installer_base.lib.php 72.8 KB
Newer Older
1
2
3
<?php

/*
vogelor's avatar
vogelor committed
4
Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

class installer_base {
32

33
34
35
36
37
38
39
40
	var $wb = array();
	var $language = 'en';
	var $db;
	public $conf;
	public $install_ispconfig_interface = true;
	public $is_update = false; // true if it is an update, falsi if it is a new install


41
42
43
44
45
46
47
	public function __construct() {
		global $conf; //TODO: maybe $conf  should be passed to constructor
		//$this->conf = $conf;
	}

	//: TODO  Implement the translation function and language files for the installer.
	public function lng($text) {
48
49
		return $text;
	}
50
51

	public function error($msg) {
52
53
		die("ERROR: ".$msg."\n");
	}
54
55

	public function simple_query($query, $answers, $default) {
56
57
58
59
60
		$finished = false;
		do {
			$answers_str = implode(',', $answers);
			swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
			$input = sread();
61

62
63
64
65
66
			//* Stop the installation
			if($input == 'quit') {
				swriteln($this->lng("Installation terminated by user.\n"));
				die();
			}
67

68
69
70
71
72
			//* Select the default
			if($input == '') {
				$answer = $default;
				$finished = true;
			}
73
74

			//* Set answer id valid
75
76
77
78
			if(in_array($input, $answers)) {
				$answer = $input;
				$finished = true;
			}
79

80
81
82
83
		} while ($finished == false);
		swriteln();
		return $answer;
	}
84
85

	public function free_query($query,$default) {
86
87
		swrite($this->lng($query).' ['.$default.']: ');
		$input = sread();
88

89
90
		//* Stop the installation
		if($input == 'quit') {
91
92
			swriteln($this->lng("Installation terminated by user.\n"));
			die();
93
		}
94
95

		$answer =  ($input == '') ? $default : $input;
96
97
98
		swriteln();
		return $answer;
	}
99

100
101
102
103
104
105
106
107
108
	/*
	// TODO: this function is not used atmo I think - pedro
	function request_language(){
		
		swriteln(lng('Enter your language'));
		swriteln(lng('de, en'));
		
	}
	*/
109

110
111
112
	//** Detect installed applications
	public function find_installed_apps() {
		global $conf;
113

114
115
116
117
118
		if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
		if(is_installed('postfix')) $conf['postfix']['installed'] = true;
		if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
		if(is_installed('getmail')) $conf['getmail']['installed'] = true;
		if(is_installed('couriertcpd')) $conf['courier']['installed'] = true;
119
		if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
120
121
122
123
124
125
		if(is_installed('saslsauthd')) $conf['saslauthd']['installed'] = true;
		if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
		if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
		if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
		if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
		if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
126
		if(is_installed('pdns_server') || is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
127
		if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
128

129
	}
130
131

	/** Create the database for ISPConfig */
132
133
	public function configure_database() {
		global $conf;
134

135
136
137
138
		//** Create the database
		if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
			$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
		}
139

140
141
		//* Set the database name in the DB library
		$this->db->dbName = $conf['mysql']['database'];
142

143
144
145
146
147
148
		//* Load the database dump into the database, if database contains no tables
		$db_tables = $this->db->getTables();
		if(count($db_tables) > 0) {
			$this->error('Stopped: Database already contains some tables.');
		} else {
			if($conf['mysql']['admin_password'] == '') {
149
150
				caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
						__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
151
			} else {
vogelor's avatar
vogelor committed
152
				caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
153
						__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
154
155
156
157
158
			}
			$db_tables = $this->db->getTables();
			if(count($db_tables) == 0) {
				$this->error('Unable to load SQL-Dump into database table.');
			}
159

160
161
162
			//* Load system.ini into the sys_ini table
			$system_ini = $this->db->quote(rf('tpl/system.ini.master'));
			$this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1");
163

164
165
		}
	}
166

167
168
	//** Create the server record in the database
	public function add_database_server_record() {
169

170
		global $conf;
171

172
173
174
175
176
		if($conf['mysql']['host'] == 'localhost') {
			$from_host = 'localhost';
		} else {
			$from_host = $conf['hostname'];
		}
177

178
179
180
181
		// Delete ISPConfig user in the local database, in case that it exists
		$this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';");
		$this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';");
		$this->db->query('FLUSH PRIVILEGES;');
182

183
		//* Create the ISPConfig database user in the local database
184
185
186
		$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* "
				."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' "
				."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';";
187
188
189
		if(!$this->db->query($query)) {
			$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
		}
190

191
192
		//* Reload database privelages
		$this->db->query('FLUSH PRIVILEGES;');
193

194
195
		//* Set the database name in the DB library
		$this->db->dbName = $conf['mysql']['database'];
196

197
		$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
198

199
200
201
202
203
204
205
206
207
208
209
		// TODO: Update further distribution specific parameters for server config here
		$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
		$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
		$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
		$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
		$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
		$tpl_ini_array['server']['hostname'] = $conf['hostname'];
		$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
		$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
		$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
		$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
210
		$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
tbrehm's avatar
tbrehm committed
211
		$tpl_ini_array['web']['security_level'] = 20;
212
213
		$tpl_ini_array['web']['user'] = $conf['apache']['user'];
		$tpl_ini_array['web']['group'] = $conf['apache']['group'];
214
215
		$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
		$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
tbrehm's avatar
tbrehm committed
216
217
218
219
220
		$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
		$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
		$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
		$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
		$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
221

222
223
		$server_ini_content = array_to_ini($tpl_ini_array);
		$server_ini_content = mysql_real_escape_string($server_ini_content);
224

225
226
227
228
229
230
		$mail_server_enabled = ($conf['services']['mail'])?1:0;
		$web_server_enabled = ($conf['services']['web'])?1:0;
		$dns_server_enabled = ($conf['services']['dns'])?1:0;
		$file_server_enabled = ($conf['services']['file'])?1:0;
		$db_server_enabled = ($conf['services']['db'])?1:0;
		$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
231
232
233



234
		if($conf['mysql']['master_slave_setup'] == 'y') {
235

236
237
238
239
240
			//* Insert the server record in master DB
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);";
			$this->dbmaster->query($sql);
			$conf['server_id'] = $this->dbmaster->insertID();
			$conf['server_id'] = $conf['server_id'];
241

242
243
244
			//* Insert the same record in the local DB
			$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);";
			$this->db->query($sql);
245

246
247
			//* username for the ispconfig user
			$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
248
249
250

			$this->grant_master_database_rights();

251
252
253
254
255
256
257
		} else {
			//* Insert the server, if its not a mster / slave setup
			$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1);";
			$this->db->query($sql);
			$conf['server_id'] = $this->db->insertID();
			$conf['server_id'] = $conf['server_id'];
		}
258
259


260
	}
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309

	public function grant_master_database_rights() {
		global $conf;

		if($conf['mysql']['master_slave_setup'] != 'y') return;

		//* insert the ispconfig user in the remote server
		$from_host = $conf['hostname'];
		$from_ip = gethostbyname($conf['hostname']);

		//* Delete ISPConfig user in the master database, in case that it exists
		$this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_host."';");
		$this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_host."';");
		$this->dbmaster->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['master_ispconfig_user']."' AND Host = '".$from_ip."';");
		$this->dbmaster->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['master_database']."' AND Host = '".$from_ip."';");
		$this->dbmaster->query('FLUSH PRIVILEGES;');

		$hosts = array($from_host, $from_ip);

		foreach($hosts as $src_host) {
			//* Create the ISPConfig database user in the remote database
			$query = "GRANT SELECT ON ".$conf['mysql']['master_database'].".`server` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT ON ".$conf['mysql']['master_database'].".`sys_log` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`sys_datalog` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE(`status`) ON ".$conf['mysql']['master_database'].".`software_update_inst` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

310
			$query = "GRANT SELECT, UPDATE(`updated`) ON ".$conf['mysql']['master_database'].".`server` "
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`) ON ".$conf['mysql']['master_database'].".`web_domain` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT ON ".$conf['mysql']['master_database'].".`sys_group` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, UPDATE (`action_status`, `response`) ON ".$conf['mysql']['master_database'].".`sys_remoteaction` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT , DELETE ON ".$conf['mysql']['master_database'].".`monitor_data` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, UPDATE ON ".$conf['mysql']['master_database'].".`mail_traffic` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

			$query = "GRANT SELECT, INSERT, UPDATE ON ".$conf['mysql']['master_database'].".`web_traffic` "
					."TO '".$conf['mysql']['master_ispconfig_user']."'@'".$src_host."' "
					."IDENTIFIED BY '".$conf['mysql']['master_ispconfig_password']."';";
			if(!$this->dbmaster->query($query)) {
				$this->error('Unable to create database user in master database: '.$conf['mysql']['master_ispconfig_user'].' Error: '.$this->dbmaster->errorMessage);
			}

		}

	}

	//** writes postfix configuration files
	public function process_postfix_config($configfile) {
365
		global $conf;
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384

		$config_dir = $conf['postfix']['config_dir'].'/';
		$full_file_name = $config_dir.$configfile;
		//* Backup exiting file
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.$configfile.'~');
		}
		$content = rf('tpl/'.$configfile.'.master');
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
		$content = str_replace('{server_id}', $conf['server_id'], $content);
		wf($full_file_name, $content);
	}

	public function configure_jailkit() {
		global $conf;

385
386
387
388
		$cf = $conf['jailkit'];
		$config_dir = $cf['config_dir'];
		$jk_init = $cf['jk_init'];
		$jk_chrootsh = $cf['jk_chrootsh'];
389
390

		if (is_dir($config_dir)) {
391
392
			if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
			if(is_file($config_dir.'/'.$jk_chrootsh.".master")) copy($config_dir.'/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh.'~');
393

394
395
396
			copy('tpl/'.$jk_init.".master", $config_dir.'/'.$jk_init);
			copy('tpl/'.$jk_chrootsh.".master", $config_dir.'/'.$jk_chrootsh);
		}
397
398
399
400
401

	}

	public function configure_postfix($options = '') {
		global $conf;
402
403
		$cf = $conf['postfix'];
		$config_dir = $cf['config_dir'];
404
405
406
407
408

		if(!is_dir($config_dir)) {
			$this->error("The postfix configuration directory '$config_dir' does not exist.");
		}

409
		//* mysql-virtual_domains.cf
410
		$this->process_postfix_config('mysql-virtual_domains.cf');
411
412

		//* mysql-virtual_forwardings.cf
413
		$this->process_postfix_config('mysql-virtual_forwardings.cf');
414
415

		//* mysql-virtual_mailboxes.cf
416
		$this->process_postfix_config('mysql-virtual_mailboxes.cf');
417
418

		//* mysql-virtual_email2email.cf
419
		$this->process_postfix_config('mysql-virtual_email2email.cf');
420
421

		//* mysql-virtual_transports.cf
422
		$this->process_postfix_config('mysql-virtual_transports.cf');
423
424

		//* mysql-virtual_recipient.cf
425
		$this->process_postfix_config('mysql-virtual_recipient.cf');
426
427

		//* mysql-virtual_sender.cf
428
		$this->process_postfix_config('mysql-virtual_sender.cf');
429
430

		//* mysql-virtual_client.cf
431
432
		$this->process_postfix_config('mysql-virtual_client.cf');

433
		//* mysql-virtual_relaydomains.cf
434
435
		$this->process_postfix_config('mysql-virtual_relaydomains.cf');

436
		//* mysql-virtual_relayrecipientmaps.cf
437
		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
438
439
440

		//* Changing mode and group of the new created config files.
		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
441
442
443
444
				__FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
		caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
				__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');

445
446
447
448
449
		//* Creating virtual mail user and group
		$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
		if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

		$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
450
		if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
451
452

		$postconf_commands = array (
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
				'myhostname = '.$conf['hostname'],
				'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
				'mynetworks = 127.0.0.0/8 [::1]/128',
				'virtual_alias_domains =',
				'virtual_alias_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_forwardings.cf, mysql:'.$config_dir.'/mysql-virtual_email2email.cf',
				'virtual_mailbox_domains = proxy:mysql:'.$config_dir.'/mysql-virtual_domains.cf',
				'virtual_mailbox_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailboxes.cf',
				'virtual_mailbox_base = '.$cf['vmail_mailbox_base'],
				'virtual_uid_maps = static:'.$cf['vmail_userid'],
				'virtual_gid_maps = static:'.$cf['vmail_groupid'],
				'smtpd_sasl_auth_enable = yes',
				'broken_sasl_auth_clients = yes',
				'smtpd_sasl_authenticated_header = yes',
				'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
				'smtpd_use_tls = yes',
				'smtpd_tls_security_level = may',
				'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
				'smtpd_tls_key_file = '.$config_dir.'/smtpd.key',
				'transport_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_transports.cf',
				'relay_domains = mysql:'.$config_dir.'/mysql-virtual_relaydomains.cf',
				'relay_recipient_maps = mysql:'.$config_dir.'/mysql-virtual_relayrecipientmaps.cf',
				'virtual_create_maildirsize = yes',
				'virtual_maildir_extended = yes',
				'virtual_mailbox_limit_maps = proxy:mysql:'.$config_dir.'/mysql-virtual_mailbox_limit_maps.cf',
				'virtual_mailbox_limit_override = yes',
				'virtual_maildir_limit_message = "The user you are trying to reach is over quota."',
				'virtual_overquota_bounce = yes',
				'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps',
				'smtpd_sender_restrictions = check_sender_access mysql:'.$config_dir.'/mysql-virtual_sender.cf',
				'smtpd_client_restrictions = check_client_access mysql:'.$config_dir.'/mysql-virtual_client.cf',
				'maildrop_destination_concurrency_limit = 1',
				'maildrop_destination_recipient_limit   = 1',
				'virtual_transport = maildrop',
				'header_checks = regexp:'.$config_dir.'/header_checks',
				'mime_header_checks = regexp:'.$config_dir.'/mime_header_checks',
				'nested_header_checks = regexp:'.$config_dir.'/nested_header_checks',
				'body_checks = regexp:'.$config_dir.'/body_checks'
490
		);
491

492
493
494
495
496
		//* Create the header and body check files
		touch($config_dir.'/header_checks');
		touch($config_dir.'/mime_header_checks');
		touch($config_dir.'/nested_header_checks');
		touch($config_dir.'/body_checks');
497
498


499
500
		//* Make a backup copy of the main.cf file
		copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
501

502
503
504
505
506
		//* Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}
507

508
509
510
		if(!stristr($options,'dont-create-certs')) {
			//* Create the SSL certificate
			$command = 'cd '.$config_dir.'; '
511
					.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509';
512
			exec($command);
513

514
515
516
			$command = 'chmod o= '.$config_dir.'/smtpd.key';
			caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}
517

518
519
520
		//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
		$command = 'chmod 755  /var/run/courier/authdaemon/';
		caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
521

522
		//* Changing maildrop lines in posfix master.cf
523
524
525
526
527
528
		if(is_file($config_dir.'/master.cf')) {
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
		}
		if(is_file($config_dir.'/master.cf~')) {
			exec('chmod 400 '.$config_dir.'/master.cf~');
		}
529
530
		$configfile = $config_dir.'/master.cf';
		$content = rf($configfile);
531
532
533
		$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
				'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
				$content);
534
		wf($configfile, $content);
535

536
537
		//* Writing the Maildrop mailfilter file
		$configfile = 'mailfilter';
538
539
540
		if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)) {
			copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
		}
541
542
543
		$content = rf("tpl/$configfile.master");
		$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
		wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
544

545
546
547
548
549
		//* Create the directory for the custom mailfilters
		if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) {
			$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
550

551
552
553
		//* Chmod and chown the .mailfilter file
		$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
554

555
556
		$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
557

558
	}
559

560
561
	public function configure_saslauthd() {
		global $conf;
562
563


564
565
566
567
568
569
570
571
572
		$configfile = 'sasl_smtpd.conf';
		if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf')) copy($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~');
		if(is_file($conf["postfix"]["config_dir"].'/sasl/smtpd.conf~')) exec('chmod 400 '.$conf["postfix"]["config_dir"].'/sasl/smtpd.conf~');
		$content = rf("tpl/".$configfile.".master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
		wf($conf["postfix"]["config_dir"].'/sasl/smtpd.conf',$content);
573

574
		// TODO: Chmod and chown on the config file
575
576
577



578
579
		// Create the spool directory
		exec('mkdir -p /var/spool/postfix/var/run/saslauthd');
580

581
582
583
584
585
586
587
588
589
590
591
		// Edit the file /etc/default/saslauthd
		$configfile = $conf["saslauthd"]["config"];
		if(is_file($configfile)) copy($configfile,$configfile.'~');
		if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~');
		$content = rf($configfile);
		$content = str_replace('START=no','START=yes',$content);
		// Debian
		$content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content);
		// Ubuntu
		$content = str_replace('OPTIONS="-c -m /var/run/saslauthd"','OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"',$content);
		wf($configfile,$content);
592

593
594
595
596
597
		// Edit the file /etc/init.d/saslauthd
		$configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"];
		$content = rf($configfile);
		$content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid','PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"',$content);
		wf($configfile,$content);
598

599
600
		// add the postfix user to the sasl group (at least nescessary for ubuntu 8.04 and most likely debian lenny too.
		exec('adduser postfix sasl');
601
602


603
	}
604
605

	public function configure_pam() {
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
		global $conf;
		$pam = $conf['pam'];
		//* configure pam for SMTP authentication agains the ispconfig database
		$configfile = 'pamd_smtp';
		if(is_file("$pam/smtp"))    copy("$pam/smtp", "$pam/smtp~");
		if(is_file("$pam/smtp~"))   exec("chmod 400 $pam/smtp~");

		$content = rf("tpl/$configfile.master");
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
		wf("$pam/smtp", $content);
		exec("chmod 660 $pam/smtp");
		exec("chown daemon:daemon $pam/smtp");
621

622
	}
623
624

	public function configure_courier() {
625
626
627
628
		global $conf;
		$config_dir = $conf['courier']['config_dir'];
		//* authmysqlrc
		$configfile = 'authmysqlrc';
629
630
631
		if(is_file("$config_dir/$configfile")) {
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
632
633
634
635
636
637
638
		exec("chmod 400 $config_dir/$configfile~");
		$content = rf("tpl/$configfile.master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
		wf("$config_dir/$configfile", $content);
639

640
641
		exec("chmod 660 $config_dir/$configfile");
		exec("chown daemon:daemon $config_dir/$configfile");
642

643
644
		//* authdaemonrc
		$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
645
646
647
648
649
650
		if(is_file($configfile)) {
			copy($configfile, $configfile.'~');
		}
		if(is_file($configfile.'~')) {
			exec('chmod 400 '.$configfile.'~');
		}
651
652
653
654
		$content = rf($configfile);
		$content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content);
		wf($configfile, $content);
	}
655
656

	public function configure_dovecot() {
657
		global $conf;
658

659
		$config_dir = $conf['dovecot']['config_dir'];
660

661
		//* Configure master.cf and add a line for deliver
662
663
664
665
666
667
		if(is_file($config_dir.'/master.cf')) {
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
		}
		if(is_file($config_dir.'/master.cf~')) {
			exec('chmod 400 '.$config_dir.'/master.cf~2');
		}
668
669
670
		$content = rf($conf["postfix"]["config_dir"].'/master.cf');
		// Only add the content if we had not addded it before
		if(!stristr($content,"dovecot/deliver")) {
671
			$deliver_content = 'dovecot   unix  -       n       n       -       -       pipe'."\n".'  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
672
673
674
675
			af($conf["postfix"]["config_dir"].'/master.cf',$deliver_content);
		}
		unset($content);
		unset($deliver_content);
676
677


678
679
680
		//* Reconfigure postfix to use dovecot authentication
		// Adding the amavisd commands to the postfix configuration
		$postconf_commands = array (
681
682
683
684
				'dovecot_destination_recipient_limit = 1',
				'virtual_transport = dovecot',
				'smtpd_sasl_type = dovecot',
				'smtpd_sasl_path = private/auth'
685
		);
686

687
688
		// Make a backup copy of the main.cf file
		copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~3');
689

690
691
692
693
694
		// Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
695

696
697
		//* copy dovecot.conf
		$configfile = 'dovecot.conf';
698
699
700
		if(is_file("$config_dir/$configfile")) {
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
701
		copy('tpl/debian_dovecot.conf.master',"$config_dir/$configfile");
702

703
704
		//* dovecot-sql.conf
		$configfile = 'dovecot-sql.conf';
705
706
707
		if(is_file("$config_dir/$configfile")) {
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
708
709
710
711
712
713
714
		exec("chmod 400 $config_dir/$configfile~");
		$content = rf("tpl/debian_dovecot-sql.conf.master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
		wf("$config_dir/$configfile", $content);
715

716
717
718
719
		exec("chmod 600 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");

	}
720

721
722
	public function configure_amavis() {
		global $conf;
723

724
725
		// amavisd user config file
		$configfile = 'amavisd_user_config';
tbrehm's avatar
tbrehm committed
726
		if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user')) copy($conf["amavis"]["config_dir"].'/conf.d/50-user',$conf["amavis"]["config_dir"].'/50-user~');
727
728
729
730
731
732
733
734
		if(is_file($conf["amavis"]["config_dir"].'/conf.d/50-user~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/conf.d/50-user~');
		$content = rf("tpl/".$configfile.".master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_port}',$conf["mysql"]["port"],$content);
		$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
		wf($conf["amavis"]["config_dir"].'/conf.d/50-user',$content);
735

736
		// TODO: chmod and chown on the config file
737
738


739
740
		// Adding the amavisd commands to the postfix configuration
		$postconf_commands = array (
741
742
				'content_filter = amavis:[127.0.0.1]:10024',
				'receive_override_options = no_address_mappings'
743
		);
744

745
746
		// Make a backup copy of the main.cf file
		copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~2');
747

748
749
750
751
752
		// Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
753

754
755
756
757
758
759
760
761
762
763
		// Append the configuration for amavisd to the master.cf file
		if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf',$conf["postfix"]["config_dir"].'/master.cf~');
		$content = rf($conf["postfix"]["config_dir"].'/master.cf');
		// Only add the content if we had not addded it before
		if(!stristr($content,"127.0.0.1:10025")) {
			unset($content);
			$content = rf("tpl/master_cf_amavis.master");
			af($conf["postfix"]["config_dir"].'/master.cf',$content);
		}
		unset($content);
764

765
766
		// Add the clamav user to the amavis group
		exec('adduser clamav amavis');
767
768


769
	}
770
771

	public function configure_spamassassin() {
772
		global $conf;
773

774
775
		//* Enable spamasasssin on debian and ubuntu
		$configfile = '/etc/default/spamassassin';
776
777
778
		if(is_file($configfile)) {
			copy($configfile, $configfile.'~');
		}
779
780
781
782
		$content = rf($configfile);
		$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
		wf($configfile, $content);
	}
783
784

	public function configure_getmail() {
785
		global $conf;
786

787
		$config_dir = $conf['getmail']['config_dir'];
788

789
790
791
792
		if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));

		$command = "useradd -d $config_dir getmail";
		if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
793

794
795
		$command = "chown -R getmail $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
796

797
798
799
		$command = "chmod -R 700 $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	}
800
801
802


	public function configure_pureftpd() {
803
		global $conf;
804

805
806
		$config_dir = $conf['pureftpd']['config_dir'];

807
		//* configure pure-ftpd for MySQL authentication against the ispconfig database
808
		$configfile = 'db/mysql.conf';
809
810
811
812
813
814
		if(is_file("$config_dir/$configfile")) {
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
		if(is_file("$config_dir/$configfile~")) {
			exec("chmod 400 $config_dir/$configfile~");
		}
815
816
817
818
819
820
821
822
823
824
825
826
827
		$content = rf('tpl/pureftpd_mysql.conf.master');
		$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
		$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
		$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
		$content = str_replace('{server_id}', $conf["server_id"], $content);
		wf("$config_dir/$configfile", $content);
		exec("chmod 600 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");
		// **enable chrooting
		//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
		exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
		exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
828

829
830
831
832
		if(is_file('/etc/default/pure-ftpd-common')) {
			replaceLine('/etc/default/pure-ftpd-common','STANDALONE_OR_INETD=inetd','STANDALONE_OR_INETD=standalone',1,0);
			replaceLine('/etc/default/pure-ftpd-common','VIRTUALCHROOT=false','VIRTUALCHROOT=true',1,0);
		}
833

834
		if(is_file('/etc/inetd.conf')) {
tbrehm's avatar
tbrehm committed
835
			replaceLine('/etc/inetd.conf','/usr/sbin/pure-ftpd-wrapper','#ftp     stream  tcp     nowait  root    /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper',0,0);
836
837
			if(is_file('/etc/init.d/openbsd-inetd')) exec('/etc/init.d/openbsd-inetd restart');
		}
838

839
		if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec("echo 'yes' > /etc/pure-ftpd/conf/DontResolve");
840
	}
841
842

	public function configure_mydns() {
843
		global $conf;
844

845
846
847
848
849
850
851
852
853
854
855
856
857
		// configure pam for SMTP authentication agains the ispconfig database
		$configfile = 'mydns.conf';
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile,$conf["mydns"]["config_dir"].'/'.$configfile.'~');
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
		$content = rf("tpl/".$configfile.".master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
		$content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content);
		$content = str_replace('{server_id}',$conf["server_id"],$content);
		wf($conf["mydns"]["config_dir"].'/'.$configfile,$content);
		exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
		exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
858

859
	}
860

861
862
	public function configure_powerdns() {
		global $conf;
863

864
865
866
867
		//* Create the database
		if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
			$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
		}
868

869
		//* Create the ISPConfig database user in the local database
870
		$query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
871
872
873
		if(!$this->db->query($query)) {
			$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
		}
874

875
876
		//* Reload database privelages
		$this->db->query('FLUSH PRIVILEGES;');
877

878
879
		//* load the powerdns databse dump
		if($conf['mysql']['admin_password'] == '') {
880
881
			caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
					__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
882
		} else {
883
884
			caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
					__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
885
		}
886

887
888
889
890
891
892
893
894
895
896
897
898
		//* Create the powerdns config file
		$configfile = 'pdns.local';
		if(is_file($conf["powerdns"]["config_dir"].'/'.$configfile)) copy($conf["powerdns"]["config_dir"].'/'.$configfile,$conf["powerdns"]["config_dir"].'/'.$configfile.'~');
		if(is_file($conf["powerdns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["powerdns"]["config_dir"].'/'.$configfile.'~');
		$content = rf("tpl/".$configfile.".master");
		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{powerdns_database}',$conf['powerdns']['database'],$content);
		$content = str_replace('{mysql_server_host}',$conf["mysql"]["host"],$content);
		wf($conf["powerdns"]["config_dir"].'/'.$configfile,$content);
		exec('chmod 600 '.$conf["powerdns"]["config_dir"].'/'.$configfile);
		exec('chown root:root '.$conf["powerdns"]["config_dir"].'/'.$configfile);
899
900


901
	}
902

903
904
	public function configure_bind() {
		global $conf;
905

906
		//* Nothing to do
907

908
	}
909
910
911
912



	public function configure_apache() {
913
		global $conf;
914

915
916
		//* Create the logging directory for the vhost logfiles
		exec('mkdir -p /var/log/ispconfig/httpd');
917

918
919
920
		if(is_file('/etc/suphp/suphp.conf')) {
			replaceLine('/etc/suphp/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
			//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
921
			replaceLine('/etc/suphp/suphp.conf','umask=0077','umask=0022',0);
922
		}
923

924
925
926
927
		if(is_file('/etc/apache2/sites-enabled/000-default')) {
			replaceLine('/etc/apache2/sites-available/000-default','NameVirtualHost *','NameVirtualHost *:80',1,0);
			replaceLine('/etc/apache2/sites-available/000-default','<VirtualHost *>','<VirtualHost *:80>',1,0);
		}
928

929
930
931
932
		if(is_file('/etc/apache2/ports.conf')) {
			// add a line "Listen 443" to ports conf if line does not exist
			replaceLine('/etc/apache2/ports.conf','Listen 443','Listen 443',1);
		}
933
934


935
		//* Copy the ISPConfig configuration include
936
937
938
		$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
		$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

939
		// copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');
940

941
942
		$content = rf("tpl/apache_ispconfig.conf.master");
		$records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
tbrehm's avatar
tbrehm committed
943
		if(is_array($records) && count($records) > 0) {
944
945
946
947
948
949
950
			foreach($records as $rec) {
				$content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
				$content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
			}
		}
		$content .= "\n";
		wf($vhost_conf_dir.'/ispconfig.conf',$content);
951

952
953
954
		if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
			exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
		}
955

956
957
958
959
960
		//* make sure that webalizer finds its config file when it is directly in /etc
		if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
			exec('mkdir /etc/webalizer');
			exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
		}
961

tbrehm's avatar
tbrehm committed
962
963
		if(is_file('/etc/webalizer/webalizer.conf')) {
			// Change webalizer mode to incremental
964
			replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
965
			replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental     yes',0,0);
966
			replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName     webalizer.hist',0,0);
tbrehm's avatar
tbrehm committed
967
		}
968

tbrehm's avatar
tbrehm committed
969
970
971
		//* add a sshusers group
		$command = 'groupadd sshusers';
		if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
972

973
	}
974
975

	public function configure_firewall() {
976
		global $conf;
977

978
		$dist_init_scripts = $conf['init_scripts'];
979

980
981
		if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
		if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
982
983
984
985
986
987
988
989
990
991
		@mkdir("/etc/Bastille", 0700);
		if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
		caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
		caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
		$content = rf("/etc/Bastille/bastille-firewall.cfg");
		$content = str_replace("{DNS_SERVERS}", "", $content);

		$tcp_public_services = '';
		$udp_public_services = '';

992
		$row = $this->db->queryOneRecord("SELECT * FROM firewall WHERE server_id = ".intval($conf['server_id']));
993
994
995
996
997
998
999
1000

		if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != '') {
			$tcp_public_services = trim(str_replace(',',' ',$row["tcp_port"]));
			$udp_public_services = trim(str_replace(',',' ',$row["udp_port"]));
		} else {
			$tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000';
			$udp_public_services = '53';
		}
For faster browsing, not all history is shown. View entire blame