Compare revisions

bb37295b · bb37295b · bb37295b · bb37295b · bb37295b · bb37295b
--- a/helper_scripts/cert_check.sh
+++ b/helper_scripts/cert_check.sh
+#!/bin/bash
+chkdata() {
+	F=$1
+	CRT=$2
+	KEY=$3
+	if [[ "$CRT" != "" && "$KEY" != "" ]] ; then
+		if [[ ! -f "$CRT" ]] ; then
+			echo "[WARN] CERTIFICATE FILE ${CRT} MISSING FOR ${F}" ;
+		else 
+			echo -n "Checking ${CRT}" ;
+			CHK=$(openssl x509 -in "${CRT}" -text -noout >/dev/null 2>&1 ; echo $?);
+			if [[ $CHK -ne 0 ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+		if [[ ! -f "$KEY" ]] ; then
+			echo "[WARN] KEY FILE ${KEY} MISSING FOR ${F}" ;
+		else
+			echo -n "Checking ${KEY}" ;
+			CHK=$(openssl rsa -in "${KEY}" -check -noout >/dev/null 2>&1 ; echo $?);
+			if [[ $CHK -ne 0 ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+		if [[ -f "$CRT" && -f "$KEY" ]] ; then
+			echo -n "Checking that key and certificate match";
+			MDCRT=$(openssl x509 -noout -modulus -in "${CRT}" | openssl md5) ;
+			MDKEY=$(openssl rsa -noout -modulus -in "${KEY}" | openssl md5) ;
+			if [[ "$MDCRT" != "$MDKEY" ]] ; then
+				echo " FAILED!" ;
+			else
+				echo " OK" ;
+			fi
+		fi
+		echo "---" ;
+	elif [[ "$CRT" != ""  || "$KEY" != "" ]] ; then
+		echo "[WARN] Check SSL config of ${F}";
+		echo "---" ;
+	fi
+}
+if [[ -d /etc/apache2/sites-enabled ]] ; then
+	echo "Checking enabled apache vhosts" ;
+	for FIL in /etc/apache2/sites-enabled/* ; do
+		CRT=$(grep 'SSLCertificateFile' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		KEY=$(grep 'SSLCertificateKeyFile' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		chkdata "$FIL" "$CRT" "$KEY" ;
+	done
+fi
+if [[ -d /etc/nginx/sites-enabled ]] ; then
+	echo "Checking enabled nginx vhosts" ;
+	for FIL in /etc/nginx/sites-enabled/* ; do
+		CRT=$(grep 'ssl_certificate' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		CRT=${CRT%;}
+		KEY=$(grep 'ssl_certificate_key' "${FIL}" | grep -E -v '^[[:space:]]*#' | awk '{print $2}' | head -n 1) ;
+		KEY=${KEY%;}
+		chkdata "$FIL" "$CRT" "$KEY" ;
+	done
+fi
\ No newline at end of file
--- a/helper_scripts/dns_export_to_bind.php
+++ b/helper_scripts/dns_export_to_bind.php
 <?php
-$host="IP";
+$host="IP_ADDRESS";
-$user="root";
+$user="USERNAME";
 $password="PASSWORD";
-mysql_connect($host,$user,$password) or die(mysql_error());
+mysql_connect($host, $user, $password) or die(mysql_error());
 mysql_select_db("dbispconfig");
 $result = "";
 $result = mysql_query("SELECT id,origin,ns,ttl,mbox,serial,refresh,retry,expire,minimum FROM dns_soa;");
-exec ("rm -f /etc/bind/named.conf.local");
+function hostname2ipfunktion($tmp1, $timeout = 1)
+{
-$fx = fopen("/etc/bind/named.conf.local", "a+");
+	if ($tmp1 == 0)
+	{
-function hostname2ipfunktion($tmp1, $timeout = -1) {
+		$query = `nslookup -timeout=$timeout -retry=0 $tmp1`;
-  if ($tmp1 == 0) {
+		if(preg_match('/\nAddress: (.*)\n/', $query, $matches))
-  $query = `nslookup -timeout=$timeout -retry=0 $tmp1`;
+			return trim($matches[1]);
-  if(preg_match('/\nAddress: (.*)\n/', $query, $matches))
+		return $tmp1;
-     return trim($matches[1]);
+	}
-  return $tmp1;
 }
+$serialsearch=date("Ymd");
+$resultx12 = mysql_query("SELECT origin,serial FROM dns_soa WHERE serial LIKE '$serialsearch%' ORDER BY origin ASC;");
+while ($rowx12=mysql_fetch_array($resultx12)) {
+	$zone=substr($rowx12["origin"], 0, -1);
+	$filename_x1="/var/cache/bind/".$zone;
+	if (file_exists($filename_x1)) {
+		$serialvergleich[$zone]=exec("grep \";Serial\" /var/cache/bind/$zone |cut -d\" \" -f1 | awk '{print $1}'");
+	}
 }
 while($row = mysql_fetch_array($result))
 {
-### Hier ALLES Aktivieren bei Primary Nameserver ########################################################################################
+	//## Hier ALLES Aktivieren bei Primary Nameserver TEIL 1 #################################################################################
-#$tmp1 = substr($row["origin"],0,-1);
+	$varx11=substr($row["origin"], 0, -1);
-#fwrite($fx,"zone \"");
+	$filename="/var/cache/bind/".$varx11;
-#fwrite($fx,substr($row["origin"],0,-1));
+	if (file_exists($filename)) {
-#fwrite($fx,"\" in { type master; file \"");
+		unlink("/var/cache/bind/$varx11");
-#fwrite($fx,substr($row["origin"],0,-1));
+	}
-#fwrite($fx,"\"; };\n");
+	$arr1[$x11]="zone \"$varx11\" in { type master; file \"$varx11\"; };\n";
-#$result2 = mysql_query("select name,type,aux,data from dns_rr where zone=$row[id];");
+	$x11=$x11+1;
-#exec("rm -f /var/cache/bind/$tmp1");
+	$result2 = mysql_query("select name,type,aux,data from dns_rr where zone=$row[id] and active='Y' ORDER BY name ASC;");
-#$f = fopen("/var/cache/bind/$tmp1", "a+");
+	$arr3[0]="\$TTL ".$row['ttl']."\n@ IN SOA ".$row['ns']." ".$row['mbox']." (\n           ".$row['serial']." ;Serial\n"."         ".$row['refresh']." ;Refresh\n"."               ".$row['retry']." ;Retry\n"."           ".$row['expire']." ;Expire\n"."         ".$row['minimum']." ) ;Minimum\n\n";
-#fwrite($f,"\$TTL ");
-#fwrite($f,$row['ttl']);
-#fwrite($f,"\n");
-#fwrite($f,"@ IN SOA ");
-#fwrite($f,$row['ns']);
-#fwrite($f," ");
-#fwrite($f,$row['mbox']);
-#fwrite($f," (");
-#fwrite($f,"\n");
-#fwrite($f,"            ");
-#fwrite($f,$row['serial']);
-#fwrite($f," ;Serial");
-#fwrite($f,"\n");
-#fwrite($f,"            ");
-#fwrite($f,$row['refresh']);
-#fwrite($f," ;Refresh");
-#fwrite($f,"\n");
-#fwrite($f,"            ");
-#fwrite($f,$row['retry']);
-#fwrite($f," ;Retry");
-#fwrite($f,"\n");
-#fwrite($f,"            ");
-#fwrite($f,$row['expire']);
-#fwrite($f," ;Expire");
-#fwrite($f,"\n");
-#fwrite($f,"            ");
-#fwrite($f,$row['minimum']);
-#fwrite($f," )");
-#fwrite($f," ;Minimum");
-#fwrite($f,"\n");
-#fwrite($f,"\n");
-#while($row2 = mysql_fetch_row($result2))
-#{
-#fwrite($f,$row2['0']);
-#fwrite($f," IN ");
-#fwrite($f,$row2['1']);
-#fwrite($f," ");
-#if ($row2['2']>0)
-#{
-#fwrite($f,$row2['2']);
-#fwrite($f," ");
-#}
-#fwrite($f,$row2['3']);
-#fwrite($f,"\n");
-#}
-#fclose($f);
-#### ENDE Primrer Namerserver ###########################################################################################################
-### Hier ALLES Aktivieren bei Secondary Nameserver ######################################################################################
+	$xx1=1;
-$tmp1 = substr($row["ns"],0,-1);
+	while($row2 = mysql_fetch_row($result2))
-$tmp2 = substr($row["origin"],0,-1);
+	{
-$nsip = hostname2ipfunktion($tmp1);
+		$arr2[$xx1]=$row2['0']." IN ".$row2['1']." ";
-if ($nsip == $tmp1) {
-echo "$tmp2 $tmp1 Not a valid Nameserver";
+		if ($row2['2']>0)
-echo "\n";
+		{
-}
+			$arr3[$xx1]=$arr2[$xx1].$row2['2']." ".$row2['3']."\n";
-else {
+		}
-fwrite($fx,"zone \"");
+		else
-fwrite($fx,substr($row["origin"],0,-1));
+		{
-fwrite($fx,"\" in { type slave; file \"");
+			$arr3[$xx1]=$arr2[$xx1].$row2['3']."\n";
-fwrite($fx,substr($row["origin"],0,-1));
+		}
-fwrite($fx,"\"; masters {");
+		$xx1=$xx1+1;
-fwrite($fx,"$nsip; }; };");
+	}
-fwrite($fx,"\n");
+	$f = fopen("/var/cache/bind/$varx11", "a+");
-}
+	foreach($arr3 as $values) fputs($f, $values);
-### ENDE Secondary Nameserver ###########################################################################################################
+	fclose($f);
+	$arr2=array();
+	$arr3=array();
+	//## ENDE Primärer Nameserver TEIL 2 #####################################################################################################
+	//## Hier ALLES Aktivieren bei Secondary Nameserver ######################################################################################
+	//       $tmp1 = substr($row["ns"],0,-1);
+	//       $tmp2 = substr($row["origin"],0,-1);
+	//       if (!isset($dnscache[$tmp1])) $nsip = hostname2ipfunktion($tmp1) ;
+	//       else $nsip=$dnscache[$tmp1] ;
+	//               if ($nsip == $tmp1)
+	//               {
+	//               echo "$tmp2 $tmp1 Not a valid Nameserver";
+	//               echo "\n";
+	//               }
+	//               else
+	//               {
+	//               $dnscache[$tmp1]=$nsip;
+	//               $arr1[$x11]="zone \"".$tmp2."\" in { type slave; file \"".$tmp2."\"; masters {".$nsip."; }; };\n";
+	//               $x11=$x11+1;
+	//               }
+	//## ENDE Secondary Nameserver ###########################################################################################################
 }
+unlink("/etc/bind/named.conf.local");
+$fx = fopen("/etc/bind/named.conf.local", "a+");
+foreach($arr1 as $values) fputs($fx, $values);
 fclose($fx);
-exec("/etc/init.d/bind9 reload");
+system("rndc reconfig >/dev/null 2>&1");
-?>
\ No newline at end of file
+//## ANFANG Primärer Namerserver TEIL 2 ##################################################################################################
+$serialsearch=date("Ymd");
+$resultx13 = mysql_query("SELECT origin,serial FROM dns_soa WHERE serial LIKE '$serialsearch%' ORDER BY origin ASC;");
+while ($rowx13=mysql_fetch_array($resultx13)) {
+	$serial_ist=($rowx13["serial"]);
+	$zone=substr($rowx13["origin"], 0, -1);
+	//       echo "zone: ".$zone." ist: ".$serial_ist." vergleich: ".$serialvergleich[$zone]."\n";
+	if ($serialvergleich[$zone] != $serial_ist) {
+		$reload=system("rndc reload $zone >/dev/null 2>&1");
+	}
+}
+//## ENDE Primärer NamerserverTEIL 2 ######################################################################################################
+?>
--- a/helper_scripts/dns_export_to_bind_retrans_daily.php
+++ b/helper_scripts/dns_export_to_bind_retrans_daily.php
+<?php
+$host="IP_ADDRESS";
+$user="USERNAME";
+$password="PASSWORD";
+mysql_connect($host, $user, $password) or die(mysql_error());
+mysql_select_db("dbispconfig");
+$result = "";
+$result = mysql_query("SELECT origin FROM dns_soa ORDER BY origin ASC;");
+while($row = mysql_fetch_array($result))
+{
+	$zone=substr($row["origin"], 0, -1);
+	system("rndc retransfer ".$zone);
+}
+?>
--- a/helper_scripts/fixcerts
+++ b/helper_scripts/fixcerts
+ #!/bin/bash
+#####################################################################################
+#                                                                                   #
+# Syntax: fixcerts DOMAIN                                                           #
+#                                                                                   #
+# Use: Extend Letsencrypt SSl certificates for commonly grouped services such as    #
+#       Apache,Postfix,Dovecot using Certbot. Useful for keeping all client         #
+#       applications referencing the same virtual domain name, such as auto-config  #
+#       email clients on phones, i.e. mailuser@mydomain.TLD smtp.mydomain.TLD       #
+#       imaps.mydomain.TLD instead of mailuser@mydomain.TLD mail.ISPmaildomain.TLD  #
+#       Also useful when sending mail through services like Gmail that will         #
+#       validate sender through a negotiated TLS encrypted connection.              #
+#                                                                                   #
+#       Ex: sh fixcerts myhosteddomain.com                                          #
+#                                                                                   #
+# Prerequisites:                                                                    #
+#   - A Letsencrypt certificate for the DOMAIN must already exist                   #
+#   - A seperate certificate each for Dovecot and Postfix were previously generated #
+#   - All new host names to add MUST  already exist in DNS at least as a CNAME      #
+#   - Edit the Dovecot/Postfix conf to use the alternate certificate                #
+#   - Set the variable wr_file to a directory that certbot can read and write from  #
+#   - Set the dom_cert=,dv_cert=,pf_cert=,dv_file=, and pf_file= variables          #
+#                                                                                   #
+# In my case, I ran:                                                                #
+#   certbot certonly -webroot /usr/local/ispconfig/interface/acme -d dc.hrst.xyz    #
+#   certbot certonly -webroot /usr/local/ispconfig/interface/acme -d pf.hrst.xyz    #
+#   to create the separate Dovecot and Postscript certificates, then edited and     #
+#   ran the script to extend those certificate, once per hosted domain              #
+#                                                                                   #
+# If you use only one alternate certifcate for both mail services, set both dv_file #
+#     and pf_file to the same file name and set one of  _cert files=""  and         #
+#     use the other. If you don't wish to add to a particular certificate, set the  #
+#     variable ="", such as dom_cert                                                #
+# TODO: Pre-validate desired additions as already existing in DNS                   #
+#       Generate SRV Records and add to DNS to autoconfig clients                   #
+#                                                                                   #
+# Author: tad.hasse@gmail.com                                                       #
+#                                                                                   #
+#####################################################################################
+#bail out on error
+set -e
+# Hostnames to add to the main domain certificate
+dom_cert="webmail"
+# Hostnames to add to the Dovecot domain certificate
+dv_cert="pop3s imap"
+# Hostnames to add to the Postfix domain certificate
+pf_cert="mail smtp smtps"
+# Name of the certificate file that handles Dovecot
+dv_file="dc.hrst.xyz"
+# Name of the certificate file that handles Postfix
+pf_file="pf.hrst.xyz"
+# Writeable webroot for certbot (I use ISPConfig,
+wr_file="/usr/local/ispconfig/interface/acme"
+new_cert=""
+nanobot=""
+affected_services=""
+if [ -z "$1" ]                           # Is parameter #1 zero length?
+   then
+     echo "-No DOMAIN specified"          # Or no parameter passed.
+     exit 1
+   fi
+#live_check='/etc/letsencrypt/live/'$1
+if [[ ! -d '/etc/letsencrypt/live/'$1 ]]; then
+    echo "- DOMAIN certificate for \"$1\" not found -"
+    exit 1
+   fi
+if [[ ! -d '/etc/letsencrypt/live/'${dv_file} ]]; then
+    echo "- Dovecot/postoffice certificate" ${dv_file}" for \"$1\" not found -"
+    exit 1
+   fi
+if [[ ! -d '/etc/letsencrypt/live/'${pf_file} ]]; then
+    echo "- Postfix/mail certificate" ${pf_file}" for \"$1\" not found -"
+    exit 1
+   fi
+# Have certbot generate its current certificate list for use as input
+certbot certificates >~/certfile
+# Extend base domain certificate which typically only contains the domain.TLD and www.domain.TLD
+if [[ ! -z "${dom_cert}" ]]; then
+    echo
+    new_cert=$(echo $dom_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
+    echo "Adding" ${new_cert} " to "$1
+    nanobot=$(grep -A1 "Certificate Name: "$1 certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed  's/ / -d /g')
+    doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
+    ${doit_cert}
+    affected_services=${affected_services}+"A"
+else
+    echo "Domain Certificate unaffected"
+  fi
+# Extend the Dovecot certificate
+if [[ ! -z "${dv_cert}" ]]; then
+    echo
+    new_cert=$(echo $dv_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
+    echo "Adding" ${new_cert} " to "${dv_file}
+    nanobot=$(grep -A1 "Certificate Name: "${dv_file} certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed  's/ / -d /g')
+    doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
+    ${doit_cert}
+    affected_services=${affected_services}+"D"
+else
+    echo "Dovecot Certificate unaffected"
+  fi
+# Extend the Postscript certificate
+if [[ ! -z "{$pf_cert}" ]]; then
+    echo
+    new_cert=$(echo $pf_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
+    echo "Adding" ${new_cert} " to " ${pf_file}
+    nanobot=$(grep -A1 "Certificate Name: "${pf_file} certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed  's/ / -d /g')
+    doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
+    ${doit_cert}
+    affected_services=${affected_services}+"P"
+else
+    echo "Postfix Certificate unaffected"
+  fi
+  if [[ $affected_services == *"A"* ]]; then
+     echo "Remember to restart the httpd service"
+   fi
+  if [[ $affected_services == *"D"* ]]; then
+    echo "Remember to restart the dovecot/postoffice service"
+   fi
+  if [[ $affected_services == *"P"* ]]; then
+    echo "Remember to restart the postfix/sendmail  service"
+   fi
+echo
+echo
+echo "Add the following SRV records to DNS for client setup for "$1
+  if [[ $affected_services == *"D"* ]]; then
+    echo "_imaps._tcp."$1 "SRV 3600  4 60 993 imaps"
+    echo "_pop3s._tcp."$1 "SRV 3600  6 60 995 pop3s"
+    echo "_imap._tcp."$1 " SRV 3600  8 60 143 imap"
+  fi
+if [[ $affected_services == *"P"* ]]; then
+    echo "_smtps._tcp."$1 "SRV 3600  8 60 465 smtps"
+    echo "_smtp._tcp."$1 " SRV 3600 10 60 587 smtp"
+  fi
\ No newline at end of file
--- a/helper_scripts/gentoo_setup.sh
+++ b/helper_scripts/gentoo_setup.sh
+#!/bin/bash
+# Copyright (c) 2009, Scott Barr <gsbarr@gmail.com>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#    * Redistributions of source code must retain the above copyright
+#      notice, this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above copyright
+#      notice, this list of conditions and the following disclaimer in the
+#      documentation and/or other materials provided with the distribution.
+#    * Neither the name of the <organization> nor the
+#      names of its contributors may be used to endorse or promote products
+#      derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ''AS IS''
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <copyright holder> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+# Global vars
+install_mail="no"
+install_web="no"
+install_ftp="no"
+install_dns="no"
+spinner_pid=0
+version="0.7"
+source_path=`dirname $0`
+source ${source_path}/utils.sh
+function package_has_use_flag()
+{
+        local package=$1
+        local useflag=$2
+        res=`equery -C -N uses $package | grep -o -P "^ [-+]{1} \+ $useflag"`
+        [ -n "$res" ]
+}
+function package_is_emerged()
+{
+		local package=$1
+		installed=`equery -C -N list -e -i $1 | grep $1 | grep "^\[I"`
+		[ -n "$installed" ]
+}
+function is_package_installed()
+{
+        local usechange="no"
+        local uselist=""
+        package_is_emerged "$1"
+		installed=$?
+        if [ -n "$2" ] # Use flags parsed
+        then
+                for useflag in $2
+                do
+                        uselist="$uselist +$useflag"
+                        # If the use flag isn't currently set or wasn't enabled when installed we'll need to re-install it.
+                        package_has_use_flag "$1" "$useflag" || usechange="yes"
+                done
+                flagedit $1 $uselist --nowarn
+        fi
+        [ $installed -eq 0 ] && [ "$usechange" == "no" ]
+}
+function install_progress()
+{
+	SP_STRING="/-\\|"
+	packages=( $2 )
+	IP_STRING=`printf "1 of %d" "${#packages[@]}"`
+	loop_count=0
+	nowf=`date +'%b %d, %Y %H:%M'`
+	while [ -d /proc/$1 ] && [ -d /proc/$$ ]
+	do 
+		printf "\e[1;37m\e7[ %1.1s %s ] \e8\e[0m" "$SP_STRING" "$IP_STRING"
+		sleep 0.2
+		if [ $loop_count -lt 8 ]
+		then
+			loop_count=$(($loop_count+1))
+		else
+			current=`sed -n "/Started emerge on: $nowf/,/G/p" /var/log/emerge.log | grep ">>> emerge" | tail -1 | grep -m 1 -o -P "\d+ of \d+"`
+			if [ -n "$current" ]
+			then
+				IP_STRING=$current
+			fi
+			loop_count=0
+		fi
+		SP_STRING=${SP_STRING#"${SP_STRING%?}"}${SP_STRING%?};
+	done
+	printf "%-15s" " "
+}
+function install_packages()
+{
+	local package_list=$1
+	local title=$2
+	if [ -z "$title" ]
+	then
+		title="Installing packages"
+	fi
+	if [ -n "$package_list" ]
+	then
+		echo -e "The following packages are going to be emerged (not including dependencies):"
+		echo -e "$package_list"
+		echo -e ""
+		countdown "00:00:10" Continue in
+		echo -e ""
+		printf "%-40s" "$title"	
+		(emerge $package_list >/dev/null 2>&1) &
+		pid=$!
+		install_progress $pid "$package_list"
+		wait $pid
+		status=$?
+		if [ $status -eq 0 ];
+	    then
+		   echo -e "\e[1;37m[ \e[0m\e[1;32mok\e[0m\e[1;37m ]    \e[0m"
+	    else
+		   echo -e "\e[1;37m[ \e[0m\e[1;31mfailed\e[0m\e[1;37m ]    \e[0m"
+		   echo -e "Failed installing the following packages:"
+		   echo -e "$1"
+		   exit 1
+	    fi
+	else
+		echo -e "No packages to install!"
+	fi
+}
+function install_rcscripts()
+{
+	if [ -n "$1" ]
+	then
+		for rc in $1
+		do
+			res=`rc-status default | grep "$1" | grep -v grep`
+			if [ -z "$res" ]
+			then
+			  printf "\e[1;37m%-40s\e[0m" "Adding $rc to default runlevel"
+			  start_spinner
+			  rc-update add $rc default &> /dev/null
+			  stop_spinner
+			  echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+			fi
+		done
+	fi
+}
+function enable_apache_module()
+{
+	local apache_conffile='/etc/conf.d/apache2'
+	if [ -n "$1" ]
+	then
+		source $apache_conffile
+		if [ $(expr "$APACHE2_OPTS" : ".*$1.*") == "0" ]
+		then
+			APACHE2_OPTS="${APACHE2_OPTS} -D $1"
+			sed -i -e "s:APACHE2_OPTS=\".*\":APACHE2_OPTS=\"${APACHE2_OPTS}\":" $apache_conffile
+		fi
+	fi
+}
+function meta_mail()
+{
+	local package_list=""
+	local add_maildrop=""
+	local remove_ssmtp="no"
+	local rc_scripts=""
+	local use_courier="no"
+	local use_dovecot="no"
+	local useflags_postfix="mysql"
+	local installed_postfix="no"
+	local installed_amavisd="no"
+	valid_input "Do you want to use dovecot or courier?" "dovecot/courier"
+	if [ "$Return_Val" = "dovecot" ]
+	then
+		use_dovecot="yes"
+	else
+	    use_courier="yes"
+	fi
+	echo -e ""
+	printf "\e[1;37m%-40s\e[0m" "Building list of required mail packages"
+	start_spinner
+	if [ "$use_courier" == "yes" ]
+	then
+		is_package_installed "net-libs/courier-authlib" "mysql" || { package_list="$package_list net-libs/courier-authlib"; rc_scripts="$rc_scripts courier-authlib"; }
+		is_package_installed "net-mail/courier-imap" "fam" || { package_list="$package_list net-mail/courier-imap"; rc_scripts="$rc_scripts courier-imapd courier-imapd-ssl courier-pop3d courier-pop3d-ssl"; }
+		is_package_installed "mail-filter/maildrop" || add_maildrop="yes" # Avoid file collision warnings from emerge
+		is_package_installed "dev-libs/cyrus-sasl" "mysql" || { package_list="$package_list dev-libs/cyrus-sasl"; rc_scripts="$rc_scripts saslauthd"; }
+		useflags_postfix="$useflags_postfix sasl"
+	fi
+	if [ "$use_dovecot" == "yes" ]
+	then
+		is_package_installed "net-mail/dovecot" "sieve managesieve maildir" || { package_list="$package_list net-mail/dovecot"; rc_scripts="$rc_scripts dovecot"; }
+		useflags_postfix="$useflags_postfix dovecot-sasl"
+	fi
+	if ! is_package_installed "mail-mta/postfix" "$useflags_postfix"
+	then
+		is_package_installed "mail-mta/ssmtp" && local remove_ssmtp="yes"; # Ssmtp blocks postfix and is installed by default.
+		package_list="$package_list mail-mta/postfix"
+		rc_scripts="$rc_scripts postfix"
+		package_is_emerged "mail-mta/postfix" # USE flag difference will result in re-installing. If we are installing for the first time do some things later.
+		installed=$?
+		if [ $installed -eq 1 ]
+		then
+			installed_postfix="yes"
+		fi
+	fi	
+	is_package_installed "net-mail/getmail" || package_list="$package_list net-mail/getmail"
+	if ! is_package_installed "mail-filter/amavisd-new" "mysql razor spamassassin"
+	then
+		package_list="$package_list mail-filter/amavisd-new"
+		rc_scripts="$rc_scripts amavisd"
+		package_is_emerged "mail-filter/amavisd-new" # USE flag difference will result in re-installing. If we are installing for the first time do some things later.
+		installed=$?
+		if [ $installed -eq 1 ]
+		then
+			installed_amavisd="yes"
+		fi
+	fi
+	is_package_installed "app-antivirus/clamav" || { package_list="$package_list app-antivirus/clamav"; rc_scripts="$rc_scripts clamd"; }
+	is_package_installed "dev-perl/Authen-SASL" || package_list="$package_list dev-perl/Authen-SASL"
+	is_package_installed "dev-perl/perl-ldap" || package_list="$package_list dev-perl/perl-ldap"
+	stop_spinner
+	echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+	if [ "$remove_ssmtp" == "yes" ]
+	then
+		exec_command "emerge --unmerge mail-mta/ssmtp" "Removing ssmtp to install postfix"
+	fi
+	install_packages "$package_list" "Installing mail packages"
+	if [ -n "$add_maildrop" ]
+	then
+		exec_command "COLLISION_IGNORE=\"/usr\" emerge mail-filter/maildrop" "Installing maildrop"
+	fi
+	if [ "$installed_postfix" == "yes" ] && [ ! -d '/etc/mail/aliases.db' ]
+	then
+		postmap /etc/mail/aliases 2> /dev/null
+	fi
+	if [ "$installed_amavisd" == "yes" ]
+	then
+		if [ -e '/usr/share/spamassassin/sa-update-pubkey.txt' ]
+		then
+			sa-update --import /usr/share/spamassassin/sa-update-pubkey.txt
+		fi
+		sa-update
+	fi
+	install_rcscripts "$rc_scripts"
+}
+function meta_web()
+{
+	local package_list=""
+	local fix_jailkit="no"
+	local linguas_add="no"
+	local webmail_add="no"
+	local rc_scripts=""
+	local installed_fcgid="no"
+	if ! is_package_installed "dev-vcs/subversion"
+    then
+		flagedit dev-vcs/subversion -apache2 --nowarn
+    fi
+	is_package_installed "app-portage/layman" "subversion" || exec_command "emerge app-portage/layman" "Installing layman";
+	# Check if sunrise overlay has been enabled
+	if [ -z "$(layman -l | grep sunrise)" ]
+	then
+		layman -q -S > /dev/null
+		exec_command "layman -a sunrise" "Adding/syncing package overlay"
+	fi
+	if [ -z "$(grep 'var/lib/layman' /etc/make.conf)" ]
+	then
+		echo "source /var/lib/layman/make.conf" >> /etc/make.conf
+	fi
+	echo -e ""
+	printf "\e[1;37m%-40s\e[0m" "Building list of required web packages"
+	start_spinner
+	# Check profile and ensure the apache modules ISPConfig needs are enabled.
+	source /etc/make.conf
+	if [ -z "${APACHE2_MODULES+xxx}" ] # Not set, fetch defaults
+	then
+		source /usr/portage/profiles/base/make.defaults
+		echo "APACHE2_MODULES=\"$APACHE2_MODULES\"" >> /etc/make.conf
+		source /etc/make.conf
+	fi
+	local added_module='no'
+	for module in rewrite dav dav_fs auth_digest
+	do
+		if [ $(expr "$APACHE2_MODULES" : ".*$module.*") == "0" ]
+		then
+			APACHE2_MODULES="${APACHE2_MODULES} $module"
+			added_module='yes'
+		fi
+	done
+	if [ "$added_module" == "yes" ]
+	then
+		sed -i -e "s:APACHE2_MODULES=\".*\":APACHE2_MODULES=\"${APACHE2_MODULES}\":" /etc/make.conf
+	fi
+	local added_worker='no'
+	if [ -z "${APACHE2_MPMS+xxx}" ] # Not set, fetch defaults
+	then
+		echo 'APACHE2_MPMS="prefork"' >> /etc/make.conf
+		added_worker='yes'
+	else
+		if [ $(expr "$APACHE2_MPMS" : '.*prefork.*') == "0" ]
+		then
+			APACHE2_MPMS="${APACHE2_MPMS} prefork"
+			sed -i -e "s:APACHE2_MPMS=\".*\":APACHE2_MPMS=\"${APACHE2_MPMS}\":" /etc/make.conf
+			added_worker='yes'
+		fi
+	fi
+	if is_package_installed "www-servers/apache" "ssl suexec doc" || "$added_module" == "yes" || "$added_worker" == "yes"
+	then
+		package_list="$package_list www-servers/apache"
+		rc_scripts="$rc_scripts apache2"
+	fi
+	if ! is_package_installed "www-apache/mod_fcgid"
+	then
+		installed_fcgid="yes"
+		package_list="$package_list www-apache/mod_fcgid"
+	fi
+	if ! is_package_installed "app-admin/webalizer" "vhosts apache2"
+	then
+		is_package_installed "media-libs/gd" "jpeg png" || package_list="$package_list media-libs/gd"
+		if package_has_use_flag "app-admin/webalizer" "nls"
+		then
+			source /etc/make.conf
+			if [ -z "${LINGUAS}" ]
+			then
+				linguas_add="yes"
+			fi
+		fi
+		package_list="$package_list app-admin/webalizer"
+	fi
+	is_package_installed "www-misc/awstats" "vhosts apache2" || package_list="$package_list www-misc/awstats"
+	if ! is_package_installed "app-admin/vlogger" "dbi"
+	then
+		# Check if package is masked
+		if [ -n "$(equery -C -N list -I -o -e app-admin/vlogger | grep app-admin/vlogger | awk '{print $2}' | grep '^\[M')" ]
+		then
+			flagedit app-admin/vlogger -- +~amd64 +~x86 > /dev/null
+		fi
+		package_list="$package_list app-admin/vlogger"
+	fi
+	is_package_installed "app-crypt/mcrypt" || package_list="$package_list app-crypt/mcrypt"
+	is_package_installed "dev-lang/php" "apache2 gd mysql mysqli imap cli cgi pcre xml zlib crypt ctype session unicode mhash ftp soap" || package_list="$package_list dev-lang/php"
+	if ! is_package_installed "www-apache/mod_suphp"
+	then
+		# Check if package is masked
+		if [ -n "$(equery -C -N list -I -p -e www-apache/mod_suphp | grep www-apache/mod_suphp | awk '{print $2}' | grep '^\[M')" ]
+		then
+			flagedit www-apache/mod_suphp -- +~amd64 +~x86 > /dev/null
+		fi
+		package_list="$package_list www-apache/mod_suphp"
+	fi
+	is_package_installed "www-apache/mod_ruby" || package_list="$package_list www-apache/mod_ruby"
+	is_package_installed "media-gfx/imagemagick" "jpeg png tiff" || package_list="$package_list media-gfx/imagemagick"
+	is_package_installed "dev-php/PEAR-PEAR" || package_list="$package_list dev-php/PEAR-PEAR"
+	is_package_installed "dev-php/PEAR-Auth" || package_list="$package_list dev-php/PEAR-Auth"
+	is_package_installed "dev-php5/pecl-imagick" || package_list="$package_list dev-php5/pecl-imagick"
+	is_package_installed "sys-auth/pam_mysql" || package_list="$package_list sys-auth/pam_mysql"
+	is_package_installed "app-admin/sudo" || package_list="$package_list app-admin/sudo"
+	is_package_installed "app-arch/zip" || package_list="$package_list app-arch/zip"
+	if ! is_package_installed "app-admin/jailkit"
+	then
+		# Check if package is masked
+		if [ -n "$(equery -C -N list -I -o -e app-admin/jailkit | grep app-admin/jailkit | awk '{print $2}' | grep '^\[M')" ]
+		then
+			flagedit app-admin/jailkit -- +~amd64 +~x86 > /dev/null
+		fi
+		# The ebuild for jailkit 2.3 has a nasty bug that breaks the login shell. Check for version and
+		# apply the fix if necessary.
+		if [ "$(emerge -pv app-admin/jailkit | grep -o -P '(?<=jailkit-)[\d-.rp_]+')" == "2.3" ]
+		then
+			fix_jailkit="yes"
+			cp /etc/shells /etc/shells~
+		fi
+		package_list="$package_list app-admin/jailkit"
+	fi
+	#if [ "$install_mail" == "yes" ] && ! is_package_installed "mail-client/squirrelmail" "vhosts"
+	#then
+	#	if ! is_package_installed "app-admin/webapp-config"
+	#	then
+	#		package_list="$package_list app-admin/webapp-config"
+	#	fi
+	#	webmail_add="yes"
+	#	package_list="$package_list mail-client/squirrelmail"
+	#fi
+	stop_spinner
+	echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+	if [ "$linguas_add" == "yes" ]
+	then
+		echo -e ""
+		echo -e "The nls use flag is enabled for webalizer and no locale preference is set in make.conf. If "
+		echo -e "not set webalizer will fail to install."
+		echo -e ""
+		accept_locales=`find /usr/share/locale/ -maxdepth 1 -type d -exec basename '{}' \; | grep -v "locale" | sort | tr "\n" "/" | sed -e 's,\(.\)/$,\1,'`
+		valid_input "Set locale value for gettext-based programs to: " "$accept_locales" "en"
+		echo "LINGUAS=\"$Return_Val\"" >> /etc/make.conf
+		echo -e ""
+	fi
+	install_packages "$package_list" "Installing web packages"
+	if [ $? -eq 0 ] && [ "$fix_jailkit" == "yes" ] && [ -z "$(grep 'jk_chrootsh' /etc/shells)" ]
+	then
+		cp /etc/shells /etc/shells.jailkit-v2.3
+		cp /etc/shells~ /etc/shells
+		echo "/usr/sbin/jk_chrootsh" >> /etc/shells
+	fi
+	for config_module in SUEXEC FCGID AUTH_DIGEST DAV DAV_FS RUBY
+	do
+		enable_apache_module "$config_module"
+	done
+	#if [ "$webmail_add" == "yes" ]
+	#then
+	#	exec_command "webapp-config -I -h localhost -u apache -d /webmail squirrelmail $(ls -r /usr/share/webapps/squirrelmail/ | awk '{print $1}')" "Adding squirrelmail to localhost"
+	#fi
+	install_rcscripts "$rc_scripts"
+}
+function meta_ftp()
+{
+	local package_list=""
+	local rc_scripts=""
+	echo -e ""
+	printf "\e[1;37m%-40s\e[0m" "Building list of required ftp packages"
+	start_spinner
+	is_package_installed "net-ftp/pure-ftpd" "mysql" || { package_list="$package_list net-ftp/pure-ftpd"; rc_scripts="$rc_scripts pure-ftpd"; }
+	is_package_installed "sys-fs/quota" || package_list="$package_list sys-fs/quota";
+	if ! is_package_installed "sys-fs/quotatool"
+	then
+		# Check if package is masked
+		if [ -n "$(equery -C -N list -I -p -e sys-fs/quotatool | grep sys-fs/quotatool | awk '{print $2}' | grep '^\[M')" ]
+		then
+			flagedit sys-fs/quotatool -- +~amd64 +~x86 > /dev/null
+		fi
+		package_list="$package_list sys-fs/quotatool"
+	fi
+	stop_spinner
+	echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+	if [ $(expr "$package_list" : '.*sys-fs/quota.*') -ne 0 ]
+	then
+		echo -e ""
+		echo -e "\e[1;33mNotice:\e[0m Don't forget to edit your fstab file and add the usrquota & grpquota options to your data partition."
+		echo -e ""
+		sleep 2
+	fi
+	install_packages "$package_list" "Installing ftp packages"
+	install_rcscripts "$rc_scripts"
+}
+function meta_dns()
+{
+	local package_list=""
+	local use_bind="no"
+	local use_pdns="no"
+	valid_input "Do you want to use bind or powerdns?" "bind/powerdns"
+	if [ "$Return_Val" = "bind" ]
+	then
+		use_bind="yes"
+	else
+	    use_pdns="yes"
+	fi
+	echo -e ""
+	printf "\e[1;37m%-40s\e[0m" "Building list of required dns packages"
+	start_spinner
+	if [ "$use_bind" == "yes" ]
+	then
+		is_package_installed "net-dns/bind" "mysql dlz" || { package_list="$package_list net-dns/bind"; rc_scripts="$rc_scripts named"; }
+	fi
+	if [ "$use_pdns" == "yes" ]
+	then
+		is_package_installed "net-dns/pdns" "mysql" || package_list="$package_list net-dns/pdns";
+	fi
+	stop_spinner
+	echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+	install_packages "$package_list" "Installing dns packages"
+	install_rcscripts "$rc_scripts"
+}
+function meta_all()
+{
+	meta_mail
+	meta_web
+	meta_ftp
+	meta_dns
+}
+case $1 in
+	"--version"|"-h"|"--help")
+		echo -e "Gentoo Linux ISPConfig setup script"
+		echo -e "Version $version"
+		echo -e ""
+		echo -e "No arguments needed, simply execute the script."
+		exit 0
+		;;
+	*)
+		;;
+esac
+clear
+echo -e "\e[1;33mGentoo Linux ISPConfig setup script v$version\e[0m"
+echo -e "\e[1;32m========================================\e[0m"
+echo -e ""
+if [ -e "/etc/gentoo-release" ]
+then
+	BASELAYOUT_VERSION=$(cat /etc/gentoo-release | sed "s/[^0-9.]//g")
+	package_is_emerged "sys-apps/baselayout-$BASELAYOUT_VERSION"
+	installed=$?
+	if [ "$installed" != "0" ]
+	then
+		echo -e ""
+		echo "This script is exclusively for use with a Gentoo Linux system."
+		exit 10
+	fi
+else
+	echo -e ""
+	echo "This script is exclusively for use with a Gentoo Linux system."
+	exit 10
+fi
+sleep 0.5
+valid_input "Would you like to sync portage now?" 
+if [ "$Return_Val" = "yes" ]
+then
+	exec_command "emerge --sync --quiet" "Updating portage tree"
+fi
+# Get all the programs we need to do portage queries etc.
+echo -en "\e[1;37mChecking for required packages\e[0m\n"
+# Verify if gentoolkit has been emerged and install if not
+which equery &> /dev/null
+if [ $? -ne 0 ]
+then
+	exec_command "emerge app-portage/gentoolkit" "Installing gentoolkit"
+fi
+which flagedit &> /dev/null
+if [ $? -ne 0 ]
+then
+	exec_command "emerge app-portage/flagedit" "Installing flagedit"
+fi
+if ! is_package_installed "app-admin/rsyslog"
+then
+	printf "\e[1;37m%-40s\e[0m" "Checking for installed system loggers"
+	start_spinner
+	loggers=( syslog-ng metalog sysklogd  )
+	clogger=""
+	rsyslog_install="yes"
+	for logger in $loggers
+	do
+		if is_package_installed "app-admin/$logger" && [ -n "$(rc-config list default | grep $logger)" ]
+		then
+			clogger=$logger
+			break
+		fi
+	done
+	stop_spinner
+	echo -e "\e[1;37m[ \e[0m\e[1;32mdone\e[0m\e[1;37m ]\e[0m"
+	if [ "$clogger" != "" ]
+	then
+		echo -e ""
+		echo -e "$clogger appears to be installed on your system."
+		echo -e "To use the log monitoring features in ISPConfig"
+		echo -e "the log facilities need to be configured to certain"
+		echo -e "paths. Currently the default rsyslog file is used."
+		echo -e ""
+		valid_input "Would you like to replace $clogger with rsyslog?"
+		if [ "$Return_Val" = "yes" ]
+		then
+			echo -e ""
+			exec_command "/etc/init.d/$clogger stop" "Stopping $clogger"
+			exec_command "rc-update del $clogger default" "Remove $clogger from default runlevel"
+		else
+			rsyslog_install="no"
+		fi
+	fi
+	if [ "$rsyslog_install" == "yes" ]
+	then
+		exec_command "emerge app-admin/rsyslog" "Installing rsyslog"
+		exec_command "/etc/init.d/rsyslog start" "Starting rsyslog"
+		exec_command "rc-update add rsyslog default" "Add rsyslog to default runlevel"
+	fi
+	echo -e ""
+fi
+if ! is_package_installed "dev-db/mysql" "extraengine big-tables"
+then
+	package_is_emerged "dev-db/mysql"
+	installed=$?
+	exec_command "emerge dev-db/mysql" "Installing MySql"
+	if [ $installed -eq 1 ]
+	then
+		echo -e ""
+		echo -e "\e[1;33mNotice:\e[0m Don't forget to set the mysql root password with: /usr/bin/mysqladmin -u root password 'new-password'."
+		echo -e ""
+	fi
+fi
+if [ ! -d '/var/lib/mysql/mysql' ]
+then
+	exec_command "mysql_install_db"	"Set-up mysql grant tables"
+fi
+install_rcscripts "mysql"
+mysql_started=`eselect rc show | grep mysql | grep started | grep -v grep`
+if [ -z "$mysql_started" ]
+then
+	exec_command "/etc/init.d/mysql start"	"Starting MySQL service"
+fi
+which vim &> /dev/null
+if [ $? -ne 0 ]
+then
+	exec_command "emerge app-editors/vim" "Installing vim"
+fi
+is_package_installed "sys-devel/binutils" || exec_command "emerge sys-devel/binutils" "Installing binutils";
+is_package_installed "app-forensics/rkhunter" || exec_command "emerge app-forensics/rkhunter" "Installing rkhunter";
+is_package_installed "net-analyzer/fail2ban" || exec_command "emerge net-analyzer/fail2ban" "Installing fail2ban";
+echo -e ""
+# Service based packages
+echo -en "\e[1;37mService based packages\e[0m\n"
+valid_input "Install all packages or select targeted services?" "all/targeted"
+if [ "$Return_Val" = "all" ]
+then
+	install_mail="yes"
+	install_web="yes"
+	install_ftp="yes"
+	install_dns="yes"
+	meta_all
+else
+	valid_input "Install mail related packages?"
+	install_mail=$Return_Val
+	if [ "$install_mail" = "yes" ]
+	then
+		meta_mail
+	fi
+	echo -e ""
+	echo -e "\e[1;33mNotice:\e[0m If this server is going to run the ISPConfig interface, say 'yes' to web related packages."
+	echo -e ""
+	valid_input "Install web related packages?"
+	install_web=$Return_Val
+	if [ "$install_web" = "yes" ]
+	then
+		meta_web
+	fi
+	echo -e ""
+	valid_input "Install ftp related packages?"
+	install_ftp=$Return_Val
+	if [ "$install_ftp" = "yes" ]
+	then
+		meta_ftp
+	fi
+	echo -e ""
+	valid_input "Install dns related packages?"
+	install_dns=$Return_Val
+	if [ "$install_dns" = "yes" ]
+	then
+		meta_dns
+	fi
+fi
+if [ "$install_web" = "no" ] && ! is_package_installed "dev-lang/php" "-apache2 gd mysql mysqli imap cli cgi pcre xml zlib crypt ctype session unicode mhash ftp"
+then
+	exec_command "emerge dev-lang/php" "Installing PHP"
+fi
+echo -e ""
+echo -e "\e[1;33mSetup script completed\e[0m"
+echo -e "\e[1;32m========================================\e[0m"
+echo -e ""
+valid_input "Do you want to start the ISPConfig installer?"
+if [ "$Return_Val" = "yes" ]
+then
+	clear
+	php -q ../install/install.php
+fi
+exit $?
--- a/helper_scripts/import_dkim.php
+++ b/helper_scripts/import_dkim.php
+<?php
+/**
+ Copyright (c) 2015, Florian Schaal, schaal @it
+ All rights reserved.
+ Redistribution and use in source and binary forms, with or without modification,
+ are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/* define your settings here */
+$username = 'admin';
+$password = 'admin';
+$soap_location = 'http://192.168.0.105:8080/remote/index.php';
+$soap_uri = 'http://192.168.0.105:8080/remote/';
+/* stop editing */
+error_reporting(E_ALL^ E_WARNING);
+exec('which amavisd-new 2> /dev/null', $tmp_output, $tmp_retval);
+if ($tmp_retval != 0) {
+	exec('which amavisd 2> /dev/null', $tmp_output, $tmp_retval);
+	if ($tmp_retval == 0) $amavis = $tmp_output[0];
+} else $amavis = $tmp_output[0];
+if (!isset($amavis)) die ("amavisd not found");
+echo "Importing dkim-settings from amavis.\n\nTo import the settings even when the public-key is not available, use ".$argv[0]." --force\nNOTE: In force-mode dkim will be set to 'no' if no public-key was found.\n\n";
+if ( isset($argv) && isset ($argv[1]) && $argv[1] == '--force' ) $force = true; else $force = false;
+$client = new SoapClient(null, array('location' => $soap_location,
+	'uri'      => $soap_uri,
+	'trace' => 1,
+	'exceptions' => 1));
+exec($amavis.' showkeys', $tmp_output, $tmp_retval);
+foreach ( $tmp_output as $line ) {
+	//* get domain and private key-file
+	if ( preg_match('#^; key#', $line) ) {
+		$line_array = explode(' ', $line);
+		if ( $line_array[2] = 'domain' ) {
+			$domain = rtrim($line_array[3], ',');
+			$private_keyfile = $line_array[4];
+			//* get the public-key from private-key
+			unset($public_key);
+			unset($pubkey);
+			unset($private_key);
+			$private_key = file_get_contents($private_keyfile);
+			if ( isset($private_key) && !empty($private_key)) {
+				exec('echo '.escapeshellarg($private_key).'|openssl rsa -pubout -outform PEM 2> /dev/null',$pubkey,$result);
+				$public_key='';
+				foreach($pubkey as $values) $public_key=$public_key.$values."\n";
+			}
+		}
+	}
+	//* get selector
+	if ( isset($domain) ) {
+		if ( preg_match('/_domainkey.'.$domain.'.* TXT \(/', $line) ) {
+			$line_array = explode(' ', $line);
+			$selector = substr ( $line_array[0], 0, strpos($line_array[0], '.') );
+		}
+	}
+	if ( isset($domain) && isset($selector) && isset($private_keyfile) && isset($public_key) ) {
+		try {
+			if ( !$session_id = $client->login($username, $password) ) {
+				echo 'SOAP-ERROR: Cant login';
+			}
+			echo "\nprocessing ".$domain."...\n";
+			$record = $client->mail_domain_get_by_domain($session_id, $domain);
+			if ( !empty($record) ) {
+				$record = $record[0];
+				echo "  OK: domain exists in the database\n";
+				//* check if the public-key is available
+				exec($amavis.' testkeys '.escapeshellarg($domain).'', $test_output, $test_retval);
+				$pub_key = false;
+				if ( preg_match('/^TESTING.*'.$selector.'._domainkey.'.$domain.'.*pass/',$test_output[0]) ) $pub_key = true;
+   				$client_id = $client->client_get_id($session_id, $record['sys_userid']);
+				unset($test_output);
+				if ( $pub_key ) {
+					$record['dkim_selector'] = $selector;
+					$record['dkim'] = 'y';
+					if ( preg_match("/(^-----BEGIN PUBLIC KEY-----)[a-zA-Z0-9\r\n\/\+=]{1,221}(-----END PUBLIC KEY-----(\n|\r)?$)/", $record['dkim_public'] ) ) {
+						$record['dkim_public'] = $public_key;
+						echo "  OK: public key\n";
+					} else {
+						$record['dkim_public'] = '';
+						$record['dkim'] = 'n';
+						echo "  ERROR: public key invalid\n  disable dkim for ".$domain."\n";
+					}
+					if ( preg_match("/(^-----BEGIN RSA PRIVATE KEY-----)[a-zA-Z0-9\r\n\/\+=]{1,850}(-----END RSA PRIVATE KEY-----(\n|\r)?$)/", $private_key) ) {
+						$record['dkim_private'] = $private_key;
+						echo "  OK: private key\n";
+					} else {
+						$record['dkim_private'] = '';
+						$record['dkim'] = 'n';
+						echo "  ERROR: private key invalid\n  disable dkim for ".$domain."\n";
+					}
+					$client->mail_domain_update($session_id, $client_id, $record['domain_id'], $record);
+					echo "  OK: updating database\n";
+				} else {
+					echo "  ERROR: no public-key available - skipping ".$domain."\n";
+				}
+			} else {
+				echo "  ERROR: domain not in the database - skipping ".$domain."\n";
+			}
+			$client->logout($session_id);
+		} catch (SoapFault $e) {
+			echo $client->__getLastResponse();
+			die('SOAP Error: '.$e->getMessage());
+		}
+		unset($domain);
+		unset($selector);
+	}
+}
+?>
--- a/helper_scripts/import_dkim.txt
+++ b/helper_scripts/import_dkim.txt
+This scripts stores all dkim-keys from the amavis-config to the ispconfig-database
+Create a remote-user with at least rights for mail_domain and clients and adjust the settings for
+$username = 'admin';
+$password = 'admin';
+$soap_location = 'http://192.168.0.105:8080/remote/index.php';
+$soap_uri = 'http://192.168.0.105:8080/remote/';
+in import_dkim.php
--- a/helper_scripts/import_langfile.php
+++ b/helper_scripts/import_langfile.php
+<?php
+/*
+Copyright (c) 2007-2016, Till Brehm, projektfarm Gmbh
+All rights reserved.
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+require "/usr/local/ispconfig/interface/lib/config.inc.php";
+require "/usr/local/ispconfig/interface/lib/app.inc.php";
+set_time_limit(0);
+ini_set('error_reporting', E_ALL & ~E_NOTICE);
+//** Get commandline options
+$cmd_opt = getopt('', array('lng:','isppath::'));
+if(isset($cmd_opt['lng']) && is_file($cmd_opt['lng'])) {
+	// Language file that shall be imported
+	$lang_file = $cmd_opt['lng'];
+} else {
+	die('Usage example: php import_langfile.php --lng=de.lng --isppath=/usr/local/ispconfig'."\n");
+}
+if(isset($cmd_opt['isppath']) && is_dir($cmd_opt['isppath'])) {
+	$ispconfig_path = $cmd_opt['isppath'];
+} else {
+	$ispconfig_path = '/usr/local/ispconfig';
+}
+function normalize_string($string, $quote, $allow_special = false) {
+	$escaped = false;
+	$in_string = true;
+	$new_string = '';
+	for($c = 0; $c < mb_strlen($string); $c++) {
+		$char = mb_substr($string, $c, 1);
+		if($in_string === true && $escaped === false && $char === $quote) {
+			// this marks a string end (e.g. for concatenation)
+			$in_string = false;
+			continue;
+		} elseif($in_string === false) {
+			if($escaped === false && $char === $quote) {
+				$in_string = true;
+				continue;
+			} else {
+				continue; // we strip everything from outside the string!
+			}
+		}
+		if($char === '"' && $escaped === true && $quote === '"') {
+			// unescape this
+			$new_string .= $char;
+			$escaped = false;
+			continue;
+		} elseif($char === "'" && $escaped === false && $quote === '"') {
+			// escape this
+			$new_string .= '\\' . $char;
+			continue;
+		}
+		if($escaped === true) {
+			// the next character is the escaped one.
+			if($allow_special === true && ($char === 'n' || $char === 'r' || $char === 't')) {
+				$new_string .= '\' . "\\' . $char . '" . \'';
+			} else {
+				$new_string .= '\\' . $char;
+			}
+			$escaped = false;
+		} else {
+			if($char === '\\') {
+				$escaped = true;
+			} else {
+				$new_string .= $char;
+			}
+		}
+	}
+	return $new_string;
+}
+function validate_line($line) {
+	$line = trim($line);
+	if($line === '' || $line === '<?php' || $line === '?>') return $line; // don't treat empty lines as malicious
+	$ok = preg_match('/^\s*\$wb\[(["\'])(.*?)\\1\]\s*=\s*(["\'])(.*?)\\3\s*;\s*$/', $line, $matches);
+	if(!$ok) return false; // this line has invalid form and could lead to malfunction
+	$keyquote = $matches[1]; // ' or "
+	$key = $matches[2];
+	if(strpos($key, '"') !== false || strpos($key, "'") !== false) return false;
+	$textquote = $matches[3]; // ' or "
+	$text = $matches[4];
+	$new_line = '$wb[\'';
+	// validate the language key
+	$key = normalize_string($key, $keyquote);
+	$new_line .= $key . '\'] = \'';
+	// validate this text to avoid code injection
+	$text = normalize_string($text, $textquote, true);
+	$new_line .= $text . '\';';
+	return $new_line;
+}
+$lines = file($lang_file);
+define('ISPC_ROOT_PATH', $ispconfig_path.'/interface');
+define('ISPC_LIB_PATH', ISPC_ROOT_PATH.'/lib');
+define('ISPC_WEB_PATH', ISPC_ROOT_PATH.'/web');
+// initial check
+$parts = explode('|', $lines[0]);
+if($parts[0] == '---' && $parts[1] == 'ISPConfig Language File') {
+	unset($lines[0]);
+	$buffer = '';
+	$langfile_path = '';
+	// all other lines
+	$ln = 1;
+	foreach($lines as $line) {
+		$ln++;
+		$parts = explode('|', $line);
+		if(is_array($parts) && count($parts) > 0 && $parts[0] == '--') {
+			// Write language file, if its not the first file
+			if($buffer != '' && $langfile_path != '') {
+				$buffer = trim($buffer)."\n";
+				$msg .= "File written: $langfile_path\n";
+				file_put_contents($langfile_path, $buffer);
+			}
+			// empty buffer and set variables
+			$buffer = '';
+			$module_name = trim($parts[1]);
+			$selected_language = trim($parts[2]);
+			$file_name = trim($parts[3]);
+			if(!preg_match("/^[a-z]{2}$/i", $selected_language)) die("unallowed characters in selected language name: $selected_language");
+			if(!preg_match("/^[a-z_]+$/i", $module_name)) die('unallowed characters in module name.');
+			if(!preg_match("/^[a-z\._\-]+$/i", $file_name) || stristr($file_name, '..')) die("unallowed characters in language file name: '$file_name'");
+			if($module_name == 'global') {
+				$langfile_path = trim(ISPC_LIB_PATH."/lang/".$selected_language.".lng");
+			} else {
+				$langfile_path = trim(ISPC_WEB_PATH.'/'.$module_name.'/lib/lang/'.$file_name);
+			}
+		} elseif(is_array($parts) && count($parts) > 1 && $parts[0] == '---' && $parts[1] == 'EOF') {
+			// EOF line, ignore it.
+		} else {
+			$line = validate_line($line);
+			if($line === false) $error .= "Language file contains invalid language entry on line $ln.\n";
+			else $buffer .= $line."\n";
+		}
+	}
+}
+echo $error;
+echo $msg;
+die("finished import.\n");
+?>
--- a/helper_scripts/multifile_add
+++ b/helper_scripts/multifile_add
+#!/bin/bash
+# Adding a new translation string to the files for all languages.
+# If you already added the string to your current language, be sure to deduplicate.
+new=$(cat << 'EOD'
+$wb['foo_txt'] = 'Some translation';
+EOD
+)
+if [ -z "$1" ]; then
+  echo "Usage: $0 <files>"
+  exit 1
+fi
+for f in $*; do
+	# Preserve a php close tag as the last line.
+	close='?>'
+	if [ "$(tail -n 1 $f)" == "$close" ]; then
+		(	
+			head -n -1 $f;
+			echo "$new";
+			echo "?>";
+		) > ${f}.new
+		mv ${f}.new $f
+	else
+		echo "$new" >> $f
+	fi
+done
--- a/helper_scripts/mydns_to_powerdns_migration.php
+++ b/helper_scripts/mydns_to_powerdns_migration.php
+<?php
+$host="localhost";
+$user="root";
+$password="MYSQL-ROOT-PASSWD";
+mysql_connect($host, $user, $password) or die(mysql_error());
+mysql_select_db("dbispconfig");
+$sql1 = mysql_query("SELECT id, substr(origin,1, LENGTH(origin)-1) AS origin, substr(ns,1, LENGTH(ns)-1) AS ns, substr(mbox,1, LENGTH(mbox)-1) AS mbox,ttl FROM dns_soa order by id asc;");
+mysql_select_db("powerdns");
+while($row1 = mysql_fetch_array($sql1))
+{
+	mysql_query("INSERT INTO domains (id,name,type,ispconfig_id) values ('$row1[id]','$row1[origin]','NATIVE','$row1[id]');");
+	mysql_query("INSERT INTO records (domain_id,name,content,ispconfig_id,type,ttl,prio,change_date) values ('$row1[id]','$row1[origin]','$row1[ns] $row1[mbox] 0','$row1[id]','SOA','$row1[ttl]','0','1260446221');");
+}
+mysql_select_db("dbispconfig");
+$sql2 = mysql_query("SELECT id,zone,name,data,aux,ttl,type FROM dns_rr order by id asc;");
+mysql_select_db("powerdns");
+while($row2 = mysql_fetch_array($sql2))
+{
+	if (strlen($row2['name']))
+	{
+		$file1=substr($row2['data'], -1);
+		if ($file1==".")
+		{
+			$text = $row2['data'];
+			$laenge = strlen($row2['data'])-1;
+			$file2 = substr($text, 0, strlen($text)-1);
+		}
+		else
+		{
+			$file2=$row2['data'];
+		}
+                //
+                // Fix for 'domain.ext.' apex notation
+                //
+                $record_name_end=substr($row2['name'], -1);
+                if ($record_name_end==".")
+                {
+                       // remove trailing dot from apex
+                       $record_name = substr($row2['name'], 0, strlen($row2['name'])-1);
+                }
+                else
+                {
+                       // add domain to make it a fqdn
+                       $record_name = $row2['name'] . "." . $row3['origin'];
+                }
+                print "$row2[name].$row3[origin]" . " $record_name\r\n"; 
+		mysql_select_db("dbispconfig");
+		$sql3 = mysql_query("SELECT substr(origin,1, LENGTH(origin)-1) AS origin FROM dns_soa where id=$row2[zone];");
+		$row3 = mysql_fetch_array($sql3);
+		mysql_select_db("powerdns");
+		mysql_query("INSERT INTO records (domain_id,name,content,ispconfig_id,type,ttl,prio,change_date) values ('$row2[zone]','$record_name','$file2','$row2[id]','$row2[type]','$row2[ttl]','$row2[aux]','1260446221');");
+	}
+	else
+	{
+		$file1=substr($row2['data'], -1);
+		if ($file1==".")
+		{
+			$text = $row2['data'];
+			$laenge = strlen($row2['data'])-1;
+			$file2 = substr($text, 0, strlen($text)-1);
+		}
+		else
+		{
+			$file2=$row2['data'];
+		}
+		mysql_select_db("dbispconfig");
+		$sql3 = mysql_query("SELECT substr(origin,1, LENGTH(origin)-1) AS origin FROM dns_soa where id=$row2[zone];");
+		$row3 = mysql_fetch_array($sql3);
+		mysql_select_db("powerdns");
+		mysql_query("INSERT INTO records (domain_id,name,content,ispconfig_id,type,ttl,prio,change_date) values ('$row2[zone]','$row3[origin]','$file2','$row2[id]','$row2[type]','$row2[ttl]','$row2[aux]','1260446221');");
+	}
+}
+mysql_select_db("powerdns");
+$sql4 = mysql_query("SELECT records.id,records.content,records.type,domains.name FROM records,domains where records.domain_id=domains.id and records.content NOT LIKE '%.%' and (records.type='CNAME' or records.type='NS' or records.type='MX') order by domain_id asc;");
+while($row4 = mysql_fetch_array($sql4))
+{
+	mysql_query("UPDATE records SET content = '$row4[content].$row4[name]' where id='$row4[id]';");
+}
+?>
--- a/helper_scripts/pdns-slave-zone-cleanup.sh
+++ b/helper_scripts/pdns-slave-zone-cleanup.sh
+#!/bin/bash
+#### Config ################################
+DBHOST="localhost"
+DBUSER="powerdns"
+DBPASS="password"
+DATABASE="powerdns"
+DEBUG="no"
+#### End of Config #########################
+REQUIRED_COMMANDS="
+mysql
+host
+grep
+awk
+tail
+"
+# print debug messages to STDERR
+function debug {
+        if [ "${DEBUG}" == "yes" ] ; then
+                echo "DEBUG: $@" >&2
+        fi
+}
+for CMD in ${REQUIRED_COMMANDS} ; do
+        CMDNAME=`echo ${CMD} | awk '{print toupper($1) }' | sed -e s@"-"@""@g`
+        export $(eval "echo ${CMDNAME}")=`which ${CMD} 2>/dev/null`
+        if [ -z "${!CMDNAME}" ] ; then
+                debug "Command: ${CMD} not found!"
+                exit 1
+        else
+                debug "Found command $(echo $CMDNAME) in ${!CMDNAME}"
+        fi
+done
+MYSQLCMD="${MYSQL} -h ${DBHOST} -u ${DBUSER} -p${DBPASS} --skip-column-name --silent -e"
+check() {
+	AUTH=`${HOST} -t SOA ${2} ${1} | ${TAIL} -n1 | ${GREP} "has no SOA record"`
+	if [ "${AUTH}" == "${2} has no SOA record" ]; then
+		debug "Server ${1} has no SOA for ${2} - removing zone..."
+		DOMAIN_ID=`${MYSQLCMD} "USE ${DATABASE}; SELECT id FROM domains WHERE name='${2}' AND type='SLAVE' AND master='${1}' LIMIT 1;"`
+		${MYSQLCMD} "USE ${DATABASE}; DELETE FROM records WHERE domain_id='${DOMAIN_ID}';"
+		${MYSQLCMD} "USE ${DATABASE}; DELETE FROM domains WHERE id='${DOMAIN_ID}';"
+	fi
+}
+MASTERS=(`${MYSQLCMD} "USE ${DATABASE}; SELECT DISTINCT ip FROM supermasters;"`)
+for m in "${MASTERS[@]}"; do
+	NAMES=(`${MYSQLCMD} "USE ${DATABASE}; SELECT name FROM domains WHERE type = 'SLAVE' AND master = '${m}';"`)
+	for d in "${NAMES[@]}"; do
+		check ${m} ${d}
+	done
+done
--- a/helper_scripts/recreate_webalizer_stats.php
+++ b/helper_scripts/recreate_webalizer_stats.php
 <?php
-#######################################################################################################
+//######################################################################################################
 // Re-Create webalizer statistics
-#######################################################################################################
+//######################################################################################################
-$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE server_id = ".$conf["server_id"];
+$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE server_id = ?";
-$records = $app->db->queryAllRecords($sql);
+$records = $app->db->queryAllRecords($sql, $conf["server_id"]);
 foreach($records as $rec) {
-$domain = escapeshellcmd($rec["domain"]);
+	$domain = escapeshellcmd($rec["domain"]);
-$logdir = escapeshellcmd($rec["document_root"].'/log');
+	$logdir = escapeshellcmd($rec["document_root"].'/log');
-$statsdir = escapeshellcmd($rec["document_root"].'/web/stats');
+	$statsdir = escapeshellcmd($rec["document_root"].'/web/stats');
-$webalizer = '/usr/bin/webalizer';
+	$webalizer = '/usr/bin/webalizer';
-$webalizer_conf_main = '/etc/webalizer/webalizer.conf';
+	$webalizer_conf_main = '/etc/webalizer/webalizer.conf';
-$webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf');
+	$webalizer_conf = escapeshellcmd($rec["document_root"].'/log/webalizer.conf');
-exec("rm -rf $webalizer_conf");
+	exec("rm -rf $webalizer_conf");
-if(!@is_file($webalizer_conf)) {
+	if(!@is_file($webalizer_conf)) {
-exec("cp $webalizer_conf_main $webalizer_conf");
+		exec("cp $webalizer_conf_main $webalizer_conf");
-setConfigVar($webalizer_conf, 'Incremental', 'yes');
+		setConfigVar($webalizer_conf, 'Incremental', 'yes');
-setConfigVar($webalizer_conf, 'IncrementalName', $logdir.'/webalizer.current');
+		setConfigVar($webalizer_conf, 'IncrementalName', $logdir.'/webalizer.current');
-setConfigVar($webalizer_conf, 'HistoryName', $logdir.'/webalizer.hist');
+		setConfigVar($webalizer_conf, 'HistoryName', $logdir.'/webalizer.hist');
-}
+	}
-if(!@is_dir($statsdir)) mkdir($statsdir);
+	if(!@is_dir($statsdir)) mkdir($statsdir);
-echo "Remove stats dir $statsdir ...\n";
+	echo "Remove stats dir $statsdir ...\n";
-exec("rm -rf $statsdir/*");
+	exec("rm -rf $statsdir/*");
-echo "Re-Create stats for $domain...\n";
+	echo "Re-Create stats for $domain...\n";
-exec("for logfile in $logdir/*access*; do\n$webalizer -c $webalizer_conf -n $domain -s $domain -r $domain -q -T -p -o $statsdir ".'$logfile'."\ndone");
+	exec("for logfile in $logdir/*access*; do\n$webalizer -c $webalizer_conf -n $domain -s $domain -r $domain -q -T -p -o $statsdir ".'$logfile'."\ndone");
-echo "done.\n";
+	echo "done.\n";
 }
 die("finished.\n");
 ?>
\ No newline at end of file
--- a/helper_scripts/setup_in_openvz/diff_openssl.cnf
+++ b/helper_scripts/setup_in_openvz/diff_openssl.cnf
 # diff openssl.cnf /usr/lib/ssl/openssl.cnf
 68c68
 < default_days	= 3653			# how long to certify for
 ---
 > default_days	= 365			# how long to certify for
 125c125
 < countryName_default		= YOURCOUNTRY
 ---
 > countryName_default		= AU
 130c130
 < stateOrProvinceName_default	= YOURPROVINCE
 ---
 > stateOrProvinceName_default	= Some-State
 135c135
 < 0.organizationName_default	= YOURDOMAIN
 ---
 > 0.organizationName_default	= Internet Widgits Pty Ltd
 142c142
 < organizationalUnitName_default	= ISP
 ---
 > #organizationalUnitName_default	=
 145d144
 < commonName_default		= YOURHOSTNAME
 149d147
 < emailAddress_default		= postmaster@YOURDOMAIN
--- a/helper_scripts/setup_in_openvz/install_server.sh
+++ b/helper_scripts/setup_in_openvz/install_server.sh
 #!/bin/bash
 # Script to configuring an ispconfig3 server in a Debian VPS
 # by calocen [at] gmail [dot] com
 # getting some enviromment values
 myhostname=`hostname -f`
 mydomain=`hostname -d`
 myip=`hostname -i`
 [ ! -x /usr/bin/geoiplookup ] && apt-get --assume-yes install geoip-bin
 mycountry=`geoiplookup $myip | cut -f4 -d" " | cut -f1 -d","`
 myprovince=`geoiplookup $myip | cut -f5 -d" "`
 # reconfiguring webalizer, postfix
 # could be cool to modify here webalizer values
 dpkg-reconfigure -u webalizer
 postconf -e "myhostname =  $myhostname"
 postconf -e "mydestination =  $myhostname, localhost"
 echo $myhostname > /etc/mailname
 dpkg-reconfigure -u postfix
 # request new password
 oldpwd=`grep password /root/.my.cnf | tr "\t" " " | tr -s " " | cut -f3 -d" "`
 read -p "mysql password: [$oldpwd] " mysqlpwd
 [ -z $mysqlpwd ] && mysqlpwd=$oldpwd
 echo $mysqlpwd
 #read -p "Are you sure? (y/n) " sure
 ## who said fear ##
 set -x
 mysqladmin -u root -p$oldpwd password $mysqlpwd
 mysqladmin -u root -p$mysqlpwd -h localhost password $mysqlpwd
 cat << EOF > /root/.my.cnf
 [client]
 password	= $mysqlpwd
 EOF
 chmod 600 /root/.my.cnf
 # changing mydns password
 mysql -e "SET PASSWORD FOR 'mydns'@'%' = PASSWORD( '$mysqlpwd' )"
 mysql -e "SET PASSWORD FOR 'mydns'@'localhost' = PASSWORD( '$mysqlpwd' )"
 cp -ax /etc/mydns.conf /etc/mydns.conf~
 sed s/$oldpwd/$mysqlpwd/g < /etc/mydns.conf~ > /etc/mydns.conf
 # enabling mydns
 mydns --create-tables > /tmp/mydns.sql
 mysql -e "CREATE DATABASE IF NOT EXISTS mydns ; USE mydns ; SOURCE /tmp/mydns.sql;"
 rm /tmp/mydns.*
 invoke-rc.d mydns restart
 # preparing server installation
 mv /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf~
 sed s/"YOURHOSTNAME"/"$myhostname"/g < /usr/local/bin/openssl.cnf |
 sed s/"YOURDOMAIN"/"$mydomain"/g | \
 sed s/"YOURCOUNTRY"/"$mycountry"/g | \
 sed s/"YOURPROVINCE"/"$myprovince"/g > /etc/ssl/openssl.cnf
 tar xfz /root/downloads/ISPConfig-3.0.0.7-beta.tar.gz -C /usr/local/src
 # here would be some stuff to update from SVN
 cd /usr/local/src/ispconfig3_install/install/
 php -q install.php
--- a/helper_scripts/setup_in_openvz/recreate_ssh_and_hostname.sh
+++ b/helper_scripts/setup_in_openvz/recreate_ssh_and_hostname.sh
 #!/bin/bash
 set -x
 echo "" > /etc/resolv.conf
 echo "" > /etc/hostname
 echo "" > /etc/mailname
 rm -f /etc/ssh/ssh_host_*
 cat << EOF > /etc/rc2.d/S15ssh_gen_host_keys
 #!/bin/bash
 ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ''
 ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ''
 dpkg-reconfigure -u webalizer
 postconf -e "myhostname =  $(hostname -f)"
 postconf -e "mydestination =  $(hostname -f), localhost"
 echo $(hostname -f) > /etc/mailname
 dpkg-reconfigure -u postfix
 rm -f \$0
 EOF
 chmod a+x /etc/rc2.d/S15ssh_gen_host_keys
--- a/helper_scripts/test_install_docker.sh
+++ b/helper_scripts/test_install_docker.sh
+#!/bin/sh
+# This script is used from .gitlab-ci.yml to do an automated installation inside a docker container for testing.
+if [ -f /usr/local/ispconfig/interface/lib/config.inc.php ]; then
+	echo "Found an existing configfile, bailing out!"
+  exit 1
+fi
+mysql_install_db
+service mysql start \
+&& echo "UPDATE mysql.user SET Password = PASSWORD('pass') WHERE User = 'root';" | mysql -u root \
+&& echo "UPDATE mysql.user SET plugin='mysql_native_password' where user='root';" | mysql -u root \
+&& echo "DELETE FROM mysql.user WHERE User='';" | mysql -u root \
+&& echo "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" | mysql -u root \
+&& echo "DROP DATABASE IF EXISTS test;" | mysql -u root \
+&& echo "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';" | mysql -u root \
+&& echo "FLUSH PRIVILEGES;" | mysql -u root
+sed -i "s/^hostname=server1.example.com$/hostname=$HOSTNAME/g" /root/ispconfig3_install/install/autoinstall.ini
+service mysql start && php -q $CI_PROJECT_DIR/install/install.php --autoinstall=/root/ispconfig3_install/install/autoinstall.ini
--- a/helper_scripts/ubuntu-amavisd-new-2.11.patch
+++ b/helper_scripts/ubuntu-amavisd-new-2.11.patch
+--- amavisd-new.orig	2017-11-16 11:51:19.000000000 +0100
+++ amavisd-new	2018-05-25 16:53:45.623398108 +0200
+@@ -22829,6 +22829,7 @@
+         }
+         # load policy banks from the 'client_ipaddr_policy' lookup
+         Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl;
+        $msginfo->originating(c('originating'));
+         $msginfo->client_addr($cl_ip);      # ADDR
+         $msginfo->client_port($cl_port);    # PORT
+@@ -34361,6 +34362,7 @@
+     $sig_ind++;
+   }
+   Amavis::load_policy_bank($_,$msginfo) for @bank_names;
+  $msginfo->originating(c('originating'));
+   $msginfo->dkim_signatures_valid(\@signatures_valid)  if @signatures_valid;
+ # if (ll(5) && $sig_ind > 0) {
+ #   # show which header fields are covered by which signature
--- a/helper_scripts/utils.sh
+++ b/helper_scripts/utils.sh
+#!/bin/bash
+# Copyright (c) 2009, Scott Barr <gsbarr@gmail.com>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#    * Redistributions of source code must retain the above copyright
+#      notice, this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above copyright
+#      notice, this list of conditions and the following disclaimer in the
+#      documentation and/or other materials provided with the distribution.
+#    * Neither the name of the <organization> nor the
+#      names of its contributors may be used to endorse or promote products
+#      derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ''AS IS''
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <copyright holder> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+function countdown
+{
+	local OLD_IFS="${IFS}"
+	IFS=":"
+	local ARR=( $1 ) ; shift
+	IFS="${OLD_IFS}"
+	local PREFIX="$*" ; [ -n "${PREFIX}" ] && PREFIX="${PREFIX}"
+	local SECONDS=$((  (ARR[0] * 60 * 60) + (ARR[1] * 60) + ARR[2]  ))
+	local START=$(date +%s)
+	local END=$((START + SECONDS))
+	local CUR=$START
+	while [[ $CUR -lt $END ]]
+	do
+			CUR=$(date +%s)
+			LEFT=$((END-CUR))
+			printf "\r${PREFIX} %02d" \
+					$((LEFT%60))
+			sleep 1
+	done
+	echo "        "
+}
+function outputVar()
+{
+  y=\$"$1"
+  x=`eval "expr \"$y\" "`
+  eval "$1=\"$2\""
+}
+function valid_input()
+{
+  local correct="no"
+  Return_Val=""
+  if [ -z "$2" ]
+  then
+	local opts=( yes no )
+	local opt_list="yes/no"
+  else
+	local opts=( `echo $2 | tr "/" " "` )
+	local opt_list=$2
+  fi
+  while [ "$correct" != "yes" ]
+  do
+        if [ -n "$3" ]
+        then
+			line_prompt="$1 [default: $3] "
+        else
+			line_prompt="$1 [$opt_list] "
+		fi
+        echo -en "$line_prompt"
+        read answer
+		if [ -n "$3" ]
+		then
+			answer=$3
+		else
+			ret=`echo "${opts[@]}" | grep -w "$answer"`
+		fi
+		if [ $? -eq 0 ]
+		then
+			correct="yes"
+			Return_Val=$answer
+		fi
+  done
+}
+function start_spinner()
+{
+  parent_pid=$$
+  (SP_STRING="/-\\|"; while [ -d /proc/$1 ] && [ -d /proc/$parent_pid ]; do printf "\e[1;37m\e7[ %1.1s ]  \e8\e[0m" "$SP_STRING"; sleep .2; SP_STRING=${SP_STRING#"${SP_STRING%?}"}${SP_STRING%?}; done) &
+  disown
+  spinner_pid=$!
+}
+function stop_spinner()
+{
+   if [ $spinner_pid -gt 0 ]
+   then
+    kill -HUP $spinner_pid 2>/dev/null
+   fi
+}
+function exec_command()
+{
+   printf "%-40s" "$2"
+   (eval $1 >/dev/null 2>&1) &
+   pid=$!
+   start_spinner
+   wait $pid
+   status=$?
+   stop_spinner
+   if [ $status -eq 0 ];
+   then
+       echo -e "\e[1;37m[ \e[0m\e[1;32mok\e[0m\e[1;37m ]\e[0m"
+   else
+       echo -e "\e[1;37m[ \e[0m\e[1;31mfailed\e[0m\e[1;37m ]\e[0m"
+	   echo -e "The following command did not complete successfully:"
+	   echo -e "$1"
+	   exit 1
+   fi
+}
--- a/install/apps/bastille-firewall
+++ b/install/apps/bastille-firewall
@@ -41,10 +41,24 @@
 #
 # ** As of 0.99-beta1, this script merely kicks off the real script,
 #    either /sbin/bastille-ipchains or /sbin/bastille-netfilter
+#
 # Default is to use the 'ipchains' script, which will load the
 # ipchains compatibility module if you're using a 2.4 kernel
-REALSCRIPT=/sbin/bastille-ipchains
+#
+### BEGIN INIT INFO
+# Provides:          Bastille-Firewall
+# Required-Start:    $syslog
+# Should-Start:
+# Required-Stop:
+# Should-Stop:
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Bastille Firewall
+# Description:       Bastille Firewall for iptables and ipchains
+### END INIT INFO
+REALSCRIPT=/sbin/bastille-netfilter
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
 # exit function to be called in place of regular Bourne exit
@@ -64,13 +78,6 @@ if [ $? -ne 0 ]; then
  exit 1
 fi
-if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
-	# We are using Linux 2.3 or newer; use the netfilter script if available
-	if [ -x /sbin/bastille-netfilter ]; then
-		REALSCRIPT=/sbin/bastille-netfilter
-	fi
-fi
 if [ ! -x ${REALSCRIPT} ]; then
 	echo "ERROR: \"${REALSCRIPT}\" not available!"
 	clean_exit 1

--- a/install/apps/metronome-init
+++ b/install/apps/metronome-init
+#! /bin/sh
+#
+# metronome        Start/stop metronome server
+#
+### BEGIN INIT INFO
+# Provides:          metronome
+# Required-Start:    $remote_fs $network $named $time
+# Required-Stop:     $remote_fs $network $named $time
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Starts metronome server
+# Description:       Starts metronome server, an XMPP server written in Lua.
+### END INIT INFO
+METRONOME=/usr/bin/metronomectl
+PIDDIR=/var/run/metronome
+NAME=metronome
+test -e $METRONOME || exit 0
+start()
+{
+        mkdir $PIDDIR -p
+        chown metronome:metronome $PIDDIR
+        chmod 750 $PIDDIR
+    $METRONOME start >> /dev/null
+}
+stop()
+{
+    $METRONOME stop >> /dev/null
+}
+reload()
+{
+    $METRONOME reload >> /dev/null
+}
+restart()
+{
+    $METRONOME restart >> /dev/null
+}
+case "$1" in
+    start)
+        echo -n "Starting Metronome..."
+        start &
+    ;;
+    stop)
+        echo -n "Stopping Metronome..."
+        stop &
+    ;;
+    reload)
+        echo -n "Reloading Metronome config..."
+        reload &
+    ;;
+    restart)
+        echo -n "Restarting Metronome..."
+        restart &
+    ;;
+    *)
+        echo "Usage: $0 {start|stop|reload|restart}" >&2
+        exit 1
+    ;;
+esac
+if [ $? -eq 0 ]; then
+    echo .
+else
+    echo " failed!"
+fi
+exit 0
No results found