diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 78750ee9ce3112741b44e26053433e15f76bc007..95c6cb87ef00dbe54f7cacae990e1b995ef13c3d 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -1175,6 +1175,12 @@ class installer_base {
$content = strtr($content, $postconf_placeholders);
$postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
}
+ $configfile = 'postfix_custom.conf';
+ if(file_exists($conf['ispconfig_install_dir'].'/server/conf-custom/install/' . $configfile . '.master')) {
+ $content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master');
+ $content = strtr($content, $postconf_placeholders);
+ $postconf_commands = array_merge($postconf_commands, array_filter(explode("\n", $content)));
+ }
// Remove comment lines, these would give fatal errors when passed to postconf.
$postconf_commands = array_filter($postconf_commands, function($line) { return preg_match('/^[^#]/', $line); });
@@ -1528,6 +1534,10 @@ class installer_base {
} else {
copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
}
+ // Copy custom config file
+ if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/dovecot_custom.conf.master')) {
+ copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/dovecot_custom.conf.master', $config_dir.'/conf.d/99-ispconfig-custom-config.conf');
+ }
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
replaceLine($config_dir.'/'.$configfile, 'postmaster_address = webmaster@localhost', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
if(version_compare($dovecot_version, 2.1, '<')) {
@@ -2546,7 +2556,7 @@ class installer_base {
$tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
- if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
+ if(is_file($conf['ispconfig_install_dir'].'/interface/ssl/ispserver.crt') && is_file($conf['ispconfig_install_dir'].'/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment','');
} else {
$tpl->setVar('ssl_comment','#');
@@ -2629,6 +2639,15 @@ class installer_base {
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
+ // Enable SSL if a cert is in place.
+ if(is_file($conf['ispconfig_install_dir'].'/interface/ssl/ispserver.crt') && is_file($conf['ispconfig_install_dir'].'/interface/ssl/ispserver.key')) {
+ $content = str_replace('{ssl_on}', 'ssl', $content);
+ $content = str_replace('{ssl_comment}', '', $content);
+ } else {
+ $content = str_replace('{ssl_on}', '', $content);
+ $content = str_replace('{ssl_comment}', '#', $content);
+ }
+
if($conf['web']['apps_vhost_ip'] == '_default_'){
$apps_vhost_ip = '';
} else {
@@ -2671,10 +2690,6 @@ class installer_base {
$content = str_replace('{use_tcp}', $use_tcp, $content);
$content = str_replace('{use_socket}', $use_socket, $content);
- // SSL in apps vhost is off by default. Might change later.
- $content = str_replace('{ssl_on}', '', $content);
- $content = str_replace('{ssl_comment}', '#', $content);
-
// Fix socket path on PHP 7 systems
if(file_exists('/var/run/php/php7.0-fpm.sock')) $content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.0-fpm.sock', $content);
if(file_exists('/var/run/php/php7.1-fpm.sock')) $content = str_replace('/var/run/php5-fpm.sock', '/var/run/php/php7.1-fpm.sock', $content);
diff --git a/install/tpl/debian6_dovecot2.conf.master b/install/tpl/debian6_dovecot2.conf.master
index 5032488a6f1e0d2066316f989268f00aad033ce9..91d745bc39ec56d01ba2b8be017673d76b1a91d5 100644
--- a/install/tpl/debian6_dovecot2.conf.master
+++ b/install/tpl/debian6_dovecot2.conf.master
@@ -1,3 +1,6 @@
+# Do not change this file, as changes will be overwritten by any ISPConfig update.
+# Put your custom settings in /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master.
+# To start using those changes, do a force upgrade and let it reconfigure your services. (ispconfig_update.sh --force)
listen = *,[::]
protocols = imap pop3
auth_mechanisms = plain login
@@ -88,7 +91,7 @@ protocol lmtp {
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ }
-#2.3+
+#2.3+
#2.3+ unix_listener stats-writer {
#2.3+ user = vmail
#2.3+ group = vmail
@@ -131,3 +134,4 @@ namespace inbox {
special_use = \Trash
}
}
+!include_try conf.d/99-ispconfig-custom-config.conf
diff --git a/install/tpl/debian_dovecot2.conf.master b/install/tpl/debian_dovecot2.conf.master
index 4a44bfbfc6a63ef05e4e310464533fc1d15eb385..acbb5ccdff11a01fabe0b59b6b9bd7a31d4ee46e 100644
--- a/install/tpl/debian_dovecot2.conf.master
+++ b/install/tpl/debian_dovecot2.conf.master
@@ -1,3 +1,6 @@
+# Do not change this file, as changes will be overwritten by any ISPConfig update.
+# Put your custom settings in /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master.
+# To start using those changes, do a force upgrade and let it reconfigure your services. (ispconfig_update.sh --force)
listen = *,[::]
protocols = imap pop3
auth_mechanisms = plain login
@@ -86,7 +89,7 @@ protocol lmtp {
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ }
-#2.3+
+#2.3+
#2.3+ unix_listener stats-writer {
#2.3+ user = vmail
#2.3+ group = vmail
@@ -108,3 +111,4 @@ plugin {
quota_status_nouser = DUNNO
quota_status_overquota = "552 5.2.2 Mailbox is full"
}
+!include_try conf.d/99-ispconfig-custom-config.conf
diff --git a/install/tpl/dovecot_custom.conf.master b/install/tpl/dovecot_custom.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..dab73e5a09772417a31d3b45e4c8a36ef82b63e4
--- /dev/null
+++ b/install/tpl/dovecot_custom.conf.master
@@ -0,0 +1,3 @@
+# You can use this file for custom Dovecot settings. The used settings will overrule the settings set by ISPConfig.
+# Use with caution!
+# Put this file in /usr/local/ispconfig/server/conf-custom/install/ and make your changes there.
diff --git a/install/tpl/fedora_dovecot2.conf.master b/install/tpl/fedora_dovecot2.conf.master
index 81d71a37fec28ca8a13e92b4c582afc65e8ff208..0b31c23b4e159430863511213f5e5868a3867fb1 100644
--- a/install/tpl/fedora_dovecot2.conf.master
+++ b/install/tpl/fedora_dovecot2.conf.master
@@ -1,3 +1,6 @@
+# Do not change this file, as changes will be overwritten by any ISPConfig update.
+# Put your custom settings in /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master.
+# To start using those changes, do a force upgrade and let it reconfigure your services. (ispconfig_update.sh --force)
listen = *,[::]
protocols = imap pop3
auth_mechanisms = plain login
@@ -82,7 +85,7 @@ protocol lmtp {
#2.3+ group = vmail
#2.3+ mode = 0660
#2.3+ }
-#2.3+
+#2.3+
#2.3+ unix_listener stats-writer {
#2.3+ user = vmail
#2.3+ group = vmail
@@ -125,3 +128,4 @@ namespace inbox {
special_use = \Trash
}
}
+!include_try conf.d/99-ispconfig-custom-config.conf
diff --git a/install/tpl/nginx_apps.vhost.master b/install/tpl/nginx_apps.vhost.master
index b91d1a16c5f05344b0d6c863e28c4043334d5414..de4842005491ef64b207bbbb85ee347298585638 100644
--- a/install/tpl/nginx_apps.vhost.master
+++ b/install/tpl/nginx_apps.vhost.master
@@ -1,13 +1,13 @@
server {
- listen {apps_vhost_ip}{apps_vhost_port} {ssl_on};
- listen [::]:{apps_vhost_port} {ssl_on} ipv6only=on;
+ listen {apps_vhost_ip}{apps_vhost_port} {ssl_on} http2;
+ listen [::]:{apps_vhost_port} {ssl_on} ipv6only=on http2;
{ssl_comment}ssl_protocols TLSv1.2;
{ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
{ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
# redirect to https if accessed with http
- {ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;
+ {ssl_comment}error_page 497 https://$host:{apps_vhost_port}$request_uri;
server_name {apps_vhost_servername};
diff --git a/install/tpl/nginx_ispconfig.vhost.master b/install/tpl/nginx_ispconfig.vhost.master
index dbe44d7064861eae187731a39e5ced7d120affd3..e1c39ee98b8224661feba4350097b861dd6d9d30 100644
--- a/install/tpl/nginx_ispconfig.vhost.master
+++ b/install/tpl/nginx_ispconfig.vhost.master
@@ -1,6 +1,6 @@
server {
- listen {vhost_port} {ssl_on};
- listen [::]:{vhost_port} {ssl_on} ipv6only=on;
+ listen {vhost_port} {ssl_on} http2;
+ listen [::]:{vhost_port} {ssl_on} ipv6only=on http2;
{ssl_comment}ssl_protocols TLSv1.2;
{ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
diff --git a/install/tpl/postfix_custom.conf.master b/install/tpl/postfix_custom.conf.master
new file mode 100644
index 0000000000000000000000000000000000000000..4f3f2124c84cef97f30c6d6206c62fdf140b56b2
--- /dev/null
+++ b/install/tpl/postfix_custom.conf.master
@@ -0,0 +1,3 @@
+# You can use this file for custom Postfix settings. The used settings will overrule the settings set by ISPConfig.
+# Use with caution!
+# Put this file in /usr/local/ispconfig/server/conf-custom/install/ and make your changes there.
diff --git a/interface/web/admin/lib/lang/ar_users_list.lng b/interface/web/admin/lib/lang/ar_users_list.lng
index 4f7a7469b020b2d31638c6ed69dd2e40a6b595b6..84869c062694fdd70076f76f84fcdbeb41d86fd8 100644
--- a/interface/web/admin/lib/lang/ar_users_list.lng
+++ b/interface/web/admin/lib/lang/ar_users_list.lng
@@ -4,6 +4,6 @@ $wb['username_txt'] = 'Username';
$wb['client_id_txt'] = 'Client ID';
$wb['active_txt'] = 'Active';
$wb['add_new_record_txt'] = 'Add new user';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
$wb['groups_txt'] = 'Groups';
?>
diff --git a/interface/web/admin/lib/lang/ca_users_list.lng b/interface/web/admin/lib/lang/ca_users_list.lng
index dec5cc2c04f2a98ac737ac7f6aefc743831a1938..fb1c7bc6ddb8acdcf6dc66b9572f516b935fbf63 100644
--- a/interface/web/admin/lib/lang/ca_users_list.lng
+++ b/interface/web/admin/lib/lang/ca_users_list.lng
@@ -5,5 +5,5 @@ $wb['client_id_txt'] = 'User ID';
$wb['active_txt'] = 'Active';
$wb['groups_txt'] = 'Groups';
$wb['add_new_record_txt'] = 'Add new user';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
?>
diff --git a/interface/web/admin/lib/lang/en_users_list.lng b/interface/web/admin/lib/lang/en_users_list.lng
index cc978c78d0479757f9ea1fa7a6bf7ec44291e082..fb1c7bc6ddb8acdcf6dc66b9572f516b935fbf63 100644
--- a/interface/web/admin/lib/lang/en_users_list.lng
+++ b/interface/web/admin/lib/lang/en_users_list.lng
@@ -5,5 +5,5 @@ $wb['client_id_txt'] = 'User ID';
$wb['active_txt'] = 'Active';
$wb['groups_txt'] = 'Groups';
$wb['add_new_record_txt'] = 'Add new user';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
-?>
\ No newline at end of file
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
+?>
diff --git a/interface/web/admin/lib/lang/ja_users_list.lng b/interface/web/admin/lib/lang/ja_users_list.lng
index 21b07be3c5a80417f2ed47869aab8c9aaf9beacd..8896b8ccbd3ccd53f68e4f6d4539d8fc9077358d 100644
--- a/interface/web/admin/lib/lang/ja_users_list.lng
+++ b/interface/web/admin/lib/lang/ja_users_list.lng
@@ -4,6 +4,6 @@ $wb['username_txt'] = 'ユーザーå';
$wb['client_id_txt'] = 'Client ID';
$wb['active_txt'] = 'Active';
$wb['add_new_record_txt'] = 'ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚’è¿½åŠ ã™ã‚‹';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
$wb['groups_txt'] = 'Groups';
?>
diff --git a/interface/web/admin/lib/lang/ro_users_list.lng b/interface/web/admin/lib/lang/ro_users_list.lng
index c928d6b86f0f38bae8c151f756f4d00593811146..a69fd3dccf08c306532bbfe1fc7206bff8cdc085 100644
--- a/interface/web/admin/lib/lang/ro_users_list.lng
+++ b/interface/web/admin/lib/lang/ro_users_list.lng
@@ -4,6 +4,6 @@ $wb['username_txt'] = 'Username';
$wb['client_id_txt'] = 'Client ID';
$wb['active_txt'] = 'Active';
$wb['add_new_record_txt'] = 'Add user nou';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
$wb['groups_txt'] = 'Groups';
?>
diff --git a/interface/web/admin/lib/lang/sk_users_list.lng b/interface/web/admin/lib/lang/sk_users_list.lng
index c393f199928e5c338133613368c407e956065cd3..49746bddaf252d746f2b72a12ff4e77f83185617 100644
--- a/interface/web/admin/lib/lang/sk_users_list.lng
+++ b/interface/web/admin/lib/lang/sk_users_list.lng
@@ -4,6 +4,6 @@ $wb['username_txt'] = 'UžÃvateľské meno';
$wb['client_id_txt'] = 'Client ID';
$wb['active_txt'] = 'Active';
$wb['add_new_record_txt'] = 'PridaÅ¥ nového užÃvateľa';
-$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any user settings here. Use the Client- and Reseller settings in the Client module instead. Modifying or changing users or groups here may cause data loss!';
+$wb['warning_txt'] = '<b>WARNING:</b> Do not edit or modify any client user settings here. Use the client- and reseller settings in the client module instead. Modifying or changing client users or groups here may cause data loss!';
$wb['groups_txt'] = 'Groups';
?>
diff --git a/server/conf/nginx_apps.vhost.master b/server/conf/nginx_apps.vhost.master
index b91d1a16c5f05344b0d6c863e28c4043334d5414..de4842005491ef64b207bbbb85ee347298585638 100644
--- a/server/conf/nginx_apps.vhost.master
+++ b/server/conf/nginx_apps.vhost.master
@@ -1,13 +1,13 @@
server {
- listen {apps_vhost_ip}{apps_vhost_port} {ssl_on};
- listen [::]:{apps_vhost_port} {ssl_on} ipv6only=on;
+ listen {apps_vhost_ip}{apps_vhost_port} {ssl_on} http2;
+ listen [::]:{apps_vhost_port} {ssl_on} ipv6only=on http2;
{ssl_comment}ssl_protocols TLSv1.2;
{ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
{ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
# redirect to https if accessed with http
- {ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;
+ {ssl_comment}error_page 497 https://$host:{apps_vhost_port}$request_uri;
server_name {apps_vhost_servername};
diff --git a/server/plugins-available/apps_vhost_plugin.inc.php b/server/plugins-available/apps_vhost_plugin.inc.php
index b64adfde6e50de8a547fc7638418f2912ea62234..d391633b625ee482db0720eec97b09b2ca0427c1 100644
--- a/server/plugins-available/apps_vhost_plugin.inc.php
+++ b/server/plugins-available/apps_vhost_plugin.inc.php
@@ -206,16 +206,14 @@ class apps_vhost_plugin {
$use_socket = '#';
}
- /* Check if SSL should be enabled: */
- if(is_file('/usr/local/ispconfig/interface/ssl/ispserver.crt') && is_file('/usr/local/ispconfig/interface/ssl/ispserver.key')) {
+ /* Check if SSL should be enabled: */
+ if(is_file('/usr/local/ispconfig/interface/ssl/ispserver.crt') && is_file('/usr/local/ispconfig/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{ssl_on}', 'ssl', $content);
- $content = str_replace('{vhost_port}', $web_config['apps_vhost_port'], $content);
- } else {
+ } else {
$content = str_replace('{ssl_comment}', '#', $content);
$content = preg_replace('/(\s)\{ssl_on\}/', '', $content);
- $content = str_replace('{vhost_port}', $web_config['apps_vhost_port'], $content);
- }
+ }
$content = str_replace('{use_tcp}', $use_tcp, $content);
$content = str_replace('{use_socket}', $use_socket, $content);
@@ -253,7 +251,7 @@ class apps_vhost_plugin {
file_put_contents("$vhost_conf_dir/apps.vhost", $content);
// enabled / disable apps-vhost
- $vhost_symlink = $web_config['vhost_conf_enabled_dir'].'/000-apps.vhost';
+ $vhost_symlink = $vhost_conf_enabled_dir . '/000-apps.vhost';
if(is_link($vhost_symlink) && $web_config['apps_vhost_enabled'] == 'n') {
$app->system->unlink($vhost_symlink);
}