Skip to content
Hide whitespace changes
Inline Side-by-side
install/dist/conf/ubuntu1710.conf.php
View file @ 7cb697a8
......@@ -68,6 +68,7 @@ $conf['mysql']['ispconfig_user'] = 'ispconfig';
$conf['mysql']['ispconfig_password'] = md5(random_bytes(20));
$conf['mysql']['master_slave_setup'] = 'n';
$conf['mysql']['master_host'] = '';
$conf['mysql']['master_port'] = '3306';
$conf['mysql']['master_database'] = 'dbispconfig';
$conf['mysql']['master_admin_user'] = 'root';
$conf['mysql']['master_admin_password'] = '';
......
install/dist/conf/ubuntu1804.conf.php
View file @ 7cb697a8
......@@ -43,6 +43,7 @@ $conf['init_scripts'] = '/etc/init.d';
$conf['runlevel'] = '/etc';
$conf['shells'] = '/etc/shells';
$conf['pam'] = '/etc/pam.d';
$conf['default_php'] = "7.2";
//* Services provided by this server, this selection will be overridden by the expert mode
$conf['services']['mail'] = true;
......@@ -68,6 +69,7 @@ $conf['mysql']['ispconfig_user'] = 'ispconfig';
$conf['mysql']['ispconfig_password'] = md5(random_bytes(20));
$conf['mysql']['master_slave_setup'] = 'n';
$conf['mysql']['master_host'] = '';
$conf['mysql']['master_port'] = '3306';
$conf['mysql']['master_database'] = 'dbispconfig';
$conf['mysql']['master_admin_user'] = 'root';
$conf['mysql']['master_admin_password'] = '';
......
install/dist/conf/ubuntu2004.conf.php
View file @ 7cb697a8
......@@ -28,7 +28,7 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
//*** Ubuntu 18.04 default settings
//*** Ubuntu 20.04 default settings
//* Main
$conf['language'] = 'en';
......@@ -43,6 +43,7 @@ $conf['init_scripts'] = '/etc/init.d';
$conf['runlevel'] = '/etc';
$conf['shells'] = '/etc/shells';
$conf['pam'] = '/etc/pam.d';
$conf['default_php'] = "7.4";
//* Services provided by this server, this selection will be overridden by the expert mode
$conf['services']['mail'] = true;
......@@ -68,6 +69,7 @@ $conf['mysql']['ispconfig_user'] = 'ispconfig';
$conf['mysql']['ispconfig_password'] = md5(random_bytes(20));
$conf['mysql']['master_slave_setup'] = 'n';
$conf['mysql']['master_host'] = '';
$conf['mysql']['master_port'] = '3306';
$conf['mysql']['master_database'] = 'dbispconfig';
$conf['mysql']['master_admin_user'] = 'root';
$conf['mysql']['master_admin_password'] = '';
......
install/dist/conf/ubuntu2204.conf.php 0 → 100644
View file @ 7cb697a8
<?php
/*
Copyright (c) 2022, Till Brehm, ISPConfig UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
//*** Ubuntu 22.04 default settings
//* Main
$conf['language'] = 'en';
$conf['distname'] = 'ubuntu2204';
$conf['hostname'] = 'server1.domain.tld'; // Full hostname
$conf['ispconfig_install_dir'] = '/usr/local/ispconfig';
$conf['ispconfig_config_dir'] = '/usr/local/ispconfig';
$conf['ispconfig_log_priority'] = 2; // 0 = Debug, 1 = Warning, 2 = Error
$conf['ispconfig_log_dir'] = '/var/log/ispconfig';
$conf['server_id'] = 1;
$conf['init_scripts'] = '/etc/init.d';
$conf['runlevel'] = '/etc';
$conf['shells'] = '/etc/shells';
$conf['pam'] = '/etc/pam.d';
$conf['default_php'] = "8.1";
//* Services provided by this server, this selection will be overridden by the expert mode
$conf['services']['mail'] = true;
$conf['services']['web'] = true;
$conf['services']['dns'] = true;
$conf['services']['file'] = true;
$conf['services']['db'] = true;
$conf['services']['vserver'] = true;
$conf['services']['proxy'] = false;
$conf['services']['firewall'] = false;
//* MySQL
$conf['mysql']['installed'] = false; // will be detected automatically during installation
$conf['mysql']['init_script'] = 'mysql';
$conf['mysql']['host'] = 'localhost';
$conf['mysql']['ip'] = '127.0.0.1';
$conf['mysql']['port'] = '3306';
$conf['mysql']['database'] = 'dbispconfig';
$conf['mysql']['admin_user'] = 'root';
$conf['mysql']['admin_password'] = '';
$conf['mysql']['charset'] = 'utf8';
$conf['mysql']['ispconfig_user'] = 'ispconfig';
$conf['mysql']['ispconfig_password'] = md5(random_bytes(20));
$conf['mysql']['master_slave_setup'] = 'n';
$conf['mysql']['master_host'] = '';
$conf['mysql']['master_port'] = '3306';
$conf['mysql']['master_database'] = 'dbispconfig';
$conf['mysql']['master_admin_user'] = 'root';
$conf['mysql']['master_admin_password'] = '';
$conf['mysql']['master_ispconfig_user'] = '';
$conf['mysql']['master_ispconfig_password'] = md5(random_bytes(20));
//* Apache
$conf['apache']['installed'] = false; // will be detected automatically during installation
$conf['apache']['user'] = 'www-data';
$conf['apache']['group'] = 'www-data';
$conf['apache']['init_script'] = 'apache2';
$conf['apache']['version'] = '2.4';
$conf['apache']['vhost_conf_dir'] = '/etc/apache2/sites-available';
$conf['apache']['vhost_conf_enabled_dir'] = '/etc/apache2/sites-enabled';
$conf['apache']['vhost_port'] = '8080';
$conf['apache']['php_ini_path_apache'] = '/etc/php/8.1/apache2/php.ini';
$conf['apache']['php_ini_path_cgi'] = '/etc/php/8.1/cgi/php.ini';
//* Website base settings
$conf['web']['website_basedir'] = '/var/www';
$conf['web']['website_path'] = '/var/www/clients/client[client_id]/web[website_id]';
$conf['web']['website_symlinks'] = '/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/';
//* Apps base settings
$conf['web']['apps_vhost_ip'] = '_default_';
$conf['web']['apps_vhost_port'] = '8081';
$conf['web']['apps_vhost_servername'] = '';
$conf['web']['apps_vhost_user'] = 'ispapps';
$conf['web']['apps_vhost_group'] = 'ispapps';
//* Fastcgi
$conf['fastcgi']['fastcgi_phpini_path'] = '/etc/php/8.1/cgi/';
$conf['fastcgi']['fastcgi_starter_path'] = '/var/www/php-fcgi-scripts/[system_user]/';
$conf['fastcgi']['fastcgi_bin'] = '/usr/bin/php-cgi';
//* Postfix
$conf['postfix']['installed'] = false; // will be detected automatically during installation
$conf['postfix']['config_dir'] = '/etc/postfix';
$conf['postfix']['init_script'] = 'postfix';
$conf['postfix']['user'] = 'postfix';
$conf['postfix']['group'] = 'postfix';
$conf['postfix']['vmail_userid'] = '5000';
$conf['postfix']['vmail_username'] = 'vmail';
$conf['postfix']['vmail_groupid'] = '5000';
$conf['postfix']['vmail_groupname'] = 'vmail';
$conf['postfix']['vmail_mailbox_base'] = '/var/vmail';
//* Mailman
$conf['mailman']['installed'] = false; // will be detected automatically during installation
$conf['mailman']['config_dir'] = '/etc/mailman';
$conf['mailman']['init_script'] = 'mailman';
//* Getmail
$conf['getmail']['installed'] = false; // will be detected automatically during installation
$conf['getmail']['config_dir'] = '/etc/getmail';
$conf['getmail']['program'] = '/usr/bin/getmail';
//* Courier
$conf['courier']['installed'] = false; // will be detected automatically during installation
$conf['courier']['config_dir'] = '/etc/courier';
$conf['courier']['courier-authdaemon'] = 'courier-authdaemon';
$conf['courier']['courier-imap'] = 'courier-imap';
$conf['courier']['courier-imap-ssl'] = 'courier-imap-ssl';
$conf['courier']['courier-pop'] = 'courier-pop';
$conf['courier']['courier-pop-ssl'] = 'courier-pop-ssl';
//* Dovecot
$conf['dovecot']['installed'] = false; // will be detected automatically during installation
$conf['dovecot']['config_dir'] = '/etc/dovecot';
$conf['dovecot']['init_script'] = 'dovecot';
//* SASL
$conf['saslauthd']['installed'] = false; // will be detected automatically during installation
$conf['saslauthd']['config'] = '/etc/default/saslauthd';
$conf['saslauthd']['init_script'] = 'saslauthd';
//* Amavisd
$conf['amavis']['installed'] = false; // will be detected automatically during installation
$conf['amavis']['config_dir'] = '/etc/amavis';
$conf['amavis']['init_script'] = 'amavis';
//* Rspamd
$conf['rspamd']['installed'] = false; // will be detected automatically during installation
$conf['rspamd']['config_dir'] = '/etc/rspamd';
$conf['rspamd']['init_script'] = 'rspamd';
//* ClamAV
$conf['clamav']['installed'] = false; // will be detected automatically during installation
$conf['clamav']['init_script'] = 'clamav-daemon';
//* Pureftpd
$conf['pureftpd']['installed'] = false; // will be detected automatically during installation
$conf['pureftpd']['config_dir'] = '/etc/pure-ftpd';
$conf['pureftpd']['init_script'] = 'pure-ftpd-mysql';
//* MyDNS
$conf['mydns']['installed'] = false; // will be detected automatically during installation
$conf['mydns']['config_dir'] = '/etc';
$conf['mydns']['init_script'] = 'mydns';
//* PowerDNS
$conf['powerdns']['installed'] = false; // will be detected automatically during installation
$conf['powerdns']['database'] = 'powerdns';
$conf["powerdns"]["config_dir"] = '/etc/powerdns/pdns.d';
$conf['powerdns']['init_script'] = 'pdns';
//* BIND DNS Server
$conf['bind']['installed'] = false; // will be detected automatically during installation
$conf['bind']['bind_user'] = 'root';
$conf['bind']['bind_group'] = 'bind';
$conf['bind']['bind_zonefiles_dir'] = '/etc/bind';
$conf['bind']['named_conf_path'] = '/etc/bind/named.conf';
$conf['bind']['named_conf_local_path'] = '/etc/bind/named.conf.local';
$conf['bind']['init_script'] = 'bind9';
//* Jailkit
$conf['jailkit']['installed'] = false; // will be detected automatically during installation
$conf['jailkit']['config_dir'] = '/etc/jailkit';
$conf['jailkit']['jk_init'] = 'jk_init.ini';
$conf['jailkit']['jk_chrootsh'] = 'jk_chrootsh.ini';
$conf['jailkit']['jailkit_chroot_app_programs'] = '/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico /usr/bin/mysql /usr/bin/mysqldump /usr/bin/git /usr/bin/git-receive-pack /usr/bin/git-upload-pack /usr/bin/unzip /usr/bin/zip /bin/tar /bin/rm /usr/bin/patch /etc/localtime';
$conf['jailkit']['jailkit_chroot_cron_programs'] = '/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php';
//* Squid
$conf['squid']['installed'] = false; // will be detected automatically during installation
$conf['squid']['config_dir'] = '/etc/squid';
$conf['squid']['init_script'] = 'squid';
//* Nginx
$conf['nginx']['installed'] = false; // will be detected automatically during installation
$conf['nginx']['user'] = 'www-data';
$conf['nginx']['group'] = 'www-data';
$conf['nginx']['config_dir'] = '/etc/nginx';
$conf['nginx']['vhost_conf_dir'] = '/etc/nginx/sites-available';
$conf['nginx']['vhost_conf_enabled_dir'] = '/etc/nginx/sites-enabled';
$conf['nginx']['init_script'] = 'nginx';
$conf['nginx']['vhost_port'] = '8080';
$conf['nginx']['cgi_socket'] = '/var/run/fcgiwrap.socket';
$conf['nginx']['php_fpm_init_script'] = 'php8.1-fpm';
$conf['nginx']['php_fpm_ini_path'] = '/etc/php/8.1/fpm/php.ini';
$conf['nginx']['php_fpm_pool_dir'] = '/etc/php/8.1/fpm/pool.d';
$conf['nginx']['php_fpm_start_port'] = 9010;
$conf['nginx']['php_fpm_socket_dir'] = '/var/lib/php8.1-fpm';
//* OpenVZ
$conf['openvz']['installed'] = false;
//*Bastille-Firwall
$conf['bastille']['installed'] = false;
$conf['bastille']['config_dir'] = '/etc/Bastille';
//* vlogger
$conf['vlogger']['config_dir'] = '/etc';
//* cron
$conf['cron']['init_script'] = 'cron';
$conf['cron']['crontab_dir'] = '/etc/cron.d';
$conf['cron']['wget'] = '/usr/bin/wget';
//* Metronome XMPP
$conf['xmpp']['installed'] = false;
$conf['xmpp']['init_script'] = 'metronome';
// AppArmor
$conf['apparmor']['installed'] = false;
?>
\ No newline at end of file
install/dist/lib/centos90.lib.php 0 → 100644
View file @ 7cb697a8
<?php
/*
Copyright (c) 2014, Till Brehm, ISPConfig UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once realpath(dirname(__FILE__)) . '/centos_base.lib.php';
class installer extends installer_centos {
protected $clamav_socket = '/var/run/clamd.amavisd/clamd.sock';
// everything else is inherited from installer_centos class
}
?>
install/dist/tpl/gentoo/apache_ispconfig.vhost.master
View file @ 7cb697a8
......@@ -6,7 +6,7 @@
{vhost_port_listen} Listen {vhost_port}
<tmpl_if name='apache_version' op='<' value='2.4' format='version'>
NameVirtualHost *:{vhost_port}
# NameVirtualHost *:{vhost_port}
</tmpl_if>
<VirtualHost _default_:{vhost_port}>
......
install/install.php
View file @ 7cb697a8
......@@ -508,6 +508,9 @@ if($conf['apparmor']['installed']){
if($install_mode == 'standard' || strtolower($inst->simple_query('Configure Firewall Server', array('y', 'n'), 'y','configure_firewall')) == 'y') {
//* Check for Firewall
if(!isset($conf['firewall']['installed'])) {
$conf['firewall']['installed'] = false;
}
if(!$conf['ufw']['installed'] && !$conf['firewall']['installed']) {
$conf['ufw']['installed'] = $inst->force_configure_app('Ubuntu Firewall', ($install_mode == 'expert'));
$conf['firewall']['installed'] = $inst->force_configure_app('Bastille Firewall', ($install_mode == 'expert'));
......@@ -631,12 +634,12 @@ swriteln('Detect IP addresses');
$inst->detect_ips();
swriteln('Restarting services ...');
if($conf['mysql']['installed'] == true && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
if($conf['postfix']['installed'] == true && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
if($conf['saslauthd']['installed'] == true && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
if($conf['amavis']['installed'] == true && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
if($conf['rspamd']['installed'] == true && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
if($conf['clamav']['installed'] == true && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
if($conf['mysql']['installed'] == true && isset($conf['mysql']['init_script']) && $conf['mysql']['init_script'] != '') system($inst->getinitcommand($conf['mysql']['init_script'], 'restart').' >/dev/null 2>&1');
if($conf['postfix']['installed'] == true && isset($conf['postfix']['init_script']) && $conf['postfix']['init_script'] != '') system($inst->getinitcommand($conf['postfix']['init_script'], 'restart'));
if($conf['saslauthd']['installed'] == true && isset($conf['saslauthd']['init_script']) && $conf['saslauthd']['init_script'] != '') system($inst->getinitcommand($conf['saslauthd']['init_script'], 'restart'));
if($conf['amavis']['installed'] == true && isset($conf['amavis']['init_script']) && $conf['amavis']['init_script'] != '') system($inst->getinitcommand($conf['amavis']['init_script'], 'restart'));
if($conf['rspamd']['installed'] == true && isset($conf['rspamd']['init_script']) && $conf['rspamd']['init_script'] != '') system($inst->getinitcommand($conf['rspamd']['init_script'], 'restart'));
if($conf['clamav']['installed'] == true && isset($conf['clamav']['init_script']) && $conf['clamav']['init_script'] != '' && $conf['amavis']['installed'] == true) system($inst->getinitcommand($conf['clamav']['init_script'], 'restart'));
if($conf['courier']['installed'] == true){
if($conf['courier']['courier-authdaemon'] != '') system($inst->getinitcommand($conf['courier']['courier-authdaemon'], 'restart'));
if($conf['courier']['courier-imap'] != '') system($inst->getinitcommand($conf['courier']['courier-imap'], 'restart'));
......@@ -644,22 +647,22 @@ if($conf['courier']['installed'] == true){
if($conf['courier']['courier-pop'] != '') system($inst->getinitcommand($conf['courier']['courier-pop'], 'restart'));
if($conf['courier']['courier-pop-ssl'] != '') system($inst->getinitcommand($conf['courier']['courier-pop-ssl'], 'restart'));
}
if($conf['dovecot']['installed'] == true && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
if($conf['mailman']['installed'] == true && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
if($conf['apache']['installed'] == true && $conf['apache']['init_script'] != '') system($inst->getinitcommand($conf['apache']['init_script'], 'restart'));
if($conf['dovecot']['installed'] == true && isset($conf['dovecot']['init_script']) && $conf['dovecot']['init_script'] != '') system($inst->getinitcommand($conf['dovecot']['init_script'], 'restart'));
if($conf['mailman']['installed'] == true && isset($conf['mailman']['init_script']) && $conf['mailman']['init_script'] != '') system('nohup '.$inst->getinitcommand($conf['mailman']['init_script'], 'restart').' >/dev/null 2>&1 &');
if($conf['apache']['installed'] == true && isset($conf['apache']['init_script']) && $conf['apache']['init_script'] != '') system($inst->getinitcommand($conf['apache']['init_script'], 'restart'));
//* Reload is enough for nginx
if($conf['nginx']['installed'] == true){
if($conf['nginx']['php_fpm_init_script'] != '') system($inst->getinitcommand($conf['nginx']['php_fpm_init_script'], 'reload'));
if($conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
if(isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'reload'));
}
if($conf['pureftpd']['installed'] == true && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
if($conf['mydns']['installed'] == true && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
if($conf['powerdns']['installed'] == true && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
if($conf['bind']['installed'] == true && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
//if($conf['squid']['installed'] == true && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
if($conf['ufw']['installed'] == true && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null');
if($conf['xmpp']['installed'] == true && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
if($conf['pureftpd']['installed'] == true && isset($conf['pureftpd']['init_script']) && $conf['pureftpd']['init_script'] != '') system($inst->getinitcommand($conf['pureftpd']['init_script'], 'restart'));
if($conf['mydns']['installed'] == true && isset($conf['mydns']['init_script']) && $conf['mydns']['init_script'] != '') system($inst->getinitcommand($conf['mydns']['init_script'], 'restart').' &> /dev/null');
if($conf['powerdns']['installed'] == true && isset($conf['powerdns']['init_script']) && $conf['powerdns']['init_script'] != '') system($inst->getinitcommand($conf['powerdns']['init_script'], 'restart').' &> /dev/null');
if($conf['bind']['installed'] == true && isset($conf['bind']['init_script']) && $conf['bind']['init_script'] != '') system($inst->getinitcommand($conf['bind']['init_script'], 'restart').' &> /dev/null');
//if($conf['squid']['installed'] == true && isset($conf['squid']['init_script']) && $conf['squid']['init_script'] != '' && is_file($conf['init_scripts'].'/'.$conf['squid']['init_script'])) system($conf['init_scripts'].'/'.$conf['squid']['init_script'].' restart &> /dev/null');
if($conf['nginx']['installed'] == true && isset($conf['nginx']['init_script']) && $conf['nginx']['init_script'] != '') system($inst->getinitcommand($conf['nginx']['init_script'], 'restart').' &> /dev/null');
if($conf['ufw']['installed'] == true && isset($conf['ufw']['init_script']) && $conf['ufw']['init_script'] != '') system($inst->getinitcommand($conf['ufw']['init_script'], 'restart').' &> /dev/null');
if($conf['xmpp']['installed'] == true && isset($conf['xmpp']['init_script']) && $conf['xmpp']['init_script'] != '') system($inst->getinitcommand($conf['xmpp']['init_script'], 'restart').' &> /dev/null');
$inst->create_mount_script();
......
install/lib/classes/tpl.inc.php
View file @ 7cb697a8
......@@ -931,7 +931,7 @@ if (!defined('vlibTemplateClassLoaded')) {
{
array_push($this->_namespace, $varname);
$tempvar = count($this->_namespace) - 1;
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < count(\$this->_arrvars";
$retstr = "for (\$_".$tempvar."=0 ; \$_".$tempvar." < \$this->_tpl_count(\$this->_arrvars";
for ($i=0; $i < count($this->_namespace); $i++) {
$retstr .= "['".$this->_namespace[$i]."']";
if ($this->_namespace[$i] != $varname) $retstr .= "[\$_".$i."]";
......@@ -1170,7 +1170,15 @@ if (!defined('vlibTemplateClassLoaded')) {
array_push($this->_currentincludedir, dirname($this->_tmplfilename));
$this->_includedepth++;
$success = @eval($this->_tmplfilep);
try {
$success = @eval($this->_tmplfilep);
} catch(Exception $ex) {
print $this->_tmplfilep;
throw $ex;
} catch(TypeError $ex) {
print $this->_tmplfilep;
throw $ex;
}
$this->_includedepth--;
array_pop($this->_currentincludedir);
......@@ -1268,6 +1276,27 @@ if (!defined('vlibTemplateClassLoaded')) {
return $return;
}
/**
* Used during in evaled code to replace PHP count function for PHP 8 compatibility
* @var variable to be counted
*/
private function _tpl_count($var)
{
$retvar = 0;
if(isset($var)) {
if(is_array($var)) {
$retvar = count($var);
} elseif(is_null($var)) {
$retvar = 0;
} else {
$retvar = 1;
}
} else {
$retvar = 0;
}
return $retvar;
}
/*- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following functions have no use and are included just so that if the user
is making use of vlibTemplateCache functions, this doesn't crash when changed to
......
install/lib/install.lib.php
View file @ 7cb697a8
......@@ -98,6 +98,10 @@ function get_distname() {
$mainver = current($mainver).'.'.next($mainver);
}
switch ($mainver){
case "22.04":
$relname = "(Jammy Jellyfish)";
$distconfid = 'ubuntu2204';
break;
case "20.04":
$relname = "(Focal Fossa)";
$distconfid = 'ubuntu2004';
......@@ -295,88 +299,93 @@ function get_distname() {
}
//** RHEL (including compatible clones) & Fedora
elseif(file_exists('/etc/redhat-release') && file_exists('/etc/os-release')) {
$content = file_get_contents('/etc/os-release');
preg_match('/(?<=PRETTY_NAME=\").+?(?=\")/', $content, $prettyname);
preg_match('/(?<=NAME=\").+?(?=\")/', $content, $name);
preg_match('/(?<=VERSION=\").+?(?=\")/', $content, $version);
preg_match('/(?<=VERSION_ID=\").+?(?=\")/', $content, $versionid);
if(stristr($prettyname[0], 'Fedora 32 (Thirty Two)')) {
$distname = 'Fedora';
$distver = '32';
$distid = 'fedora32';
$distbaseid = 'fedora';
swriteln("Operating System: Fedora 32 or compatible\n");
} elseif(stristr($prettyname[0], 'Fedora 33 (Thirty Three)')) {
$distname = 'Fedora';
$distver = '33';
$distid = 'fedora33';
$distbaseid = 'fedora';
swriteln("Operating System: Fedora 33 or compatible\n");
//** RHEL 7 and compatible clones
} elseif(preg_match('/^(?:7|7\.[0-9]{1,2})$/', $versionid[0])) {
preg_match_all('/([0-9]{1,2})\.?([0-9]{0,2})\.?([0-9]*)/', file_get_contents('/etc/redhat-release'), $centos7_version);
$distname = $name[0];
$distver = is_array($centos7_version)? implode('.', array_filter(array($centos7_version[1][0],$centos7_version[2][0],$centos7_version[3][0]),'strlen')) : $version[0];
$distid = 'centos72';
$distbaseid = 'fedora';
swriteln("Operating System: " . $distname . " " . $distver . "\n");
//** RHEL 8 and compatible clones
} elseif(preg_match('/^(?:8|8\.[0-9]{1,2})$/', $versionid[0])) {
$distname = $name[0];
$distver = $version[0];
$distid = 'centos80';
$distbaseid = 'fedora';
swriteln("Operating System: " . $prettyname[0] . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
swriteln("Operating System: Redhat or compatible\n");
}
elseif(file_exists('/etc/redhat-release') && file_exists('/etc/os-release')) {
$content = file_get_contents('/etc/os-release');
preg_match('/(?<=PRETTY_NAME=\").+?(?=\")/', $content, $prettyname);
preg_match('/(?<=NAME=\").+?(?=\")/', $content, $name);
preg_match('/(?<=VERSION=\").+?(?=\")/', $content, $version);
preg_match('/(?<=VERSION_ID=\").+?(?=\")/', $content, $versionid);
if(stristr($prettyname[0], 'Fedora 32 (Thirty Two)')) {
$distname = 'Fedora';
$distver = '32';
$distid = 'fedora32';
$distbaseid = 'fedora';
swriteln("Operating System: Fedora 32 or compatible\n");
} elseif(stristr($prettyname[0], 'Fedora 33 (Thirty Three)')) {
$distname = 'Fedora';
$distver = '33';
$distid = 'fedora33';
$distbaseid = 'fedora';
swriteln("Operating System: Fedora 33 or compatible\n");
//** RHEL 7 and compatible clones
} elseif(preg_match('/^(?:7|7\.[0-9]{1,2})$/', $versionid[0])) {
preg_match_all('/([0-9]{1,2})\.?([0-9]{0,2})\.?([0-9]*)/', file_get_contents('/etc/redhat-release'), $centos7_version);
$distname = $name[0];
$distver = is_array($centos7_version)? implode('.', array_filter(array($centos7_version[1][0],$centos7_version[2][0],$centos7_version[3][0]),'strlen')) : $version[0];
$distid = 'centos72';
$distbaseid = 'fedora';
swriteln("Operating System: " . $distname . " " . $distver . "\n");
//** RHEL 8 and compatible clones
} elseif(preg_match('/^(?:8|8\.[0-9]{1,2})$/', $versionid[0])) {
$distname = $name[0];
$distver = $version[0];
$distid = 'centos80';
$distbaseid = 'fedora';
swriteln("Operating System: " . $prettyname[0] . "\n");
//** RHEL 9 and compatible clones
} elseif(preg_match('/^(?:9|9\.[0-9]{1,2})$/', $versionid[0])) {
$distname = $name[0];
$distver = $version[0];
$distid = 'centos90';
$distbaseid = 'fedora';
swriteln("Operating System: " . $prettyname[0] . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
swriteln("Operating System: Redhat or compatible\n");
}
//** CentOS 6
} elseif(file_exists('/etc/redhat-release') && !file_exists('/etc/os-release') && !file_exists('/etc/els-release')) {
} elseif(file_exists('/etc/redhat-release') && !file_exists('/etc/os-release') && !file_exists('/etc/els-release')) {
$content = file_get_contents('/etc/redhat-release');
$content = file_get_contents('/etc/redhat-release');
if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
preg_match_all('/(6\.?([0-9]{0,2})\.?(\s)?([a-zA-Z()]+))$/', $content, $centos6_version);
$distname = 'CentOS Linux';
if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
preg_match_all('/(6\.?([0-9]{0,2})\.?(\s)?([a-zA-Z()]+))$/', $content, $centos6_version);
$distname = 'CentOS Linux';
$distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
$distid = 'centos53';
$distbaseid = 'fedora';
swriteln("Operating System: " . $distname . " " . $distver . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
}
swriteln("Operating System: " . $distname . " " . $distver . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
}
//** CentOS 6 Extended Lifecycle Support by CloudLinux
} elseif(file_exists('/etc/redhat-release') && file_exists('/etc/els-release') && !file_exists('/etc/os-release')) {
} elseif(file_exists('/etc/redhat-release') && file_exists('/etc/els-release') && !file_exists('/etc/os-release')) {
$content = file_get_contents('/etc/els-release');
$content = file_get_contents('/etc/els-release');
if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
preg_match_all('/(6)\.?([0-9]{0,2})?\.?\s([a-zA-Z(), ]+)?$/', $content, $centos6_version);
$distname = 'CentOS Linux';
$distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
$distid = 'centos53';
if(stristr($content, 'CentOS Linux release 6') || stristr($content, 'CentOS release 6')) {
preg_match_all('/(6)\.?([0-9]{0,2})?\.?\s([a-zA-Z(), ]+)?$/', $content, $centos6_version);
$distname = 'CentOS Linux';
$distver = $centos6_version[0][0] ? $centos6_version[0][0] : '6';
$distid = 'centos53';
$distbaseid = 'fedora';
swriteln("Operating System: " . $distname . " " . $distver . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
}
}
swriteln("Operating System: " . $distname . " " . $distver . "\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
}
}
//** Gentoo
elseif(file_exists('/etc/gentoo-release')) {
......
install/lib/installer_base.lib.php
View file @ 7cb697a8
......@@ -52,7 +52,7 @@ class installer_base {
}
public function update_acme() {
$acme = explode("\n", shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh'));
$acme = explode("\n", shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2> /dev/null'));
$acme = reset($acme);
$val = 0;
......@@ -83,13 +83,13 @@ class installer_base {
global $autoinstall, $autoupdate;
$finished = false;
do {
if($name != '' && $autoinstall[$name] != '') {
if($name != '' && isset($autoinstall[$name]) && $autoinstall[$name] != '') {
if($autoinstall[$name] == 'default') {
$input = $default;
} else {
$input = $autoinstall[$name];
}
} elseif($name != '' && $autoupdate[$name] != '') {
} elseif($name != '' && isset($autoupdate[$name]) && $autoupdate[$name] != '') {
if($autoupdate[$name] == 'default') {
$input = $default;
} else {
......@@ -126,13 +126,13 @@ class installer_base {
public function free_query($query, $default, $name = '') {
global $autoinstall, $autoupdate;
if($name != '' && $autoinstall[$name] != '') {
if($name != '' && isset($autoinstall[$name]) && $autoinstall[$name] != '') {
if($autoinstall[$name] == 'default') {
$input = $default;
} else {
$input = $autoinstall[$name];
}
} elseif($name != '' && $autoupdate[$name] != '') {
} elseif($name != '' && isset($autoupdate[$name]) && $autoupdate[$name] != '') {
if($autoupdate[$name] == 'default') {
$input = $default;
} else {
......@@ -246,10 +246,15 @@ class installer_base {
//** Check prerequisites
public function check_prerequisites() {
global $conf;
$msg = '';
if(version_compare(phpversion(), '5.4', '<')) $msg .= "PHP Version 5.4 or newer is required. The currently used PHP version is ".phpversion().".\n";
if(version_compare(phpversion(), '8.0', '>=')) $msg .= "PHP Version 8 is not supported yet. Change PHP version back to the default version of the OS. The currently used PHP version is ".phpversion().".\n";
if ($conf['default_php'] != '') {
if(version_compare(phpversion('tidy'), $conf['default_php'], '==')) $msg .= "Your PHP version is not the OS default. Change the PHP version back to the default version of the OS. The currently used PHP version is " . phpversion() . "The default version for your OS is PHP " . $conf['default_php'] . ".\n";
}
if(version_compare(phpversion(), '5.4', '<')) $msg .= "PHP Version 5.4 or newer is required. The currently used PHP version is " . phpversion() . ".\n";
//if(version_compare(phpversion(), '8.2', '>=')) $msg .= "PHP Version 8.2+ is not supported yet. Change the PHP version back to the default version of the OS. The currently used PHP version is " . phpversion() . ".\n";
if(!function_exists('curl_init')) $msg .= "PHP Curl Module is missing.\n";
if(!function_exists('mysqli_connect')) $msg .= "PHP MySQLi Module is nmissing.\n";
if(!function_exists('mb_detect_encoding')) $msg .= "PHP Multibyte Module (MB) is missing.\n";
......@@ -892,6 +897,20 @@ class installer_base {
public function configure_mailman($status = 'insert') {
global $conf;
// Fix for #6314: bug on Debian 11 systems where Mailman3 is not available and broken routes exist in the Mailman config
$data_dir = '/var/lib/mailman';
if (($conf['mailman']['installed'] != true) && is_dir($data_dir)) {
rename($data_dir, $data_dir . '-bk');
//* Create the mailman files
if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
exec('postmap /var/lib/mailman/data/aliases');
if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
exec('postmap /var/lib/mailman/data/transport-mailman');
}
$config_dir = $conf['mailman']['config_dir'].'/';
$full_file_name = $config_dir.'mm_cfg.py';
//* Backup exiting file
......@@ -1054,6 +1073,14 @@ class installer_base {
return true;
}
public function get_postfix_version() {
//* Get postfix version
exec('postconf -d mail_version 2>&1', $out);
$postfix_version = preg_replace('/.*=\s*/', '', $out[0]);
unset($out);
return $postfix_version;
}
public function configure_postfix($options = '') {
global $conf,$autoinstall;
$cf = $conf['postfix'];
......@@ -1063,10 +1090,7 @@ class installer_base {
$this->error("The postfix configuration directory '$config_dir' does not exist.");
}
//* Get postfix version
exec('postconf -d mail_version 2>&1', $out);
$postfix_version = preg_replace('/.*=\s*/', '', $out[0]);
unset($out);
$postfix_version = $this->get_postfix_version();
//* Install virtual mappings
foreach (glob('tpl/mysql-virtual_*.master') as $filename) {
......@@ -1465,8 +1489,7 @@ class installer_base {
$config_dir = $conf['postfix']['config_dir'];
$quoted_config_dir = preg_quote($config_dir, '|');
$postfix_version = `postconf -d mail_version 2>/dev/null`;
$postfix_version = preg_replace( '/mail_version\s*=\s*(.*)\s*/', '$1', $postfix_version );
$postfix_version = $this->get_postfix_version();
//* Configure master.cf and add a line for deliver
if(!$this->get_postfix_service('dovecot', 'unix')) {
......@@ -1507,7 +1530,7 @@ class installer_base {
}
$new_options[] = $value;
}
if ($configure_lmtp && $conf['mail']['content_filter'] === 'amavisd') {
if ($configure_lmtp && (!isset($conf['mail']['content_filter']) || $conf['mail']['content_filter'] === 'amavisd')) {
for ($i = 0; isset($new_options[$i]); $i++) {
if ($new_options[$i] == 'reject_unlisted_recipient') {
array_splice($new_options, $i+1, 0, array("check_recipient_access proxy:mysql:${config_dir}/mysql-verify_recipients.cf"));
......@@ -1577,20 +1600,24 @@ class installer_base {
// Check if we have a dhparams file and if not, create it
if(!file_exists('/etc/dovecot/dh.pem')) {
// Create symlink to ISPConfig dhparam file
swriteln('Creating symlink /etc/dovecot/dh.pem to ISPConfig DHParam file.');
symlink('/usr/local/ispconfig/interface/ssl/dhparam4096.pem', '/etc/dovecot/dh.pem');
/*
swriteln('Creating new DHParams file, this takes several minutes. Do not interrupt the script.');
if(file_exists('/var/lib/dovecot/ssl-parameters.dat')) {
// convert existing ssl parameters file
$command = 'dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
} else {
/*
Create a new dhparams file. We use 2048 bit only as it simply takes too long
on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
a 4096 bit file, create it manually before you install ISPConfig
*/
//Create a new dhparams file. We use 2048 bit only as it simply takes too long
// on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
// a 4096 bit file, create it manually before you install ISPConfig
$command = 'openssl dhparam -out /etc/dovecot/dh.pem 2048';
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
*/
}
//remove #2.3+ comment
$content = file_get_contents($config_dir.'/'.$configfile);
......@@ -1653,7 +1680,7 @@ class installer_base {
//* These postconf commands will be executed on installation and update
$server_ini_rec = $this->db->queryOneRecord("SELECT mail_server, config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
$mail_server = ($server_ini_rec['mail_server']) ? true : false;
$mail_server = $conf['services']['mail'];
unset($server_ini_rec);
// amavisd user config file
......@@ -1708,6 +1735,7 @@ class installer_base {
break;
}
}
$postfix_version = $this->get_postfix_version();
# postfix < 3.3 needs this when using reject_unverified_recipient:
if(version_compare($postfix_version, 3.3, '<')) {
$postconf_commands[] = "enable_original_recipient = yes";
......@@ -1777,7 +1805,7 @@ class installer_base {
//* These postconf commands will be executed on installation and update
$server_ini_rec = $this->db->queryOneRecord("SELECT mail_server, config FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . '.server', $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
$mail_server = ($server_ini_rec['mail_server']) ? true : false;
$mail_server = $conf['services']['mail'];
unset($server_ini_rec);
$config_dir = $conf['postfix']['config_dir'];
......@@ -1914,10 +1942,10 @@ class installer_base {
}
$tpl->setVar('dkim_path', $mail_config['dkim_path']);
$tpl->setVar('rspamd_redis_servers', $mail_config['rspamd_redis_servers']);
$tpl->setVar('rspamd_redis_password', $mail_config['rspamd_redis_password']);
$tpl->setVar('rspamd_redis_bayes_servers', $mail_config['rspamd_redis_bayes_servers']);
$tpl->setVar('rspamd_redis_bayes_password', $mail_config['rspamd_redis_bayes_password']);
$tpl->setVar('rspamd_redis_servers', (isset($mail_config['rspamd_redis_servers']) ? $mail_config['rspamd_redis_servers'] : ''));
$tpl->setVar('rspamd_redis_password', (isset($mail_config['rspamd_redis_password']) ? $mail_config['rspamd_redis_password'] : ''));
$tpl->setVar('rspamd_redis_bayes_servers', (isset($mail_config['rspamd_redis_bayes_servers']) ? $mail_config['rspamd_redis_bayes_servers'] : ''));
$tpl->setVar('rspamd_redis_bayes_password', (isset($mail_config['rspamd_redis_bayes_password']) ? $mail_config['rspamd_redis_bayes_password'] : ''));
if(count($local_addrs) > 0) {
$tpl->setLoop('local_addrs', $local_addrs);
}
......@@ -1981,8 +2009,13 @@ class installer_base {
exec('chmod a+r /etc/rspamd/local.d/* /etc/rspamd/local.d/maps.d/* /etc/rspamd/override.d/*');
# protect passwords in these files
exec('chgrp _rspamd /etc/rspamd/local.d/redis.conf /etc/rspamd/local.d/classifier-bayes.conf /etc/rspamd/local.d/worker-controller.inc');
exec('chmod 640 /etc/rspamd/local.d/redis.conf /etc/rspamd/local.d/classifier-bayes.conf /etc/rspamd/local.d/worker-controller.inc');
exec('chgrp _rspamd /etc/rspamd/local.d/redis.conf /etc/rspamd/local.d/classifier-bayes.conf');
exec('chmod 640 /etc/rspamd/local.d/redis.conf /etc/rspamd/local.d/classifier-bayes.conf');
if(file_exists('/etc/rspamd/local.d/worker-controller.inc')) {
exec('chgrp _rspamd /etc/rspamd/local.d/worker-controller.inc');
exec('chmod 640 /etc/rspamd/local.d/worker-controller.inc');
}
# unneccesary, since this was done above?
$command = 'usermod -a -G amavis _rspamd';
......@@ -2168,7 +2201,7 @@ class installer_base {
//* Backup exiting file
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
copy($full_file_name, $full_file_name.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
......@@ -3012,12 +3045,15 @@ class installer_base {
$hook = $pre_hook . $renew_hook;
}
$which_certbot = shell_exec('which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt');
// Get the default LE client name and version
$le_client = explode("\n", shell_exec('which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt'));
$le_client = explode("\n", $which_certbot ? $which_certbot : '');
$le_client = reset($le_client);
$which_acme = shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh');
// Check for Neilpang acme.sh as well
$acme = explode("\n", shell_exec('which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh'));
$acme = explode("\n", $which_acme ? $which_acme : '');
$acme = reset($acme);
if((!$acme || !is_executable($acme)) && (!$le_client || !is_executable($le_client))) {
......@@ -3109,11 +3145,11 @@ class installer_base {
$out = null;
$ret = null;
if($conf['nginx']['installed'] == true || $conf['apache']['installed'] == true) {
exec("$acme --issue --log $acme_log -w /usr/local/ispconfig/interface/acme -d " . escapeshellarg($hostname) . " $renew_hook", $out, $ret);
exec("$acme --issue --keylength 4096 --log $acme_log -w /usr/local/ispconfig/interface/acme -d " . escapeshellarg($hostname) . " $renew_hook", $out, $ret);
}
// Else, it is not webserver, so we use standalone
else {
exec("$acme --issue --log $acme_log --standalone -d " . escapeshellarg($hostname) . " $hook", $out, $ret);
exec("$acme --issue --keylength 4096 --log $acme_log --standalone -d " . escapeshellarg($hostname) . " $hook", $out, $ret);
}
if($ret == 0 || ($ret == 2 && file_exists($check_acme_file))) {
......@@ -3287,7 +3323,8 @@ class installer_base {
// Create symlink to ISPConfig SSL files
symlink($ssl_pem_file, $pureftpd_pem);
if (!file_exists("$pureftpd_dir/pure-ftpd-dhparams.pem"))
exec("cd $pureftpd_dir; openssl dhparam -out dhparam2048.pem 2048; ln -sf dhparam2048.pem pure-ftpd-dhparams.pem");
symlink('/usr/local/ispconfig/interface/ssl/dhparam4096.pem', $pureftpd_dir.'/pure-ftpd-dhparams.pem');
//exec("cd $pureftpd_dir; openssl dhparam -out dhparam2048.pem 2048; ln -sf dhparam2048.pem pure-ftpd-dhparams.pem");
}
}
......@@ -3847,6 +3884,10 @@ class installer_base {
$root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
}
if ($conf['services']['mail'] == 1) {
$root_cron_jobs[] = "30 23 * * * ".$install_dir."/server/scripts/handle_mailbox_soft_deleted.sh &> /dev/null";
}
foreach($root_cron_jobs as $cron_job) {
if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
$existing_root_cron_jobs[] = $cron_job."\n";
......
install/lib/mysql.lib.php
View file @ 7cb697a8
......@@ -64,9 +64,11 @@ class db
public function __destruct() {
if($this->_iConnId) mysqli_close($this->_iConnId);
}
private function do_connect() {
global $conf;
mysqli_report(MYSQLI_REPORT_OFF);
if($this->_iConnId) return true;
$this->dbHost = $conf['mysql']['host'];
......@@ -77,7 +79,7 @@ class db
$this->dbCharset = $conf["mysql"]["charset"];
$this->dbNewLink = false;
$this->dbClientFlags = null;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
$try = 0;
while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) {
......@@ -92,19 +94,19 @@ class db
$this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!');
return false;
}
if($this->dbName) $this->setDBName($this->dbName);
$this->_setCharset();
}
public function setDBData($host, $user, $password, $port) {
$this->dbHost = $host;
$this->dbUser = $user;
$this->dbPass = $password;
$this->dbPort = $port;
}
public function setDBName($name) {
$this->dbName = $name;
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort);
......@@ -114,7 +116,7 @@ class db
return false;
}
}
public function close() {
if($this->_iConnId) mysqli_close($this->_iConnId);
$this->_iConnId = null;
......@@ -192,7 +194,7 @@ class db
}
private function _query($sQuery = '') {
$aArgs = func_get_args();
$this->do_connect();
......@@ -284,7 +286,7 @@ class db
* @return array result row or NULL if none found
*/
public function queryOneRecord($sQuery = '') {
$aArgs = func_get_args();
if(!empty($aArgs)) {
$sQuery = array_shift($aArgs);
......@@ -293,7 +295,7 @@ class db
}
array_unshift($aArgs, $sQuery);
}
$oResult = call_user_func_array([&$this, 'query'], $aArgs);
if(!$oResult) return null;
......@@ -534,7 +536,7 @@ class db
if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
}
}
/* TODO: rewrite SQL */
function update($tablename, $form, $bedingung, $debug = 0)
{
......@@ -761,14 +763,14 @@ class db
break;
}
}
/**
* Get the database type (mariadb or mysql)
*
* @access public
* @return string 'mariadb' or string 'mysql'
*/
public function getDatabaseType() {
$tmp = $this->queryOneRecord('SELECT VERSION() as version');
if(stristr($tmp['version'],'mariadb')) {
......@@ -777,7 +779,7 @@ class db
return 'mysql';
}
}
/**
* Get the database version
*
......@@ -785,7 +787,7 @@ class db
* @param bool $major_version_only = true will return the major version only, e.g. 8 for MySQL 8
* @return string version number
*/
public function getDatabaseVersion($major_version_only = false) {
$tmp = $this->queryOneRecord('SELECT VERSION() as version');
$version = explode('-', $tmp['version']);
......
install/sql/incremental/upd_0097.sql 0 → 100644
View file @ 7cb697a8
ALTER TABLE `sys_user` ADD `otp_type` SET('none', 'email') NOT NULL DEFAULT 'none' AFTER `lost_password_reqtime`, ADD `otp_data` VARCHAR(255) NULL AFTER `otp_type`, ADD `otp_recovery` VARCHAR(64) NULL AFTER `otp_data`, ADD `otp_attempts` TINYINT NOT NULL DEFAULT '0' AFTER `otp_recovery`;
install/sql/incremental/upd_dev_collection.sql
View file @ 7cb697a8
ALTER TABLE `sys_user` ADD `otp_type` SET('none', 'email') NOT NULL DEFAULT 'none' AFTER `lost_password_reqtime`, ADD `otp_data` VARCHAR(255) NULL AFTER `otp_type`, ADD `otp_recovery` VARCHAR(64) NULL AFTER `otp_data`, ADD `otp_attempts` TINYINT NOT NULL DEFAULT '0' AFTER `otp_recovery`;
ALTER TABLE `mail_user` CHANGE `quota` `quota` BIGINT(20) NOT NULL DEFAULT '0';
install/sql/ispconfig3.sql
View file @ 7cb697a8
......@@ -1070,7 +1070,7 @@ CREATE TABLE `mail_user` (
`gid` int(11) NOT NULL default '5000',
`maildir` varchar(255) NOT NULL default '',
`maildir_format` varchar(255) NOT NULL default 'maildir',
`quota` bigint(20) NOT NULL default '-1',
`quota` bigint(20) NOT NULL default '0',
`cc` text,
`forward_in_lda` enum('n','y') NOT NULL default 'n',
`sender_cc` varchar(255) NOT NULL default '',
......
install/tpl/apache_apps.vhost.master deleted 100644 → 0
View file @ 5bbec2b9
######################################################
# This virtual host contains the configuration
# for the ISPConfig apps vhost
######################################################
{tmpl_var name='vhost_port_listen'} Listen {tmpl_var name='apps_vhost_port'}
# NameVirtualHost *:{tmpl_var name='apps_vhost_port'}
<VirtualHost {tmpl_var name='apps_vhost_ip'}:{tmpl_var name='apps_vhost_port'}>
ServerAdmin webmaster@localhost
{tmpl_var name='apps_vhost_servername'}
<Directory {tmpl_var name='apps_vhost_dir'}>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
# SSL Configuration
<tmpl_var name="ssl_comment">SSLEngine On
<tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1
<tmpl_else>
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
</tmpl_if>
<tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
<tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
<tmpl_var name="ssl_comment">SSLCompression Off
</tmpl_if>
<tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'>
<tmpl_var name="ssl_comment">SSLSessionTickets Off
</tmpl_if>
<IfModule mod_headers.c>
# ISPConfig 3.1 currently requires unsafe-line for both scripts and styles, as well as unsafe-eval
Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'"
<tmpl_var name="ssl_comment">Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; object-src 'none'; upgrade-insecure-requests"
Header set X-Content-Type-Options: nosniff
Header set X-Frame-Options: SAMEORIGIN
Header set X-XSS-Protection: "1; mode=block"
Header always edit Set-Cookie (.*) "$1; HTTPOnly"
<tmpl_var name="ssl_comment">Header always edit Set-Cookie (.*) "$1; Secure"
<IfVersion >= 2.4.7>
Header setifempty Strict-Transport-Security "max-age=15768000"
</IfVersion>
<IfVersion < 2.4.7>
Header set Strict-Transport-Security "max-age=15768000"
</IfVersion>
RequestHeader unset Proxy early
</IfModule>
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<tmpl_var name="ssl_comment">SSLUseStapling On
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off
</tmpl_if>
<IfModule mod_headers.c>
RequestHeader unset Proxy early
</IfModule>
<IfModule mod_php5.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
AddType application/x-httpd-php .php
<Directory {tmpl_var name='apps_vhost_dir'}>
Options FollowSymLinks
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_php7.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
AddType application/x-httpd-php .php
<Directory {tmpl_var name='apps_vhost_dir'}>
Options FollowSymLinks
AllowOverride None
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
</IfModule>
<IfModule mod_fcgid.c>
DocumentRoot {tmpl_var name='apps_vhost_dir'}
SuexecUserGroup ispapps ispapps
<Directory {tmpl_var name='apps_vhost_dir'}>
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
AllowOverride AuthConfig Indexes Limit Options FileInfo
<FilesMatch "\.php$">
SetHandler fcgid-script
</FilesMatch>
FCGIWrapper {tmpl_var name='apps_vhost_basedir'}/php-fcgi-scripts/apps/.php-fcgi-starter .php
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
Require all granted
<tmpl_else>
Order allow,deny
Allow from all
</tmpl_if>
</Directory>
IPCCommTimeout 7200
MaxRequestLen 15728640
</IfModule>
{tmpl_if name="use_rspamd"}
<Location /rspamd>
Order allow,deny
Allow from all
</Location>
RewriteEngine On
RewriteRule ^/rspamd$ /rspamd/ [R,L]
RewriteRule ^/rspamd/(.*) http://127.0.0.1:11334/$1 [P]
{/tmpl_if}
</VirtualHost>
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<IfModule mod_ssl.c>
<tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>
</tmpl_if>
install/tpl/apache_apps.vhost.master 0 → 120000
View file @ 7cb697a8
../../server/conf/apache_apps.vhost.master
\ No newline at end of file
install/tpl/config.inc.php.master
View file @ 7cb697a8
......@@ -56,7 +56,7 @@ $revision = str_replace(array('Revision:','$',' '), '', $svn_revision);
//** Application
define('ISPC_APP_TITLE', 'ISPConfig');
define('ISPC_APP_VERSION', '3.2dev');
define('DEVSYSTEM', 0);
define('DEVSYSTEM', false);
//** Database
......
install/tpl/debian6_dovecot-sql.conf.master
View file @ 7cb697a8
# http://wiki.dovecot.org/AuthDatabase/SQL
#
# CREATE TABLE users (
# userid VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
driver = mysql
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
......@@ -20,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':',
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
# Do not enable it on Dovecot 1.x servers
# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'
install/tpl/debian_dovecot-sql.conf.master
View file @ 7cb697a8
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki.dovecot.org/AuthDatabase/SQL
#
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the userid and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
#
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the userid and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
#
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
#
# CREATE TABLE users (
# userid VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
# Database driver: mysql, pgsql, sqlite
#driver =
# Database connection string. This is driver-specific setting.
#
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
#
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
#
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
#
# You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock
# Note that currently you can't use spaces in parameters.
#
# sqlite:
# The path to the database file.
#
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
#connect = dbname=virtual user=virtual
# Default password scheme.
#
# List of supported schemes is in
# http://wiki.dovecot.org/Authentication/PasswordSchemes
#
#default_pass_scheme = PLAIN-MD5
# Query to retrieve the password.
#
# This query must return only one row with "user" and "password" columns.
# The query can also return other fields which have a special meaning, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
#
# The "user" column is needed to make sure the username gets used with exactly
# the same casing as it's in the database. Note that if you store username and
# domain in separate fields, you most likely want to return a combination of
# them as the "user" column, otherwise the domain gets stripped.
#
# Commonly used available substitutions (see
# http://wiki.dovecot.org/Variables for full list):
# %u = entire userid
# %n = user part of user@domain
# %d = domain part of user@domain
#
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
#
# Example:
# password_query = SELECT concat(userid, '@', domain) AS user, password FROM users WHERE userid = '%n' AND domain = '%d'
# password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = SELECT userid as user, password FROM users WHERE userid = '%u'
# Query to retrieve the user information.
#
# The query must return only one row. Commonly returned columns are:
# uid - System UID
# gid - System GID
# home - Home directory
# mail - Mail location
#
# Either home or mail is required. uid and gid are required. If more than one
# row is returned or there are missing fields, the login will fail. For a list
# of all fields that can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
#
# Examples
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
#password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
driver = mysql
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
......@@ -127,5 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':',
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
# Do not enable it on Dovecot 1.x servers
# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'
install/tpl/fedora_dovecot-sql.conf.master
View file @ 7cb697a8
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki.dovecot.org/AuthDatabase/SQL
#
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the username and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
#
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the username and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
#
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
#
# CREATE TABLE users (
# username VARCHAR(128) NOT NULL,
# domain VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
# Database driver: mysql, pgsql, sqlite
#driver =
# Database connection string. This is driver-specific setting.
#
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
#
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
#
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
# option_file - Read options from the given file instead of
# the default my.cnf location
# option_group - Read options from the given group (default: client)
#
# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
# Note that currently you can't use spaces in parameters.
#
# MySQL supports multiple host parameters for load balancing / HA.
#
# sqlite:
# The path to the database file.
#
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
#connect =
# Default password scheme.
#
# List of supported schemes is in
# http://wiki.dovecot.org/Authentication/PasswordSchemes
#
#default_pass_scheme = MD5
# passdb query to retrieve the password. It can return fields:
# password - The user's password. This field must be returned.
# user - user@domain from the database. Needed with case-insensitive lookups.
# username and domain - An alternative way to represent the "user" field.
#
# The "user" field is often necessary with case-insensitive lookups to avoid
# e.g. "name" and "nAme" logins creating two different mail directories. If
# your user and domain names are in separate fields, you can return "username"
# and "domain" fields instead of "user".
#
# The query can also return other fields which have a special meaning, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
#
# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
# for full list):
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
#
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
#
# Example:
# password_query = SELECT userid AS user, pw AS password \
# FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = \
# SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d'
# userdb query to retrieve the user information. It can return fields:
# uid - System UID (overrides mail_uid setting)
# gid - System GID (overrides mail_gid setting)
# home - Home directory
# mail - Mail location (overrides mail_location setting)
#
# None of these are strictly required. If you use a single UID and GID, and
# home or mail directory fits to a template string, you could use userdb static
# instead. For a list of all fields that can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
#
# Examples:
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
#user_query = \
# SELECT home, uid, gid \
# FROM users WHERE username = '%n' AND domain = '%d'
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
#password_query = \
# SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u'
driver = mysql
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port}
......@@ -140,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':',
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
# Do not enable it on Dovecot 1.x servers
# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}'
# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}'