Commit 8f0e9902 authored by Davide Piccagnoni's avatar Davide Piccagnoni

Merge branch 'master' into 'master'

# Conflicts:
#   interface/web/mailuser/lib/lang/it_mail_user_cc.lng
parents d80690da 2f21ecee

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

.DS_Store
/nbproject/private/
\ No newline at end of file
/nbproject/private/
.phplint-cache
# Defines stages which are to be executed
stages:
- syntax
#
### Stage syntax
#
syntax:lint:
stage: syntax
image: bobey/docker-gitlab-ci-runner-php7
allow_failure: false
only:
- schedules
- web
script:
- composer require overtrue/phplint
- echo "Syntax checking PHP files"
- echo "For more information http://www.icosaedro.it/phplint/"
- vendor/bin/phplint
path: ./
jobs: 10
cache: .phplint-cache
extensions:
- php
- lng
exclude:
- vendor
# ISPConfig - Hosting Control Panel
Nightly (master): [![pipeline status](https://git.ispconfig.org/ispconfig/ispconfig3/badges/master/pipeline.svg)](https://git.ispconfig.org/ispconfig/ispconfig3/commits/master)
Stable branch: [![pipeline status](https://git.ispconfig.org/ispconfig/ispconfig3/badges/stable-3.1/pipeline.svg)](https://git.ispconfig.org/ispconfig/ispconfig3/commits/stable-3.1)
- Manage multiple servers from one control panel
- Web server management (Apache2 and nginx)
- Mail server management (with virtual mail users)
......
This empty directory is needed by ISPConfig.
......@@ -57,9 +57,7 @@ $autoupdate['reconfigure_crontab'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_mail_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_web_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_dns_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_xmpp_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_firewall_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_vserver_server'] = 'yes'; // yes (default), no
$autoupdate['svc_detect_change_db_server'] = 'yes'; // yes (default), no
?>
\ No newline at end of file
# ++++++++++++++++++++++++++++++++++++++++++++++++++++
# + NetworkSEC / NwSEC Layer 7 Bruteforce Protection +
# ++++++++++++++++++++++++++++++++++++++++++++++++++++
#
# This goes into (or at the end of) /etc/fail2ban/jail.local
# This goes into /etc/fail2ban/jail.local on Debian/GNU Linux
#
[wp-auth]
enabled = true
filter = wp-auth
action = iptables-multiport[name=wp-auth, port="http,https"]
logpath = /var/log/ispconfig/httpd/*/*.log
bantime = 1200
maxretry = 5
[nws-wp]
enabled = true
filter = nws-wp
action = iptables-multiport[name=nws-wp, port="http,https"]
logpath = /var/www/clients/client*/web*/log/*.log
bantime = 1200
maxretry = 5
\ No newline at end of file
# +++++++++++++++++++++++++++++++++++++++++++++++++++++
# + NetworkSEC / NwSEC Layer 7 Brute Force Protection +
# +++++++++++++++++++++++++++++++++++++++++++++++++++++
#
# v1.1 150619
#
# BSD License
#
# S/W: Fail2ban or NWS ThreatBlock™ ¹
#
# Application: WordPress
#
# Description: Looks for some login/exploit attempts
#
#
# This goes into /etc/fail2ban/filter.d/wp-auth.conf
#
[Definition]
failregex = ^<HOST> .* "POST /wp-login.php
\ No newline at end of file
failregex = ^<HOST> .* "POST /wp-login.php
^<HOST> .* "POST /wordpress/wp-login.php
^<HOST> .* "POST /wp/wp-login.php
^<HOST> .* "GET /login_page.php
^<HOST> .* "POST /xmlrpc.php
#ignoreregex =
#
# ¹ j/k
#
#!/bin/bash
#!/usr/bin/env bash
# Copyright (c) 2009, Scott Barr <gsbarr@gmail.com>
# All rights reserved.
#
......
#!/bin/bash
#!/usr/bin/env bash
#### Config ################################
DBHOST="localhost"
......
# diff openssl.cnf /usr/lib/ssl/openssl.cnf
68c68
< default_days = 3653 # how long to certify for
---
> default_days = 365 # how long to certify for
125c125
< countryName_default = YOURCOUNTRY
---
> countryName_default = AU
130c130
< stateOrProvinceName_default = YOURPROVINCE
---
> stateOrProvinceName_default = Some-State
135c135
< 0.organizationName_default = YOURDOMAIN
---
> 0.organizationName_default = Internet Widgits Pty Ltd
142c142
< organizationalUnitName_default = ISP
---
> #organizationalUnitName_default =
145d144
< commonName_default = YOURHOSTNAME
149d147
< emailAddress_default = postmaster@YOURDOMAIN
#!/bin/bash
# Script to configuring an ispconfig3 server in a Debian VPS
# by calocen [at] gmail [dot] com
# getting some enviromment values
myhostname=`hostname -f`
mydomain=`hostname -d`
myip=`hostname -i`
[ ! -x /usr/bin/geoiplookup ] && apt-get --assume-yes install geoip-bin
mycountry=`geoiplookup $myip | cut -f4 -d" " | cut -f1 -d","`
myprovince=`geoiplookup $myip | cut -f5 -d" "`
# reconfiguring webalizer, postfix
# could be cool to modify here webalizer values
dpkg-reconfigure -u webalizer
postconf -e "myhostname = $myhostname"
postconf -e "mydestination = $myhostname, localhost"
echo $myhostname > /etc/mailname
dpkg-reconfigure -u postfix
# request new password
oldpwd=`grep password /root/.my.cnf | tr "\t" " " | tr -s " " | cut -f3 -d" "`
read -p "mysql password: [$oldpwd] " mysqlpwd
[ -z $mysqlpwd ] && mysqlpwd=$oldpwd
echo $mysqlpwd
#read -p "Are you sure? (y/n) " sure
## who said fear ##
set -x
mysqladmin -u root -p$oldpwd password $mysqlpwd
mysqladmin -u root -p$mysqlpwd -h localhost password $mysqlpwd
cat << EOF > /root/.my.cnf
[client]
password = $mysqlpwd
EOF
chmod 600 /root/.my.cnf
# changing mydns password
mysql -e "SET PASSWORD FOR 'mydns'@'%' = PASSWORD( '$mysqlpwd' )"
mysql -e "SET PASSWORD FOR 'mydns'@'localhost' = PASSWORD( '$mysqlpwd' )"
cp -ax /etc/mydns.conf /etc/mydns.conf~
sed s/$oldpwd/$mysqlpwd/g < /etc/mydns.conf~ > /etc/mydns.conf
# enabling mydns
mydns --create-tables > /tmp/mydns.sql
mysql -e "CREATE DATABASE IF NOT EXISTS mydns ; USE mydns ; SOURCE /tmp/mydns.sql;"
rm /tmp/mydns.*
invoke-rc.d mydns restart
# preparing server installation
mv /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf~
sed s/"YOURHOSTNAME"/"$myhostname"/g < /usr/local/bin/openssl.cnf |
sed s/"YOURDOMAIN"/"$mydomain"/g | \
sed s/"YOURCOUNTRY"/"$mycountry"/g | \
sed s/"YOURPROVINCE"/"$myprovince"/g > /etc/ssl/openssl.cnf
tar xfz /root/downloads/ISPConfig-3.0.0.7-beta.tar.gz -C /usr/local/src
# here would be some stuff to update from SVN
cd /usr/local/src/ispconfig3_install/install/
php -q install.php
#!/bin/bash
set -x
echo "" > /etc/resolv.conf
echo "" > /etc/hostname
echo "" > /etc/mailname
rm -f /etc/ssh/ssh_host_*
cat << EOF > /etc/rc2.d/S15ssh_gen_host_keys
#!/bin/bash
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ''
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ''
dpkg-reconfigure -u webalizer
postconf -e "myhostname = $(hostname -f)"
postconf -e "mydestination = $(hostname -f), localhost"
echo $(hostname -f) > /etc/mailname
dpkg-reconfigure -u postfix