fedora.lib.php 57.2 KB
Newer Older
tbrehm's avatar
tbrehm committed
1
2
3
<?php

/*
redray's avatar
redray committed
4
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
tbrehm's avatar
tbrehm committed
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

tbrehm's avatar
tbrehm committed
31
class installer_dist extends installer_base {
32
33
34
35
36
37
38
39
40
41
42
43

	public function configure_mailman($status = 'insert') {
		global $conf;

		$config_dir = $conf['mailman']['config_dir'].'/';
		$full_file_name = $config_dir.'mm_cfg.py';
		//* Backup exiting file
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.'mm_cfg.py~');
		}

		// load files
44
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
		$old_file = rf($full_file_name);

		$old_options = array();
		$lines = explode("\n", $old_file);
		foreach ($lines as $line)
		{
			if (trim($line) != '' && substr($line, 0, 1) != '#')
			{
				@list($key, $value) = @explode("=", $line);
				if (!empty($value))
				{
					$key = rtrim($key);
					$old_options[$key] = trim($value);
				}
			}
		}
61

62
63
64
65
66
67
68
69
70
71
		if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
		exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');

		$virtual_domains = '';
		if($status == 'update')
		{
			// create virtual_domains list
			$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");

			if(is_array($domainAll)) {
72
73
74
75
76
77
78
				foreach($domainAll as $domain)
				{
					if ($domainAll[0]['domain'] == $domain['domain'])
						$virtual_domains .= "'".$domain['domain']."'";
					else
						$virtual_domains .= ", '".$domain['domain']."'";
				}
79
80
81
82
83
84
85
86
87
88
89
			}
		}
		else
			$virtual_domains = "' '";

		$content = str_replace('{hostname}', $conf['hostname'], $content);
		if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
		$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
		$content = str_replace('{virtual_domains}', $virtual_domains, $content);

		wf($full_file_name, $content);
90

91
92
93
		//* Write virtual_to_transport.sh script
		$config_dir = $conf['mailman']['config_dir'].'/';
		$full_file_name = $config_dir.'virtual_to_transport.sh';
94

95
96
97
98
		//* Backup exiting virtual_to_transport.sh script
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
		}
99

100
		if(is_dir('/etc/mailman')) {
101
102
103
104
105
106
107
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
			} else {
				copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
			}
			chgrp($full_file_name, 'mailman');
			chmod($full_file_name, 0750);
108
		}
109

110
111
		//* Create aliasaes
		exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
112

113
	}
114

tbrehm's avatar
tbrehm committed
115
	function configure_postfix($options = '')
116
117
	{
		global $conf;
tbrehm's avatar
tbrehm committed
118
119
		$cf = $conf['postfix'];
		$config_dir = $cf['config_dir'];
120

tbrehm's avatar
tbrehm committed
121
		if(!is_dir($config_dir)){
122
123
124
			$this->error("The postfix configuration directory '$config_dir' does not exist.");
		}

tbrehm's avatar
tbrehm committed
125
		//* mysql-virtual_domains.cf
126
		$this->process_postfix_config('mysql-virtual_domains.cf');
tbrehm's avatar
tbrehm committed
127
128

		//* mysql-virtual_forwardings.cf
129
		$this->process_postfix_config('mysql-virtual_forwardings.cf');
tbrehm's avatar
tbrehm committed
130
131

		//* mysql-virtual_mailboxes.cf
132
		$this->process_postfix_config('mysql-virtual_mailboxes.cf');
tbrehm's avatar
tbrehm committed
133
134

		//* mysql-virtual_email2email.cf
135
		$this->process_postfix_config('mysql-virtual_email2email.cf');
tbrehm's avatar
tbrehm committed
136
137

		//* mysql-virtual_transports.cf
138
		$this->process_postfix_config('mysql-virtual_transports.cf');
tbrehm's avatar
tbrehm committed
139
140

		//* mysql-virtual_recipient.cf
141
		$this->process_postfix_config('mysql-virtual_recipient.cf');
tbrehm's avatar
tbrehm committed
142
143

		//* mysql-virtual_sender.cf
144
		$this->process_postfix_config('mysql-virtual_sender.cf');
tbrehm's avatar
tbrehm committed
145
146

		//* mysql-virtual_client.cf
147
148
		$this->process_postfix_config('mysql-virtual_client.cf');

tbrehm's avatar
tbrehm committed
149
		//* mysql-virtual_relaydomains.cf
150
151
		$this->process_postfix_config('mysql-virtual_relaydomains.cf');

152
		//* mysql-virtual_relayrecipientmaps.cf
153
		$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
tbrehm's avatar
tbrehm committed
154

155
156
157
158
159
160
		//* postfix-dkim
		$full_file_name=$config_dir.'/tag_as_originating.re';
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.$configfile.'~');
		}
		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10026');
161

162
163
164
165
166
		$full_file_name=$config_dir.'/tag_as_foreign.re';
		if(is_file($full_file_name)) {
			copy($full_file_name, $config_dir.$configfile.'~');
		}
		wf($full_file_name, '/^/ FILTER amavis:[127.0.0.1]:10024');
167

tbrehm's avatar
tbrehm committed
168
169
		//* Changing mode and group of the new created config files.
		caselog('chmod o= '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
170
171
172
173
			__FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
		caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_*.cf* &> /dev/null',
			__FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');

tbrehm's avatar
tbrehm committed
174
175
		//* Creating virtual mail user and group
		$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
176
		if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
tbrehm's avatar
tbrehm committed
177
178

		$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
179
180
181
182
183
184
185
186
187
188
		if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

		//* These postconf commands will be executed on installation and update
		$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
		$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
		unset($server_ini_rec);

		//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
		$rbl_list = '';
		if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
189
			$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
190
191
192
193
194
195
			foreach ($rbl_hosts as $key => $value) {
				$rbl_list .= ", reject_rbl_client ". $value;
			}
		}
		unset($rbl_hosts);
		unset($server_ini_array);
tbrehm's avatar
tbrehm committed
196

197
		//* These postconf commands will be executed on installation and update
198
199
200
201
202
203
204
205
206
207
		$postconf_placeholders = array('{config_dir}' => $config_dir,
			'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
			'{vmail_userid}' => $cf['vmail_userid'],
			'{vmail_groupid}' => $cf['vmail_groupid'],
			'{rbl_list}' => $rbl_list);

		$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
		$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
		$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines

208
209
		//* These postconf commands will be executed on installation only
		if($this->is_update == false) {
210
211
212
213
214
			$postconf_commands = array_merge($postconf_commands, array(
					'myhostname = '.$conf['hostname'],
					'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
					'mynetworks = 127.0.0.0/8 [::1]/128'
				));
215
		}
216

tbrehm's avatar
tbrehm committed
217
218
219
220
221
		//* Create the header and body check files
		touch($config_dir.'/header_checks');
		touch($config_dir.'/mime_header_checks');
		touch($config_dir.'/nested_header_checks');
		touch($config_dir.'/body_checks');
222

223
224
225
226
		//* Create the mailman files
		if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
		//if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
		if(is_file('/var/lib/mailman/data/aliases')) unlink('/var/lib/mailman/data/aliases');
227
		if(!is_link('/var/lib/mailman/data/aliases')) symlink('/etc/mailman/aliases', '/var/lib/mailman/data/aliases');
228
		exec('postalias /var/lib/mailman/data/aliases');
229
230
		if(!is_file('/etc/mailman/virtual-mailman')) touch('/etc/mailman/virtual-mailman');
		exec('postmap /etc/mailman/virtual-mailman');
231
232
		if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
		exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
233

tbrehm's avatar
tbrehm committed
234
235
		//* Make a backup copy of the main.cf file
		copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
236

tbrehm's avatar
tbrehm committed
237
238
239
240
241
		//* Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}
242
243

		if(!stristr($options, 'dont-create-certs')) {
tbrehm's avatar
tbrehm committed
244
			//* Create the SSL certificate
redray's avatar
redray committed
245
			$command = 'cd '.$config_dir.'; '
246
				.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509';
tbrehm's avatar
tbrehm committed
247
			exec($command);
248

redray's avatar
redray committed
249
			$command = 'chmod o= '.$config_dir.'/smtpd.key';
tbrehm's avatar
tbrehm committed
250
251
			caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
		}
252

tbrehm's avatar
tbrehm committed
253
254
255
		//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
		$command = 'chmod 755 /var/spool/authdaemon';
		caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
256

tbrehm's avatar
tbrehm committed
257
258
		//* Changing maildrop lines in posfix master.cf
		if(is_file($config_dir.'/master.cf')){
259
260
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
		}
tbrehm's avatar
tbrehm committed
261
		if(is_file($config_dir.'/master.cf~')){
262
263
			exec('chmod 400 '.$config_dir.'/master.cf~');
		}
tbrehm's avatar
tbrehm committed
264
265
		$configfile = $config_dir.'/master.cf';
		$content = rf($configfile);
tbrehm's avatar
tbrehm committed
266
		// if postfix package is from fedora or centios main repo
267
268
269
270
		$content = str_replace('#  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
			'  flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
			$content);

tbrehm's avatar
tbrehm committed
271
		// If postfix package is from centos plus repo
272
273
274
275
276
277
278
279
280
281
282
283
284
		$content = str_replace('#  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
			'  flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
			$content);

		$content = str_replace('  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
			'  flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
			$content);


		$content = str_replace('#maildrop  unix  -       n       n       -       -       pipe',
			'maildrop  unix  -       n       n       -       -       pipe',
			$content);

tbrehm's avatar
tbrehm committed
285
		wf($configfile, $content);
286

tbrehm's avatar
tbrehm committed
287
288
289
		//* Writing the Maildrop mailfilter file
		$configfile = 'mailfilter';
		if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
290
291
			copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
		}
292
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
tbrehm's avatar
tbrehm committed
293
294
		$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
		wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
295

tbrehm's avatar
tbrehm committed
296
297
298
		//* Create the directory for the custom mailfilters
		$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
299

tbrehm's avatar
tbrehm committed
300
301
302
		//* Chmod and chown the .mailfilter file
		$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
303

tbrehm's avatar
tbrehm committed
304
305
		$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
		caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
306

tbrehm's avatar
tbrehm committed
307
	}
308

tbrehm's avatar
tbrehm committed
309
310
	public function configure_saslauthd() {
		global $conf;
311

tbrehm's avatar
tbrehm committed
312
		$configfile = 'tpl/fedora_saslauthd_smtpd_conf.master';
313
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_saslauthd_smtpd_conf.master', $configfile);
314
315
316
317
		wf('/usr/lib/sasl2/smtpd.conf', $content);
		if(is_dir('/usr/lib64')) wf('/usr/lib64/sasl/smtpd.conf', $content);
		if(is_dir('/usr/lib64')) wf('/usr/lib64/sasl2/smtpd.conf', $content);

tbrehm's avatar
tbrehm committed
318
	}
319

tbrehm's avatar
tbrehm committed
320
	public function configure_pam()
321
	{
tbrehm's avatar
tbrehm committed
322
323
324
325
326
327
328
		global $conf;
		$pam = $conf['pam'];
		//* configure pam for SMTP authentication agains the ispconfig database
		$configfile = 'pamd_smtp';
		if(is_file("$pam/smtp"))    copy("$pam/smtp", "$pam/smtp~");
		if(is_file("$pam/smtp~"))   exec("chmod 400 $pam/smtp~");

329
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
tbrehm's avatar
tbrehm committed
330
331
332
333
334
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
		wf("$pam/smtp", $content);
335
336
		// On some OSes smtp is world readable which allows for reading database information.  Removing world readable rights should have no effect.
		if(is_file("$pam/smtp"))    exec("chmod o= $pam/smtp");
tbrehm's avatar
tbrehm committed
337
338
		//exec("chmod 660 $pam/smtp");
		//exec("chown root:root $pam/smtp");
339

tbrehm's avatar
tbrehm committed
340
	}
341

tbrehm's avatar
tbrehm committed
342
	public function configure_courier()
343
	{
tbrehm's avatar
tbrehm committed
344
345
346
347
348
		global $conf;
		$config_dir = $conf['courier']['config_dir'];
		//* authmysqlrc
		$configfile = 'authmysqlrc';
		if(is_file("$config_dir/$configfile")){
349
350
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
tbrehm's avatar
tbrehm committed
351
		exec("chmod 400 $config_dir/$configfile~");
352
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
353
354
355
356
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
tbrehm's avatar
tbrehm committed
357
		wf("$config_dir/$configfile", $content);
358

tbrehm's avatar
tbrehm committed
359
360
		exec("chmod 660 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");
361

tbrehm's avatar
tbrehm committed
362
363
364
		//* authdaemonrc
		$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
		if(is_file($configfile)){
365
366
			copy($configfile, $configfile.'~');
		}
tbrehm's avatar
tbrehm committed
367
		if(is_file($configfile.'~')){
368
369
			exec('chmod 400 '.$configfile.'~');
		}
tbrehm's avatar
tbrehm committed
370
371
372
373
		$content = rf($configfile);
		$content = str_replace('authmodulelist=', 'authmodulelist="authmysql"', $content);
		wf($configfile, $content);
	}
374

tbrehm's avatar
tbrehm committed
375
	public function configure_dovecot()
376
	{
tbrehm's avatar
tbrehm committed
377
		global $conf;
378

tbrehm's avatar
tbrehm committed
379
		$config_dir = $conf['dovecot']['config_dir'];
380

381
382
		//* Use /etc/dovecot as config dir if exists
		if(is_dir('/etc/dovecot')) $config_dir = '/etc/dovecot';
383

tbrehm's avatar
tbrehm committed
384
385
		//* Configure master.cf and add a line for deliver
		if(is_file($config_dir.'/master.cf')){
386
387
			copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
		}
tbrehm's avatar
tbrehm committed
388
		if(is_file($config_dir.'/master.cf~')){
389
390
			exec('chmod 400 '.$config_dir.'/master.cf~2');
		}
tbrehm's avatar
tbrehm committed
391
392
		$content = rf($conf["postfix"]["config_dir"].'/master.cf');
		// Only add the content if we had not addded it before
393
		if(!stristr($content, "dovecot/deliver")) {
394
			$deliver_content = 'dovecot   unix  -       n       n       -       -       pipe'."\n".'  flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
395
			af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
tbrehm's avatar
tbrehm committed
396
397
398
		}
		unset($content);
		unset($deliver_content);
399
400


tbrehm's avatar
tbrehm committed
401
402
403
404
		//* Reconfigure postfix to use dovecot authentication
		// Adding the amavisd commands to the postfix configuration
		$postconf_commands = array (
			'dovecot_destination_recipient_limit = 1',
405
			'virtual_transport = dovecot',
tbrehm's avatar
tbrehm committed
406
407
408
			'smtpd_sasl_type = dovecot',
			'smtpd_sasl_path = private/auth',
		);
409

tbrehm's avatar
tbrehm committed
410
		// Make a backup copy of the main.cf file
411
412
		copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~3');

tbrehm's avatar
tbrehm committed
413
414
415
416
417
		// Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
418

419
		//* backup dovecot.conf
tbrehm's avatar
tbrehm committed
420
421
		$configfile = 'dovecot.conf';
		if(is_file("$config_dir/$configfile")){
422
423
424
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}

425
		//* Get the dovecot version
426
427
		exec('dovecot --version', $tmp);
		$parts = explode('.', trim($tmp[0]));
428
429
430
		$dovecot_version = $parts[0];
		unset($tmp);
		unset($parts);
431

432
433
		//* Copy dovecot configuration file
		if($dovecot_version == 2) {
434
435
436
437
438
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot2.conf.master')) {
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot2.conf.master', $config_dir.'/'.$configfile);
			} else {
				copy('tpl/fedora_dovecot2.conf.master', $config_dir.'/'.$configfile);
			}
439
		} else {
440
441
442
443
444
			if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot.conf.master')) {
				copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot.conf.master', $config_dir.'/'.$configfile);
			} else {
				copy('tpl/fedora_dovecot.conf.master', $config_dir.'/'.$configfile);
			}
445
		}
446

tbrehm's avatar
tbrehm committed
447
448
449
		//* dovecot-sql.conf
		$configfile = 'dovecot-sql.conf';
		if(is_file("$config_dir/$configfile")){
450
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
tbrehm's avatar
tbrehm committed
451
			exec("chmod 400 $config_dir/$configfile~");
452
		}
453
454
		
		if(!@file_exists('/etc/dovecot-sql.conf')) exec('ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf');
455

456
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot-sql.conf.master', "tpl/fedora_dovecot-sql.conf.master");
457
458
459
460
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
tbrehm's avatar
tbrehm committed
461
		wf("$config_dir/$configfile", $content);
462

tbrehm's avatar
tbrehm committed
463
464
		exec("chmod 600 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");
465
466
		
		// Dovecot shall ignore mounts in website directory
467
		if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
tbrehm's avatar
tbrehm committed
468
469

	}
470

tbrehm's avatar
tbrehm committed
471
472
	public function configure_amavis() {
		global $conf;
473

tbrehm's avatar
tbrehm committed
474
475
		// amavisd user config file
		$configfile = 'fedora_amavisd_conf';
476
		if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf')) copy($conf["amavis"]["config_dir"].'/amavisd.conf', $conf["amavis"]["config_dir"].'/amavisd.conf~');
tbrehm's avatar
tbrehm committed
477
		if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/amavisd.conf~');
478
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
479
480
481
482
483
484
485
486
487
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
		$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
		$content = str_replace('{hostname}', $conf['hostname'], $content);
		wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);


tbrehm's avatar
tbrehm committed
488
489
490
491
492
		// Adding the amavisd commands to the postfix configuration
		$postconf_commands = array (
			'content_filter = amavis:[127.0.0.1]:10024',
			'receive_override_options = no_address_mappings'
		);
493

tbrehm's avatar
tbrehm committed
494
		// Make a backup copy of the main.cf file
495
496
		copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~2');

tbrehm's avatar
tbrehm committed
497
498
499
500
501
		// Executing the postconf commands
		foreach($postconf_commands as $cmd) {
			$command = "postconf -e '$cmd'";
			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
502

tbrehm's avatar
tbrehm committed
503
		// Append the configuration for amavisd to the master.cf file
504
505
		if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
		$content = rf($conf['postfix']['config_dir'].'/master.cf');
tbrehm's avatar
tbrehm committed
506
		// Only add the content if we had not addded it before
507
		if(!preg_match('/^amavis\s+unix\s+/m', $content)) {
508
509
510
511
512
			unset($content);
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
		}
513
		if(!preg_match('/^127.0.0.1:10025\s+/m', $content)) {
514
			unset($content);
515
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10025.master', 'tpl/master_cf_amavis10025.master');
516
517
518
			af($conf['postfix']['config_dir'].'/master.cf', $content);
			$content = rf($conf['postfix']['config_dir'].'/master.cf');
		}
519
		if(!preg_match('/^127.0.0.1:10027\s+/m', $content)) {
tbrehm's avatar
tbrehm committed
520
			unset($content);
521
			$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis10027.master', 'tpl/master_cf_amavis10027.master');
522
			af($conf['postfix']['config_dir'].'/master.cf', $content);
tbrehm's avatar
tbrehm committed
523
524
		}
		unset($content);
525
526
527
528

		removeLine('/etc/sysconfig/freshclam', 'FRESHCLAM_DELAY=disabled-warn   # REMOVE ME', 1);
		replaceLine('/etc/freshclam.conf', 'Example', '# Example', 1);

tbrehm's avatar
tbrehm committed
529
530
		// Add the clamav user to the vscan group
		//exec('groupmod --add-user clamav vscan');
531
532


tbrehm's avatar
tbrehm committed
533
	}
534

tbrehm's avatar
tbrehm committed
535
	public function configure_spamassassin()
536
	{
tbrehm's avatar
tbrehm committed
537
		global $conf;
538

tbrehm's avatar
tbrehm committed
539
540
541
542
543
544
545
546
547
548
549
		//* Enable spamasasssin on debian and ubuntu
		/*
		$configfile = '/etc/default/spamassassin';
		if(is_file($configfile)){
            copy($configfile, $configfile.'~');
        }
		$content = rf($configfile);
		$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
		wf($configfile, $content);
		*/
	}
550

tbrehm's avatar
tbrehm committed
551
	public function configure_getmail()
552
	{
tbrehm's avatar
tbrehm committed
553
		global $conf;
554

tbrehm's avatar
tbrehm committed
555
		$config_dir = $conf['getmail']['config_dir'];
556

tbrehm's avatar
tbrehm committed
557
558
559
		if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));

		$command = "useradd -d $config_dir getmail";
560
		if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
561

tbrehm's avatar
tbrehm committed
562
563
		$command = "chown -R getmail $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
564

tbrehm's avatar
tbrehm committed
565
566
567
		$command = "chmod -R 700 $config_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	}
568
569


tbrehm's avatar
tbrehm committed
570
	public function configure_pureftpd()
571
	{
tbrehm's avatar
tbrehm committed
572
		global $conf;
573

tbrehm's avatar
tbrehm committed
574
575
576
577
578
		$config_dir = $conf['pureftpd']['config_dir'];

		//* configure pam for SMTP authentication agains the ispconfig database
		$configfile = 'pureftpd-mysql.conf';
		if(is_file("$config_dir/$configfile")){
579
580
			copy("$config_dir/$configfile", "$config_dir/$configfile~");
		}
tbrehm's avatar
tbrehm committed
581
		if(is_file("$config_dir/$configfile~")){
582
583
			exec("chmod 400 $config_dir/$configfile~");
		}
584
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
tbrehm's avatar
tbrehm committed
585
586
587
588
589
590
591
592
		$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
		$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
		$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
		$content = str_replace('{server_id}', $conf["server_id"], $content);
		wf("$config_dir/$configfile", $content);
		exec("chmod 600 $config_dir/$configfile");
		exec("chown root:root $config_dir/$configfile");
593

tbrehm's avatar
tbrehm committed
594
		// copy our customized copy of pureftpd.conf to the pure-ftpd config directory
595
		if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_pureftpd_conf.master')) {
596
597
598
599
600
			exec("cp " . $conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_pureftpd_conf.master ' . "$config_dir/pure-ftpd.conf");
		}else {
			exec("cp tpl/fedora_pureftpd_conf.master $config_dir/pure-ftpd.conf");
		}

tbrehm's avatar
tbrehm committed
601
	}
602

tbrehm's avatar
tbrehm committed
603
	public function configure_mydns()
604
	{
tbrehm's avatar
tbrehm committed
605
		global $conf;
606

tbrehm's avatar
tbrehm committed
607
608
		// configure mydns
		$configfile = 'mydns.conf';
609
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile, $conf["mydns"]["config_dir"].'/'.$configfile.'~');
tbrehm's avatar
tbrehm committed
610
		if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
611
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
612
613
614
615
616
617
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf["mysql"]["host"], $content);
		$content = str_replace('{server_id}', $conf["server_id"], $content);
		wf($conf["mydns"]["config_dir"].'/'.$configfile, $content);
tbrehm's avatar
tbrehm committed
618
619
		exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
		exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
620

tbrehm's avatar
tbrehm committed
621
	}
622

tbrehm's avatar
tbrehm committed
623
624
	public function configure_bind() {
		global $conf;
625

tbrehm's avatar
tbrehm committed
626
		// add the include line at the end of named.conf.
627
		replaceLine('/etc/named.conf', 'include "/etc/named.conf.local";', 'include "/etc/named.conf.local";', 0, 1);
628
629
630

		//* Check if the zonefile directory has a slash at the end
		$content=$conf['bind']['bind_zonefiles_dir'];
631
		if(substr($content, -1, 1) != '/') {
632
633
634
635
636
637
638
639
640
641
642
			$content .= '/';
		}

		//* Create the slave subdirectory
		$content .= 'slave';
		$content_mkdir = 'mkdir -p '.$content;
		exec($content_mkdir);

		//* Chown the slave subdirectory to $conf['bind']['bind_user']
		exec('chown '.$conf['bind']['bind_user'].':'.$conf['bind']['bind_group'].' '.$content);
		exec('chmod 770 '.$content);
643

tbrehm's avatar
tbrehm committed
644
	}
645

tbrehm's avatar
tbrehm committed
646
	public function configure_apache()
647
	{
tbrehm's avatar
tbrehm committed
648
		global $conf;
649

650
		if($conf['apache']['installed'] == false) return;
651
		if(is_file('/etc/suphp.conf')) {
tbrehm's avatar
tbrehm committed
652
			//replaceLine('/etc/suphp.conf','php=php:/usr/bin','x-httpd-suphp=php:/usr/bin/php-cgi',0);
653
654
			replaceLine('/etc/suphp.conf', 'docroot=', 'docroot=/var/www', 0);
			replaceLine('/etc/suphp.conf', 'umask=0077', 'umask=0022', 0);
655
		}
656

tbrehm's avatar
tbrehm committed
657
658
		//* Create the logging directory for the vhost logfiles
		exec('mkdir -p /var/log/ispconfig/httpd');
659

tbrehm's avatar
tbrehm committed
660
661
662
		// Sites enabled and avaulable dirs
		exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']);
		exec('mkdir -p '.$conf['apache']['vhost_conf_dir']);
663

tbrehm's avatar
tbrehm committed
664
		$content = rf('/etc/httpd/conf/httpd.conf');
665
666
		if(!stristr($content, 'Include /etc/httpd/conf/sites-enabled/')) {
			af('/etc/httpd/conf/httpd.conf', "\nNameVirtualHost *:80\nNameVirtualHost *:443\nInclude /etc/httpd/conf/sites-enabled/\n\n");
tbrehm's avatar
tbrehm committed
667
668
		}
		unset($content);
669

670
		//* Copy the ISPConfig configuration include
671
672
673
		$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
		$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

674
675
676
		$tpl = new tpl('apache_ispconfig.conf.master');
		$tpl->setVar('apache_version',getapacheversion());
		
677
		$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
678
679
		$ip_addresses = array();
		
680
		if(is_array($records) && count($records) > 0) {
681
			foreach($records as $rec) {
682
683
684
685
686
				if($rec['ip_type'] == 'IPv6') {
					$ip_address = '['.$rec['ip_address'].']';
				} else {
					$ip_address = $rec['ip_address'];
				}
687
				$ports = explode(',', $rec['virtualhost_port']);
688
689
690
691
				if(is_array($ports)) {
					foreach($ports as $port) {
						$port = intval($port);
						if($port > 0 && $port < 65536 && $ip_address != '') {
692
							$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
693
694
695
						}
					}
				}
696
697
			}
		}
698
		
Till Brehm's avatar
Till Brehm committed
699
		if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
700

701
702
		wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
		unset($tpl);
703

704
705
706
		if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
			exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
		}
707

tbrehm's avatar
tbrehm committed
708
709
710
711
712
		//* make sure that webalizer finds its config file when it is directly in /etc
		if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
			exec('mkdir /etc/webalizer');
			exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
		}
713

tbrehm's avatar
tbrehm committed
714
715
		if(is_file('/etc/webalizer/webalizer.conf')) {
			// Change webalizer mode to incremental
716
717
718
			replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
			replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental     yes', 0, 0);
			replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName     webalizer.hist', 0, 0);
tbrehm's avatar
tbrehm committed
719
		}
720

tbrehm's avatar
tbrehm committed
721
722
723
		//* add a sshusers group
		$command = 'groupadd sshusers';
		if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
724

tbrehm's avatar
tbrehm committed
725
	}
726

727
728
	public function configure_nginx(){
		global $conf;
729

730
731
732
		if($conf['nginx']['installed'] == false) return;
		//* Create the logging directory for the vhost logfiles
		if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
733

734
735
736
737
		// Sites enabled and avaulable dirs
		exec('mkdir -p '.$conf['nginx']['vhost_conf_enabled_dir']);
		exec('mkdir -p '.$conf['nginx']['vhost_conf_dir']);

738
		wf('/etc/nginx/conf.d/ispconfig_vhosts.conf', "include /etc/nginx/sites-enabled/*.vhost;");
739
740
741
742

		//* make sure that webalizer finds its config file when it is directly in /etc
		if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
			mkdir('/etc/webalizer');
743
			symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
744
745
746
747
		}

		if(is_file('/etc/webalizer/webalizer.conf')) {
			// Change webalizer mode to incremental
748
749
750
			replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
			replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental     yes', 0, 0);
			replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName     webalizer.hist', 0, 0);
751
		}
752

753
754
		// Check the awsatst script
		if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
755
756
757
		if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
		if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);

758
759
760
761
		//* add a sshusers group
		$command = 'groupadd sshusers';
		if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	}
762

tbrehm's avatar
tbrehm committed
763
764
765
	public function configure_firewall()
	{
		global $conf;
766

tbrehm's avatar
tbrehm committed
767
		$dist_init_scripts = $conf['init_scripts'];
768

tbrehm's avatar
tbrehm committed
769
770
		if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
		if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
771
772
773
774
775
776
777
778
779
780
781
782
783
		@mkdir("/etc/Bastille", octdec($directory_mode));
		if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
		if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
			caselog("cp -f " . $conf['ispconfig_install_dir']."/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
		} else {
			caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
		}
		caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
		$content = rf("/etc/Bastille/bastille-firewall.cfg");
		$content = str_replace("{DNS_SERVERS}", "", $content);

		$tcp_public_services = '';
		$udp_public_services = '';
tbrehm's avatar
tbrehm committed
784

785
		$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
786
787
788
789
790
791
792
793

		if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){
			$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
			$udp_public_services = trim(str_replace(',', ' ', $row["udp_port"]));
		} else {
			$tcp_public_services = '21 22 25 53 80 110 443 3306 8080 10000';
			$udp_public_services = '53';
		}
tbrehm's avatar
tbrehm committed
794
		if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
fantu's avatar
fantu committed
795
			$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
fantu's avatar
fantu committed
796
			if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
tbrehm's avatar
tbrehm committed
797
		}
tbrehm's avatar
tbrehm committed
798

799
800
		$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
		$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
tbrehm's avatar
tbrehm committed
801

802
		wf("/etc/Bastille/bastille-firewall.cfg", $content);
tbrehm's avatar
tbrehm committed
803

804
805
806
807
808
809
810
811
812
813
814
		if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
		caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
		caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);

		if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
		caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
		caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);

		if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
		caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
		caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
tbrehm's avatar
tbrehm committed
815
816
817

		if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);

818
819
820
821
822
823
		exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
		if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
		unset($ipchains_location);
		exec("which iptables &> /dev/null", $iptables_location, $ret_val);
		if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
		unset($iptables_location);
tbrehm's avatar
tbrehm committed
824
825

	}
826
827


tbrehm's avatar
tbrehm committed
828
	public function install_ispconfig()
829
	{
tbrehm's avatar
tbrehm committed
830
		global $conf;
831

tbrehm's avatar
tbrehm committed
832
833
834
835
836
837
838
		$install_dir = $conf['ispconfig_install_dir'];

		//* Create the ISPConfig installation directory
		if(!@is_dir("$install_dir")) {
			$command = "mkdir $install_dir";
			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		}
839

tbrehm's avatar
tbrehm committed
840
841
		//* Create a ISPConfig user and group
		$command = 'groupadd ispconfig';
842
		if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
843

tbrehm's avatar
tbrehm committed
844
		$command = "useradd -g ispconfig -d $install_dir ispconfig";
845
		if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
846

tbrehm's avatar
tbrehm committed
847
848
849
		//* copy the ISPConfig interface part
		$command = "cp -rf ../interface $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
850

tbrehm's avatar
tbrehm committed
851
852
853
		//* copy the ISPConfig server part
		$command = "cp -rf ../server $install_dir";
		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
854

tbrehm's avatar
tbrehm committed
855
856
857
858
		//* Create a symlink, so ISPConfig is accessible via web
		// Replaced by a separate vhost definition for port 8080
		// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
		// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
859

tbrehm's avatar
tbrehm committed
860
861
862
		//* Create the config file for ISPConfig interface
		$configfile = 'config.inc.php';
		if(is_file($install_dir.'/interface/lib/'.$configfile)){
863
864
			copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
		}
865
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
tbrehm's avatar
tbrehm committed
866
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
867
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
tbrehm's avatar
tbrehm committed
868
869
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
870

871
872
873
874
		$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
		$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
		$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
		$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
875

876
		$content = str_replace('{server_id}', $conf['server_id'], $content);
tbrehm's avatar
tbrehm committed
877
		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
878
		$content = str_replace('{language}', $conf['language'], $content);
879
		$content = str_replace('{timezone}', $conf['timezone'], $content);
cfoe's avatar
cfoe committed
880
		$content = str_replace('{theme}', $conf['theme'], $content);
881
		$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
882

tbrehm's avatar
tbrehm committed
883
		wf("$install_dir/interface/lib/$configfile", $content);
884

tbrehm's avatar
tbrehm committed
885
886
887
		//* Create the config file for ISPConfig server
		$configfile = 'config.inc.php';
		if(is_file($install_dir.'/server/lib/'.$configfile)){
888
889
			copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
		}
890
		$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
tbrehm's avatar
tbrehm committed
891
892
893
894
		$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
		$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
895

896
897
898
899
		$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
		$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
		$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
		$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
900

tbrehm's avatar
tbrehm committed
901
902
		$content = str_replace('{server_id}', $conf['server_id'], $content);
		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
903
		$content = str_replace('{language}', $conf['language'], $content);
904
		$content = str_replace('{timezone}', $conf['timezone'], $content);
cfoe's avatar
cfoe committed
905
		$content = str_replace('{theme}', $conf['theme'], $content);
906
		$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
907

tbrehm's avatar
tbrehm committed
908
		wf("$install_dir/server/lib/$configfile", $content);
909

910
911
912
913
914
915
		//* Create the config file for remote-actions (but only, if it does not exist, because
		//  the value is a autoinc-value and so changed by the remoteaction_core_module
		if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
			$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
			wf($install_dir.'/server/lib/remote_action.inc.php', $content);
		}
916
917


tbrehm's avatar
tbrehm committed
918
919
920
921
922
923
		//* Enable the server modules and plugins.
		// TODO: Implement a selector which modules and plugins shall be enabled.
		$dir = $install_dir.'/server/mods-available/';
		if (is_dir($dir)) {
			if ($dh = opendir($dir)) {
				while (($file = readdir($dh)) !== false) {
924
925
926
					if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {