Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • ispconfig/ispconfig3
  • RealOpty/ispconfig3
  • Horfic/ispconfig3
  • kingcody/ispconfig3
  • mbethke/ispconfig3
  • harkman/ispconfig3
  • stefanheinen/ispconfig3
  • JanKraljic/ispconfig3
  • pulsweb/ispconfig3
  • kayyy/ispconfig3
  • mwacht/ispconfig3
  • schuetzm/ispconfig3
  • gbg/ispconfig3
  • jproxx/ispconfig3
  • Nilpo/ispconfig3
  • Cambra/ispconfig3
  • crackerizer/ispconfig3
  • simonswine/ispconfig3
  • zbuzanic/ispconfig3
  • alexalouit/ispconfig3
  • guilhermefilippo/ispconfig3
  • kotishe/ispconfig3
  • Rescue9/ispconfig3
  • DmitriyLyalyuev/ispconfig3
  • simon.levesque/ispconfig3
  • Viktor/ispconfig3
  • Dr4c0/ispconfig3
  • stefanmcds-mnt/ispconfig3
  • Konflikted/ispconfig3
  • Schoene/ispconfig3
  • stefan.eertwegh/ispconfig3
  • Quest/ispconfig3
  • bst2002/ispconfig3
  • jphustman/ispconfig3
  • lepirlouit/ispconfig3
  • lolo888/ispconfig3
  • Quetzal/ispconfig3
  • kolorafa/ispconfig3
  • jdsn/ispconfig3
  • mk/ispconfig3
  • jnorell/ispconfig3
  • madalin/ispconfig3
  • edspiner/ispconfig3
  • blu3bird/ispconfig3
  • ITManager/ispconfig3
  • virtualweb/ispconfig3
  • dirkd/ispconfig3
  • jcdirks/ispconfig3
  • bvbmedia/ispconfig3
  • CSoellinger/ispconfig3
  • lutacon/ispconfig3
  • armsby/ispconfig3
  • psantos/ispconfig3
  • pkdevbox_y/ispconfig3
  • tlanger/ispconfig3
  • Krauser/ispconfig3
  • ochorocho/ispconfig3
  • aisfrond/ispconfig3
  • ldrrp/ispconfig3
  • steglicd/ispconfig3
  • darkalex/ispconfig3
  • b.dokimakis/ispconfig3
  • MarioSteinitz/ispconfig3
  • bweston/ispconfig3
  • bob/ispconfig3
  • HHGAG/ispconfig3
  • ark74/ispconfig3
  • fuerni/ispconfig3
  • hexblot/ispconfig3
  • maxxer/ispconfig3
  • JustDevZero/ispconfig3
  • habeggerl/ispconfig3
  • phpexpert/ispconfig3
  • Questler/ispconfig3
  • JanThiel/ispconfig3
  • joni_1993/ispconfig3
  • MePha/ispconfig3
  • flies/ispconfig3
  • macjohnny/ispconfig3
  • csegarra/ispconfig3
  • Tibius/ispconfig3
  • wairuru/ispconfig3
  • pdreissen/ispconfig3
  • mgiworx/ispconfig3
  • michielp/ispconfig3
  • ZarToK/ispconfig3
  • x-f/ispconfig3
  • tomlankhorst/ispconfig3
  • olivier.br/ispconfig3
  • hajti/ispconfig3
  • JaviSabalete/ispconfig3
  • dharman/ispconfig3
  • Martin-enavn/ispconfig3
  • Fr3k4Life/ispconfig3
  • Caldeira/ispconfig3
  • enavn/ispconfig3
  • cybernet2u/ispconfig3
  • Denny/ispconfig3
  • jbbr/ispconfig3
  • kakohari/ispconfig3
  • almere/ispconfig3
  • Kyokata/ispconfig3
  • burn/ispconfig3
  • feldsam/ispconfig3
  • woutervddn/ispconfig3
  • tm/ispconfig3
  • blount/ispconfig3
  • pravdomil/ispconfig3
  • manyk/ispconfig3
  • Poppabear/ispconfig3
  • t1st3/ispconfig3
  • scrat14/ispconfig3
  • ncomputers.org/ispconfig3
  • wlisik/ispconfig3
  • CupOfTea696/ispconfig3
  • ogmelch/ispconfig3
  • techwolf12/ispconfig3
  • timo.boldt/ispconfig3
  • DemoFreak/ispconfig3
  • EndelWar/ispconfig3
  • maanus/ispconfig3
  • ms217/ispconfig3
  • luisvivasb/ispconfig3
  • Ismir/ispconfig3
  • truongld/ispconfig3
  • nhutphan/ispconfig3
  • ram/ispconfig3
  • josemorenoasix/ispconfig3
  • onestepp/ispconfig3
  • gguglielmetti/ispconfig3
  • andre/ispconfig3
  • omig/ispconfig3
  • liane/ispconfig3
  • PVasileff/ispconfig3
  • mattanja/ispconfig3
  • dnl-jst/ispconfig3
  • jkalousek/ispconfig3
  • lgg42/ispconfig3
  • ispcomm/ispconfig3
  • moglgasy/ispconfig3
  • natanfelles/ispconfig3
  • cristiandeluxe/ispconfig3
  • pete/ispconfig3
  • Sosha/ispconfig3
  • shr3k/ispconfig3
  • niceit/ispconfig3
  • dani/ispconfig3
  • Ongaro/ispconfig3
  • Djidel/ispconfig3
  • andre.ballensiefen/ispconfig3
  • qroac/ispconfig3
  • magenbrot/ispconfig3
  • doekia/ispconfig3
  • edersonmora/ispconfig3
  • zucha.imz/ispconfig3
  • ckc/ispconfig3
  • Sroka/ispconfig3
  • batgau/ispconfig3
  • isp/ispconfig3
  • oboumati/ispconfig3
  • mscholz/ispconfig3
  • katiak/ispconfig3
  • jamiroph/ispconfig3
  • buhlerax/ispconfig3
  • johan/ispconfig3
  • KordianBruck/ispconfig3
  • trs997/ispconfig3
  • Funclineal/ispconfig3
  • xals/ispconfig3
  • sververda/ispconfig3
  • presure/ispconfig3
  • vojtech.myslivec/ispconfig3
  • helmo/ispconfig3
  • brody/ispconfig3
  • GameO7er/ispconfig3
  • webslice/ispconfig3
  • ufoonline/ispconfig3
  • alwin/ispconfig3
  • t.heller/ispconfig3
  • philipp/ispconfig3
  • andrzejs/ispconfig3
  • pixcept/ispconfig3
  • tgmedia/ispconfig3
  • Nardol/ispconfig3
  • m42e/ispconfig3
  • condless/ispconfig3
  • alesak/ispconfig3
  • MasonChase/ispconfig3
  • brt/ispconfig3
  • Rusek/ispconfig3
  • credz/ispconfig3
  • fiftyz/ispconfig3
  • dciancu/ispconfig3
  • thom/ispconfig3
  • florian030/ispconfig3
  • Mixasik/ispconfig3
  • SimonSparks/ispconfig3
  • eurodomenii/ispconfig3
  • vitex/ispconfig3
  • mitho/ispconfig3
  • CaptainStarbuck/ispconfig3
  • renky/ispconfig3
  • d--j/ispconfig3
  • inetspec/ispconfig3
  • Christian/ispconfig3
  • lukav/ispconfig3
  • galgenjunge/ispconfig3
  • gody/ispconfig3
  • kpendic/ispconfig3
  • diciannove/ispconfig3
  • tbasler/ispconfig3
  • logifech/ispconfig3
  • maximaweb/ispconfig3
  • tommaso-perondi/ispconfig3
  • francoisPE/ispconfig3
  • elgeorge2k/ispconfig3
  • francoisgrizzlydev/ispconfig3
  • Chris_UK/ispconfig3
  • mrutkowski/ispconfig3
  • mladen074/ispconfig3
  • trogper/ispconfig3
  • Lokutos/ispconfig3
  • manoaratefy/ispconfig3
  • GwynethLlewelyn/ispconfig3
  • tim427/ispconfig3
  • mapreri/ispconfig3
  • gsubiron/ispconfig3
  • eriam/ispconfig3
  • Steveorevo/ispconfig3
  • Jens/ispconfig3
  • ebela/ispconfig3
  • typoworx/ispconfig3
  • teuto.net/ispconfig3
  • sonority/ispconfig3
  • element/ispconfig3
  • Petar/ispconfig3
  • ewsp/ispconfig3
  • bicisteadm/ispconfig3
  • ivmm/ispconfig3
  • blinkenbox/ispconfig3
  • Samgarr/ispconfig3
  • B.Richard/ispconfig3
  • ahrasis/ispconfig3
  • nephi.aust/ispconfig3
  • beastycoding/ispconfig3
  • luttje/ispconfig3
  • hairy/ispconfig3
  • styxtdo/ispconfig3
  • SGr33n/ispconfig3
  • mepstein/ispconfig3
  • kobuki/ispconfig3
  • dachris/ispconfig3
  • mina/ispconfig3
253 results
Show changes
Commits on Source (8459)
Showing
with 729 additions and 3484 deletions
; top-most EditorConfig file
root = true
; Unix-style newlines
[*]
charset = utf-8
end_of_line = LF
insert_final_newline = true
trim_trailing_whitespace = true
indent_style = tab
[*.{htm,html}]
indent_style = space
indent_size = 4
#!/bin/bash
IFS=$'\n'
EX=0
ERRS="" ;
WARNS="" ;
ERRCNT=0 ;
WARNCNT=0 ;
OUTCNT=0 ;
FILECNT=0 ;
DONECNT=0 ;
CMD="find . -type f \( -name \"*.php\" -o -name \"*.lng\" \) -print" ;
if [[ "$1" == "commit" ]] ; then
CMD="git diff-tree --no-commit-id --name-only -r ${CI_COMMIT_SHA} | grep -E '\.(php|lng)$'" ;
fi
FILECNT=$(eval "${CMD} | wc -l") ;
for F in $(eval "$CMD") ; do
if [[ ! -e "${F}" || ! -f "${F}" ]] ; then
continue ;
fi
R=$(php -d error_reporting=E_ALL -d display_errors=On -l "$F" 2>/dev/null) ;
RET=$? ;
R=$(echo "${R}" | sed "/^$/d")
if [ $RET -gt 0 ] ; then
EX=1 ;
echo -n "E" ;
ERRS="${ERRS}${F}:"$'\n'"${R}"$'\n\n' ;
ERRCNT=$((ERRCNT + 1)) ;
else
if [[ "$R" == "Deprecated: "* ]] ; then
echo -n "W" ;
WARNS="${WARNS}${F}:"$'\n'"${R}"$'\n\n' ;
WARNCNT=$((WARNCNT + 1)) ;
else
echo -n "." ;
fi
fi
OUTCNT=$((OUTCNT + 1)) ;
DONECNT=$((DONECNT + 1)) ;
if [ $OUTCNT -ge 40 ] ; then
OUTCNT=0 ;
echo "[${DONECNT}/${FILECNT}]" ;
fi
done
echo ""
echo "--------------------------";
echo "${DONECNT} Files done"
echo "${ERRCNT} Errors"
if [ $ERRCNT -gt 0 ] ; then
echo "${ERRS}"
echo ""
fi
echo "${WARNCNT} Warnings"
if [ $WARNCNT -gt 0 ] ; then
echo ""
echo "${WARNS}"
echo ""
fi
exit $EX
* text=auto
*.php text eol=lf
\ No newline at end of file
.idea
/nbproject/private/
.phplint-cache
# Vim and patch specific excludes
*.swp
*.orig
*.rej
# macOS-specific things to exclude
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
Icon?
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
# Configuration for the Nova editor
.nova
# VS Code files for those working on multiple tools
.vscode/*
*.code-workspace
# Local History for Visual Studio Code
.history/
# Built Visual Studio Code Extensions
*.vsix
# Visual Studio code coverage results
*.coverage
*.coveragexml
# Visual Studio IDE cache/options directory
.vs/
# do not version control generated config files
/server/lib/mysql_clientdb.conf
/server/lib/config.inc.php
/server/lib/config.inc.local.php
/interface/lib/config.inc.local.php
/install/existing_db.sql
# Defines stages which are to be executed
stages:
- syntax
- syntax_diff
- test
- build
#
### Stage syntax
#
syntax:lint:
stage: syntax
image: edbizarro/gitlab-ci-pipeline-php:7.2
allow_failure: false
only:
- schedules
- web
- merge_requests
- /^\d+\.\d+\.\d+([p|b]\d+)?$/
script:
- echo "Syntax checking PHP files"
- bash ./.git-scripts/syntax.sh
syntax_diff:lint:
stage: syntax
image: edbizarro/gitlab-ci-pipeline-php:7.2
allow_failure: false
only:
- web
- pushes
- branches
except:
- schedules
- web
- merge_requests
- /^\d+\.\d+\.\d+([p|b]\d+)?$/
script:
- echo "Syntax checking PHP files"
- bash ./.git-scripts/syntax.sh commit
#syntax:lint:
# stage: syntax
# image: edbizarro/gitlab-ci-pipeline-php:7.2
# allow_failure: false
# only:
# - schedules
# - web
# - merge_requests
#
# script:
# - composer require overtrue/phplint
# - echo "Syntax checking PHP files"
# - echo "For more information http://www.icosaedro.it/phplint/"
# - vendor/bin/phplint
#test:install:
# stage: test
# image: jerob/docker-ispconfig
# only:
# - schedules
# - web
# - /^\d+\.\d+\.\d+$/
#
# script:
# - $CI_PROJECT_DIR/helper_scripts/test_install_docker.sh
# - apt-get update
# - apt-get --yes install curl
# - curl --insecure https://127.0.0.1:8080/login/
# - ps xaf
#
# needs: ["syntax:lint"]
build:package:
stage: build
image: edbizarro/gitlab-ci-pipeline-php:7.2
only:
refs:
- /^\d+\.\d+\.\d+([p|b]\d+)?$/
- web
script:
- echo "Building release."
- if [[ "$VER" == "" ]] ; then VER="$CI_COMMIT_TAG" ; fi
- if [[ "$VER" == "" ]] ; then VER="3.2dev"$(date +%s) ; fi
- if [[ "$VER" != "" ]] ; then echo "Replacing 3.2dev by $VER" ; sed -i -r 's/3\.2dev/'${VER}'/g' install/tpl/config.inc.php.master install/sql/ispconfig3.sql ; fi
- RET=0
- tar -cpzf ISPConfig-${VER}.tar.gz --exclude "ISPConfig-${VER}.tar.gz" --exclude ".git*" --exclude ".phplint.yml" --transform 's,^\./,ispconfig3_install/,' --mode='0775' ./* || RET=$?
- if [[ $RET > 1 ]] ; then exit $RET ; fi
- echo "Listing tar contents for verification"
- tar -tvf ISPConfig-${VER}.tar.gz
- echo "Uploading file to download server"
- curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ISPConfig-${VER}.tar.gz ftp://${DEPLOY_FTP_SERVER}/web/
- if [[ "$VER" =~ ^[0-9]+\.[0-9]+\.[0-9]+(p[0-9]+)?$ ]] ; then echo "Stable release ${VER}" ; curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ISPConfig-${VER}.tar.gz ftp://${DEPLOY_FTP_SERVER}/web/ISPConfig-3-stable.tar.gz ; echo -n "${VER}" > ispconfig3_version.txt ; curl -u "${DEPLOY_FTP_USER}:${DEPLOY_FTP_PASSWORD}" -T ispconfig3_version.txt ftp://${DEPLOY_FTP_SERVER}/web/ ; else echo "Dev release ${VER}" ; fi
- rm ISPConfig-${VER}.tar.gz
- echo "Download url is https://download.ispconfig.org/ISPConfig-${VER}.tar.gz"
needs: ["syntax:lint"]
allow_failure: false
<!-- Before creating a bug report, please:
- Read the contribution guidelines: https://git.ispconfig.org/ispconfig/ispconfig3/-/blob/develop/CONTRIBUTING.md
- Do not ask support questions here. If you are unsure if your problem is a bug, post a thread on the forum: https://www.howtoforge.com/community/#ispconfig-3.23
- Make sure to remove any content from the description that you did not add. For example, if there are no related log entries, remove the whole "Related log entries" part.
-->
## Summary
<!-- What is happening and what is wrong with that? -->
## Steps to reproduce
1. [First step]
2. [Second step]
3. [and so on...]
## Correct behaviour
<!-- What should happen instead? -->
## Environment
Server OS + version: (Debian 10/Ubuntu 20.04/CentOS 8/...) \
ISPConfig version: (3.1.15p3/3.2.3/3.2dev/...)
<!-- _you can use `grep 'ISPC_APP_VERSION' /usr/local/ispconfig/server/lib/config.inc.php` to get it from the command line_ -->
Software version of the related software:
<!-- You can use 'nginx -v' or 'apachectl -v' to find the webserver version. Use 'php -v' to find the PHP version.> Put this in code blocks, like so: -->
```
Output of the command
```
## Proposed fix
optional, of course.
if you want to post code snippets, please use
```
your code
```
or attach a code file. Best is to create a merge request of course.
## References
if you know of related bugs or feature requests, please reference them by using `#<issuenumber>`, e. g. #6105
if you have done a merge request already, please reference it by using `!<mergenumber>`, e. g. !1444
if you know of a forum post on howtoforge.com that deals with this topic, just add the link to the forum topic here
## Screenshots
optional, of course.
Add screenshots of the problem by clicking "Attach a file" on the bottom right.
## Related log entries
path: ./
jobs: 5
cache: .phplint-cache
extensions:
- php
- lng
exclude:
- vendor
Some guidelines for web development with php.
-----------------------------------------------------
* Unix Line Breaks Only, NO windows breaks please.
* Tabs set at 4 spaces either as tabs or spaces.
* no accidental _<?php space before, within or after a file
* every php file starts and end with <?php ?> no spaces before or after
* error_reporting(E_ALL|E_STRICT) , yep php5
* Magic quotes is gone in php6, get used to it now. config = magic_quotes_gpc() Everything must be quoted
please mark any section that need review or work on with
// TODO
* Add documentation about access levels (public, private, protected).
* Make function / var names on the following way, first word lower, next word(s) first letter upper like. getFirstResult();
Pear coding guiidelines
//*****************************************************************************
// Commenting style
//*****************************************************************************
phpdoc is used for creating and autogenerating the documentation, this means that
some of the comments can be formatted to be included in documentation.
ie the source files are scanned then processed and html docs are created.
The comments break down into the following types
// is uses for removing lines and debug dev etc
//** and //* are used as "sub comments"
/*
is used to comment out blocks
*/
/** is used to create documentaion
* thats over
* lines
*/
If you need to block out a section then use
/*
function redundant_code(){
something here
}
*/
To block out single lines use // and all // are assumed to be redundant test code and NOT comments
// print_r($foo);
For incline comment use //** and //* eg
//** Decide what do do
switch($decide){
//* blow it up
case 'baloon':
$foo->gas(+1);
// test_pressure(); << inline comment
break;
//* Do default action
default:
do_land();
get_gps();
//* following grant greaceful exit
//basket_exit_crash();
basket_exit();
}
Do not use the phpdoc on every function, eg
/**
* Login an user
* @param string user username
* @param string password of user
*/
>>
function login($user, $pass){
.......
}
<<
as this function explains its self, the followinf clean code will suffice
>>
function login($user, $pass){
.......
}
If you do need to explain a function then put un the summary syntax eg
/** Pass an array of values where third param is bar
* $foo['bar'] = 1; // allow an user
* $foo['bar'] = 2; // destroy user
* $foo['bar'] = -1; // recreate
*/
public function do_something($x, $y, $foo){
... do something interesting
}
# Contributing to ISPConfig
ISPConfig is a open source project and community contributions are very welcome. To contribute, please stick to the guidelines.
This document is under development and will be continuously improved.
Please do not refactor existing code and do not change the signature or the behaviour of central functions or libraries. Such changes may only be made by the core development team. We have had many bad experiences with such changes affecting the stability of ISPConfig, so we no longer accept submissions containing such changes. Merge requests containing such changes will be closed and not merged.
# Issues
* Before opening a new issue, use the search function to check if there isn't a bug report / feature request already.
* If you are reporting a bug, please share your OS and PHP (CLI) version.
* If you want to report several bugs or request several features, open a separate issue for each one of them.
* Do note re-open issues that were closed by the core dev team unless something new and important that is not mentioned in the original issue needs to be added. Permanently re-opening issues that we commented on and closed will get your account banned. You may add comments to issues without re-opening them though.
# Branches
* If you are a new user, please send an email to: dev [at] ispconfig [dot] org to receive rights to fork the project.
* Please create an issue for each contribution you want to make.
* Do not put multiple contributions into a single branch and merge request. Each contribution should have it's own branch.
* Do not use the develop branch in your forked project for your contribution. Create a separate branch for each issue.
* Give your branch a name, e. g. `6049-update-the-contributing-doc ` where 6049 is the issue number.
# Merge requests
Please give your merge request a description that shortly states what it is about. Merge requests without a good title or with missing description will get delayed because it is more effort for us to check the meaning of the changes made.
Once again: Do not put multiple things into a single merge request. If you for example fix two issues where one affects apache and one mail users, use separate issues and separate merge requests.
You can group multiple issues in a single merge request if they have the same specific topic, e. g. if you have one issue stating that a language entry in mail users is missing and a second issue that a language entry for server config is missing, you can put both issues into a single branch and merge request. Be sure to include all issue ids (if multiple) into the merge request's description in this case.
* Open a issue for the bug you want to fix / the feature you want to implement
* After opening the issue, commit your changes to your branch
* Note the issue # in every commit
* Update the documentation (New devs will not have access to this. Please send a email to docs@ispconfig.org)
* Add translations for every language
* Use a short title
* Write a clear description - for example, when updating the contributing guidelines with issue #6049: \
"Update of our contributing guidelines \
Closes #6049"
* Please be aware that we are not able to accept merge request that do not stick to the coding guidelines. We need to insist on that to keep the code clean and maintainable.
# Some guidelines for web development with php.
-----------------------------------------------------
* Don't use features that are not supported in PHP 5.4, for compatibility with LTS OS releases, ISPConfig must support PHP 5.4+
* Don't use shorttags. A Shorttag is `<?` and that is confusing with `<?xml` -> always use `<?php`
* Don't use namespaces
* Column names in database tables and database table names are in lowercase
* Classes for the interface are located in interface/lib/classes/ and loaded with $app->uses() or $app->load() functions.
* Classes for the server are located in server/lib/classes/ and loaded with $app->uses() or $app->load() functions.
### Indentations
Indentations are always done with tabs. Do **not** use spaces.
It is recommended to set your IDE to display tabs with a width of 4 spaces.
### Variable and method / function names
Methods and functions should always be written in camel-case. Variables and properties should always be lowercase instead.
**Correct:**
```php
class MyClass {
private $issue_list = [];
private function getMyValue() {
}
}
```
**Wrong:**
```php
class my_class {
private $IssueList = [];
private function get_my_value() {
}
}
```
### Blocks
#### Curly braces
Opening curly braces always have to be in the same line as the preceding condition. They are separated by a single space from the closing paranthesis.
Closing curly braces are always on a separate line after the last statement in the block. The only exception is a do-while block where the logic is inverted.
Curly braces are **always** to be used. Do not leave them out, even if there is only a single statement in the corresponding block.
**Correct:**
```php
if($variable === true) {
}
while($condition) {
}
do {
} while($condition);
```
**Wrong:**
```php
if($variable === true){
}
if($variable === true)
{
}
if($variable === true)
$x = 'no braces';
while($condition) { }
```
#### Short style
The short style of conditional assignments is allowed to be used, but it must not affect readability, e. g. they shall not be nested.
**Allowed:**
```php
$a = 0;
if($condition === true) {
$a = 1;
}
$a = ($condition === true ? 1 : 0);
```
**Disallowed:**
```php
$x = ($condition === true ? ($further == 'foo' ? true : false) : true);
```
#### Spaces and paranthesis
The rules for using spaces are:
- no space after `if`/`while` etc. and the following opening paranthesis
- single space after closing paranthesis and before opening curly brace
- no spaces at the end of a line
- no spaces after opening paranthesis and before closing paranthesis
- single space before and after comparators
**Correct:**
```php
if($variable === $condition) {
}
while(($condition !== false || $condition2 === true) && $n <= 15) {
$n++;
}
```
**Wrong:**
```php
if ($variable===$condition) {
}
while(($condition!==false||$condition2===true))&&$n<=15){
}
```
#### Newlines inside of conditions
Breaking up conditions into separate lines can be done if it positively affects readability.
```php
if($condition === true && ($state === 'completed' || $state === 'pending') && ($processed_by !== null || $process_time < time())) {
}
```
can also be written as
```php
if($condition === true
&& ($state === 'completed' || $state === 'pending')
&& ($processed_by !== null || $process_time < time())
) {
}
```
This must not be abused, e. g. the following is not allowed:
```php
if($a == 1
|| $b == 2) {
}
```
### Arrays
#### Short syntax
Please **do** use short array syntax. We have deprecated the old-style array syntax.
**Correct**:
```php
$var = [];
$var2 = [
'conf' => [
'setting1' => 'value1'
]
];
```
**Wrong:**
```php
$var = array();
$var2 = array(
'conf' => array(
'setting1' => 'value1'
)
);
```
#### Spaces and newlines
When defining an empty array, both brackets shall be on the same line. When defining an array with values, the style depends on the values you are going to assign.
##### List of values
When defining an array with a list of values, e. g. numbers or names, they should be on the same line as the brackets without using new lines, as long as the line does not exceed a total number of characters of about 90. After each comma there has to be a single space.
##### Nested array
When defining a nested array onle the opening bracket is to be on the same line. The closing bracket has to be on a separate line indented by `tabs * level of array`.
##### Examples
```php
// empty array
$a = [];
// array with list of values
$array = [4, 3, 76, 12];
// array with long list of values
$array = [
'This is one entry', 'This is a second one', 'Another one', 'Further entries', 'foo', 'bar', 34, 42, $variable, // newline here for better readability
'Next entry', 'the last entry'
];
// nested array
$array = [
'conf' => [
'level' => 1,
'settings' => [
'window' => 'open',
'door' => 'closed
]
]
];
```
**Not-to-dos:**
```php
$array=[
];
$array = [
1,
4,
35,
23,
345,
11,
221,
'further',
'...'
];
$array=['conf'=>['settings'=>['window' => 'open', 'door' => 'closed]]];
```
### Strings
Whenever possible use single quotes `'` instead of double qoutes `"`. Try not to embedd variables in string. Concatenate them instead.
**Correct:**
```php
// simple text
$var = 'This is a text';
// array index
$array['index'] = 'value';
// text with variables
$var = 'This is a text with ' . $value . ' values inside and at the end: ' . $sum_value;
// dynamic array index
$idx = 'index' . $key;
$value = $array[$idx];
```
**Wrong:**
```php
// simple text
$var = "This is a text";
// array index
$array["index"] = 'value';
// text with variables
$var = "This is a text with $value values inside and at the end: {$sum_value}";
// dynamic array index
$value = $array['index' . $key];
$value = $array["index{$key}"];
```
# Where to store custom settings
## Interface settings
The recommended place to store global interface settings is the ini style global config system
(see system.ini.master file in install/tpl/ to set defaults). The settings file
gets stored inside the ispconfig database. Settings can be accessed with the function:
```
$app->uses('ini_parser,getconf');
$interface_settings = $app->getconf->get_global_config('modulename');
```
where modulename corresponds to the config section in the system.ini.master file.
To make the settings editable under System > interface config, add the new configuration
fields to the file interface/web/admin/form/system_config.tform.php and the corresponding
tempalte file in the templates subfolder of the admin module.
## Server settings
Server settings are stored in the ini style server config system (see server.ini.master template file)
The settings file gets stored inside the ispconfig database in the server table. Settings can be
accessed with the function $app->getconf->get_server_config(....)
Example to access the web configuration:
```
$app->uses('ini_parser,getconf');
$web_config = $app->getconf->get_server_config($server_id,'web');
```
# Learn about the form validators
There are form validators in interface/lib/classes/tform.inc.php to make validating forms easier.
Read about: REGEX,UNIQUE,NOTEMPTY,ISEMAIL,ISINT,ISPOSITIVE,ISIPV4,ISIPV6,ISIP,CUSTOM
Copyright (c) 2007-2020, Till Brehm, ISPConfig UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# ISPConfig - Hosting Control Panel
![ISPConfig logo](https://www.ispconfig.org/wp-content/themes/ispconfig/images/ispconfig_logo.png "") \
Development branch: [![pipeline status](https://git.ispconfig.org/ispconfig/ispconfig3/badges/develop/pipeline.svg)](https://git.ispconfig.org/ispconfig/ispconfig3/commits/develop)
## Functions
- Manage multiple servers from one control panel
- Single server, multiserver and mirrored clusters.
- Webserver management
- Mailserver management
- DNS server management
- Virtualization (OpenVZ)
- Administrator, reseller, client and mailuser login
- Open Source software ([BSD license](LICENSE))
## Supported daemons
- HTTP: Apache2 and NGINX
- HTTP stats: Webalizer, GoAccess and AWStats
- Let's Encrypt: Acme.sh and certbot
- SMTP: Postfix
- POP3/IMAP: Dovecot
- Spamfilter: Rspamd and Amavis
- FTP: PureFTPD
- DNS: BIND9 and PowerDNS[^1]
- Database: MariaDB and MySQL
[^1]: not actively tested
## Supported operating systems
- Debian 9 - 12, and testing
- Ubuntu 16.04 - 22.04
- CentOS 7 and 8
## Auto-install script
You can install the "Perfect Server" with ISPConfig using [our official autoinstaller](https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/)
## Migration tool
The Migration Tool helps you to import data from other control panels (currently ISPConfig 2 and 3 – 3.2, Plesk 10 – 12.5, Plesk Onyx, CPanel[^2] and Confixx 3). For more information, see https://www.ispconfig.org/add-ons/ispconfig-migration-tool/
[^2]: The Migration Toolkit now contains beta support for migrating CPanel to ISPConfig.
## Documentation
You can support ISPConfig development by buying the manual: https://www.ispconfig.org/documentation/
## Contributing
If you like to contribute to the ISPConfig development, please read the contributing guidelines: [CONTRIBUTING.MD](CONTRIBUTING.md)
Please see our GitLab issues for feature requests and bug reports.
---------------------------------------
- ISPConfig 3 ToDo list
---------------------------------------
Please feel free to edit this file, add new tasks,
remove done tasks or assign yourself to a task.
Installer
--------------------------------------
- Load and update system config from file into sql database during installation.
- Add a function to let a server join a existing installation.
Server
--------------------------------------
- Add a backend plugin to configure network card settings. The IP address settings
are stored in the server_ip table.
Mail module
--------------------------------------
- Show mail statistics in the interface. the mail statistics are stored
in the database table mail_traffic and are collected by the file
server/cron_daily.php
DNS module
--------------------------------------
- Add some kind of wizard to create DNS records easily. The idea is to have some
kind of template(s) to create all needed A and MX records defined in the template
with one click and the user has just to enter IP, domain, nameserver and select the
template that he wants to use.
Administration module
--------------------------------------
- Add a firewall configuration form. Any suggestions for a good firewall
script that runs on many linux distributions, or shall we stay with bastille
firewall that is used in ISPConfig 2?
Clients module
--------------------------------------
Sites (web) module
--------------------------------------
- Add a function to the Sites module to create SSL certificates or upload
existing SSL certs and SSL chain files. It might be a good idea to add
this as a new tab named "SSL" to the exiting domain settings form.
- Make sure that changes in the domain name do not break the configuration.
BE-Designer module
--------------------------------------
WARNING: Please do not use the BE Designer at the moment, the serializing function
of the module editor may break some of the existing modules.
- Add a language file editor.
Remoting framework
--------------------------------------
Interface
--------------------------------------
- Enhance the list function to allow soorting by column
- Enhance the paging in lists (e.g. like this: [1 2 3 4 ... 10])
- Use graphical Icons in the lists for on / off columns.
- Add a graphical delete button to the lists.
General tasks
--------------------------------------
- Add, extend or modify comments in PEAR syntax so that they can be read with phpdocumentor.
https://git.ispconfig.org/ispconfig/ispconfig3/issues
$sql_select_policy =
'SELECT *,spamfilter_users.id'.
' FROM spamfilter_users LEFT JOIN spamfilter_policy ON spamfilter_users.policy_id=spamfilter_policy.id'.
' WHERE spamfilter_users.email IN (%k) ORDER BY spamfilter_users.priority DESC';
$sql_select_white_black_list = 'SELECT wb FROM spamfilter_wblist'.
' WHERE (spamfilter_wblist.rid=?) AND (spamfilter_wblist.email IN (%k))' .
' ORDER BY spamfilter_wblist.priority DESC';
\ No newline at end of file
This diff is collapsed.
##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authpgsql authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon
##VERSION: $Id: authmysqlrc,v 1.17 2004/04/20 01:38:17 mrsam Exp $
#
# Copyright 2000-2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authmysqlrc created from authmysqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions. This file
# might contain the MySQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value. Trailing spaces are prohibited.
##NAME: LOCATION:0
#
# The server name, userid, and password used to log in.
MYSQL_SERVER localhost
MYSQL_USERNAME root
MYSQL_PASSWORD
##NAME: MYSQL_SOCKET:0
#
# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the
# filesystem pipe used for the connection
#
# MYSQL_SOCKET /var/run/mysqld/mysqld.sock
##NAME: MYSQL_PORT:0
#
# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to
# connect to.
MYSQL_PORT 0
##NAME: MYSQL_OPT:0
#
# Leave MYSQL_OPT as 0, unless you know what you're doing.
MYSQL_OPT 0
##NAME: MYSQL_DATABASE:0
#
# The name of the MySQL database we will open:
MYSQL_DATABASE mailserver
##NAME: MYSQL_USER_TABLE:0
#
# The name of the table containing your user data. See README.authmysqlrc
# for the required fields in this table.
MYSQL_USER_TABLE mail_box
##NAME: MYSQL_CRYPT_PWFIELD:0
#
# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both
# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext
# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.
MYSQL_CRYPT_PWFIELD cryptpwd
##NAME: MYSQL_CLEAR_PWFIELD:0
#
#
# MYSQL_CLEAR_PWFIELD clear
##NAME: MYSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN example.com
##NAME: MYSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# MYSQL_UID_FIELD - contains the numerical userid of the account
#
MYSQL_UID_FIELD 8
##NAME: MYSQL_GID_FIELD:0
#
# Numerical groupid of the account
MYSQL_GID_FIELD 8
##NAME: MYSQL_LOGIN_FIELD:0
#
# The login id, default is id. Basically the query is:
#
# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid'
#
MYSQL_LOGIN_FIELD email
##NAME: MYSQL_HOME_FIELD:0
#
MYSQL_HOME_FIELD maildir
##NAME: MYSQL_NAME_FIELD:0
#
# The user's name (optional)
#MYSQL_NAME_FIELD name
##NAME: MYSQL_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD).
#
# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this
# out.
#
# MYSQL_MAILDIR_FIELD maildir
##NAME: MYSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# MYSQL_DEFAULTDELIVERY defaultdelivery
##NAME: MYSQL_QUOTA_FIELD:0
#
# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota. See README.maildirquota for more information
#
# MYSQL_QUOTA_FIELD quota
##NAME: MYSQL_AUXOPTIONS:0
#
# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs. These names are additional attributes that define various per-account
# "options", as given in INSTALL's description of the "Account OPTIONS"
# setting.
#
# MYSQL_AUXOPTIONS_FIELD auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.
##NAME: MYSQL_WHERE_CLAUSE:0
#
# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# MYSQL_WHERE_CLAUSE server='mailhost.example.com'
##NAME: MYSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# The username field should include the domain (see example below).
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
# $(local_part), $(domain), $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s. Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location. In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# CONCAT('{MD5}', popbox.password_hash), \
# popbox.clearpw, \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '', \
# domain.quota, \
# '', \
# CONCAT("disableimap=",disableimap,",disablepop3=", \
# disablepop3,",disablewebmail=",disablewebmail, \
# ",sharedgroup=",sharedgroup) \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name
##NAME: MYSQL_ENUMERATE_CLAUSE:0
#
# {EXPERIMENTAL}
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders. The query
# should return the following fields: name, uid, gid, homedir, maildir
#
# Example:
# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \
# domain.uid, \
# domain.gid, \
# CONCAT(domain.path, '/', popbox.mbox_name), \
# '' \
# FROM popbox, domain \
# WHERE popbox.local_part = '$(local_part)' \
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name
##NAME: MYSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing password.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# MYSQL_CHPASS_CLAUSE UPDATE popbox \
# SET clearpw='$(newpass)', \
# password_hash='$(newpass_crypt)' \
# WHERE local_part='$(local_part)' \
# AND domain_name='$(domain)'
#
This diff is collapsed.
This diff is collapsed.
Setting up a chrooted ispconfig 3 installation
--------------------------------------------------------------------
# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
# with the steps below.
#
# This guide is experimental as there are a few cahnges nescessary in
# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
# Install packages
apt-get install debootstrap libapache2-mod-chroot
# Create the chroot enviroment
debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
# Add mountpoints for the chroot env into the fstab file.
echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab
echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab
# mount the filesystems
mount -a
# add a default chroot dir for all users of the sshusers group.
echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf
# copy passwd and group files to the chroot env.
cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
# Create symlinks.
cd /var/www/var/
rm -rf /var/www/var/www
ln -s / www
# Enter the chroot
chroot /var/www
# Update files in the chroot enviroment and install some packages.
# You can ignore warnings about locales, we will fix them in the next step.
apt-get update
apt-get install fakeroot --force-yes -y
apt-get install locales
# Reconfigure locales. Select e.g the en_US* locales.
dpkg-reconfigure locales
# run a dist upgarde.
fakeroot apt-get dist-upgrade
# Install apache and php in the chroot enviroment
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
/etc/init.d/apache2 stop
# Exit the chroot
exit
# Moving the apache configuration is not nescessary, as apache reads
# the config files before it moves into the chroot
# rm -rf /var/www/etc/apache2
# mv -f /etc/apache2 /var/www/etc/
# ln -s /var/www/etc/apache2 /etc/apache2
rm -rf /var/www/etc/php5/cgi/
mv -f /etc/php5/cgi/ /var/www/etc/php5/
ln -s /var/www/etc/php5/cgi /etc/php5/
rm -rf /var/www/etc/php5/apache2/
mv -f /etc/php5/apache2/ /var/www/etc/php5/
ln -s /var/www/etc/php5/apache2 /etc/php5/
ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
# enable mod_chroot
a2enmod mod_chroot
echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
# Start apache
/etc/init.d/apache2 start
# Install ISPConfig
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
cd ispconfig3_install/install/
php -q install.php
cd /tmp/
rm -rf ispconfig3_install
rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
# Move the ispconfig interface part to the chroot enviroment and create a symlink
mkdir /var/www/usr/local/ispconfig
chown ispconfig:ispconfig /var/www/usr/local/ispconfig
chmod 750 /var/www/usr/local/ispconfig
mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
chroot /var/www adduser www-data ispconfig
# Create a link for the mysql socket.
ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
# As an alternative to making a hardlink to the mysql socket,
# change the my.cnf file in the chroot to use tcp sockets.
# This is more secure but a bit slower then using the mysqld.sock file.
# Restart apache
/etc/init.d/apache2 restart
#!/bin/sh
#
# rev 0.6
#
# dxr@brutalsec.net
# 01-09-2009
#
# We can create a script for configure chroot enviroment but,
# YOU MUST UNDERSTAND HOW TO WORK IT for can solve possible
# problems in the future.
#
# Every service has its own chroot enviroment:
# BIND -> chroot
# Apache -> chroot
# Dovecot -> chroot
# Pureftpd -> Apache's chroot
#
# Only apache and php packages aren't installed in real system,
# only in chroot enviroment with symbolic links from real system.
#
# PLEASE, CONFIGURE CHROOT ENVIROMENT IF SECURITY IS REALLY
# IMPORTANT FOR YOU AND YOU KNOWN HOW TO WORK IT!
#
exit 1
1. BACKUP before change something in the system
2. Create partitions
3. Remove possible apache or php installations on real system
4. Prepair Chroot enviroment
5. Linking Webserver aplication from real system
6. mini_sendmail
7. Test services
8. Howto install ispconfig3
9. Migration
1. BACKUP before change something in the system
# If is not a new instalation, then
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
2. Create partitions
/var/www/ Chroot partition (ext3)
/var/www/html/ Chroot system
/var/www/html/var/log/apache2 Log partition (ext3)
/var/www/html/var/www/html Webs partition (xfs)
/var/www/html/tmp Temporal dir (tmpfs, optiones: )
/dev/lvm_foobar1/chroot_lv -> /var/www/ (ext3)
/dev/lvm_foobar2/apachelogs_lv -> /var/www/html/var/log/apache2 (ext3)
/dev/lvm_foobar3/hosting_lv -> /var/www/html/var/www/html (xfs)
mount /dev/lvm_foobar1/chroot_lv /var/www/
mkdir -p /var/www/html/var/log/apache2 /var/www/html/var/www/html
mount /dev/lvm_foobar2/apachelogs_lv /var/www/html/var/log/apache2
mount /dev/lvm_foobar3/hosting_lv /var/www/html/var/www/html
3. Remove possible apache or php installations on real system
# We never wont install apache or php in non-chroot system, if we have installed, we only have do a backup of confgigurations, uninstall, and check every simbolic link
dpkg -l|egrep --color -i 'apache|php'
4. Prepair Chroot enviroment
apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support patch make gcc mysql-server subversion
time debootstrap --arch=amd64 lenny /var/www/html/ ftp://ftp.fr.debian.org/debian/
echo "/proc /var/www/html/proc proc defaults 0 0">>/etc/fstab
echo "devpts /var/www/html/dev/pts devpts defaults 0 0">>/etc/fstab
mount -a
# We must create sshusers group
echo "@sshusers - chroot /var/www/html/">>/etc/security/limits.conf
# After copy, we must clean unnecessary users and groups
cp -r /etc/{passwd,group,apt} /var/www/html/etc/
chroot /var/www/html apt-get update
chroot /var/www/html apt-get install fakeroot --force-yes -y
chroot /var/www/html apt-get install locales
chroot /var/www/html dpkg-reconfigure locales
mv /usr/lib/apache2 /usr/lib/apache2_old
mv /var/log/apache2 /var/log/apache2_old
mv /var/lock/apache2 /var/lock/apache2_old
mv /var/lib/apache2 /var/lib/apache2_old
mv /usr/lib/php5 /usr/lib/php5_old
mv /etc/apache2 /etc/apache2_old
mv /etc/suphp /etc/suphp_old
chroot /var/www/html apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-chroot php-apc vim libdbd-mysql libdbi-perl
# The non webserver will install outside of chroot
apt-get install postfix pure-ftpd-mysql amavisd-new clamav-getfiles clamav clamav-freshclam
# If you will use courier:
apt-get install courier-ssl courier-pop-ssl courier-pop courier-imap-ssl courier-imap courier-authdaemon
# If you will use dovecot:
apt-get install dovecot-imapd dovecot-pop3d
# If you will use BIND:
apt-get install bind9 bind9utils
chroot /var/www/html /etc/init.d/apache2 stop
chroot /var/www/html a2enmod mod_chroot
chroot /var/www/html a2enmod suexec
echo "ChrootDir /var/www/html" > /var/www/html/etc/apache2/conf.d/mod_chroot.conf
sed -i -e 's#DocumentRoot /var/www/#DocumentRoot /var/www/html/#' /var/www/html/etc/apache2/sites-enabled/000-default
sed -i -e 's#x-httpd-php=php:/usr/bin/php-cgi#x-httpd-php=php:/usr/bin/php-cgi\nx-httpd-suphp=php:/usr/bin/php-cgi\nx-httpd-php=php:/usr/bin/php-cgi#' /var/www/html/etc/suphp/suphp.conf
sed -i -e 's#/var/run/apache2.pid#/var/run/apache2/apache2.pid#' /var/www/html/etc/apache2/envvars
sed -i -e 's/^"syntax on/syntax on/' /etc/vim/vimrc
sed -i -e 's/^"syntax on/syntax on/' /var/www/html/etc/vim/vimrc
# Protect apache configuration. ONLY root can read it
chown root:root /var/www/html/etc/apache2/ && chmod 700 /var/www/html/etc/apache2/
chmod 711 /var/www/html/etc/php5/
5. # Is good idea to add nagios alarm for check every simbolic link is correct.
ln -s /var/www/html/etc/apache2 /etc/apache2
ln -s /var/www/html/etc/suphp /etc/suphp
ln -s /var/www/html/var/run/apache2 /var/run/apache2
ln -s /var/www/html/var/run/apache2.pid /var/run/apache2.pid
ln -s /var/www/html/usr/sbin/apache2ctl /usr/sbin/apache2ctl
ln -s /var/www/html/usr/sbin/apache2 /usr/sbin/apache2
ln -s /var/www/html/usr/lib/apache2 /usr/lib/apache2
ln -s /var/www/html/usr/sbin/a2enmod /usr/sbin/a2enmod
ln -s /var/www/html/usr/sbin/a2dismod /usr/sbin/a2dismod
ln -s /var/www/html/usr/sbin/a2ensite /usr/sbin/a2ensite
ln -s /var/www/html/usr/sbin/a2dissite /usr/sbin/a2dissite
ln -s /var/www/html/var/log/apache2 /var/log/apache2
ln -s /var/www/html/var/lock/apache2 /var/lock/apache2
ln -s /var/www/html/var/lib/apache2 /var/lib/apache2
ln -s /var/www/html/usr/lib/php5 /usr/lib/php5
# Neccessary for to install ispconfig3 from real system:
ln -s /var/www/html/usr/bin/php5 /usr/bin/php5
ln -s /var/www/html/etc/alternatives/php /etc/alternatives/php
ln -s /var/www/html/usr/bin/php /usr/bin/php
ln -s /var/www/html/etc/php5 /etc/php5
6. # Install mini_sendmail for chroot
# We can use mini_sendmail for delivery emails directy in remote servers, but i prefer to control it in central mailserver for check spammers and limit it.
cd /tmp/
wget http://acme.com/software/mini_sendmail/mini_sendmail-1.3.6.tar.gz
tar xzf mini_sendmail-1.3.6.tar.gz
wget http://users1.leipzig.freifunk.net/%7Efirmware-build/brcm_2_4_Broadcom_default/build/openwrt_packages/mail/mini_sendmail/patches/200-fullname.patch
patch -p0 < 200-fullname.patch
cd mini_sendmail-1.3.6
make
# 2e555b2573c3ea65a467a5960f0b51f6 mini_sendmail
mv /var/www/html/usr/lib/sendmail /var/www/html/usr/lib/sendmail_old
mv /var/www/html/usr/sbin/sendmail /var/www/html/usr/sbin/sendmail_old
cp mini_sendmail /var/www/html/usr/sbin/mini_sendmail
cd /var/www/html/usr/lib/ && ln -s ../sbin/mini_sendmail sendmail
/var/www/html/usr/sbin && ln -s mini_sendmail sendmail
# ./mini_sendmail -h
# usage: ./mini_sendmail [-f<name>] [-t] [-s<server>] [-p<port>] [-T<timeout>] [-v] [address ...]
#add to php.ini (/var/www/html/etc/php5/apache2/php.ini /var/www2/etc/php5/cli/php.ini /var/www2/etc/php5/cgi/php.ini line :672)
sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
sed -i -e 's#^;sendmail_path =$#sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1#' /var/www/html/etc/php5/apache2/php.ini /var/www/html/etc/php5/cli/php.ini /var/www/html/etc/php5/cgi/php.ini
7.
# Test
apache2ctl restart
chroot /var/www/html/
# php -i|grep --color sendmail
sendmail_from => no value => no value
sendmail_path => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1 => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
Path to sendmail => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
#
# Sould be good idea check /var/www/html/usr/lib/sendmail /var/www/html/usr/sbin/sendmail and /var/www/html/usr/sbin/mini_sendmail with nagios alarm ;)
8. Install ispconfig ........
cd /tmp/
svn co svn://svn.ispconfig.org/ispconfig3 svn.ispconfig.org
mv /usr/local/ispconfig /var/www/html/usr/local/
ln -s /var/www/html/usr/local/ispconfig /usr/local/ispconfig
### Migration to other server ###
Really easy:
Do step 1
And after do a simple rsync:
screen
time rsync -a --progress root@host1:/var/www/ /var/www/
# Install some apache's dependencies
apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support
Do step 5
Do step 6