...
 
Commits (35)
#!/bin/bash
#####################################################################################
# #
# Syntax: fixcerts DOMAIN #
# #
# Use: Extend Letsencrypt SSl certificates for commonly grouped services such as #
# Apache,Postfix,Dovecot using Certbot. Useful for keeping all client #
# applications referencing the same virtual domain name, such as auto-config #
# email clients on phones, i.e. mailuser@mydomain.TLD smtp.mydomain.TLD #
# imaps.mydomain.TLD instead of mailuser@mydomain.TLD mail.ISPmaildomain.TLD #
# Also useful when sending mail through services like Gmail that will #
# validate sender through a negotiated TLS encrypted connection. #
# #
# Ex: sh fixcerts myhosteddomain.com #
# #
# Prerequisites: #
# - A Letsencrypt certificate for the DOMAIN must already exist #
# - A seperate certificate each for Dovecot and Postfix were previously generated #
# - All new host names to add MUST already exist in DNS at least as a CNAME #
# - Edit the Dovecot/Postfix conf to use the alternate certificate #
# - Set the variable wr_file to a directory that certbot can read and write from #
# - Set the dom_cert=,dv_cert=,pf_cert=,dv_file=, and pf_file= variables #
# #
# In my case, I ran: #
# certbot certonly -webroot /usr/local/ispconfig/interface/acme -d dc.hrst.xyz #
# certbot certonly -webroot /usr/local/ispconfig/interface/acme -d pf.hrst.xyz #
# to create the separate Dovecot and Postscript certificates, then edited and #
# ran the script to extend those certificate, once per hosted domain #
# #
# If you use only one alternate certifcate for both mail services, set both dv_file #
# and pf_file to the same file name and set one of _cert files="" and #
# use the other. If you don't wish to add to a particular certificate, set the #
# variable ="", such as dom_cert #
# TODO: Pre-validate desired additions as already existing in DNS #
# Generate SRV Records and add to DNS to autoconfig clients #
# #
# Author: tad.hasse@gmail.com #
# #
#####################################################################################
#bail out on error
set -e
# Hostnames to add to the main domain certificate
dom_cert="webmail"
# Hostnames to add to the Dovecot domain certificate
dv_cert="pop3s imap"
# Hostnames to add to the Postfix domain certificate
pf_cert="mail smtp smtps"
# Name of the certificate file that handles Dovecot
dv_file="dc.hrst.xyz"
# Name of the certificate file that handles Postfix
pf_file="pf.hrst.xyz"
# Writeable webroot for certbot (I use ISPConfig,
wr_file="/usr/local/ispconfig/interface/acme"
new_cert=""
nanobot=""
affected_services=""
if [ -z "$1" ] # Is parameter #1 zero length?
then
echo "-No DOMAIN specified" # Or no parameter passed.
exit 1
fi
#live_check='/etc/letsencrypt/live/'$1
if [[ ! -d '/etc/letsencrypt/live/'$1 ]]; then
echo "- DOMAIN certificate for \"$1\" not found -"
exit 1
fi
if [[ ! -d '/etc/letsencrypt/live/'${dv_file} ]]; then
echo "- Dovecot/postoffice certificate" ${dv_file}" for \"$1\" not found -"
exit 1
fi
if [[ ! -d '/etc/letsencrypt/live/'${pf_file} ]]; then
echo "- Postfix/mail certificate" ${pf_file}" for \"$1\" not found -"
exit 1
fi
# Have certbot generate its current certificate list for use as input
certbot certificates >~/certfile
# Extend base domain certificate which typically only contains the domain.TLD and www.domain.TLD
if [[ ! -z "${dom_cert}" ]]; then
echo
new_cert=$(echo $dom_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
echo "Adding" ${new_cert} " to "$1
nanobot=$(grep -A1 "Certificate Name: "$1 certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed 's/ / -d /g')
doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
${doit_cert}
affected_services=${affected_services}+"A"
else
echo "Domain Certificate unaffected"
fi
# Extend the Dovecot certificate
if [[ ! -z "${dv_cert}" ]]; then
echo
new_cert=$(echo $dv_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
echo "Adding" ${new_cert} " to "${dv_file}
nanobot=$(grep -A1 "Certificate Name: "${dv_file} certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed 's/ / -d /g')
doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
${doit_cert}
affected_services=${affected_services}+"D"
else
echo "Dovecot Certificate unaffected"
fi
# Extend the Postscript certificate
if [[ ! -z "{$pf_cert}" ]]; then
echo
new_cert=$(echo $pf_cert| sed -e "s/ /.$1 /g" -e 's/ / -d /g' -e "s/$/.$1 /g" -e 's/^/-d /g')
echo "Adding" ${new_cert} " to " ${pf_file}
nanobot=$(grep -A1 "Certificate Name: "${pf_file} certfile |awk -F': ' '{ {getline}; $1=""; print }'|sed 's/ / -d /g')
doit_cert=$(echo "certbot certonly --webroot -w ${wr_file}${nanobot} ${new_cert}")
${doit_cert}
affected_services=${affected_services}+"P"
else
echo "Postfix Certificate unaffected"
fi
if [[ $affected_services == *"A"* ]]; then
echo "Remember to restart the httpd service"
fi
if [[ $affected_services == *"D"* ]]; then
echo "Remember to restart the dovecot/postoffice service"
fi
if [[ $affected_services == *"P"* ]]; then
echo "Remember to restart the postfix/sendmail service"
fi
echo
echo
echo "Add the following SRV records to DNS for client setup for "$1
if [[ $affected_services == *"D"* ]]; then
echo "_imaps._tcp."$1 "SRV 3600 4 60 993 imaps"
echo "_pop3s._tcp."$1 "SRV 3600 6 60 995 pop3s"
echo "_imap._tcp."$1 " SRV 3600 8 60 143 imap"
fi
if [[ $affected_services == *"P"* ]]; then
echo "_smtps._tcp."$1 "SRV 3600 8 60 465 smtps"
echo "_smtp._tcp."$1 " SRV 3600 10 60 587 smtp"
fi
\ No newline at end of file
......@@ -214,13 +214,13 @@ function get_distname() {
$distid = 'debian60';
$distbaseid = 'debian';
swriteln("Operating System: Debian 7.0 (Wheezy/Sid) or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
} elseif(substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
$distname = 'Debian';
$distver = 'Jessie';
$distid = 'debian60';
$distbaseid = 'debian';
swriteln("Operating System: Debian 8.0 (Jessie) or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '9') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '9') {
} elseif(substr(trim(file_get_contents('/etc/debian_version')),0,1) == '9') {
$distname = 'Debian';
$distver = 'Stretch';
$distconfid = 'debian90';
......
ALTER TABLE `sys_datalog` ADD `session_id` varchar(64) NOT NULL DEFAULT '' AFTER `error`;
ALTER TABLE `sys_user` CHANGE `sys_userid` `sys_userid` INT(11) UNSIGNED NOT NULL DEFAULT '1' COMMENT 'Created by userid';
ALTER TABLE `sys_user` CHANGE `sys_groupid` `sys_groupid` INT(11) UNSIGNED NOT NULL DEFAULT '1' COMMENT 'Created by groupid';
ALTER TABLE `web_domain` ADD COLUMN `php_fpm_chroot` enum('n','y') NOT NULL DEFAULT 'n' AFTER `php_fpm_use_socket`;
CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`sys_userid` int(11) unsigned NOT NULL DEFAULT '0',
`sys_groupid` int(11) unsigned NOT NULL DEFAULT '0',
`sys_perm_user` varchar(5) NOT NULL DEFAULT '',
`sys_perm_group` varchar(5) NOT NULL DEFAULT '',
`sys_perm_other` varchar(5) NOT NULL DEFAULT '',
`active` enum('N','Y') NOT NULL DEFAULT 'N',
`ca_name` varchar(255) NOT NULL DEFAULT '',
`ca_issue` varchar(255) NOT NULL DEFAULT '',
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
ALTER TABLE `dns_ssl_ca` ADD UNIQUE(`ca_issue`);
UPDATE `dns_ssl_ca` SET `ca_issue` = 'comodo.com' WHERE `ca_issue` = 'comodoca.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'geotrust.com';
DELETE FROM `dns_ssl_ca` WHERE `ca_issue` = 'thawte.com';
UPDATE `dns_ssl_ca` SET `ca_name` = 'Symantec / Thawte / GeoTrust' WHERE `ca_issue` = 'symantec.com';
ALTER TABLE `dns_rr` CHANGE `type` `type` ENUM('A','AAAA','ALIAS','CAA','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL;
ALTER TABLE `dns_rr` CHANGE `data` `data` TEXT NOT NULL;
INSERT IGNORE INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
......@@ -478,7 +478,6 @@ CREATE TABLE IF NOT EXISTS `directive_snippets` (
--
-- Table structure for table `dns_rr`
--
CREATE TABLE `dns_rr` (
`id` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL DEFAULT '0',
......@@ -489,7 +488,7 @@ CREATE TABLE `dns_rr` (
`server_id` int(11) NOT NULL default '1',
`zone` int(11) unsigned NOT NULL DEFAULT '0',
`name` varchar(255) NOT NULL DEFAULT '',
`type` enum('A','AAAA','ALIAS','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') default NULL,
`type` enum('A','AAAA','ALIAS','CNAME','CAA','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') default NULL,
`data` TEXT NOT NULL,
`aux` int(11) unsigned NOT NULL default '0',
`ttl` int(11) unsigned NOT NULL default '3600',
......@@ -525,6 +524,80 @@ CREATE TABLE `dns_slave` (
-- --------------------------------------------------------
--
-- Table structure for table `dns_ssl_ca`
--
CREATE TABLE IF NOT EXISTS `dns_ssl_ca` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`sys_userid` int(11) unsigned NOT NULL DEFAULT '0',
`sys_groupid` int(11) unsigned NOT NULL DEFAULT '0',
`sys_perm_user` varchar(5) NOT NULL DEFAULT '',
`sys_perm_group` varchar(5) NOT NULL DEFAULT '',
`sys_perm_other` varchar(5) NOT NULL DEFAULT '',
`active` enum('N','Y') NOT NULL DEFAULT 'N',
`ca_name` varchar(255) NOT NULL DEFAULT '',
`ca_issue` varchar(255) NOT NULL DEFAULT '',
`ca_wildcard` enum('Y','N') NOT NULL DEFAULT 'N',
`ca_iodef` text NOT NULL,
`ca_critical` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
UNIQUE KEY (`ca_issue`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
ALTER TABLE `dns_ssl_ca` ADD UNIQUE(`ca_issue`);
INSERT INTO `dns_ssl_ca` (`id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `active`, `ca_name`, `ca_issue`, `ca_wildcard`, `ca_iodef`, `ca_critical`) VALUES
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'AC Camerfirma', 'camerfirma.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'ACCV', 'accv.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Actalis', 'actalis.it', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Amazon', 'amazon.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Asseco', 'certum.pl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Buypass', 'buypass.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CA Disig', 'disig.sk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CATCert', 'aoc.cat', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certinomis', 'www.certinomis.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Certizen', 'hongkongpost.gov.hk', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'certSIGN', 'certsign.ro', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'CFCA', 'cfca.com.cn', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Chunghwa Telecom', 'cht.com.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Comodo', 'comodoca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'D-TRUST', 'd-trust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DigiCert', 'digicert.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'DocuSign', 'docusign.fr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'e-tugra', 'e-tugra.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'EDICOM', 'edicomgroup.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Entrust', 'entrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Firmaprofesional', 'firmaprofesional.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'FNMT', 'fnmt.es', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GlobalSign', 'globalsign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GoDaddy', 'godaddy.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Google Trust Services', 'pki.goog', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'GRCA', 'gca.nat.gov.tw', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'HARICA', 'harica.gr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'IdenTrust', 'identrust.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Izenpe', 'izenpe.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Kamu SM', 'kamusm.gov.tr', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Let''s Encrypt', 'letsencrypt.org', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Microsec e-Szigno', 'e-szigno.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'NetLock', 'netlock.hu', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PKIoverheid', 'www.pkioverheid.nl', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'PROCERT', 'procert.net.ve', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'QuoVadis', 'quovadisglobal.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SECOM', 'secomtrust.net', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Sertifitseerimiskeskuse', 'sk.ee', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'StartCom', 'startcomca.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'SwissSign', 'swisssign.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Symantec / Thawte / GeoTrust', 'symantec.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'T-Systems', 'telesec.de', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Telia', 'telia.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Trustwave', 'trustwave.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'Web.com', 'web.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WISeKey', 'wisekey.com', 'Y', '', 0),
(NULL, 1, 1, 'riud', 'riud', '', 'Y', 'WoSign', 'wosign.com', 'Y', '', 0);
-- --------------------------------------------------------
--
-- Table structure for table `dns_soa`
--
......@@ -1785,8 +1858,8 @@ CREATE TABLE IF NOT EXISTS `sys_theme` (
CREATE TABLE `sys_user` (
`userid` int(11) unsigned NOT NULL auto_increment,
`sys_userid` int(11) unsigned NOT NULL default '1',
`sys_groupid` int(11) unsigned NOT NULL default '1',
`sys_userid` int(11) unsigned NOT NULL default '1' COMMENT 'Created by userid',
`sys_groupid` int(11) unsigned NOT NULL default '1' COMMENT 'Created by groupid',
`sys_perm_user` varchar(5) NOT NULL default 'riud',
`sys_perm_group` varchar(5) NOT NULL default 'riud',
`sys_perm_other` varchar(5) NOT NULL default '',
......@@ -1965,6 +2038,7 @@ CREATE TABLE `web_domain` (
`apache_directives` mediumtext,
`nginx_directives` mediumtext,
`php_fpm_use_socket` ENUM('n','y') NOT NULL DEFAULT 'y',
`php_fpm_chroot` enum('n','y') NOT NULL DEFAULT 'n',
`pm` enum('static','dynamic','ondemand') NOT NULL DEFAULT 'dynamic',
`pm_max_children` int(11) NOT NULL DEFAULT '10',
`pm_start_servers` int(11) NOT NULL DEFAULT '2',
......
......@@ -68,20 +68,31 @@ class app {
$this->db = false;
}
}
$this->uses('functions'); // we need this before all others!
$this->uses('auth,plugin,ini_parser,getconf');
}
public function __get($prop) {
if(property_exists($this, $prop)) return $this->{$prop};
$this->uses($prop);
if(property_exists($this, $prop)) return $this->{$prop};
else return null;
}
public function __destruct() {
session_write_close();
}
public function initialize_session() {
//* Start the session
if($this->_conf['start_session'] == true) {
$this->uses('session');
$sess_timeout = $this->conf('interface', 'session_timeout');
$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
// Workaround for Nginx servers
if($cookie_domain == '_') {
$tmp = explode(':',$_SERVER["HTTP_HOST"]);
$cookie_domain = $tmp[0];
unset($tmp);
}
$cookie_domain = $this->get_cookie_domain();
$this->log("cookie_domain is ".$cookie_domain,0);
$cookie_domain = '';
$cookie_secure = ($_SERVER["HTTPS"] == 'on')?true:false;
if($sess_timeout) {
/* check if user wants to stay logged in */
......@@ -122,23 +133,8 @@ class app {
if(empty($_SESSION['s']['language'])) $_SESSION['s']['language'] = $conf['language'];
}
$this->uses('functions'); // we need this before all others!
$this->uses('auth,plugin,ini_parser,getconf');
}
public function __get($prop) {
if(property_exists($this, $prop)) return $this->{$prop};
$this->uses($prop);
if(property_exists($this, $prop)) return $this->{$prop};
else return null;
}
public function __destruct() {
session_write_close();
}
public function uses($classes) {
$cl = explode(',', $classes);
if(is_array($cl)) {
......@@ -336,12 +332,51 @@ class app {
$this->tpl->setVar('globalsearch_noresults_limit_txt', $this->lng('globalsearch_noresults_limit_txt'));
$this->tpl->setVar('globalsearch_searchfield_watermark_txt', $this->lng('globalsearch_searchfield_watermark_txt'));
}
private function get_cookie_domain() {
$proxy_panel_allowed = $this->getconf->get_security_config('permissions')['reverse_proxy_panel_allowed'];
if ($proxy_panel_allowed == 'all') {
return '';
}
/*
* See ticket #5238: It should be ensured, that _SERVER_NAME is always set.
* Otherwise the security improvement doesn't work with nginx. If this is done,
* the check for HTTP_HOST and workaround for nginx is obsolete.
*/
$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
// Workaround for Nginx servers
if($cookie_domain == '_') {
$tmp = explode(':',$_SERVER["HTTP_HOST"]);
$cookie_domain = $tmp[0];
unset($tmp);
}
if($proxy_panel_allowed == 'sites') {
$forwarded_host = (isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : null );
if($forwarded_host !== null && $forwarded_host !== $cookie_domain) {
// Just check for complete domain name and not auto subdomains
$sql = "SELECT domain_id from web_domain where domain = '$forwarded_host'";
$recs = $this->db->queryOneRecord($sql);
if($recs !== null) {
$cookie_domain = $forwarded_host;
}
unset($forwarded_host);
}
}
return $cookie_domain;
}
} // end class
//** Initialize application (app) object
//* possible future = new app($conf);
$app = new app();
/*
split session creation out of constructor is IMHO better.
otherwise we have some circular references to global $app like in
getconfig property of App - RA
*/
$app->initialize_session();
// load and enable PHP Intrusion Detection System (PHPIDS)
$ids_security_config = $app->getconf->get_security_config('ids');
......
......@@ -514,16 +514,16 @@ class db
public function escape($sString) {
global $app;
if(!is_string($sString) && !is_numeric($sString)) {
$app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_INFO);
$app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_DEBUG);
//$sAddMsg = getDebugBacktrace();
$app->log($sAddMsg, LOGLEVEL_DEBUG);
//$app->log($sAddMsg, LOGLEVEL_DEBUG);
$sString = '';
}
$cur_encoding = mb_detect_encoding($sString);
if($cur_encoding != "UTF-8") {
if($cur_encoding != 'ASCII') {
if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_INFO);
if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_DEBUG);
if($cur_encoding) $sString = mb_convert_encoding($sString, 'UTF-8', $cur_encoding);
else $sString = mb_convert_encoding($sString, 'UTF-8');
}
......
<?php
/*
Copyright (c) 2017, Florian Schaal, schaal @it UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class plugin_system_config_dns_ca extends plugin_base {
var $module;
var $form;
var $tab;
var $record_id;
var $formdef;
var $options;
var $error = '';
function onShow() {
global $app;
$pluginTpl = new tpl;
$pluginTpl->newTemplate('templates/system_config_dns_ca_edit.htm');
include 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_system_config.lng';
$pluginTpl->setVar($wb);
$ca_id = $app->functions->intval($_GET['id']);
if(isset($_GET['action']) && ($_GET['action'] == 'edit') && $ca_id > 0) {
$pluginTpl->setVar('edit_record', 1);
$rec = $app->db->queryOneRecord("SELECT * FROM dns_ssl_ca WHERE id = ?", $ca_id);
$pluginTpl->setVar('id', $rec['id']);
$pluginTpl->setVar('ca_name', $rec['ca_name']);
$pluginTpl->setVar('ca_issue', $rec['ca_issue']);
$pluginTpl->setVar('ca_wildcard', $rec['ca_wildcard']);
$pluginTpl->setVar('ca_critical', $rec['ca_critical']);
$pluginTpl->setVar('ca_iodef', $rec['ca_iodef']);
$pluginTpl->setVar('active', $rec['active']);
} elseif(isset($_GET['action']) && ($_GET['action'] == 'save') && $ca_id > 0) {
$pluginTpl->setVar('edit_record', 0);
$pluginTpl->setVar('id', $ca_id);
$pluginTpl->setVar('ca_name', $app->functions->htmlentities($_POST['ca_name']));
$pluginTpl->setVar('ca_issue', $app->functions->htmlentities($_POST['ca_issue']));
$pluginTpl->setVar('ca_wildcard', $app->functions->htmlentities($_POST['ca_wildcard']));
$pluginTpl->setVar('ca_critical', $app->functions->htmlentities($_POST['ca_critical']));
$pluginTpl->setVar('ca_iodef', $app->functions->htmlentities($_POST['ca_iodef']));
$pluginTpl->setVar('active', $app->functions->htmlentities($_POST['active']));
} else {
$pluginTpl->setVar('edit_record', 0);
}
return $pluginTpl->grab();
}
function onUpdate() {
global $app;
$ca_id = $app->functions->intval($_GET['id']);
if(isset($_GET['action']) && $_GET['action'] == 'save') {
if($ca_id > 0) {
$app->db->query("UPDATE dns_ssl_ca SET ca_name = ?, ca_issue = ?, ca_wildcard = ?, ca_iodef = ?, active = ? WHERE id = ?", $_POST['ca_name'], $_POST['ca_issue'], $_POST['ca_wildcard'], $_POST['ca_iodef'], $_POST['active'], $ca_id);
} else {
$app->db->query("INSERT INTO (sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, ca_name, ca_issue, ca_wildcard, ca_iodef, active) VALUES(1, 1, 'riud', 'riud', '', ?, ?, ?, ?, ?", $_POST['ca_name'], $_POST['ca_issue'], $_POST['ca_wildcard'], $_POST['ca_iodef'], $_POST['active']);
}
}
}
}
?>
<?php
/*
Copyright (c) 2017, Florian Schaal, schaal @it UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class plugin_system_config_dns_ca_list extends plugin_base {
var $module;
var $form;
var $tab;
var $record_id;
var $formdef;
var $options;
function onShow() {
global $app;
$listTpl = new tpl;
$listTpl->newTemplate('templates/system_config_dns_ca_list.htm');
//* Loading language file
$lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_system_config.lng';
include $lng_file;
$listTpl->setVar($wb);
if($_SESSION['s']['user']['typ'] == 'admin') {
if(isset($_GET['action'])) {
$ca_id = $app->functions->intval($_GET['id']);
if($_GET['action'] == 'delete' && $ca_id > 0) {
$app->db->query("DELETE FROM dns_ssl_ca WHERE id = ?", $ca_id);
}
}
}
if(isset($_GET['action']) && $_GET['action'] == 'edit' && $_GET['id'] > 0) $listTpl->setVar('edit_record', 1);
// Getting Datasets from DB
$ca_records = $app->db->queryAllRecords("SELECT * FROM dns_ssl_ca ORDER BY ca_name ASC");
$records=array();
if(is_array($ca_records) && count($ca_records) > 0) {
foreach($ca_records as $ca) {
$rec['ca_id'] = $ca['id'];
$rec['name'] = $ca['ca_name'];
$rec['active'] = $ca['active'];
$records[] = $rec;
unset($rec);
}
$listTpl->setLoop('ca_records', @$records);
}
$listTpl->setVar('parent_id', $this->form->id);
return $listTpl->grab();
}
}
?>
......@@ -113,6 +113,7 @@ class remoting_dns extends remoting {
if($vars['expire'] == '') $error .= $app->lng('error_expire_empty').'<br />';
if($vars['minimum'] == '') $error .= $app->lng('error_minimum_empty').'<br />';
if($vars['ttl'] == '') $error .= $app->lng('error_ttl_empty').'<br />';
if(!isset($vars['xfer'])) $vars['xfer'] = '';
if($error == '') {
// Insert the soa record
......
<?php
/*
Copyright (c) 2017, Florian Schaal, schaal @it UG
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class system_config_dns_ca_plugin {
var $plugin_name = 'system_config_dns_ca_plugin';
var $class_name = 'system_config_dns_ca_plugin';
function onLoad() {
global $app;
$app->plugin->registerEvent('dns:dns_caa:on_after_update', 'system_config_dns_ca_plugin', 'caa_update');
$app->plugin->registerEvent('dns:dns_caa:on_after_insert', 'system_config_dns_ca_plugin', 'caa_update');
$app->plugin->registerEvent('sites:web_vhost_domain:on_after_insert', 'system_config_dns_ca_plugin', 'web_vhost_domain_edit');
$app->plugin->registerEvent('sites:web_vhost_domain:on_after_update', 'system_config_dns_ca_plugin', 'web_vhost_domain_edit');
}
function caa_update($event_name, $page_form) {
global $app;
if(trim($page_form->dataRecord['additional'] != '')) {
$rec = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE id = ?", $page_form->id);
unset($rec['id']);
$zone = $app->db->queryOneRecord("SELECT origin FROM dns_soa WHERE id = ?", $rec['zone']);
$host=str_replace($zone['origin'], '', $page_form->dataRecord['name']);
$host=rtrim($host,'.');
$page_form->dataRecord['additional']=str_replace($host, '', $page_form->dataRecord['additional']);
$additional=explode(',', $page_form->dataRecord['additional']);
foreach($additional as $new) {
if($new != '') {
$insert_data = $rec;
$insert_data['name'] = $new.'.'.$zone['origin'];
$app->db->datalogInsert('dns_rr', $insert_data, 'id');
}
}
}
}
function web_vhost_domain_edit($event_name, $page_form) {
global $app;
if($page_form->dataRecord['ssl_letsencrypt'] == 'y') {
$domain = $page_form->dataRecord['domain'];
$subdomain = $page_form->dataRecord['subdomain'];
$temp=$app->db->queryAllRecords("SELECT * FROM dns_rr WHERE type = 'CAA' AND (name = ? OR name = ?) AND data like ?", $domain.'.', $subdomain.'.'.$domain.'.', '%letsencrypt%');
if(count($temp) == 0) {
$caa = $app->db->queryOneRecord("SELECT * FROM dns_ssl_ca WHERE ca_issue = 'letsencrypt.org' AND active = 'Y'");
$soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE origin = ?", $domain.'.');
if(is_array($caa) && is_array($soa)) {
$records = array();
$records[] = $domain.'.';;
if($subdomain != '' && $subdomain != 'www') $records[] = $subdomain.'.'.$domain;
foreach($records as $record) {
$new_rr = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE name = ?", $soa['origin']);
unset($new_rr['id']);
$new_rr['type'] = 'CAA';
$new_rr['name'] = $record;
$new_rr['data'] = "0 issue \"$caa[ca_issue]\"";
$new_rr['ttl'] = $soa['ttl'];
$new_rr['active'] = 'Y';
$new_rr['stamp'] = date('Y-m-d H:i:s');
$new_rr['serial'] = $app->validate_dns->increase_serial($new_rr['serial']);
$app->db->datalogInsert('dns_rr', $new_rr, 'id', $new_rr['zone']);
$zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $new_rr['zone']);
$new_serial = $app->validate_dns->increase_serial($zone['serial']);
$app->db->datalogUpdate('dns_soa', array("serial" => $new_serial), 'id', $zone['id']);
}
}
}
}
}
} // End class
?>
......@@ -1211,6 +1211,12 @@ $form["tabs"]['web'] = array(
'value' => array('no' => 'disabled_txt', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM'),
'searchable' => 2
),
'php_fpm_incron_reload' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'nginx_cgi_socket' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
......
......@@ -730,5 +730,21 @@ $form["tabs"]['misc'] = array (
)
);
$form['tabs']['dns_ca'] = array (
'title' => 'DNS CAs',
'width' => 100,
'template' => 'templates/system_config_dns_ca.htm',
'fields' => array (),
'plugins' => array (
'dns_ca' => array (
'class' => 'plugin_system_config_dns_ca',
'options' => array()
),
'dns_ca_list' => array (
'class' => 'plugin_system_config_dns_ca_list',
'options' => array()
)
)
);
?>
......@@ -261,6 +261,7 @@ $wb['backup_dir_mount_cmd_txt'] = 'Mount command, if backup directory not mounte
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -261,6 +261,7 @@ $wb['backup_dir_mount_cmd_txt'] = 'Mount command, if backup directory not mounte
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -261,6 +261,7 @@ $wb['backup_dir_mount_cmd_txt'] = 'Usar o comando mount, se o diretório de back
$wb['overquota_db_notify_admin_txt'] = 'Enviar mensagens de alerta de cota do banco de dados para o administrador';
$wb['overquota_db_notify_client_txt'] = 'Enviar mensagens de alerta de cota do banco de dados para o cliente';
$wb['php_handler_txt'] = 'Manipulador padrão PHP';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Desabilitado';
$wb['dkim_strength_txt'] = 'Dificuldade do DKIM';
$wb['php_ini_check_minutes_txt'] = 'Verificar modificações do php.ini a cada N minutos';
......
......@@ -79,6 +79,22 @@ $wb['default_mailserver_txt'] = 'Servidor de e-mails padrão';
$wb['default_webserver_txt'] = 'Servidor web padrão';
$wb['default_dnsserver_txt'] = 'Servidor dns padrão';
$wb['default_slave_dnsserver_txt'] = 'Servidor dns secundário padrão';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA<E2><80><99>s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
$wb['default_dbserver_txt'] = 'Servidor de banco de dados padrão';
$wb['No'] = 'Não';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -208,6 +208,7 @@ $wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['monitor_system_updates_txt'] = 'Check for Linux updates';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['invalid_apache_user_txt'] = 'Invalid apache user.';
......
......@@ -81,4 +81,12 @@ $wb['reseller_can_use_options_txt'] = 'Reseller can use the option-tab for websi
$wb['custom_login_text_txt'] = 'Custom Text on Login-Page';
$wb['custom_login_link_txt'] = 'Custom Link on Login-Page';
$wb['login_link_error_regex'] = 'Invalid Link for Custom Login';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -257,6 +257,7 @@ $wb['backup_delete_txt'] = 'Odstranit zálohy pokud byla smazána doména/webov
$wb['overquota_db_notify_admin_txt'] = 'Poslat varování o překročení nebo vyčerpání DB kvót adminovi';
$wb['overquota_db_notify_client_txt'] = 'Poslat varování o překročení nebo vyčerpání DB kvót klientovi';
$wb['php_handler_txt'] = 'Výchozí PHP obslužná rutina';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Vypnuto';
$wb['php_ini_check_minutes_txt'] = 'Provádět kontrolu změny obsahu souboru php.ini každých X minut';
$wb['php_ini_check_minutes_error_empty'] = 'Please specify a value how often php.ini should be checked for changes.';
......
......@@ -81,4 +81,12 @@ $wb['reseller_can_use_options_txt'] = 'Reseller can use the option-tab for websi
$wb['custom_login_text_txt'] = 'Vlastní text na přihlašovací stránce';
$wb['custom_login_link_txt'] = 'Vlastní odkaz (URL) na přihlašovací stránce (vlastní text)';
$wb['login_link_error_regex'] = 'Neplatný formát URL pro vlastní odkaz na přihlašovací stránce';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -267,6 +267,7 @@ $wb['php_ini_check_minutes_txt'] = 'Prüfe php.ini alle X Minuten auf Änderunge
$wb['php_ini_check_minutes_error_empty'] = 'Bitte geben Sie einen Wert an, wie oft die php.ini auf Änderungen geprüft werden soll.';
$wb['php_ini_check_minutes_info_txt'] = '0 = keine Prüfung';
$wb['php_handler_txt'] = 'Standard-PHP-Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['enable_spdy_txt'] = 'Stellt SPDY/HTTP2 zur Verfügung';
$wb['disable_bind_log_txt'] = 'Disable bind9 messages for Loglevel WARN';
$wb['apps_vhost_enabled_txt'] = 'Apps-vhost enabled';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Wildcard verwenden';
$wb['ca_critical_txt'] = 'Strikte Überprüfung'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktiv';
$wb['btn_save_txt'] = 'Speichern';
$wb['btn_cancel_txt'] = 'Abbrechen';
?>
......@@ -260,6 +260,7 @@ $wb['backup_delete_txt'] = 'Delete backups on domain/website delete';
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['reseller_can_use_options_txt'] = 'Reseller can use the option-tab for websi
$wb['custom_login_text_txt'] = 'Custom Text on Login-Page';
$wb['custom_login_link_txt'] = 'Custom Link on Login-Page';
$wb['login_link_error_regex'] = 'Invalid Link for Custom Login';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -261,6 +261,7 @@ $wb['backup_delete_txt'] = 'Delete backups on domain/website delete';
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -212,6 +212,7 @@ $wb["overquota_db_notify_admin_txt"] = 'Send DB quota warnings to admin';
$wb["overquota_db_notify_client_txt"] = 'Send DB quota warnings to client';
$wb['monitor_system_updates_txt'] = 'Check for Linux updates';
$wb['php_handler_txt'] = "Default PHP Handler";
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['monitor_system_updates_txt'] = 'Check for Linux updates';
......
......@@ -84,4 +84,12 @@ $wb["reseller_can_use_options_txt"] = "Reseller can use the option-tab for websi
$wb["custom_login_text_txt"] = "Custom Text on Login-Page";
$wb["custom_login_link_txt"] = "Custom Link on Login-Page";
$wb["login_link_error_regex"] = "Invalid Link for Custom Login";
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Active';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -206,6 +206,7 @@ $wb['php_fpm_socket_dir_txt'] = 'Directorio para el socket de PHP-FPM';
$wb['php_fpm_start_port_error_empty'] = 'El puerto de inicio de PHP-FPM está vacío.';
$wb['php_fpm_start_port_txt'] = 'Puerto de inicio de PHP-FPM';
$wb['php_handler_txt'] = 'Controlador PHP por defecto';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['php_ini_check_minutes_error_empty'] = 'Por favor especifique un valor para definir con qué frecuencia se deberían buscar cambios en el archivo php.ini.';
$wb['php_ini_check_minutes_info_txt'] = '0 = no comprobar';
$wb['php_ini_check_minutes_txt'] = 'Comprobar cambios en php.ini cada X minutos';
......
......@@ -81,4 +81,12 @@ $wb['webftp_url_txt'] = 'Enlace al cliente FTP por web';
$wb['webmail_url_error_regex'] = 'Dirección del correo web inválida';
$wb['webmail_url_note_txt'] = 'Marcador de posición:';
$wb['webmail_url_txt'] = 'URL de correo web';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -261,6 +261,7 @@ $wb['backup_dir_mount_cmd_txt'] = 'Mount command, if backup directory not mounte
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -259,6 +259,7 @@ $wb['backup_delete_txt'] = 'Delete backups on domain/website delete';
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['reseller_can_use_options_txt'] = 'Reseller can use the option-tab for websi
$wb['custom_login_text_txt'] = 'Custom Text on Login-Page';
$wb['custom_login_link_txt'] = 'Custom Link on Login-Page';
$wb['login_link_error_regex'] = 'Invalid Link for Custom Login';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>
......@@ -261,6 +261,7 @@ $wb['do_not_try_rescue_mongodb_txt'] = 'Disable MongoDB monitoring';
$wb['overquota_db_notify_admin_txt'] = 'Send DB quota warnings to admin';
$wb['overquota_db_notify_client_txt'] = 'Send DB quota warnings to client';
$wb['php_handler_txt'] = 'Default PHP Handler';
$wb['php_fpm_incron_reload_txt'] = 'Install incron trigger file to reload PHP-FPM';
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
......
......@@ -81,4 +81,12 @@ $wb['default_webserver_txt'] = 'Default Webserver';
$wb['default_dnsserver_txt'] = 'Default DNS Server';
$wb['default_slave_dnsserver_txt'] = 'Default Secondary DNS Server';
$wb['default_dbserver_txt'] = 'Default Database Server';
$wb['ca_name_txt'] = 'Name';
$wb['ca_issue_txt'] = 'Issue';
$wb['ca_wildcard_txt'] = 'Use Wildcard';
$wb['ca_critical_txt'] = 'Strict Check'; //For future use. At this time, CA’s do not recognize any other flag values as described in RFC 6844
$wb['ca_iodef_txt'] = 'iodef';
$wb['active_txt'] = 'Aktive';
$wb['btn_save_txt'] = 'Save';
$wb['btn_cancel_txt'] = 'Cancel';
?>