- Improved Fedora installer.

- Added Installation instructions for Fedora 12
- Added Dovecot support for fedora 12

docs/INSTALL_FEDORA_12_dovecot_bind.txt

+
+Installation
+-----------
+
+It is recommended to use a clean (fresh) Fedora install. Then follow the steps below to setup your server with ISPConfig 3:
+
+Installation of some basic requirements:
+
+// rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
+yum update
+// yum groupinstall 'Development Tools'
+// yum groupinstall 'Development Libraries'
+
+You should disable selinux now, as some programs will not start when selinux is enabled:
+
+vi /etc/selinux/config
+
+and set:
+
+SELINUX=disabled
+
+then reboot the server.
+
+
+1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin with the following command line (on one line!):
+
+yum install ntp httpd mysql-server php php-mysql php-mbstring phpMyAdmin getmail postfix dovecot dovecot-mysql wget
+
+chkconfig --levels 235 mysqld on
+/etc/init.d/mysqld start
+
+chkconfig --levels 235 httpd on
+/etc/init.d/httpd start
+
+chkconfig --levels 235 dovecot on
+/etc/init.d/dovecot start
+
+chkconfig --levels 235 sendmail off
+chkconfig --levels 235 postfix on
+/etc/init.d/sendmail stop
+/etc/init.d/postfix start
+/etc/init.d/saslauthd start
+
+
+Set the mysql database password:
+
+/usr/bin/mysql_secure_installation
+
+
+2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
+
+yum install amavisd-new spamassassin clamav clamav-data clamav-server clamav-update unzip bzip2 unrar
+
+chkconfig --levels 235 amavisd on
+chkconfig --levels 235 clamd.amavisd on
+/usr/bin/freshclam
+/etc/init.d/amavisd start
+/etc/init.d/clamd.amavisd start
+
+3) Install apache, PHP5 and phpmyadmin (1 line!):
+
+yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-magickwand php-magpierss php-mapserver php-mbstring php-mcrypt php-mhash php-mssql php-shout php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel phpmyadmin
+
+disable php mapserver module as it causes errors on cli:
+
+vi /etc/php.d/mapserver.ini
+
+and add ; in front of the line extension=php_mapscript.so
+
+; extension=php_mapscript.so
+
+4) Install pure-ftpd and quota
+
+yum install pure-ftpd quota
+
+chkconfig --levels 235 pure-ftpd on
+
+5) Install bind dns server
+
+yum install bind bind-utils
+
+chkconfig --levels 235 named on
+
+6) Install vlogger dependencies and webalizer
+
+yum install webalizer perl-DateTime-Format-HTTP perl-DateTime-Format-Builder
+
+6.5) Install jailkit
+
+yum install gcc
+
+cd /tmp
+wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
+tar xvfz jailkit-2.11.tar.gz
+cd jailkit-2.11
+./configure
+make
+make install
+rm -rf jailkit-2.11*
+
+6.6) Install fail2ban
+
+yum install fail2ban
+
+7) Configure the firewall
+
+Now you should switch off the firewall by running:
+
+system-config-firewall-tui
+
+ISPConfig comes with a iptables bsed firewall script that can be managed from within the ispconfig interface.
+
+
+8) Install ISPConfig 3
+
+  cd /tmp
+  wget http://www.ispconfig.org/downloads/ISPConfig-3.0.2.tar.gz
+  tar xvfz ISPConfig-3.0.2.tar.gz
+  cd ispconfig3_install/install/
+
+Now start the installation process by executing:
+
+php -q install.php
+
+The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
+
+http://192.168.0.100:8080/
+
+the default login is:
+
+user: admin
+password: admin
+
+In case you get a permission denied error from apache, please restart the apache webserver process.
+
+Optional:
+
+Install a webbased Email Client
+
+yum install squirrelmail
+
+
+----------------------------------------------------------------------------------------------------------
+
+Hints:
+
+debian 4.0 under openvz:
+
+VPSID=101
+for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
+do
+  vzctl set $VPSID --capability ${CAP}:on --save
+done
+
+----------------------------------------------------------------------------------------------------------
+
+

docs/INSTALL_OPENSUSE_11_2.txt

@@ -68,6 +68,17 @@ yast2 -i php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dom php5-f
 
 rpm -i http://download.opensuse.org/repositories/server:/php/openSUSE_11.2/i586/suphp-0.7.1-3.1.i586.rpm
 
+Edit the file /etc/php5/cli/php.ini
+
+vi /etc/php5/cli/php.ini
+
+and change:
+
+error_reporting = E_ALL & ~E_DEPRECATED
+
+to:
+
+error_reporting = E_ALL & ~E_NOTICE
 
 Then run the following to enable the Apache modules:
 

install/dist/conf/fedora9.conf.php

@@ -126,7 +126,7 @@ $conf['courier']['courier-pop-ssl'] = 'courier-imap';
 
 //* Dovecot
 $conf['dovecot']['installed'] = false; // will be detected automatically during installation
-$conf['dovecot']['config_dir'] = '/etc/dovecot';
+$conf['dovecot']['config_dir'] = '/etc';
 $conf['dovecot']['init_script'] = 'dovecot';
 
 //* SASL
@@ -161,11 +161,11 @@ $conf['powerdns']['init_script'] = 'pdns';
 
 //* BIND DNS Server
 $conf['bind']['installed'] = false; // will be detected automatically during installation
-$conf['bind']['bind_user'] = 'root';
-$conf['bind']['bind_group'] = 'bind';
-$conf['bind']['bind_zonefiles_dir'] = '/etc/bind';
-$conf['bind']['named_conf_path'] = '/etc/bind/named.conf';
-$conf['bind']['named_conf_local_path'] = '/etc/bind/named.conf.local';
+$conf['bind']['bind_user'] = 'named';
+$conf['bind']['bind_group'] = 'named';
+$conf['bind']['bind_zonefiles_dir'] = '/var/named';
+$conf['bind']['named_conf_path'] = '/etc/named.conf';
+$conf['bind']['named_conf_local_path'] = '/etc/named.conf.local';
 $conf['bind']['init_script'] = 'named';
 
 //* Jailkit

install/dist/lib/fedora.lib.php

@@ -270,6 +270,74 @@ class installer_dist extends installer_base {
 		wf($configfile, $content);
 	}
 	
+	public function configure_dovecot()
+    {
+		global $conf;
+		
+		$config_dir = $conf['dovecot']['config_dir'];
+		
+		//* Configure master.cf and add a line for deliver
+		if(is_file($config_dir.'/master.cf')){
+            copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
+        }
+		if(is_file($config_dir.'/master.cf~')){
+            exec('chmod 400 '.$config_dir.'/master.cf~2');
+        }
+		$content = rf($conf["postfix"]["config_dir"].'/master.cf');
+		// Only add the content if we had not addded it before
+		if(!stristr($content,"dovecot/deliver")) {
+			$deliver_content = 'dovecot   unix  -       n       n       -       -       pipe'."\n".'  flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
+			af($conf["postfix"]["config_dir"].'/master.cf',$deliver_content);
+		}
+		unset($content);
+		unset($deliver_content);
+		
+		
+		//* Reconfigure postfix to use dovecot authentication
+		// Adding the amavisd commands to the postfix configuration
+		$postconf_commands = array (
+			'dovecot_destination_recipient_limit = 1',
+			'virtual_transport = dovecot',
+			'smtpd_sasl_type = dovecot',
+			'smtpd_sasl_path = private/auth',
+			'receive_override_options = no_address_mappings'
+		);
+		
+		// Make a backup copy of the main.cf file
+		copy($conf["postfix"]["config_dir"].'/main.cf',$conf["postfix"]["config_dir"].'/main.cf~3');
+		
+		// Executing the postconf commands
+		foreach($postconf_commands as $cmd) {
+			$command = "postconf -e '$cmd'";
+			caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		}
+		
+		//* copy dovecot.conf
+		$configfile = 'dovecot.conf';
+		if(is_file("$config_dir/$configfile")){
+            copy("$config_dir/$configfile", "$config_dir/$configfile~");
+        }
+		copy('tpl/fedora_dovecot.conf.master',"$config_dir/$configfile");
+		
+		//* dovecot-sql.conf
+		$configfile = 'dovecot-sql.conf';
+		if(is_file("$config_dir/$configfile")){
+            copy("$config_dir/$configfile", "$config_dir/$configfile~");
+			exec("chmod 400 $config_dir/$configfile~");
+        }
+		
+		$content = rf("tpl/fedora_dovecot-sql.conf.master");
+		$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
+		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
+		$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
+		$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
+		wf("$config_dir/$configfile", $content);
+		
+		exec("chmod 600 $config_dir/$configfile");
+		exec("chown root:root $config_dir/$configfile");
+
+	}
+	
 	public function configure_amavis() {
 		global $conf;
 		
@@ -406,6 +474,14 @@ class installer_dist extends installer_base {
 	
 	}
 	
+	public function configure_bind() {
+		global $conf;
+		
+		// add the include line at the end of named.conf.
+		replaceLine('/etc/named.conf','include "/etc/named.conf.local";','include "/etc/named.conf.local";',0,1);
+		
+	}
+	
 	public function configure_apache()
     {	
 		global $conf;

install/tpl/fedora_amavisd_conf.master

@@ -91,9 +91,9 @@ $policy_bank{'AM.PDP-SOCK'} = {
 };
 
 $sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
-$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
-$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
-$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
+$sa_tag2_level_deflt = 20;  # add 'spam detected' headers at that level
+$sa_kill_level_deflt = 100;  # triggers spam evasive actions (e.g. blocks mail)
+$sa_dsn_cutoff_level = 100;   # spam level beyond which a DSN is not sent
 # $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
 $penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
 $penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
@@ -783,7 +783,7 @@ $spam_admin = undef;
 $DO_SYSLOG = 1;
 $LOGFILE = "/var/log/amavis.log";  # (defaults to empty, no log)
 
-$log_level = 5;                # (defaults to 0)
+$log_level = 0;                # (defaults to 0)
 
 
 1;  # insure a defined return

install/tpl/fedora_dovecot-sql.conf.master

+# This file is opened as root, so it should be owned by root and mode 0600.
+#
+# http://wiki.dovecot.org/AuthDatabase/SQL
+#
+# For the sql passdb module, you'll need a database with a table that
+# contains fields for at least the username and password. If you want to
+# use the user@domain syntax, you might want to have a separate domain
+# field as well.
+#
+# If your users all have the same uig/gid, and have predictable home
+# directories, you can use the static userdb module to generate the home
+# dir based on the username and domain. In this case, you won't need fields
+# for home, uid, or gid in the database.
+#
+# If you prefer to use the sql userdb module, you'll want to add fields
+# for home, uid, and gid. Here is an example table:
+#
+# CREATE TABLE users (
+#     username VARCHAR(128) NOT NULL,
+#     domain VARCHAR(128) NOT NULL,
+#     password VARCHAR(64) NOT NULL,
+#     home VARCHAR(255) NOT NULL,
+#     uid INTEGER NOT NULL,
+#     gid INTEGER NOT NULL,
+#     active CHAR(1) DEFAULT 'Y' NOT NULL
+# );
+
+# Database driver: mysql, pgsql, sqlite
+#driver = 
+
+# Database connection string. This is driver-specific setting.
+#
+# pgsql:
+#   For available options, see the PostgreSQL documention for the
+#   PQconnectdb function of libpq.
+#
+# mysql:
+#   Basic options emulate PostgreSQL option names:
+#     host, port, user, password, dbname
+#
+#   But also adds some new settings:
+#     client_flags        - See MySQL manual
+#     ssl_ca, ssl_ca_path - Set either one or both to enable SSL
+#     ssl_cert, ssl_key   - For sending client-side certificates to server
+#     ssl_cipher          - Set minimum allowed cipher security (default: HIGH)
+#     option_file         - Read options from the given file instead of
+#                           the default my.cnf location
+#     option_group        - Read options from the given group (default: client)
+# 
+#   You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
+#   Note that currently you can't use spaces in parameters.
+#
+#   MySQL supports multiple host parameters for load balancing / HA.
+#
+# sqlite:
+#   The path to the database file.
+#
+# Examples:
+#   connect = host=192.168.1.1 dbname=users
+#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
+#   connect = /etc/dovecot/authdb.sqlite
+#
+#connect =
+
+# Default password scheme.
+#
+# List of supported schemes is in
+# http://wiki.dovecot.org/Authentication/PasswordSchemes
+#
+#default_pass_scheme = MD5
+
+# passdb query to retrieve the password. It can return fields:
+#   password - The user's password. This field must be returned.
+#   user - user@domain from the database. Needed with case-insensitive lookups.
+#   username and domain - An alternative way to represent the "user" field.
+#
+# The "user" field is often necessary with case-insensitive lookups to avoid
+# e.g. "name" and "nAme" logins creating two different mail directories. If
+# your user and domain names are in separate fields, you can return "username"
+# and "domain" fields instead of "user".
+#
+# The query can also return other fields which have a special meaning, see
+# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
+#
+# Commonly used available substitutions (see http://wiki.dovecot.org/Variables
+# for full list):
+#   %u = entire user@domain
+#   %n = user part of user@domain
+#   %d = domain part of user@domain
+# 
+# Note that these can be used only as input to SQL query. If the query outputs
+# any of these substitutions, they're not touched. Otherwise it would be
+# difficult to have eg. usernames containing '%' characters.
+#
+# Example:
+#   password_query = SELECT userid AS user, pw AS password \
+#     FROM users WHERE userid = '%u' AND active = 'Y'
+#
+#password_query = \
+#  SELECT username, domain, password \
+#  FROM users WHERE username = '%n' AND domain = '%d'
+
+# userdb query to retrieve the user information. It can return fields:
+#   uid - System UID (overrides mail_uid setting)
+#   gid - System GID (overrides mail_gid setting)
+#   home - Home directory
+#   mail - Mail location (overrides mail_location setting)
+#
+# None of these are strictly required. If you use a single UID and GID, and
+# home or mail directory fits to a template string, you could use userdb static
+# instead. For a list of all fields that can be returned, see
+# http://wiki.dovecot.org/UserDatabase/ExtraFields
+#
+# Examples:
+#   user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
+#   user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
+#   user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
+#
+#user_query = \
+#  SELECT home, uid, gid \
+#  FROM users WHERE username = '%n' AND domain = '%d'
+
+# If you wish to avoid two SQL lookups (passdb + userdb), you can use
+# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
+# also have to return userdb fields in password_query prefixed with "userdb_"
+# string. For example:
+#password_query = \
+#  SELECT userid AS user, password, \
+#    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
+#  FROM users WHERE userid = '%u'
+
+driver = mysql
+connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password}
+default_pass_scheme = CRYPT
+
+password_query = SELECT password FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
+user_query = SELECT email as user, maildir as home, CONCAT(maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', quota) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'