installer_base.lib.php 33.3 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php

/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

class installer_base {
	
	var $wb = array();
	var $language = 'en';
	var $db;
oliver's avatar
oliver committed
36
	public $conf;
37
38


pedro_morgan's avatar
pedro_morgan committed
39
    public function __construct()
40
    {
pedro_morgan's avatar
pedro_morgan committed
41
42
        global $conf; //TODO: maybe $conf  should be passed to constructor
        $this->conf = $conf;
43
    }
44
	
45
    //: TODO  Implement the translation function and language files for the installer.
pedro_morgan's avatar
pedro_morgan committed
46
47
	public function lng($text)
    {
tbrehm's avatar
tbrehm committed
48
		return $text;
49
50
	}
	
pedro_morgan's avatar
pedro_morgan committed
51
52
	public function error($msg)
    {
53
54
55
		die("ERROR: ".$msg."\n");
	}
	
pedro_morgan's avatar
pedro_morgan committed
56
57
	public function simple_query($query, $answers, $default)
    {		
tbrehm's avatar
tbrehm committed
58
59
		$finished = false;
		do {
pedro_morgan's avatar
pedro_morgan committed
60
			$answers_str = implode(',', $answers);
tbrehm's avatar
tbrehm committed
61
			swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
tbrehm's avatar
tbrehm committed
62
63
			$input = sread();
			
pedro_morgan's avatar
pedro_morgan committed
64
			//* Stop the installation
tbrehm's avatar
tbrehm committed
65
			if($input == 'quit') {
pedro_morgan's avatar
pedro_morgan committed
66
				swriteln($this->lng("Installation terminated by user.\n"));
tbrehm's avatar
tbrehm committed
67
				die();
tbrehm's avatar
tbrehm committed
68
69
			}
			
pedro_morgan's avatar
pedro_morgan committed
70
			//* Select the default
tbrehm's avatar
tbrehm committed
71
72
73
74
75
			if($input == '') {
				$answer = $default;
				$finished = true;
			}
			
pedro_morgan's avatar
pedro_morgan committed
76
77
            //* Set answer id valid
			if(in_array($input, $answers)) {
tbrehm's avatar
tbrehm committed
78
79
80
81
82
				$answer = $input;
				$finished = true;
			}
			
		} while ($finished == false);
tbrehm's avatar
tbrehm committed
83
		swriteln();
tbrehm's avatar
tbrehm committed
84
85
86
		return $answer;
	}
	
pedro_morgan's avatar
pedro_morgan committed
87
88
	public function free_query($query,$default)
    {		
tbrehm's avatar
tbrehm committed
89
		swrite($this->lng($query).' ['.$default.']: ');
tbrehm's avatar
tbrehm committed
90
91
		$input = sread();
			
pedro_morgan's avatar
pedro_morgan committed
92
		//* Stop the installation
tbrehm's avatar
tbrehm committed
93
		if($input == 'quit') {
pedro_morgan's avatar
pedro_morgan committed
94
95
            swriteln($this->lng("Installation terminated by user.\n"));
            die();
tbrehm's avatar
tbrehm committed
96
97
		}
			
pedro_morgan's avatar
pedro_morgan committed
98
        $answer =  ($input == '') ? $default : $input;
tbrehm's avatar
tbrehm committed
99
		swriteln();
tbrehm's avatar
tbrehm committed
100
101
102
		return $answer;
	}
	
103
	/*
pedro_morgan's avatar
pedro_morgan committed
104
105
	// TODO: this function is not used atmo I think - pedro
	function request_language(){
106
107
108
109
110
		
		swriteln(lng('Enter your language'));
		swriteln(lng('de, en'));
		
	}
111
	*/
112
	
113
114
115
	/** Create the database for ISPConfig */ 
	public function configure_database()
    {
116
		global $conf;
117
118
119
120
		$cf = $conf['mysql']; // make $conf['mysql'] more accessible
		//** Create the database
		if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$cf['database'])) {
			$this->error('Unable to create MySQL database: '.$cf['database'].'.');
121
122
		}
		
123
124
		//* Set the database name in the DB library
		$this->db->dbName = $cf['database'];
125
		
126
		//* Load the database dump into the database, if database contains no tables
127
128
		$db_tables = $this->db->getTables();
		if(count($db_tables) > 0) {
129
			$this->error('Stopped: Database already contains some tables.');
130
		} else {
131
132
			if($cf['admin_password'] == '') {
				caselog("mysql -h '".$cf['host']."' -u '".$cf['admin_user']."' '".$cf['database']."' < 'sql/ispconfig3.sql' &> /dev/null", 
133
                        __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
134
			} else {
135
				caselog("mysql -h '".$cf['host']."' -u '".$cf['admin_user']."' -p'".$cf['admin_password']."' '".$cf['database']."' < 'sql/ispconfig3.sql' &> /dev/null", 
136
                        __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
137
138
139
140
141
142
143
144
			}
			$db_tables = $this->db->getTables();
			if(count($db_tables) == 0) {
				$this->error('Unable to load SQL-Dump into database table.');
			}
		}
	}
	
145
	//** Create the server record in the database
146
147
	public function add_database_server_record() {
		
148
149
150
151
152
153
154
155
156
157
158
159
160
161
		global $conf;
		$cf = $conf['mysql']; // make $conf['mysql'] more accessible
		
		//* Create the ISPConfig database user
        $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$cf['database'].".* "
                ."TO '".$cf['ispconfig_user']."'@'".$cf['host']."' "
                ."IDENTIFIED BY '".$cf['ispconfig_password']."';";
		if(!$this->db->query($query)) {
			$this->error('Unable to create database user: '.$cf['ispconfig_user']);
		}
		
		//* Reload database privelages
		$this->db->query('FLUSH PRIVILEGES;');
		
tbrehm's avatar
tbrehm committed
162
163
		//* Set the database name in the DB library
		$this->db->dbName = $cf['database'];
164
		
165
166
		$server_ini_content = rf("tpl/server.ini.master");
		$server_ini_content = addslashes($server_ini_content);
167
		
tbrehm's avatar
tbrehm committed
168
		$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', 'Server', 1, 1, 1, 1, 1, 1, '$server_ini_content', 0, 1);";
169
		$this->db->query($sql);
tbrehm's avatar
tbrehm committed
170
171
		$conf['server_id'] = $this->db->insertID();
		$this->conf['server_id'] = $conf['server_id'];
172
173
	}
	
174

175
    //** writes postfix configuration files
176
177
    private function process_postfix_config($configfile)
    {
oliver's avatar
oliver committed
178
        $config_dir = $this->conf['postfix']['config_dir'].'/';
179
180
181
182
183
184
185
186
187
188
189
190
191
192
        $full_file_name = $config_dir.$configfile; 
        //* Backup exiting file
        if(is_file($full_file_name)){
            copy($full_file_name, $config_dir.$configfile.'~');
        }
        $content = rf('tpl/'.$configfile.'.master');
        $content = str_replace('{mysql_server_ispconfig_user}', $this->conf['mysql']['ispconfig_user'], $content);
        $content = str_replace('{mysql_server_ispconfig_password}', $this->conf['mysql']['ispconfig_password'], $content);
        $content = str_replace('{mysql_server_database}', $this->conf['mysql']['database'], $content);
        $content = str_replace('{mysql_server_ip}', $this->conf['mysql']['ip'], $content);
        $content = str_replace('{server_id}', $this->conf['server_id'], $content);
        wf($full_file_name, $content);
    }

193
194
195
196
197
198
199
	public function configure_jailkit()
    {
        $cf = $this->conf['jailkit'];
		$config_dir = $cf['config_dir'];
		$jk_init = $cf['jk_init'];
		$jk_chrootsh = $cf['jk_chrootsh'];
		
200
		if (is_dir($config_dir))
201
		{
202
203
			if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
			if(is_file($config_dir.'/'.$jk_chrootsh.".master")) copy($config_dir.'/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh.'~');
204
205
206
207
208
209
210
			
			copy('tpl/'.$jk_init.".master", $config_dir.'/'.$jk_init);
			copy('tpl/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh);
		}
		
    }
        
211
212
	public function configure_postfix($options = '')
    {
oliver's avatar
oliver committed
213
        $cf = $this->conf['postfix'];
214
215
		$config_dir = $cf['config_dir'];
        
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
		if(!is_dir($config_dir)){
            $this->error("The postfix configuration directory '$config_dir' does not exist.");
        }
        
		//* mysql-virtual_domains.cf
        $this->process_postfix_config('mysql-virtual_domains.cf');

		//* mysql-virtual_forwardings.cf
        $this->process_postfix_config('mysql-virtual_forwardings.cf');

		//* mysql-virtual_mailboxes.cf
        $this->process_postfix_config('mysql-virtual_mailboxes.cf');

		//* mysql-virtual_email2email.cf
        $this->process_postfix_config('mysql-virtual_email2email.cf');

		//* mysql-virtual_transports.cf
        $this->process_postfix_config('mysql-virtual_transports.cf');

		//* mysql-virtual_recipient.cf
        $this->process_postfix_config('mysql-virtual_recipient.cf');

		//* mysql-virtual_sender.cf
        $this->process_postfix_config('mysql-virtual_sender.cf');

		//* mysql-virtual_client.cf
        $this->process_postfix_config('mysql-virtual_client.cf');
243
244
245
		
		//* mysql-virtual_relaydomains.cf
        $this->process_postfix_config('mysql-virtual_relaydomains.cf');
246
247

		//* Changing mode and group of the new created config files.
248
249
250
251
252
253
254
255
256
257
258
		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
                 __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
		caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null', 
                __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
		
		//* Creating virtual mail user and group
		$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

		$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
		caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");		
259
260

		$postconf_commands = array (
261
262
			'myhostname = '.$this->conf['hostname'],
			'mydestination = '.$this->conf['hostname'].', localhost, localhost.localdomain',
263
264
			'mynetworks = 127.0.0.0/8',
			'virtual_alias_domains =',
pedro_morgan's avatar
pedro_morgan committed
265
266
			'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf',
			'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf',
267
268
269
270
			'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf',
			'virtual_mailbox_base = '.$cf['vmail_mailbox_base'],
			'virtual_uid_maps = static:'.$cf['vmail_userid'],
			'virtual_gid_maps = static:'.$cf['vmail_groupid'],
271
272
			'smtpd_sasl_auth_enable = yes',
			'broken_sasl_auth_clients = yes',
pedro_morgan's avatar
pedro_morgan committed
273
			'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
274
			'smtpd_use_tls = yes',
pedro_morgan's avatar
pedro_morgan committed
275
276
277
			'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
			'smtpd_tls_key_file = '.$config_dir.'/smtpd.key',
			'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf',
278
			'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf',
279
280
			'virtual_create_maildirsize = yes',
			'virtual_mailbox_extended = yes',
pedro_morgan's avatar
pedro_morgan committed
281
			'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf',
282
283
284
285
			'virtual_mailbox_limit_override = yes',
			'virtual_maildir_limit_message = "The user you are trying to reach is over quota."',
			'virtual_overquota_bounce = yes',
			'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps',
pedro_morgan's avatar
pedro_morgan committed
286
287
			'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf',
			'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf',
288
289
			'maildrop_destination_concurrency_limit = 1',
			'maildrop_destination_recipient_limit   = 1',
290
			'virtual_transport = maildrop',
pedro_morgan's avatar
pedro_morgan committed
291
292
293
294
			'header_checks = regexp:'.$config_dir.'/header_checks',
			'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks',
			'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks',
			'body_checks = regexp:'.$config_dir.'/body_checks'
295
296
		);
		
pedro_morgan's avatar
pedro_morgan committed
297
298
299
300
301
		//* Create the header and body check files
		touch($config_dir.'/header_checks');
		touch($config_dir.'/mime_header_checks');
		touch($config_dir.'/nested_header_checks');
		touch($config_dir.'/body_checks');
302
303
		
		
pedro_morgan's avatar
pedro_morgan committed
304
305
		//* Make a backup copy of the main.cf file
		copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
306
		
pedro_morgan's avatar
pedro_morgan committed
307
		//* Executing the postconf commands
308
309
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
pedro_morgan's avatar
pedro_morgan committed
310
			caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
311
312
313
314
315
		}
		
		// TODO: Change the master.cf file
		/*
		Add:
316
317
        maildrop  unix  -       n       n       -       -       pipe
        flags=R user=vmail argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}
318
		*/
tbrehm's avatar
tbrehm committed
319
		if(!stristr($options,'dont-create-certs')) {
pedro_morgan's avatar
pedro_morgan committed
320
321
322
323
			//* Create the SSL certificate
			$command = 'cd '.$config_dir.'; '
                      .'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout '
                      .'smtpd.key -keyform PEM -days 365 -x509';
tbrehm's avatar
tbrehm committed
324
			exec($command);
325
		
pedro_morgan's avatar
pedro_morgan committed
326
327
			$command = 'chmod o= '.$config_dir.'/smtpd.key';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
tbrehm's avatar
tbrehm committed
328
		}
329
		
330
		//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
pedro_morgan's avatar
pedro_morgan committed
331
332
		$command = 'chmod 755  /var/run/courier/authdaemon/';
		caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
333
		
pedro_morgan's avatar
pedro_morgan committed
334
335
336
337
338
339
340
341
		//* Changing maildrop lines in posfix master.cf
		if(is_file($config_dir.'/master.cf')){
            copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
        }
		if(is_file($config_dir.'/master.cf~')){
            exec('chmod 400 '.$config_dir.'/master.cf~');
        }
		$configfile = $config_dir.'/master.cf';
342
		$content = rf($configfile);
343
344
345
346
		$content = str_replace('  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}', 
                   '  flags=R user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
                     $content);
		wf($configfile, $content);
347
		
pedro_morgan's avatar
pedro_morgan committed
348
		//* Writing the Maildrop mailfilter file
349
		$configfile = 'mailfilter';
350
351
352
353
354
355
		if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
            copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
        }
		$content = rf("tpl/$configfile.master");
		$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
		wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
356
		
357
358
359
		//* Create the directory for the custom mailfilters
		$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
360
		
361
362
363
		//* Chmod and chown the .mailfilter file
		$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
364
		
365
366
		$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
367
368
369
370
371
372
		
	}
	
	function configure_saslauthd() {
		global $conf;
		
373
	
374
		$configfile = 'sasl_smtpd.conf';
oliver's avatar
oliver committed
375
376
		if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf')) copy($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~');
		if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf~')) exec('chmod 400 '.$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~');
377
		$content = rf("tpl/".$configfile.".master");
378
379
380
381
		$content = str_replace('{mysql_server_ispconfig_user}',$this->conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$this->conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$this->conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_ip}',$this->conf['mysql']['ip'],$content);
oliver's avatar
oliver committed
382
		wf($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$content);
383
384
385
386
		
		// TODO: Chmod and chown on the config file
		
		
387
388
		
		// Create the spool directory
389
		exec('mkdir -p /var/spool/postfix/var/run/saslauthd');
390
391
		
		// Edit the file /etc/default/saslauthd
oliver's avatar
oliver committed
392
		$configfile = $conf["saslauthd"]["config"];
393
		if(is_file($configfile)) copy($configfile,$configfile.'~');
394
		if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~');
395
396
397
398
399
		$content = rf($configfile);
		$content = str_replace('START=no','START=yes',$content);
		$content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content);
		wf($configfile,$content);
		
400
		// Edit the file /etc/init.d/saslauthd
oliver's avatar
oliver committed
401
		$configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"];
402
403
404
405
406
		$content = rf($configfile);
		$content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid','PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"',$content);
		wf($configfile,$content);
		
		
407
408
	}
	
409
410
	public function configure_pam()
    {
oliver's avatar
oliver committed
411
		$pam = $this->conf['pam'];
412
		//* configure pam for SMTP authentication agains the ispconfig database
413
		$configfile = 'pamd_smtp';
414
415
416
417
418
419
420
421
422
423
424
		if(is_file("$pam/smtp"))    copy("$pam/smtp", "$pam/smtp~");
		if(is_file("$pam/smtp~"))   exec("chmod 400 $pam/smtp~");

		$content = rf("tpl/$configfile.master");
		$content = str_replace('{mysql_server_ispconfig_user}', $this->conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $this->conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $this->conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_ip}', $this->conf['mysql']['ip'], $content);
		wf("$pam/smtp", $content);
		exec("chmod 660 $pam/smtp");
		exec("chown daemon:daemon $pam/smtp");
425
426
427
	
	}
	
428
429
	public function configure_courier()
    {
oliver's avatar
oliver committed
430
		$config_dir = $this->conf['courier']['config_dir'];
431
		//* authmysqlrc
432
		$configfile = 'authmysqlrc';
433
434
435
436
437
438
439
440
441
442
		if(is_file("$config_dir/$configfile")){
            copy("$config_dir/$configfile", "$config_dir/$configfile~");
        }
		exec("chmod 400 $config_dir/$configfile~");
		$content = rf("tpl/$configfile.master");
		$content = str_replace('{mysql_server_ispconfig_user}',$this->conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$this->conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$this->conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_host}',$this->conf['mysql']['host'],$content);
		wf("$config_dir/$configfile", $content);
443
		
444
445
		exec("chmod 660 $config_dir/$configfile");
		exec("chown daemon:daemon $config_dir/$configfile");
446
		
447
		//* authdaemonrc
oliver's avatar
oliver committed
448
		$configfile = $this->conf['courier']['config_dir'].'/authdaemonrc';
449
450
451
452
453
454
		if(is_file($configfile)){
            copy($configfile, $configfile.'~');
        }
		if(is_file($configfile.'~')){
            exec('chmod 400 '.$configfile.'~');
        }
455
		$content = rf($configfile);
456
457
		$content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content);
		wf($configfile, $content);
458
459
460
461
462
463
464
	}
	
	function configure_amavis() {
		global $conf;
		
		// amavisd user config file
		$configfile = 'amavisd_user_config';
oliver's avatar
oliver committed
465
466
		if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["courier"]["config_dir"].'/50-user~');
		if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/conf.d/50-user~');
467
		$content = rf("tpl/".$configfile.".master");
468
469
470
		$content = str_replace('{mysql_server_ispconfig_user}',$this->conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$this->conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$this->conf['mysql']['database'],$content);
471
		$content = str_replace('{mysql_server_port}',$conf["mysql"]["port"],$content);
472
		$content = str_replace('{mysql_server_ip}',$this->conf['mysql']['ip'],$content);
oliver's avatar
oliver committed
473
		wf($conf["amavis"]["config_dir"].'/conf.d/50-user',$content);
474
475
476
477
478
479
480
481
482
483
484
		
		// TODO: chmod and chown on the config file
		
		
		// Adding the amavisd commands to the postfix configuration
		$postconf_commands = array (
			'content_filter = amavis:[127.0.0.1]:10024',
			'receive_override_options = no_address_mappings'
		);
		
		// Make a backup copy of the main.cf file
oliver's avatar
oliver committed
485
		copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~2');
486
487
488
489
		
		// Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
490
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
491
492
493
		}
		
		// Append the configuration for amavisd to the master.cf file
oliver's avatar
oliver committed
494
		if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf',$conf["postfix"]["config_dir"].'/master.cf~');
495
496
497
		$content = rf("tpl/master_cf_amavis.master");
		// Only add the content if we had not addded it before
		if(!stristr("127.0.0.1:10025 inet n - - - - smtpd",$content)) {
oliver's avatar
oliver committed
498
			af($conf["postfix"]["config_dir"].'/master.cf',$content);
499
500
501
502
503
504
505
506
		}
		
		// Add the clamav user to the amavis group
		exec('adduser clamav amavis');
		
		
	}
	
507
508
	public function configure_spamassassin()
    {
509
		//* Enable spamasasssin on debian and ubuntu
510
		$configfile = '/etc/default/spamassassin';
511
		if(is_file($configfile)){
512
            copy($configfile, $configfile.'~');
513
        }
514
		$content = rf($configfile);
515
516
		$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
		wf($configfile, $content);
517
518
	}
	
519
520
	public function configure_getmail()
    {
oliver's avatar
oliver committed
521
		$config_dir = $this->conf['getmail']['config_dir'];
522
523
		
		if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));
524
525
526

		$command = "useradd -d $config_dir getmail";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
tbrehm's avatar
tbrehm committed
527
		
528
529
		$command = "chown -R getmail $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
530
		
531
532
		$command = "chmod -R 700 $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
533
534
	}
	
535
	
536
537
	public function configure_pureftpd()
    {
538
539
		global $conf;
		
oliver's avatar
oliver committed
540
		$config_dir = $this->conf['pureftpd']['config_dir'];
541
542

		//* configure pam for SMTP authentication agains the ispconfig database
543
		$configfile = 'db/mysql.conf';
544
545
546
547
548
549
550
		if(is_file("$config_dir/$configfile")){
            copy("$config_dir/$configfile", "$config_dir/$configfile~");
        }
		if(is_file("$config_dir/$configfile~")){
            exec("chmod 400 $config_dir/$configfile~");
        }
		$content = rf('tpl/pureftpd_mysql.conf.master');
551
552
553
554
555
		$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
		$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
		$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
		$content = str_replace('{server_id}', $conf["server_id"], $content);
556
557
558
559
		wf("$config_dir/$configfile", $content);
		exec("chmod 600 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");
		// **enable chrooting
560
		//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
561
		exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
tbrehm's avatar
tbrehm committed
562
563
	}
	
564
565
	public function configure_mydns()
    {
566
567
568
569
		global $conf;
		
		// configure pam for SMTP authentication agains the ispconfig database
		$configfile = 'mydns.conf';
oliver's avatar
oliver committed
570
571
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile,$conf["mydns"]["config_dir"].'/'.$configfile.'~');
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
572
		$content = rf("tpl/".$configfile.".master");
573
574
575
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
576
		$content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content);
577
		$content = str_replace('{server_id}',$conf["server_id"],$content);
oliver's avatar
oliver committed
578
579
580
		wf($conf["mydns"]["config_dir"].'/'.$configfile,$content);
		exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
		exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
581
582
583
	
	}
	
584
585
586
587
	public function configure_apache()
    {	
		//* Create the logging directory for the vhost logfiles
		exec('mkdir -p /var/log/ispconfig/httpd');
588
589
590
		
	}
	
tbrehm's avatar
tbrehm committed
591
	
592
593
	public function install_ispconfig()
    {
594
595
		global $conf;
		
596
597
598
599
600
		$install_dir = $this->conf['ispconfig_install_dir'];

		//* Create the ISPConfig installation directory
		$command = "mkdir $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
601
		
602
603
604
		//* Create a ISPConfig user and group
		$command = 'groupadd ispconfig';
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
605
		
606
607
		$command = "useradd -g ispconfig -d $install_dir ispconfig";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
608
		
609
610
611
		//* copy the ISPConfig interface part
		$command = "cp -rf ../interface $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
612
		
613
614
615
		//* copy the ISPConfig server part
		$command = "cp -rf ../server $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
616
		
617
		//* Create a symlink, so ISPConfig is accessible via web
618
619
620
		// Replaced by a separate vhost definition for port 8080
		// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
		// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
621
		
622
		//* Create the config file for ISPConfig interface
623
		$configfile = 'config.inc.php';
624
625
626
627
		if(is_file($install_dir.'/interface/lib/'.$configfile)){
            copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
        }
		$content = rf("tpl/$configfile.master");
628
629
630
631
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
632
		wf("$install_dir/interface/lib/$configfile", $content);
633
		
634
		//* Create the config file for ISPConfig server
635
		$configfile = 'config.inc.php';
636
637
638
639
		if(is_file($install_dir.'/server/lib/'.$configfile)){
            copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
        }
		$content = rf("tpl/$configfile.master");
640
641
642
643
644
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
		$content = str_replace('{server_id}', $conf['server_id'], $content);
645
		wf("$install_dir/server/lib/$configfile", $content);
646
		
647
		
648
649
650
651
652
653
654
		//* Enable the server modules and plugins.
		// TODO: Implement a selector which modules and plugins shall be enabled.
		$dir = $install_dir.'/server/mods-available/';
		if (is_dir($dir)) {
			if ($dh = opendir($dir)) {
				while (($file = readdir($dh)) !== false) {
					if($file != '.' && $file != '..') {
655
						if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
656
657
658
659
660
661
662
663
664
665
666
					}
				}
				closedir($dh);
			}
		}
		
		$dir = $install_dir.'/server/plugins-available/';
		if (is_dir($dir)) {
			if ($dh = opendir($dir)) {
				while (($file = readdir($dh)) !== false) {
					if($file != '.' && $file != '..') {
667
						if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
668
669
670
671
672
					}
				}
				closedir($dh);
			}
		}
673
		
674
675
676
		//* Chmod the files
		$command = "chmod -R 750 $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
677

678
679
680
		//* chown the files to the ispconfig user and group
		$command = "chown -R ispconfig:ispconfig $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
681
		
682
		//* Make the global language file directory group writable
tbrehm's avatar
tbrehm committed
683
		exec("chmod -R 770 $install_dir/interface/lib/lang");
684
		
685
686
687
		//* Make the temp directory for language file exports writable
		exec("chmod -R 770 $install_dir/interface/web/temp");
		
688
689
690
691
692
693
		//* Make all interface language file directories group writable
		$handle = @opendir($install_dir.'/interface/web');
		while ($file = @readdir ($handle)) { 
	   		if ($file != '.' && $file != '..') {
	        	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
					$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
tbrehm's avatar
tbrehm committed
694
					chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang',0770);
695
696
					while ($lang_file = @readdir ($handle2)) {
						if ($lang_file != '.' && $lang_file != '..') {
tbrehm's avatar
tbrehm committed
697
							chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file,0770);
698
699
700
701
702
703
						}
					}
				}
			}
		}
		
704
705
706
		//* make sure that the server config file (not the interface one) is only readable by the root user
		exec("chmod 600 $install_dir/server/lib/$configfile");
		exec("chown root:root $install_dir/server/lib/$configfile");
707
		
708
709
710
		// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
		// and must be fixed as this will allow the apache user to read the ispconfig files.
		// Later this must run as own apache server or via suexec!
711
712
		$command = 'adduser www-data ispconfig';
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
713
		
714
715
716
		//* Make the shell scripts executable
		$command = "chmod +x $install_dir/server/scripts/*.sh";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
717
		
718
		//* Copy the ISPConfig vhost for the controlpanel
719
        // TODO: These are missing! should they be "vhost_dist_*_dir" ?
oliver's avatar
oliver committed
720
721
        $vhost_conf_dir = $this->conf['apache']['vhost_conf_dir'];
        $vhost_conf_enabled_dir = $this->conf['apache']['vhost_conf_enabled_dir'];
daniel's avatar
daniel committed
722
723
724
725
726
        
        
        // Dont just copy over the virtualhost template but add some custom settings
         
        $content = rf("tpl/apache_ispconfig.vhost.master");
727
		$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
daniel's avatar
daniel committed
728
729
730
		wf("$vhost_conf_dir/ispconfig.vhost", $content);
		
		//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
731
732
733
		//* and create the symlink
		if(!is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) {
			exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/ispconfig.vhost");
tbrehm's avatar
tbrehm committed
734
		}
735
736
737
738
		
		// Make the Clamav log files readable by ISPConfig
		exec('chmod +r /var/log/clamav/clamav.log');
		exec('chmod +r /var/log/clamav/freshclam.log');
739
740
741
742
743
744
		
		//* Install the SVN update script
		exec('cp ../helper_scripts/update_from_svn.sh /usr/local/bin/ispconfig_update_from_svn.sh');
		exec('chown root /usr/local/bin/ispconfig_update_from_svn.sh');
		exec('chmod 700 /usr/local/bin/ispconfig_update_from_svn.sh');
		
745
746
		//set the fast cgi starter script to executable
		exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
747
748
	}
	
749
	public function install_crontab()
750
751
752
    {		
		//* Root Crontab
		exec('crontab -u root -l > crontab.txt');
tbrehm's avatar
tbrehm committed
753
754
		$existing_root_cron_jobs = file('crontab.txt');
		
tbrehm's avatar
tbrehm committed
755
756
757
758
		$root_cron_jobs = array(
			'* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null',
			'30 00 * * * /usr/local/ispconfig/server/cron_daily.sh &> /dev/null'
		);
tbrehm's avatar
tbrehm committed
759
		foreach($root_cron_jobs as $cron_job) {
760
			if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
tbrehm's avatar
tbrehm committed
761
762
763
				$existing_root_cron_jobs[] = $cron_job."\n";
			}
		}
764
765
		file_put_contents('crontab.txt', $existing_root_cron_jobs);
		exec('crontab -u root crontab.txt &> /dev/null');
tbrehm's avatar
tbrehm committed
766
767
		unlink('crontab.txt');
		
768
		//* Getmail crontab
oliver's avatar
oliver committed
769
        $cf = $this->conf['getmail'];
770
		exec('crontab -u getmail -l > crontab.txt');
tbrehm's avatar
tbrehm committed
771
772
		$existing_cron_jobs = file('crontab.txt');
		
773
		$cron_jobs = array('*/5 * * * * '.$cf['program'].' -g '.$cf['config_dir'].' -r '.$cf['config_dir'].'/*.conf &> /dev/null');
tbrehm's avatar
tbrehm committed
774
		foreach($cron_jobs as $cron_job) {
775
			if(!in_array($cron_job."\n", $existing_cron_jobs)) {
tbrehm's avatar
tbrehm committed
776
777
778
				$existing_cron_jobs[] = $cron_job."\n";
			}
		}
779
780
		file_put_contents('crontab.txt', $existing_cron_jobs);
		exec('crontab -u getmail crontab.txt &> /dev/null');
tbrehm's avatar
tbrehm committed
781
782
783
		unlink('crontab.txt');
	}
	
784
785
}

786
?>