconfig_update.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
// Make executable then unlink and symlink letsencrypt pre, post and renew hook scripts
chown($install_dir.'/server/scripts/letsencrypt_pre_hook.sh', 'root');
chown($install_dir.'/server/scripts/letsencrypt_post_hook.sh', 'root');
chown($install_dir.'/server/scripts/letsencrypt_renew_hook.sh', 'root');
chmod($install_dir.'/server/scripts/letsencrypt_pre_hook.sh', 0700);
chmod($install_dir.'/server/scripts/letsencrypt_post_hook.sh', 0700);
chmod($install_dir.'/server/scripts/letsencrypt_renew_hook.sh', 0700);
if(is_link('/usr/local/bin/letsencrypt_pre_hook.sh')) unlink('/usr/local/bin/letsencrypt_pre_hook.sh');
if(is_link('/usr/local/bin/letsencrypt_post_hook.sh')) unlink('/usr/local/bin/letsencrypt_post_hook.sh');
if(is_link('/usr/local/bin/letsencrypt_renew_hook.sh')) unlink('/usr/local/bin/letsencrypt_renew_hook.sh');
symlink($install_dir.'/server/scripts/letsencrypt_pre_hook.sh', '/usr/local/bin/letsencrypt_pre_hook.sh');
symlink($install_dir.'/server/scripts/letsencrypt_post_hook.sh', '/usr/local/bin/letsencrypt_post_hook.sh');
symlink($install_dir.'/server/scripts/letsencrypt_renew_hook.sh', '/usr/local/bin/letsencrypt_renew_hook.sh');
//* Make the logs readable for the ispconfig user
if (is_file('/var/log/maillog')) {
exec('chmod +r /var/log/maillog');
}
if (is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
if (is_file('/var/log/clamav/clamav.log')) {
exec('chmod +r /var/log/clamav/clamav.log');
}
if (is_file('/var/log/clamav/freshclam.log')) {
exec('chmod +r /var/log/clamav/freshclam.log');
}
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log');
if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log');
//* Create the ispconfig log file and directory
if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
touch($conf['ispconfig_log_dir'].'/ispconfig.log');
}
chmod($conf['ispconfig_log_dir'].'/ispconfig.log', 0600);
......@@ -1268,16 +1545,45 @@ class installer extends installer_base
exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
if (is_user('getmail')) {
chown('/usr/local/bin/run-getmail.sh', 'getmail');
if(is_user('getmail')) {
rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
chmod('/usr/local/bin/run-getmail.sh', 0744);
}
//* Add Log-Rotation
if (is_dir('/etc/logrotate.d')) {
@unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there
/* We rotate these logs in cron_daily.php
$fh = fopen('/etc/logrotate.d/logispc3', 'w');
fwrite($fh,
"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"} \n" .
"$conf['ispconfig_log_dir']/cron.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"}");
fclose($fh);
*/
}
chmod('/usr/local/bin/run-getmail.sh', 0744);
//* Remove Domain module as its functions are available in the client module now
if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
if(is_file('/etc/default/rkhunter')) {
replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
}
// Add symlink for patch tool
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
......@@ -1286,7 +1592,6 @@ class installer extends installer_base
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf')) chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
if(is_file($conf['amavis']['config_dir'].'/amavisd.conf~')) chmod($conf['amavis']['config_dir'].'/amavisd.conf~', 0400);
}
}
......
install/dist/tpl/gentoo/apache_ispconfig.vhost.master
View file @ 16b96209
......@@ -4,41 +4,83 @@
# for the ISPConfig controlpanel
######################################################
{vhost_port_listen} Listen {vhost_port}
<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
# NameVirtualHost *:{vhost_port}
</tmpl_if>
<tmpl_var name="vhost_port_listen"> Listen <tmpl_var name="vhost_port">
NameVirtualHost *:<tmpl_var name="vhost_port">
<VirtualHost _default_:{vhost_port}>
<VirtualHost _default_:<tmpl_var name="vhost_port">>
ServerAdmin webmaster@localhost
Alias /mail /var/www/ispconfig/mail
<Directory /var/www/ispconfig/>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
<Directory /usr/local/ispconfig/interface/web/>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
<IfModule mod_fcgid.c>
DocumentRoot /var/www/ispconfig/
SuexecUserGroup ispconfig ispconfig
<Directory /var/www/ispconfig/>
Options +Indexes +FollowSymLinks +MultiViews +ExecCGI
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
AllowOverride AuthConfig Indexes Limit Options FileInfo
<FilesMatch "\.ph(p[3-5]?|tml)$">
<FilesMatch "\.php$">
SetHandler fcgid-script
</FilesMatch>
FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
DirectoryIndex index.php
IPCCommTimeout 7200
MaxRequestLen 15728640
</IfModule>
<IfModule mod_proxy_fcgi.c>
DocumentRoot /usr/local/ispconfig/interface/web
SuexecUserGroup ispconfig ispconfig
DirectoryIndex index.php
<Directory /usr/local/ispconfig/interface/web>
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
AllowOverride AuthConfig Indexes Limit Options FileInfo
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
<FilesMatch \.php$>
#SetHandler "proxy:unix:/var/lib/php5-fpm/ispconfig.sock|fcgi://localhost"
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</Directory>
</IfModule>
<IfModule mod_php5.c>
<IfModule mpm_itk_module>
DocumentRoot /usr/local/ispconfig/interface/web/
AssignUserId ispconfig ispconfig
AddType application/x-httpd-php .php
<Directory /usr/local/ispconfig/interface/web>
# php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
Options +FollowSymLinks
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
php_value magic_quotes_gpc 0
</tmpl_if>
php_value magic_quotes_gpc 0
</Directory>
</IfModule>
......@@ -51,20 +93,53 @@
</IfModule>
# SSL Configuration
{ssl_comment}SSLEngine On
{ssl_comment}SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
{ssl_comment}SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
<tmpl_var name="ssl_comment">SSLEngine On
<tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1
<tmpl_else>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
</tmpl_if>
<tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
</VirtualHost>
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
<tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
<tmpl_var name="ssl_comment">SSLCompression Off
</tmpl_if>
<tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'>
<tmpl_var name="ssl_comment">SSLSessionTickets Off
</tmpl_if>
<Directory /var/www/php-cgi-scripts>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
<IfModule mod_headers.c>
# ISPConfig 3.1 currently requires unsafe-line for both scripts and styles, as well as unsafe-eval
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'"
<tmpl_var name="ssl_comment">Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests"
Header set X-Content-Type-Options: nosniff
Header set X-Frame-Options: SAMEORIGIN
Header set X-XSS-Protection: "1; mode=block"
Header always edit Set-Cookie (.*) "$1; HTTPOnly"
<tmpl_var name="ssl_comment">Header always edit Set-Cookie (.*) "$1; Secure"
<IfModule mod_version.c>
<IfVersion >= 2.4.7>
Header setifempty Strict-Transport-Security "max-age=15768000"
</IfVersion>
<IfVersion < 2.4.7>
Header set Strict-Transport-Security "max-age=15768000"
</IfVersion>
</IfModule>
RequestHeader unset Proxy early
</IfModule>
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<tmpl_var name="ssl_comment">SSLUseStapling On
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off
</tmpl_if>
# Redirect http to https
ErrorDocument 400 "<script>document.location.href='https://'+location.hostname+':'+location.port';</script><h1>Error 400 - trying to redirect</h1>"
</VirtualHost>
<Directory /var/www/php-fcgi-scripts>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
install/lib/installer_base.lib.php
View file @ 16b96209
......@@ -52,7 +52,7 @@ class installer_base {
}
public function update_acme() {
$acme = explode("\n", shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2> /dev/null'));
$acme = explode("\n", (string)shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2> /dev/null'));
$acme = reset($acme);
$val = 0;
......@@ -838,9 +838,9 @@ class installer_base {
$addr_cleanup = "'%u'";
foreach (str_split($out[0]) as $delim) {
$recipient_delimiter = $this->db->escape( str_replace('%', '%%', $delim) );
$addr_cleanup = "SUBSTRING_INDEX(${addr_cleanup}, '${recipient_delimiter}', 1)";
$addr_cleanup = "SUBSTRING_INDEX({$addr_cleanup}, '{$recipient_delimiter}', 1)";
}
$no_addr_extension = "CONCAT(${addr_cleanup}, '@%d')";
$no_addr_extension = "CONCAT({$addr_cleanup}, '@%d')";
} else {
$no_addr_extension = "''";
}
......@@ -1525,7 +1525,7 @@ class installer_base {
foreach ($options as $value) {
$value = trim($value);
if ($value == '') continue;
if (preg_match("|check_recipient_access\s+proxy:mysql:${quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
if (preg_match("|check_recipient_access\s+proxy:mysql:{$quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
continue;
}
$new_options[] = $value;
......@@ -1533,7 +1533,7 @@ class installer_base {
if ($configure_lmtp && (!isset($conf['mail']['content_filter']) || $conf['mail']['content_filter'] === 'amavisd')) {
for ($i = 0; isset($new_options[$i]); $i++) {
if ($new_options[$i] == 'reject_unlisted_recipient') {
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${config_dir}/mysql-verify_recipients.cf"));
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:{$config_dir}/mysql-verify_recipients.cf"));
break;
}
}
......@@ -1712,7 +1712,7 @@ class installer_base {
// Check for amavisd -> pure webserver with postfix for mailing without antispam
if ($conf['amavis']['installed']) {
$content_filter_service = ($configure_lmtp) ? 'lmtp' : 'amavis';
$postconf_commands[] = "content_filter = ${content_filter_service}:[127.0.0.1]:10024";
$postconf_commands[] = "content_filter = {$content_filter_service}:[127.0.0.1]:10024";
$postconf_commands[] = 'receive_override_options = no_address_mappings';
$postconf_commands[] = 'address_verify_virtual_transport = smtp:[127.0.0.1]:10025';
$postconf_commands[] = 'address_verify_transport_maps = static:smtp:[127.0.0.1]:10025';
......@@ -1723,7 +1723,7 @@ class installer_base {
foreach ($options as $value) {
$value = trim($value);
if ($value == '') continue;
if (preg_match("|check_recipient_access\s+proxy:mysql:${quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
if (preg_match("|check_recipient_access\s+proxy:mysql:{$quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
continue;
}
$new_options[] = $value;
......@@ -1731,7 +1731,7 @@ class installer_base {
if ($configure_lmtp) {
for ($i = 0; isset($new_options[$i]); $i++) {
if ($new_options[$i] == 'reject_unlisted_recipient') {
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${config_dir}/mysql-verify_recipients.cf"));
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:{$config_dir}/mysql-verify_recipients.cf"));
break;
}
}
......@@ -1868,7 +1868,7 @@ class installer_base {
if (preg_match('/check_policy_service\s+inet:127.0.0.1:10023/', $value)) {
continue;
}
if (preg_match("|check_recipient_access\s+proxy:mysql:${quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
if (preg_match("|check_recipient_access\s+proxy:mysql:{$quoted_config_dir}/mysql-verify_recipients.cf|", $value)) {
continue;
}
$new_options[] = $value;
......@@ -1935,10 +1935,10 @@ class installer_base {
);
foreach ($local_d as $f) {
$tpl = new tpl();
if (file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master")) {
$tpl->newTemplate($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master");
if (file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master")) {
$tpl->newTemplate($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master");
} else {
$tpl->newTemplate("rspamd_${f}.master");
$tpl->newTemplate("rspamd_{$f}.master");
}
$tpl->setVar('dkim_path', $mail_config['dkim_path']);
......@@ -1950,7 +1950,7 @@ class installer_base {
$tpl->setLoop('local_addrs', $local_addrs);
}
wf("/etc/rspamd/local.d/${f}", $tpl->grab());
wf("/etc/rspamd/local.d/{$f}", $tpl->grab());
}
......@@ -1967,10 +1967,10 @@ class installer_base {
'arc.conf',
);
foreach ($local_d as $f) {
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master /etc/rspamd/local.d/${f}");
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master /etc/rspamd/local.d/{$f}");
} else {
exec("cp tpl/rspamd_${f}.master /etc/rspamd/local.d/${f}");
exec("cp tpl/rspamd_{$f}.master /etc/rspamd/local.d/{$f}");
}
}
......@@ -1980,10 +1980,10 @@ class installer_base {
'surbl_group.conf',
);
foreach ($override_d as $f) {
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master /etc/rspamd/override.d/${f}");
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master /etc/rspamd/override.d/{$f}");
} else {
exec("cp tpl/rspamd_${f}.master /etc/rspamd/override.d/${f}");
exec("cp tpl/rspamd_{$f}.master /etc/rspamd/override.d/{$f}");
}
}
......@@ -1995,10 +1995,10 @@ class installer_base {
'spf_whitelist.inc.ispc',
);
foreach ($maps_d as $f) {
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_${f}.master /etc/rspamd/local.d/maps.d/${f}");
if(file_exists($conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master")) {
exec('cp '.$conf['ispconfig_install_dir']."/server/conf-custom/install/rspamd_{$f}.master /etc/rspamd/local.d/maps.d/{$f}");
} else {
exec("cp tpl/rspamd_${f}.master /etc/rspamd/local.d/maps.d/${f}");
exec("cp tpl/rspamd_{$f}.master /etc/rspamd/local.d/maps.d/{$f}");
}
}
......
install/tpl/gentoo_postfix.conf.master
View file @ 16b96209
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
virtual_alias_domains = proxy:mysql:{config_dir}/mysql-virtual_alias_domains.cf
virtual_alias_maps = hash:/var/lib/mailman/data/virtual-mailman, proxy:mysql:{config_dir}/mysql-virtual_forwardings.cf, proxy:mysql:{config_dir}/mysql-virtual_alias_maps.cf, proxy:mysql:{config_dir}/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:{config_dir}/mysql-virtual_domains.cf
......@@ -5,6 +7,9 @@ virtual_mailbox_maps = proxy:mysql:{config_dir}/mysql-virtual_mailboxes.cf
virtual_mailbox_base = {vmail_mailbox_base}
virtual_uid_maps = proxy:mysql:/etc/postfix/mysql-virtual_uids.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/mysql-virtual_gids.cf
sender_bcc_maps = proxy:mysql:{config_dir}/mysql-virtual_outgoing_bcc.cf
inet_protocols=all
inet_interfaces = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
......@@ -35,7 +40,7 @@ header_checks = regexp:{config_dir}/header_checks
mime_header_checks = regexp:{config_dir}/mime_header_checks
nested_header_checks = regexp:{config_dir}/nested_header_checks
body_checks = regexp:{config_dir}/body_checks
inet_interfaces = all
owner_request_special = no
smtp_tls_security_level = may
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
......
install/update.php
View file @ 16b96209
......@@ -276,33 +276,11 @@ $inst->db->setDBName($conf['mysql']['database']);
//* initialize the master DB, if we have a multiserver setup
if($conf['mysql']['master_slave_setup'] == 'y') {
//** Get MySQL root credentials
$finished = false;
do {
$tmp_mysql_server_host = $inst->free_query('MySQL master server hostname', $conf['mysql']['master_host'],'mysql_master_hostname');
$tmp_mysql_server_port = $inst->free_query('MySQL master server port', $conf['mysql']['master_port'],'mysql_master_port');
$tmp_mysql_server_admin_user = $inst->free_query('MySQL master server root username', $conf['mysql']['master_admin_user'],'mysql_master_root_user');
$tmp_mysql_server_admin_password = $inst->free_query('MySQL master server root password', $conf['mysql']['master_admin_password'],'mysql_master_root_password');
$tmp_mysql_server_database = $inst->free_query('MySQL master server database name', $conf['mysql']['master_database'],'mysql_master_database');
//* Initialize the MySQL server connection
if(@mysqli_connect($tmp_mysql_server_host, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password, $tmp_mysql_server_database, (int)$tmp_mysql_server_port)) {
$conf['mysql']['master_host'] = $tmp_mysql_server_host;
$conf['mysql']['master_port'] = $tmp_mysql_server_port;
$conf['mysql']['master_admin_user'] = $tmp_mysql_server_admin_user;
$conf['mysql']['master_admin_password'] = $tmp_mysql_server_admin_password;
$conf['mysql']['master_database'] = $tmp_mysql_server_database;
$finished = true;
} else {
swriteln($inst->lng('Unable to connect to mysql server').' '.mysqli_connect_error());
}
} while ($finished == false);
unset($finished);
// initialize the connection to the master database
$inst->dbmaster = new db();
if($inst->dbmaster->linkId) $inst->dbmaster->closeConn();
$inst->dbmaster->setDBData($conf['mysql']["master_host"], $conf['mysql']["master_admin_user"], $conf['mysql']["master_admin_password"], $conf['mysql']["master_port"]);
$inst->dbmaster->setDBData($conf['mysql']["master_host"], $conf['mysql']["master_ispconfig_user"], $conf['mysql']["master_ispconfig_password"], $conf['mysql']["master_port"]);
$inst->dbmaster->setDBName($conf['mysql']["master_database"]);
} else {
$inst->dbmaster = $inst->db;
......@@ -349,6 +327,35 @@ unset($tmp);
$reconfigure_master_database_rights_answer = $inst->simple_query('Reconfigure Permissions in master database?', array('yes', 'no'), 'no','reconfigure_permissions_in_master_database');
if($reconfigure_master_database_rights_answer == 'yes') {
//** Get MySQL root credentials, to upgrade the dbmaster connection.
$finished = false;
do {
$tmp_mysql_server_host = $inst->free_query('MySQL master server hostname', $conf['mysql']['master_host'],'mysql_master_hostname');
$tmp_mysql_server_port = $inst->free_query('MySQL master server port', $conf['mysql']['master_port'],'mysql_master_port');
$tmp_mysql_server_admin_user = $inst->free_query('MySQL master server root username', $conf['mysql']['master_admin_user'],'mysql_master_root_user');
$tmp_mysql_server_admin_password = $inst->free_query('MySQL master server root password', $conf['mysql']['master_admin_password'],'mysql_master_root_password');
$tmp_mysql_server_database = $inst->free_query('MySQL master server database name', $conf['mysql']['master_database'],'mysql_master_database');
//* Initialize the MySQL server connection
if(@mysqli_connect($tmp_mysql_server_host, $tmp_mysql_server_admin_user, $tmp_mysql_server_admin_password, $tmp_mysql_server_database, (int)$tmp_mysql_server_port)) {
$conf['mysql']['master_host'] = $tmp_mysql_server_host;
$conf['mysql']['master_port'] = $tmp_mysql_server_port;
$conf['mysql']['master_admin_user'] = $tmp_mysql_server_admin_user;
$conf['mysql']['master_admin_password'] = $tmp_mysql_server_admin_password;
$conf['mysql']['master_database'] = $tmp_mysql_server_database;
$finished = true;
} else {
swriteln($inst->lng('Unable to connect to mysql server').' '.mysqli_connect_error());
}
} while ($finished == false);
unset($finished);
// initialize the connection to the master database
$inst->dbmaster = new db();
if($inst->dbmaster->linkId) $inst->dbmaster->closeConn();
$inst->dbmaster->setDBData($conf['mysql']["master_host"], $conf['mysql']["master_admin_user"], $conf['mysql']["master_admin_password"], $conf['mysql']["master_port"]);
$inst->dbmaster->setDBName($conf['mysql']["master_database"]);
$inst->grant_master_database_rights();
}
//}
......
interface/lib/classes/db_mysql.inc.php
View file @ 16b96209
......@@ -825,12 +825,13 @@ class db
return true;
}
//** Deletes a record and saves the changes into the datalog
// Updates a datalog record to store an error state.
public function datalogError($errormsg) {
global $app;
if(isset($app->modules->current_datalog_id) && $app->modules->current_datalog_id > 0) $this->query("UPDATE sys_datalog set error = ? WHERE datalog_id = ?", $errormsg, $app->modules->current_datalog_id);
if(isset($app->modules->current_datalog_id) && $app->modules->current_datalog_id > 0) {
$this->query("UPDATE sys_datalog set error = ? WHERE datalog_id = ?", $errormsg, $app->modules->current_datalog_id);
}
return true;
}
......@@ -844,7 +845,11 @@ class db
$login = $_SESSION['s']['user']['username'];
}
$result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = ? AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action", $login);
$result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable
FROM sys_datalog, server
WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = ? AND sys_datalog.datalog_id > server.updated
GROUP BY sys_datalog.dbtable, sys_datalog.action",
$login);
foreach($result as $row) {
if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come
$return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable'])); $return['count'] += $row['cnt'];
......
interface/lib/lang/cn.lng 0 → 100644
View file @ 16b96209
<?php
$wb['conf_format_dateshort'] = 'Y-m-d';
$wb['conf_format_dateshort_human_readable'] = 'yyyy-mm-dd';
$wb['conf_format_datelong'] = 'l dS of F Y';
$wb['conf_format_timeshort'] = 'H:i';
$wb['conf_format_timelong'] = 'H:i:s';
$wb['conf_format_datetime'] = 'Y-m-d H:i';
$wb['number_format_decimals'] = '4';
$wb['number_format_decimals_client'] = '2';
$wb['number_format_dec_point'] = '.';
$wb['number_format_thousands_sep'] = '';
$wb['error_301'] = '当前用户无权访问该模块。';
$wb['error_302'] = '无效的模块。';
$wb['error_1001'] = '用户名和密码不能为空!';
$wb['error_1002'] = '用户名和/或密码不正确!';
$wb['error_1003'] = '用户名已被停用!';
$wb['delete_confirmation'] = '你确定要删除这条记录吗?';
$wb['error_no_view_permission'] = '你没有查看此记录的权限或此记录不存在!';
$wb['error_no_delete_permission'] = '你没有删除此记录的权限!';
$wb['page_txt'] = '页';
$wb['page_of_txt'] = '/';
$wb['page_and_txt'] = '和';
$wb['page_next_txt'] = '下一页';
$wb['page_back_txt'] = '上一页';
$wb['delete_txt'] = '删除';
$wb['filter_txt'] = '筛选';
$wb['add_new_record_txt'] = '添加新记录';
$wb['btn_save_txt'] = '保存';
$wb['btn_cancel_txt'] = '取消';
$wb['top_menu_system'] = '系统';
$wb['top_menu_client'] = '客户';
$wb['top_menu_email'] = '邮件';
$wb['top_menu_monitor'] = '监控';
$wb['top_menu_sites'] = '站点';
$wb['top_menu_dns'] = 'DNS';
$wb['top_menu_tools'] = '工具';
$wb['top_menu_help'] = '帮助';
$wb['top_menu_billing'] = '结算';
$wb['top_menu_mailuser'] = '邮件用户';
$wb['top_menu_domain'] = '域名';
$wb['top_menu_dashboard'] = '主页';
$wb['top_menu_vm'] = '虚拟服务器';
$wb['toolsarea_head_txt'] = '工具';
$wb['latest_news_txt'] = '最新新闻';
$wb['logout_txt'] = '注销';
$wb['daynamesmin_su'] = '周日';
$wb['daynamesmin_mo'] = '周一';
$wb['daynamesmin_tu'] = '周二';
$wb['daynamesmin_we'] = '周三';
$wb['daynamesmin_th'] = '周四';
$wb['daynamesmin_fr'] = '周五';
$wb['daynamesmin_sa'] = '周六';
$wb['daynames_sunday'] = '星期日';
$wb['daynames_monday'] = '星期一';
$wb['daynames_tuesday'] = '星期二';
$wb['daynames_wednesday'] = '星期三';
$wb['daynames_thursday'] = '星期四';
$wb['daynames_friday'] = '星期五';
$wb['daynames_saturday'] = '星期六';
$wb['monthnamesshort_jan'] = '1月';
$wb['monthnamesshort_feb'] = '2月';
$wb['monthnamesshort_mar'] = '3月';
$wb['monthnamesshort_apr'] = '4月';
$wb['monthnamesshort_may'] = '5月';
$wb['monthnamesshort_jun'] = '6月';
$wb['monthnamesshort_jul'] = '7月';
$wb['monthnamesshort_aug'] = '8月';
$wb['monthnamesshort_sep'] = '9月';
$wb['monthnamesshort_oct'] = '10月';
$wb['monthnamesshort_nov'] = '11月';
$wb['monthnamesshort_dec'] = '12月';
$wb['datepicker_nextText'] = '下一个';
$wb['datepicker_prevText'] = '上一个';
$wb['submit_confirmation'] = '您确定要执行此操作吗?';
$wb['globalsearch_resultslimit_of_txt'] = '的';
$wb['globalsearch_resultslimit_results_txt'] = '结果';
$wb['globalsearch_noresults_text_txt'] = '没有结果。';
$wb['globalsearch_noresults_limit_txt'] = '0 结果';
$wb['globalsearch_searchfield_watermark_txt'] = '搜索';
$wb['globalsearch_suggestions_text_txt'] = '建议';
$wb['global_tabchange_warning_txt'] = '如果您按下“确定”按钮,此选项卡中的更改将被更改。如果取消,它们将被丢弃。';
$wb['global_tabchange_discard_txt'] = '此选项卡中有未保存的更改。如果您继续,更改将被丢弃。';
$wb['datalog_changes_txt'] = '以下更改尚未应用到所有服务器:';
$wb['datalog_changes_end_txt'] = '存储更新可能需要一分钟时间。请耐心等待。';
$wb['datalog_status_i_web_database'] = '创建新数据库';
$wb['datalog_status_u_web_database'] = '更新数据库';
$wb['datalog_status_d_web_database'] = '删除数据库';
$wb['datalog_status_i_web_database_user'] = '为数据库创建用户';
$wb['datalog_status_u_web_database_user'] = '更新数据库用户';
$wb['datalog_status_d_web_database_user'] = '删除数据库用户';
$wb['datalog_status_i_web_domain'] = '创建新网站';
$wb['datalog_status_u_web_domain'] = '更新网站设置';
$wb['datalog_status_d_web_domain'] = '删除网站';
$wb['datalog_status_i_ftp_user'] = '创建FTP用户';
$wb['datalog_status_u_ftp_user'] = '更新FTP用户';
$wb['datalog_status_d_ftp_user'] = '删除FTP用户';
$wb['datalog_status_i_mail_domain'] = '创建电子邮件域';
$wb['datalog_status_u_mail_domain'] = '更新电子邮件域';
$wb['datalog_status_d_mail_domain'] = '删除电子邮件域';
$wb['datalog_status_i_mail_user'] = '创建电子邮件用户';
$wb['datalog_status_u_mail_user'] = '更新电子邮件用户';
$wb['datalog_status_d_mail_user'] = '删除电子邮件用户';
$wb['datalog_status_i_spamfilter_users'] = '创建垃圾邮件过滤器设置';
$wb['datalog_status_u_spamfilter_users'] = '更新垃圾邮件过滤器设置';
$wb['datalog_status_d_spamfilter_users'] = '删除垃圾邮件过滤器设置';
$wb['datalog_status_i_mail_forwarding'] = '创建电子邮件地址';
$wb['datalog_status_u_mail_forwarding'] = '更新电子邮件地址';
$wb['datalog_status_d_mail_forwarding'] = '删除电子邮件地址';
$wb['datalog_status_i_dns_rr'] = '创建DNS记录';
$wb['datalog_status_u_dns_rr'] = '更新DNS记录';
$wb['datalog_status_d_dns_rr'] = '删除DNS记录';
$wb['datalog_status_i_dns_soa'] = '创建DNS区域';
$wb['datalog_status_u_dns_soa'] = '更新DNS区域';
$wb['datalog_status_d_dns_soa'] = '删除DNS区域';
$wb['datalog_status_i_dns_slave'] = '创建新的DNS从区域';
$wb['datalog_status_u_dns_slave'] = '更新DNS从区域';
$wb['datalog_status_d_dns_slave'] = '删除DNS从区域';
$wb['datalog_status_i_firewall'] = '创建新的防火墙规则';
$wb['datalog_status_u_firewall'] = '更新防火墙规则';
$wb['datalog_status_d_firewall'] = '删除防火墙规则';
$wb['datalog_status_u_server'] = '更新服务器设置';
$wb['datalog_status_d_server'] = '删除服务器';
$wb['datalog_status_i_cron'] = '创建cron作业';
$wb['datalog_status_u_cron'] = '更新cron作业';
$wb['datalog_status_i_server_ip'] = '添加服务器IP';
$wb['datalog_status_u_server_ip'] = '更新服务器IP';
$wb['datalog_status_d_server_ip'] = '删除服务器IP';
$wb['datalog_status_d_cron'] = '删除cron作业';
$wb['datalog_status_i_mail_get'] = '创建邮件获取器账户';
$wb['datalog_status_u_mail_get'] = '更新邮件获取器账户';
$wb['datalog_status_d_mail_get'] = '删除邮件获取器账户';
$wb['datalog_status_i_mail_mailinglist'] = '创建邮件列表';
$wb['datalog_status_u_mail_mailinglist'] = '更新邮件列表';
$wb['datalog_status_d_mail_mailinglist'] = '删除邮件列表';
$wb['datalog_status_i_shell_user'] = '创建 Shell 用户';
$wb['datalog_status_u_shell_user'] = '更新 Shell 用户';
$wb['datalog_status_d_shell_user'] = '删除 Shell 用户';
$wb['datalog_status_i_web_folder'] = '创建文件夹保护';
$wb['datalog_status_u_web_folder'] = '更新文件夹保护';
$wb['datalog_status_d_web_folder'] = '删除文件夹保护';
$wb['datalog_status_i_web_folder_user'] = '创建文件夹保护用户';
$wb['datalog_status_u_web_folder_user'] = '更新文件夹保护用户';
$wb['datalog_status_d_web_folder_user'] = '删除文件夹保护用户';
$wb['datalog_status_i_xmpp_domain'] = '创建 XMPP 域名';
$wb['datalog_status_u_xmpp_domain'] = '更新 XMPP 域名';
$wb['datalog_status_d_xmpp_domain'] = '删除 XMPP 域名';
$wb['datalog_status_i_xmpp_user'] = '创建 XMPP 用户';
$wb['datalog_status_u_xmpp_user'] = '更新 XMPP 用户';
$wb['datalog_status_d_xmpp_user'] = '删除 XMPP 用户';
$wb['err_csrf_attempt_blocked'] = 'CSRF 尝试已被阻止。';
$wb['login_as_txt'] = '以...身份登录';
$wb['no_domain_perm'] = '您没有此域的权限。';
$wb['no_destination_perm'] = '您没有此目标的权限。';
$wb['client_you_are_locked'] = '您无权更改任何设置。';
$wb['gender_m_txt'] = '先生';
$wb['gender_f_txt'] = '女士';
$wb['client_cannot_be_deleted_because_of_billing_module_txt'] = '此客户在计费模块中有记录,因此无法删除。';
$wb['yes_txt'] = '是';
$wb['no_txt'] = '否';
$wb['None'] = '无';
$wb['strength_1'] = '弱';
$wb['strength_2'] = '一般';
$wb['strength_3'] = '好';
$wb['strength_4'] = '强';
$wb['strength_5'] = '非常强';
$wb['weak_password_txt'] = '所选密码不符合安全指南。它的长度必须至少为 {chars} 个字符,并具有“{strength}”的强度。';
$wb['weak_password_length_txt'] = '所选密码不符合安全指南。它的长度必须至少为 {chars} 个字符。';
$wb['security_check1_txt'] = '检查安全权限:';
$wb['security_check2_txt'] = '失败。';
$wb['select_directive_snippet_txt'] = '指令片段';
$wb['select_master_directive_snippet_txt'] = '主指令片段';
$wb['unlimited_txt'] = '无限制';
$wb['server_id_0_error_txt'] = '请选择一个有效的服务器。服务器ID必须大于0。';
$wb['datalog_changes_close_txt'] = '关闭';
$wb['non_admin_error'] = '需要管理员级别的权限';
$wb['copy_to_clipboard_txt'] = '复制到剪贴板';
?>
interface/web/admin/lib/lang/cn.lng 0 → 100644
View file @ 16b96209
<?php
$wb['Groups'] = '用户组';
$wb['groups_description'] = '编辑系统用户组的表单。';
$wb['Servers'] = '服务器';
$wb['Config'] = '配置';
$wb['Add user'] = '添加用户';
$wb['Edit user'] = '编辑用户';
$wb['Add group'] = '添加组';
$wb['Edit group'] = '编辑组';
$wb['Edit server'] = '编辑服务器';
$wb['Sync. Now'] = '立即同步';
$wb['DB Sync.'] = '数据库同步。';
$wb['User Management'] = '用户管理';
$wb['CP Users'] = '控制面板用户';
$wb['Remote Users'] = '远程用户';
$wb['System'] = '系统';
$wb['Server Services'] = '服务器服务';
$wb['Services'] = '服务';
$wb['Server Config'] = '服务器配置';
$wb['Server'] = '服务器';
$wb['Mail'] = '邮件';
$wb['Getmail'] = 'Getmail';
$wb['Web'] = 'Web';
$wb['FastCGI'] = 'FastCGI';
$wb['Jailkit'] = 'Jailkit';
$wb['Rescue'] = '救援';
$wb['Server IP addresses'] = '服务器IP地址';
$wb['Additional PHP Versions'] = '额外的PHP版本';
$wb['Directive Snippets'] = '指令片段';
$wb['Firewall'] = '防火墙';
$wb['Interface'] = '界面';
$wb['Interface Config'] = '主配置';
$wb['Sites'] = '网站';
$wb['DNS'] = 'DNS';
$wb['Domains'] = '域名';
$wb['Misc'] = '杂项';
$wb['Software'] = '应用与插件';
$wb['Repositories'] = '软件源';
$wb['Packages'] = '软件包';
$wb['Updates'] = '更新';
$wb['Language Editor'] = '语言编辑器';
$wb['Languages'] = '语言';
$wb['New Language'] = '新语言';
$wb['Merge'] = '合并';
$wb['Export'] = '导出';
$wb['Import'] = '导入';
$wb['Remote Actions'] = '远程操作';
$wb['Do OS-Update'] = '执行操作系统更新';
$wb['Do ISPConfig-Update'] = '执行ISPConfig更新';
?>
interface/web/admin/lib/lang/cn_directive_snippets.lng 0 → 100644
View file @ 16b96209
<?php
$wb['Directive Snippets'] = '指令片段';
$wb['name_txt'] = '片段名称';
$wb['type_txt'] = '类型';
$wb['snippet_txt'] = '指令片段';
$wb['active_txt'] = '激活';
$wb['directive_snippets_name_empty'] = '请为指令片段指定一个名称。';
$wb['directive_snippets_name_error_unique'] = '已经存在一个同名的指令片段。';
$wb['variables_txt'] = '变量';
$wb['customer_viewable_txt'] = '客户可见';
$wb['required_php_snippets_txt'] = '所需 PHP 片段';
$wb['update_sites_txt'] = '使用此指令片段更新网站';
$wb['error_hide_snippet_active_sites'] = '无法从客户端隐藏此指令片段,因为它当前正在被现有网站使用。';
$wb['error_disable_snippet_active_sites'] = '由于当前有网站正在使用此指令片段,因此无法禁用它。';
$wb['error_delete_snippet_active_sites'] = '由于当前有网站正在使用此指令片段,因此无法删除它。';
interface/web/admin/lib/lang/cn_directive_snippets_list.lng 0 → 100644
View file @ 16b96209
<?php
$wb['list_head_txt'] = '指令片段';
$wb['active_txt'] = '激活';
$wb['name_txt'] = '片段名称';
$wb['type_txt'] = '类型';
$wb['add_new_record_txt'] = '添加指令片段';
$wb['customer_viewable_txt'] = '客户可见';
?>
interface/web/admin/lib/lang/cn_firewall.lng 0 → 100644
View file @ 16b96209
<?php
$wb['server_id_txt'] = '服务器';
$wb['tcp_port_txt'] = '开放 TCP 端口';
$wb['udp_port_txt'] = '开放 UDP 端口';
$wb['tcp_port_help_txt'] = '用逗号分隔';
$wb['udp_port_help_txt'] = '用逗号分隔';
$wb['active_txt'] = '激活';
$wb['firewall_error_unique'] = '该服务器已存在防火墙记录。';
$wb['tcp_ports_error_regex'] = 'TCP 端口定义中不允许出现该字符。允许的字符有数字、冒号(:)和逗号。';
$wb['udp_ports_error_regex'] = 'UDP 端口定义中不允许出现该字符。允许的字符有数字、冒号(:)和逗号。';
?>
interface/web/admin/lib/lang/cn_firewall_list.lng 0 → 100644
View file @ 16b96209
<?php
$wb['list_head_txt'] = '防火墙';
$wb['active_txt'] = '启用';
$wb['server_id_txt'] = '服务器';
$wb['tcp_port_txt'] = '开放TCP端口';
$wb['udp_port_txt'] = '开放UDP端口';
$wb['add_new_record_txt'] = '添加防火墙记录';
?>
interface/web/admin/lib/lang/cn_groups.lng 0 → 100644
View file @ 16b96209
<?php
$wb['description_txt'] = '描述';
$wb['name_txt'] = '组名';
$wb['name_err'] = '组名必须是1到30个字符。';
?>
interface/web/admin/lib/lang/cn_groups_list.lng 0 → 100644
View file @ 16b96209
<?php
$wb['list_head_txt'] = '系统用户组';
$wb['description_txt'] = '描述';
$wb['name_txt'] = '用户组';
$wb['add_new_record_txt'] = '添加新用户组';
$wb['warning_txt'] = '<b>警告:</b>请勿在此处编辑或修改任何用户设置。请改用客户端模块中的客户端和经销商设置。在此处修改用户或组可能会导致数据丢失!';
?>
interface/web/admin/lib/lang/cn_iptables.lng 0 → 100644
View file @ 16b96209
<?php
$wb['server_id_txt'] = '服务器';
$wb['multiport_txt'] = '多端口';
$wb['singleport_txt'] = '单端口';
$wb['protocol_txt'] = '协议';
$wb['table_txt'] = '表';
$wb['target_txt'] = '目标';
$wb['state_txt'] = '状态';
$wb['destination_ip_txt'] = '目标地址';
$wb['source_ip_txt'] = '源地址';
$wb['active_txt'] = '激活';
$wb['iptables_error_unique'] = '此服务器已存在防火墙记录。';
?>
interface/web/admin/lib/lang/cn_iptables_list.lng 0 → 100644
View file @ 16b96209
<?php
$wb['list_head_txt'] = 'IPTables';
$wb['add_new_rule_txt'] = '添加IPTables规则';
$wb['server_id_txt'] = '服务器';
$wb['multiport_txt'] = '多端口';
$wb['singleport_txt'] = '单端口';
$wb['protocol_txt'] = '协议';
$wb['table_txt'] = '表格';
$wb['target_txt'] = '目标';
$wb['state_txt'] = '状态';
$wb['destination_ip_txt'] = '目标地址';
$wb['source_ip_txt'] = '源地址';
$wb['active_txt'] = '激活';
$wb['iptables_error_unique'] = '该服务器已存在防火墙规则。';
?>
interface/web/admin/lib/lang/cn_language_add.lng 0 → 100644
View file @ 16b96209
<?php
$wb['list_head_txt'] = '添加新语言';
$wb['language_select_txt'] = '选择语言基础';
$wb['language_new_txt'] = '新语言';
$wb['language_new_hint_txt'] = '2 个字符的 ISO 639-1 语言代码(参见 https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes)';
$wb['btn_save_txt'] = '创建新语言文件集';
$wb['btn_cancel_txt'] = '返回';
?>