Newer
Older
$packages = array(
'pure-ftpd-common',
'pure-ftpd-mysql',
'webalizer',
'awstats'
);
$this->installPackages($packages);
ISPConfigLog::info('Enabling TLS for pureftpd', true);
if(!is_dir('/etc/pure-ftpd/conf')) {
mkdir('/etc/pure-ftpd/conf', 0755);
}
file_put_contents('/etc/pure-ftpd/conf/TLS', '1');
if(!is_dir('/etc/ssl/private')) {
mkdir('/etc/ssl/private', 0755, true);
}
$ssl_subject = '/C=DE/ST=None/L=None/O=IT/CN=' . $host_name;
$cmd = 'openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -subj ' . escapeshellarg($ssl_subject) . ' -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem > /dev/null 2>&1';
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
chmod('/etc/ssl/private/pure-ftpd.pem', 0600);
// set passive port range if needed
$ftp_ports = ISPConfig::getFTPPassivePorts();
if($ftp_ports) {
file_put_contents('/etc/pure-ftpd/conf/PassivePortRange', $ftp_ports['from'] . ' ' . $ftp_ports['to']);
}
$this->restartService('pure-ftpd-mysql');
ISPConfigLog::info('Disabling awstats cron.', true);
$entries = array(
array(
'first_line' => '/.*/',
'last_line' => '/####nomatch###/',
'search' => '/.*/'
)
);
$this->commentLines('/etc/cron.d/awstats', $entries);
if($this->shallCompileJailkit()) {
$cmd = 'cd /tmp ; ( wget -O jailkit-2.20.tar.gz "http://olivier.sessink.nl/jailkit/jailkit-2.20.tar.gz" > /dev/null 2>&1 && tar xzf jailkit-2.20.tar.gz 2>&1 ) && ( cd jailkit-2.20 ; echo 5 > debian/compat ; ./debian/rules binary 2>&1 ) && ( cd /tmp ; dpkg -i jailkit_2.20-1_*.deb 2>&1 ; rm -rf jailkit-2.20* )';
$result = $this->exec($cmd, array(), 3);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
if(ISPConfig::shallInstall('firewall')) {
$packages[] = 'ufw';
$this->installPackages($packages);
file_put_contents('/etc/fail2ban/jail.local', $jk_jail);
$this->restartService('fail2ban');
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
if(ISPConfig::shallInstall('mail') && ISPConfig::shallInstall('roundcube')) {
ISPConfigLog::info('Installing roundcube.', true);
$cmd = 'APP_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
$cmd .= 'ROOT_PASS="' . $mysql_root_pw . '"' . "\n";
$cmd .= 'APP_DB_PASS="' . ISPConfigFunctions::generatePassword(15) . '"' . "\n";
$cmd .= 'echo "roundcube-core roundcube/dbconfig-install boolean true" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/database-type select mysql" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/admin-user string root" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/admin-pass password $ROOT_PASS" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/mysql/app-pass password $APP_DB_PASS" | debconf-set-selections 2>&1' . "\n";
$cmd .= 'echo "roundcube-core roundcube/reconfigure-webserver multiselect apache2" | debconf-set-selections 2>&1' . "\n";
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$packages = array(
'roundcube',
'roundcube-core',
'roundcube-mysql',
'roundcube-plugins'
);
$this->installPackages($packages);
$replacements = array(
'/^\s*\$config\s*\[["\']default_host["\']\]\s*=.*$/m' => '$config[\'default_host\'] = \'localhost\';',
'/^\s*\$config\s*\[["\']smtp_server["\']\]\s*=.*$/m' => '$config[\'smtp_server\'] = \'%h\';',
'/^\s*\$config\s*\[["\']smtp_port["\']\]\s*=.*$/m' => '$config[\'smtp_port\'] = 25;',
'/^\s*\$config\s*\[["\']smtp_user["\']\]\s*=.*$/m' => '$config[\'smtp_user\'] = \'%u\';',
'/^\s*\$config\s*\[["\']smtp_pass["\']\]\s*=.*$/m' => '$config[\'smtp_pass\'] = \'%p\';'
);
$result = $this->replaceContents('/etc/roundcube/config.inc.php', $replacements);
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$replacements = array(
'/^\s*#*\s*Alias\s+\/roundcube\s+\/var\/lib\/roundcube\s*$/m' => 'Alias /webmail /var/lib/roundcube'
);
$result = $this->replaceContents('/etc/apache2/conf-enabled/roundcube.conf', $replacements);
} elseif(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX) {
symlink('/usr/share/roundcube', '/usr/share/squirrelmail');
}
if(ISPConfig::shallInstall('web')) {
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$this->restartService('apache2');
} else {
$this->restartService('nginx');
}
ISPConfigLog::info('Installing ISPConfig3.', true);
$ispconfig_admin_pw = ISPConfigFunctions::generatePassword(15);
if(!ISPConfig::wantsInteractive()) {
$autoinstall = '[install]
language=' . (isset($_GET['lang']) && $_GET['lang'] === 'de' ? 'de' : 'en') . '
install_mode=expert
hostname=' . $host_name . '
mysql_hostname=localhost
mysql_port=3306
mysql_root_user=root
mysql_root_password=' . $mysql_root_pw . '
mysql_database=dbispconfig
mysql_charset=utf8
http_server=' . (ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE ? 'apache' : 'nginx') . '
ispconfig_port=8080
ispconfig_use_ssl=y
ispconfig_admin_password=' . $ispconfig_admin_pw . '
create_ssl_server_certs=y
ignore_hostname_dns=n
ispconfig_postfix_ssl_symlink=y
ispconfig_pureftpd_ssl_symlink=y
[ssl_cert]
ssl_cert_country=DE
ssl_cert_state=None
ssl_cert_locality=None
ssl_cert_organisation=None
ssl_cert_organisation_unit=IT
ssl_cert_common_name=' . $host_name . '
ssl_cert_email=
[expert]
mysql_ispconfig_user=ispconfig
mysql_ispconfig_password=' . ISPConfigFunctions::generatePassword(15) . '
join_multiserver_setup=n
mysql_master_hostname=
mysql_master_root_user=
mysql_master_root_password=
mysql_master_database=
configure_mail=' . (ISPConfig::shallInstall('mail') ? 'y' : 'n') . '
configure_jailkit=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
configure_ftp=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
configure_dns=' . (ISPConfig::shallInstall('dns') ? 'y' : 'n') . '
configure_apache=' . (ISPConfig::shallInstall('web') && ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE ? 'y' : 'n') . '
configure_nginx=' . (ISPConfig::shallInstall('web') && ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX ? 'y' : 'n') . '
configure_firewall=' . (ISPConfig::shallInstall('firewall') ? 'y' : 'n') . '
configure_webserver=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
install_ispconfig_web_interface=' . (ISPConfig::shallInstall('web') ? 'y' : 'n') . '
[update]
do_backup=yes
mysql_root_password=' . $mysql_root_pw . '
mysql_master_hostname=
mysql_master_root_user=
mysql_master_root_password=
mysql_master_database=
reconfigure_permissions_in_master_database=no
reconfigure_services=yes
ispconfig_port=8080
create_new_ispconfig_ssl_cert=no
reconfigure_crontab=yes
create_ssl_server_certs=y
ignore_hostname_dns=n
ispconfig_postfix_ssl_symlink=y
ispconfig_pureftpd_ssl_symlink=y
; These are for service-detection (defaulting to old behaviour where alle changes were automatically accepted)
svc_detect_change_mail_server=yes
svc_detect_change_web_server=yes
svc_detect_change_dns_server=yes
svc_detect_change_xmpp_server=yes
svc_detect_change_firewall_server=yes
svc_detect_change_vserver_server=yes
svc_detect_change_db_server=yes';
file_put_contents('/tmp/ispconfig.autoinstall.ini', $autoinstall);
$ai_argument = '--autoinstall=/tmp/ispconfig.autoinstall.ini';
} else {
$ai_argument = '';
}
if(ISPConfig::wantsInteractive()) {
ISPConfigLog::info('Your MySQL root password is: ' . $mysql_root_pw, true);
}
$cmd = 'cd /tmp ; rm -rf ispconfig3_install 2>&1';
if(ISPConfig::getISPConfigChannel() === 'dev') {
$cmd .= ' ; wget -O ispconfig.tar.gz "https://git.ispconfig.org/ispconfig/ispconfig3/-/archive/develop/ispconfig3-develop.tar.gz" >/dev/null 2>&1 ; tar xzf ispconfig.tar.gz ; mv ispconfig3-develop ispconfig3_install';
} else {
$cmd .= ' ; wget -O ispconfig.tar.gz "https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz" >/dev/null 2>&1 ; tar xzf ispconfig.tar.gz';
}
$cmd .= ' ; cd ispconfig3_install ; cd install ; php -q install.php ' . $ai_argument . ' 2>&1 ; cd /tmp ; rm -rf ispconfig3_install 2>&1';
if(ISPConfig::wantsInteractive()) {
$result = $this->passthru($cmd);
} else {
$result = $this->exec($cmd);
}
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
if(!ISPConfig::wantsInteractive() && is_file('/tmp/ispconfig.autoinstall.ini')) {
unlink('/tmp/ispconfig.autoinstall.ini');
}
if(ISPConfig::shallInstall('web')) {
ISPConfigLog::info('Adding php versions to ISPConfig.', true);
$server_id = 0;
$ispc_config = ISPConfigConnector::getLocalConfig();
if(!$ispc_config || !isset($ispc_config['server_id']) || !$ispc_config['server_id']) {
throw new ISPConfigOSException('Could not read ISPConfig settings file.');
}
$server_id = $ispc_config['server_id'];
foreach($php_versions as $curver) {
$qry = 'INSERT IGNORE INTO `dbispconfig`.`server_php` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `client_id`, `name`, `php_fastcgi_binary`, `php_fastcgi_ini_dir`, `php_fpm_init_script`, `php_fpm_ini_dir`, `php_fpm_pool_dir`, `active`) VALUES (1, 1, \'riud\', \'riud\', \'\', ' . intval($server_id) . ', 0, \'PHP ' . $curver . '\', \'/usr/bin/php-cgi' . $curver . '\', \'/etc/php/' . $curver . '/cgi/php.ini\', \'/etc/init.d/php' . $curver . '-fpm\', \'/etc/php/' . $curver . '/fpm/php.ini\', \'/etc/php/' . $curver . '/fpm/pool.d\', \'y\')'; $cmd = 'mysql --defaults-file=/etc/mysql/debian.cnf -e ' . escapeshellarg($qry);
$result = $this->exec($cmd);
if($result === false) {
throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
}
$this->restartService('clamav-daemon');
if(ISPConfig::wantsAmavis()) {
$this->restartService('amavis');
} else {
$this->startService('rspamd');
}
ISPConfigLog::info('Checking all services are running.', true);
$check_services = array(
'mysql',
'clamav-daemon',
'postfix',
);
Marius Burkard
committed
if(ISPConfig::wantsUnbound()) {
$check_services[] = 'unbound';
} else {
$check_services[] = 'bind9';
}
Marius Burkard
committed
}
if(ISPConfig::shallInstall('web')) {
$check_services[] = 'pureftpd';
if(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_APACHE) {
$check_services[] = 'apache2';
} elseif(ISPConfig::$WEBSERVER === ISPC_WEBSERVER_NGINX) {
$check_services[] = 'nginx';
}
}
if(ISPConfig::shallInstall('mail')) {
if(!ISPConfig::wantsAmavis()) {
$check_services[] = 'rspamd';
$check_services[] = 'redis-server';
} else {
$check_services[] = 'amavis';
}
$check_services[] = 'dovecot';
}
foreach($check_services as $service) {
$status = $this->isServiceRunning($service);
ISPConfigLog::info($service . ': ' . ($status ? '<green>OK</green>' : '<lightred>FAILED</lightred>'), true);
if(!$status) {
ISPConfigLog::warn($service . ' seems not to be running!', true);
}
}
ISPConfigLog::info('Installation ready.', true);
if(ISPConfig::shallInstall('mailman') && $mailman_password != '') {
ISPConfigLog::info('Your Mailman password is: ' . $mailman_password, true);
}
if(ISPConfig::shallInstall('web') && !ISPConfig::wantsInteractive()) {
ISPConfigLog::info('Your ISPConfig admin password is: ' . $ispconfig_admin_pw, true);
}
ISPConfigLog::info('Your MySQL root password is: ' . $mysql_root_pw, true);
protected function getSystemPHPVersion() {
return '7.0';
}