Skip to content

GitLab

Commit 18152908 authored by latham's avatar latham
Browse files

Remove Microsoft Line endings. Some files have mixed line endings that make Subverison unhappy 

http://lathama.net/Recursively_deleting_Microsoft_end_of_line_characters
parent fb7d1215
Hide whitespace changes
Inline Side-by-side
Showing with 1698 additions and 1698 deletions
install/setrights.php
View file @ 18152908
<?php
/*
Copyright (c) 2007-2011, Till Brehm, projektfarm Gmbh and Oliver Vogel , Meins und Vogel
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
ISPConfig 3 Set Rights. Tries to correct the rights of the clients if they are wrong
*/
error_reporting(E_ALL|E_STRICT);
//** The banner on the command line
echo "\n\n".str_repeat('-',80)."\n";
echo " _____ ___________ _____ __ _ ____
|_ _/ ___| ___ \ / __ \ / _(_) /__ \
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ /
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/
__/ |
|___/ ";
echo "\n".str_repeat('-',80)."\n";
echo "\n\n>>This script tries to repair the client rights \n\n";
//** Include the library with the basic installer functions
require_once('lib/install.lib.php');
//** Include the library with the basic updater functions
require_once('lib/update.lib.php');
//** Include the base class of the installer class
require_once('lib/installer_base.lib.php');
//** Ensure that current working directory is install directory
$cur_dir = getcwd();
if(realpath(dirname(__FILE__)) != $cur_dir) die("Please run installation/update from _inside_ the install directory!\n");
//** Get distribution identifier
$dist = get_distname();
include_once("/usr/local/ispconfig/server/lib/config.inc.php");
$conf_old = $conf;
unset($conf);
if($dist['id'] == '') die('Linux distribution or version not recognized.');
//** Include the distribution-specific installer class library and configuration
if(is_file('dist/lib/'.$dist['baseid'].'.lib.php')) include_once('dist/lib/'.$dist['baseid'].'.lib.php');
include_once('dist/lib/'.$dist['id'].'.lib.php');
include_once('dist/conf/'.$dist['id'].'.conf.php');
//** Get hostname
exec('hostname -f', $tmp_out);
$conf['hostname'] = $tmp_out[0];
unset($tmp_out);
//* Check if this is a master / slave setup
$conf['mysql']['master_slave_setup'] = 'n';
if($conf["mysql"]["master_host"] != '' && $conf["mysql"]["host"] != $conf["mysql"]["master_host"]) {
$conf['mysql']['master_slave_setup'] = 'y';
}
/*
* Try to read the DB-admin settings
*/
$clientdb_host = '';
$clientdb_user = '';
$clientdb_password = '';
include_once("/usr/local/ispconfig/server/lib/mysql_clientdb.conf");
$conf["mysql"]["admin_user"] = $clientdb_user;
$conf["mysql"]["admin_password"] = $clientdb_password;
$clientdb_host = '';
$clientdb_user = '';
$clientdb_password = '';
//** There is a error if user for mysql admin_password if empty
if( empty($conf["mysql"]["admin_password"]) ) {
die("internal error - MYSQL-Root passord not known");
}
$inst = new installer();
//** Initialize the MySQL server connection
include_once('lib/mysql.lib.php');
//* initialize the database
$inst->db = new db();
/*
* The next line is a bit tricky!
* At the automated update we have no connection to the master-db (we don't need it, because
* there are only TWO points, where this is needed)
* 1) update the rights --> the autoupdater sets the rights of all clients when the server is
* autoupdated)
* 2) update the server-settings (is web installed, is mail installed) --> the autoupdates
* doesn't change any of this settings, so there ist no need to update this.
* This means, the autoupdater did not need any connection to the master-db (only to the local bd
* of the master-server). To avoid any problems, we set the master-db to the local one.
*/
$inst->dbmaster = $inst->db;
/*
* If it is NOT a master-slave - Setup then we are at the Master-DB. So set all rights
*/
if($conf['mysql']['master_slave_setup'] != 'y') {
$inst->grant_master_database_rights(true);
}
echo "finished.\n";
?>
<?php
/*
Copyright (c) 2007-2011, Till Brehm, projektfarm Gmbh and Oliver Vogel , Meins und Vogel
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
ISPConfig 3 Set Rights. Tries to correct the rights of the clients if they are wrong
*/
error_reporting(E_ALL|E_STRICT);
//** The banner on the command line
echo "\n\n".str_repeat('-',80)."\n";
echo " _____ ___________ _____ __ _ ____
|_ _/ ___| ___ \ / __ \ / _(_) /__ \
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ /
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/
__/ |
|___/ ";
echo "\n".str_repeat('-',80)."\n";
echo "\n\n>>This script tries to repair the client rights \n\n";
//** Include the library with the basic installer functions
require_once('lib/install.lib.php');
//** Include the library with the basic updater functions
require_once('lib/update.lib.php');
//** Include the base class of the installer class
require_once('lib/installer_base.lib.php');
//** Ensure that current working directory is install directory
$cur_dir = getcwd();
if(realpath(dirname(__FILE__)) != $cur_dir) die("Please run installation/update from _inside_ the install directory!\n");
//** Get distribution identifier
$dist = get_distname();
include_once("/usr/local/ispconfig/server/lib/config.inc.php");
$conf_old = $conf;
unset($conf);
if($dist['id'] == '') die('Linux distribution or version not recognized.');
//** Include the distribution-specific installer class library and configuration
if(is_file('dist/lib/'.$dist['baseid'].'.lib.php')) include_once('dist/lib/'.$dist['baseid'].'.lib.php');
include_once('dist/lib/'.$dist['id'].'.lib.php');
include_once('dist/conf/'.$dist['id'].'.conf.php');
//** Get hostname
exec('hostname -f', $tmp_out);
$conf['hostname'] = $tmp_out[0];
unset($tmp_out);
//* Check if this is a master / slave setup
$conf['mysql']['master_slave_setup'] = 'n';
if($conf["mysql"]["master_host"] != '' && $conf["mysql"]["host"] != $conf["mysql"]["master_host"]) {
$conf['mysql']['master_slave_setup'] = 'y';
}
/*
* Try to read the DB-admin settings
*/
$clientdb_host = '';
$clientdb_user = '';
$clientdb_password = '';
include_once("/usr/local/ispconfig/server/lib/mysql_clientdb.conf");
$conf["mysql"]["admin_user"] = $clientdb_user;
$conf["mysql"]["admin_password"] = $clientdb_password;
$clientdb_host = '';
$clientdb_user = '';
$clientdb_password = '';
//** There is a error if user for mysql admin_password if empty
if( empty($conf["mysql"]["admin_password"]) ) {
die("internal error - MYSQL-Root passord not known");
}
$inst = new installer();
//** Initialize the MySQL server connection
include_once('lib/mysql.lib.php');
//* initialize the database
$inst->db = new db();
/*
* The next line is a bit tricky!
* At the automated update we have no connection to the master-db (we don't need it, because
* there are only TWO points, where this is needed)
* 1) update the rights --> the autoupdater sets the rights of all clients when the server is
* autoupdated)
* 2) update the server-settings (is web installed, is mail installed) --> the autoupdates
* doesn't change any of this settings, so there ist no need to update this.
* This means, the autoupdater did not need any connection to the master-db (only to the local bd
* of the master-server). To avoid any problems, we set the master-db to the local one.
*/
$inst->dbmaster = $inst->db;
/*
* If it is NOT a master-slave - Setup then we are at the Master-DB. So set all rights
*/
if($conf['mysql']['master_slave_setup'] != 'y') {
$inst->grant_master_database_rights(true);
}
echo "finished.\n";
?>
install/sql/incremental/upd_0009.sql
View file @ 18152908
CREATE TABLE IF NOT EXISTS `proxy_reverse` (
`rewrite_id` int(11) NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`rewrite_url_src` varchar(100) NOT NULL,
`rewrite_url_dst` varchar(100) NOT NULL,
`active` enum('n','y') NOT NULL default 'y',
PRIMARY KEY (`rewrite_id`)
) ENGINE=MyISAM AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `firewall_filter` (
`firewall_id` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`domain_id` int(11) NOT NULL,
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`rule_name` varchar(100) default NULL,
`rule_id` int(11) default 1,
`src_ip` varchar(20) NOT NULL,
`src_netmask` varchar(20) NOT NULL,
`dst_ip` varchar(20) NOT NULL,
`dst_netmask` varchar(20) NOT NULL,
`src_from_port` varchar(10) NOT NULL,
`src_to_port` varchar(10) NOT NULL,
`dst_to_port` varchar(10) NOT NULL,
`dst_from_port` varchar(10) NOT NULL,
`protocol` varchar(10) default 'tcp',
`inbound_policy` enum('allow','deny','reject','limit') default 'allow',
`outbound_policy` enum('allow','deny','reject','limit') default 'allow',
`active` enum('n','y') NOT NULL default 'y',
`client_id` int(11) NOT NULL,
PRIMARY KEY (`firewall_id`)
) ENGINE=MyISAM AUTO_INCREMENT=12 DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `firewall_forward` (
`firewall_id` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`domain_id` int(11) NOT NULL,
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`application_name` varchar(100) default NULL,
`dst_ip` varchar(20) NOT NULL,
`src_from_port` varchar(10) NOT NULL,
`src_to_port` varchar(10) NOT NULL,
`dst_to_port` varchar(10) NOT NULL,
`dst_from_port` varchar(10) NOT NULL,
`protocol` int(3) default 0,
`active` enum('n','y') NOT NULL default 'y',
`client_id` int(11) NOT NULL,
PRIMARY KEY (`firewall_id`)
) ENGINE=MyISAM AUTO_INCREMENT=12 DEFAULT CHARSET=utf8;
alter table `server` add column `proxy_server` tinyint(1) not null after `vserver_server`;
alter table `server` add column `firewall_server` tinyint(1) not null after `proxy_server`;
alter table `web_domain` add column `nginx_directives` mediumtext not null after `apache_directives`;
CREATE TABLE IF NOT EXISTS `proxy_reverse` (
`rewrite_id` int(11) NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`rewrite_url_src` varchar(100) NOT NULL,
`rewrite_url_dst` varchar(100) NOT NULL,
`active` enum('n','y') NOT NULL default 'y',
PRIMARY KEY (`rewrite_id`)
) ENGINE=MyISAM AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `firewall_filter` (
`firewall_id` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`domain_id` int(11) NOT NULL,
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`rule_name` varchar(100) default NULL,
`rule_id` int(11) default 1,
`src_ip` varchar(20) NOT NULL,
`src_netmask` varchar(20) NOT NULL,
`dst_ip` varchar(20) NOT NULL,
`dst_netmask` varchar(20) NOT NULL,
`src_from_port` varchar(10) NOT NULL,
`src_to_port` varchar(10) NOT NULL,
`dst_to_port` varchar(10) NOT NULL,
`dst_from_port` varchar(10) NOT NULL,
`protocol` varchar(10) default 'tcp',
`inbound_policy` enum('allow','deny','reject','limit') default 'allow',
`outbound_policy` enum('allow','deny','reject','limit') default 'allow',
`active` enum('n','y') NOT NULL default 'y',
`client_id` int(11) NOT NULL,
PRIMARY KEY (`firewall_id`)
) ENGINE=MyISAM AUTO_INCREMENT=12 DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `firewall_forward` (
`firewall_id` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '0',
`domain_id` int(11) NOT NULL,
`sys_groupid` int(11) unsigned NOT NULL default '0',
`sys_perm_user` varchar(5) default NULL,
`sys_perm_group` varchar(5) default NULL,
`sys_perm_other` varchar(5) default NULL,
`server_id` int(11) unsigned NOT NULL default '0',
`application_name` varchar(100) default NULL,
`dst_ip` varchar(20) NOT NULL,
`src_from_port` varchar(10) NOT NULL,
`src_to_port` varchar(10) NOT NULL,
`dst_to_port` varchar(10) NOT NULL,
`dst_from_port` varchar(10) NOT NULL,
`protocol` int(3) default 0,
`active` enum('n','y') NOT NULL default 'y',
`client_id` int(11) NOT NULL,
PRIMARY KEY (`firewall_id`)
) ENGINE=MyISAM AUTO_INCREMENT=12 DEFAULT CHARSET=utf8;
alter table `server` add column `proxy_server` tinyint(1) not null after `vserver_server`;
alter table `server` add column `firewall_server` tinyint(1) not null after `proxy_server`;
alter table `web_domain` add column `nginx_directives` mediumtext not null after `apache_directives`;
install/tpl/nginx_cache.conf.master
View file @ 18152908
proxy_temp_path /var/cache/nginx/temp;
proxy_cache_path /var/cache/nginx/cache levels=1:2 keys_zone=global:60m inactive=15m max_size=1G;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 301 1h;
proxy_cache_valid 404 3m;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
proxy_temp_path /var/cache/nginx/temp;
proxy_cache_path /var/cache/nginx/cache levels=1:2 keys_zone=global:60m inactive=15m max_size=1G;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 301 1h;
proxy_cache_valid 404 3m;
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
install/tpl/nginx_proxy.conf.master
View file @ 18152908
proxy_cache global;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
set $cache_key $scheme$host$uri$is_args$args$cookie_user;
proxy_cache_key $cache_key;
proxy_cache_valid 200 10h;
expires 3d;
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
location = /status {
stub_status on;
allow 127.0.0.1;
allow 192.168.1.0;
deny all;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
allow 192.168.1.0;
deny all;
proxy_cache_purge global $cache_key;
}
proxy_cache global;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
set $cache_key $scheme$host$uri$is_args$args$cookie_user;
proxy_cache_key $cache_key;
proxy_cache_valid 200 10h;
expires 3d;
### force timeouts if one of backend is died ##
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
location = /status {
stub_status on;
allow 127.0.0.1;
allow 192.168.1.0;
deny all;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
allow 192.168.1.0;
deny all;
proxy_cache_purge global $cache_key;
}
install/tpl/squid.conf.master
View file @ 18152908
# This configuration file requires squid 2.5+. It is untested with squid 3.x.
# BASIC CONFIGURATION
# ------------------------------------------------------------------------------
visible_hostname {server_name}
# port on which to listen
http_port {ip_address}:80 vhost defaultsite={server_name}
# set cache directory and size (1000 MB) - be sure to set the cache size to
# about 10% less than the physical space available to leave room for squid's
# swap files and other temp files
cache_dir ufs /var/spool/squid 100 16 256
cache_mgr webmaster@{server_name}
# LOGS
# ------------------------------------------------------------------------------
log_icp_queries off
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
cache_effective_user nobody
cache_effective_group nogroup
# emulate_httpd_log off
# RESOURCES
# ------------------------------------------------------------------------------
# amount of memory used for caching recently accessed objects - defaults to 8 MB
cache_mem 64 MB
maximum_object_size 10 MB # max cached object size
maximum_object_size_in_memory 300 KB # max cached-in-memory object size
# ACCESS CONTROL
# ------------------------------------------------------------------------------
# Basic ACLs
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/32
acl ssl_ports port 443 563
acl safe_ports port 80 443
acl openvz_instances src 192.168.1.0/24
acl squid_server src localhost
acl manager proto cache_object
acl connect method connect
# deny requests to unknown ports
http_access deny !safe_ports
acl accelerated_protocols proto http https
acl accelerated_domains dstdomain url_regex -i "{config_dir}/domains.txt"
acl accelerated_ports myport 80 443
http_access allow accelerated_domains
http_access allow accelerated_ports
http_access allow accelerated_protocols
acl purge method PURGE
http_access allow squid_server purge
http_access allow openvz_instances purge
http_access deny purge
# Reply access
http_reply_access allow all
# Cache manager setup - cache manager can only connect from localhost
# only allow cache manager access from localhost
http_access allow manager localhost
http_access deny manager
# deny connect to other than ssl ports
http_access deny connect !ssl_ports
# ICP access - anybody can access icp methods
icp_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
# CACHE PEERS