- Added (clickable) placeholders to client messaging function. - Added chec...

ftimme

2012-05-30 2cb1563f63386b35a69e460051aa9b4a2851d104

 install/lib/installer_base.lib.php

@@ -118,12 +118,12 @@
      if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
      if(is_installed('postfix')) $conf['postfix']['installed'] = true;
      if(is_installed('mailman')) $conf['mailman']['installed'] = true;
      if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
      if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
      if(is_installed('getmail')) $conf['getmail']['installed'] = true;
      if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
      if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
      if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
      if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
      if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
      if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
      if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
      if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
@@ -132,11 +132,12 @@
      if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
      if(is_installed('squid')) $conf['squid']['installed'] = true;
      if(is_installed('nginx')) $conf['nginx']['installed'] = true;
      if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
      // if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
      if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
      if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
      if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
      
      if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
      if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) || ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
   }

   /** Create the database for ISPConfig */
@@ -157,10 +158,10 @@
         $this->error('Stopped: Database already contains some tables.');
      } else {
         if($conf['mysql']['admin_password'] == '') {
            caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
            caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
                  __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
         } else {
            caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
            caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
                  __FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
         }
         $db_tables = $this->db->getTables();
@@ -233,9 +234,20 @@
      $tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
      $tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
      
      $tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
      $tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
      $tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
      $tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
      $tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
      $tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
      $tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
      $tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
      $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
      $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
		
      if ($conf['nginx']['installed'] == true) {
         $tpl_ini_array['nginx']['vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
         $tpl_ini_array['nginx']['vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
         $tpl_ini_array['web']['server_type'] = 'nginx';
         $tpl_ini_array['global']['webserver'] = 'nginx';
      }
      
      if (array_key_exists('awstats', $conf)) {
@@ -252,9 +264,9 @@
      $dns_server_enabled = ($conf['services']['dns'])?1:0;
      $file_server_enabled = ($conf['services']['file'])?1:0;
      $db_server_enabled = ($conf['services']['db'])?1:0;
      $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
      $proxy_server_enabled = ($conf['services']['proxy'])?1:0;
      $firewall_server_enabled = ($conf['services']['firewall'])?1:0;
      $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
      $proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
      $firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
      
      //** Get the database version number based on the patchfiles
      $found = true;
@@ -502,6 +514,10 @@
         copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
         copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
      }
		
      //* help jailkit fo find its ini files
      if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
      if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');

   }
   
@@ -612,11 +628,24 @@

      $command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
      if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		
      //* These postconf commands will be executed on installation and update
      $server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
      $server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
      unset($server_ini_rec);

      //* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
      $rbl_list = '';
      if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
         $rbl_hosts = explode(",",str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
         foreach ($rbl_hosts as $key => $value) {
            $rbl_list .= ", reject_rbl_client ". $value;
         }
      }
      unset($rbl_hosts);
      unset($server_ini_array);

      $postconf_commands = array (
            'myhostname = '.$conf['hostname'],
            'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
            'mynetworks = 127.0.0.0/8 [::1]/128',
            'alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
            'alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
            'virtual_alias_domains =',
@@ -629,7 +658,7 @@
            'smtpd_sasl_auth_enable = yes',
            'broken_sasl_auth_clients = yes',
            'smtpd_sasl_authenticated_header = yes',
            'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
            'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination'. $rbl_list,
            'smtpd_use_tls = yes',
            'smtpd_tls_security_level = may',
            'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
@@ -650,6 +679,15 @@
            'body_checks = regexp:'.$config_dir.'/body_checks',
            'owner_request_special = no'
      );
		
      //* These postconf commands will be executed on installation only
      if($this->is_update == false) {
         $postconf_commands = array_merge($postconf_commands,array(
            'myhostname = '.$conf['hostname'],
            'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
            'mynetworks = 127.0.0.0/8 [::1]/128'
         ));
      }

      //* Create the header and body check files
      touch($config_dir.'/header_checks');
@@ -659,9 +697,9 @@
      
      //* Create the mailman files
      exec('mkdir -p /var/lib/mailman/data');
      touch('/var/lib/mailman/data/aliases');
      exec('postmap /var/lib/mailman/data/aliases');
      touch('/var/lib/mailman/data/virtual-mailman');
      if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
      exec('postalias /var/lib/mailman/data/aliases');
      if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
      exec('postmap /var/lib/mailman/data/virtual-mailman');

      //* Make a backup copy of the main.cf file
@@ -717,10 +755,10 @@
      }

      //* Chmod and chown the .mailfilter file
      $command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
      $command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
      caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

      $command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
      $command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
      caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

   }
@@ -864,19 +902,32 @@
         caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
      }

      //* copy dovecot.conf
      //* backup dovecot.conf
      $configfile = 'dovecot.conf';
      if(is_file($config_dir.'/'.$configfile)) {
         copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
      }
      copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
		
      //* Get the dovecot version
      exec('dovecot --version',$tmp);
      $parts = explode('.',trim($tmp[0]));
      $dovecot_version = $parts[0];
      unset($tmp);
      unset($parts);
		
      //* Copy dovecot configuration file
      if($dovecot_version == 2) {
         copy('tpl/debian_dovecot2.conf.master',$config_dir.'/'.$configfile);
      } else {
         copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
      }

      //* dovecot-sql.conf
      $configfile = 'dovecot-sql.conf';
      if(is_file($config_dir.'/'.$configfile)) {
         copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
      }
      chmod($config_dir.'/'.$configfile.'~', 0400);
      if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
      $content = rf('tpl/debian_dovecot-sql.conf.master');
      $content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
      $content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
@@ -909,10 +960,14 @@


      // Adding the amavisd commands to the postfix configuration
      $postconf_commands = array (
            'content_filter = amavis:[127.0.0.1]:10024',
            'receive_override_options = no_address_mappings'
      );
      // Add array for no error in foreach and maybe future options
      $postconf_commands = array ();
		
      // Check for amavisd -> pure webserver with postfix for mailing without antispam
      if ($conf['amavis']['installed']) {
         $postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
         $postconf_commands[] = 'receive_override_options = no_address_mappings';
      }

      // Make a backup copy of the main.cf file
      copy($conf['postfix']['config_dir'].'/main.cf',$conf['postfix']['config_dir'].'/main.cf~2');
@@ -1100,6 +1155,7 @@
   public function configure_apache() {
      global $conf;

      if($conf['apache']['installed'] == false) return;
      //* Create the logging directory for the vhost logfiles
      if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);

@@ -1125,15 +1181,29 @@
      $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

      // copy('tpl/apache_ispconfig.conf.master',$vhost_conf_dir.'/ispconfig.conf');

		
      $content = rf('tpl/apache_ispconfig.conf.master');
      $records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");

      if(is_array($records) && count($records) > 0) {
         foreach($records as $rec) {
            $content .= 'NameVirtualHost '.$rec['ip_address'].":80\n";
            $content .= 'NameVirtualHost '.$rec['ip_address'].":443\n";
            if($rec['ip_type'] == 'IPv6') {
               $ip_address = '['.$rec['ip_address'].']';
            } else {
               $ip_address = $rec['ip_address'];
            }
            $ports = explode(',',$rec['virtualhost_port']);
            if(is_array($ports)) {
               foreach($ports as $port) {
                  $port = intval($port);
                  if($port > 0 && $port < 65536 && $ip_address != '') {
                     $content .= 'NameVirtualHost '.$ip_address.":".$port."\n";
                  }
               }
            }
         }
      }
		
      $content .= "\n";
      wf($vhost_conf_dir.'/ispconfig.conf',$content);

@@ -1165,9 +1235,36 @@

   }
   
   public function configure_nginx()
   {
   public function configure_nginx(){
      global $conf;
		
      if($conf['nginx']['installed'] == false) return;
      //* Create the logging directory for the vhost logfiles
      if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);

      //* make sure that webalizer finds its config file when it is directly in /etc
      if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
         mkdir('/etc/webalizer');
         symlink('/etc/webalizer.conf','/etc/webalizer/webalizer.conf');
      }

      if(is_file('/etc/webalizer/webalizer.conf')) {
         // Change webalizer mode to incremental
         replaceLine('/etc/webalizer/webalizer.conf','#IncrementalName','IncrementalName webalizer.current',0,0);
         replaceLine('/etc/webalizer/webalizer.conf','#Incremental','Incremental     yes',0,0);
         replaceLine('/etc/webalizer/webalizer.conf','#HistoryName','HistoryName     webalizer.hist',0,0);
      }
		
      // Check the awsatst script
      if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
      if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl','/usr/share/awstats/tools/awstats_buildstaticpages.pl');
      if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local','LogFormat=4','LogFormat=1',0,1);
		
      //* add a sshusers group
      $command = 'groupadd sshusers';
      if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
		
      /*
      $row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
      $ip_address = gethostbyname($row["server_name"]);
      $server_name = $row["server_name"];
@@ -1195,7 +1292,12 @@
        exec('chown www-data:www-data /var/cache/nginx/cache');
        mkdir('/var/cache/nginx/temp');
        exec('chown www-data:www-data /var/cache/nginx/temp');
      */
   }
	
   public function configure_fail2ban() {
        // To Do
    }
   
   public function configure_squid()
   {
@@ -1216,6 +1318,7 @@
      exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
   }
   
   /*
   public function configure_ufw_firewall()
   {
      $configfile = 'ufw.conf';
@@ -1225,6 +1328,7 @@
      exec('chmod 600 /etc/ufw/ufw.conf');
      exec('chown root:root /etc/ufw/ufw.conf');   
   }
   */

   public function configure_firewall() {
      global $conf;
@@ -1316,65 +1420,139 @@
      global $conf;

      //* Create the ispconfig apps vhost user and group
      if($conf['apache']['installed'] == true){
         $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
         $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
         $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');

      $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
      $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
      $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
         $command = 'groupadd '.$apps_vhost_user;
         if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

      $command = 'groupadd '.$apps_vhost_user;
      if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

      $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
      if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
         if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


      $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         $command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

      if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
      chown($install_dir, $apps_vhost_user);
      chgrp($install_dir, $apps_vhost_group);
         if(!@is_dir($install_dir)){
            mkdir($install_dir, 0755, true);
         } else {
            chmod($install_dir, 0755);
         }
         chown($install_dir, $apps_vhost_user);
         chgrp($install_dir, $apps_vhost_group);

      //* Copy the apps vhost file
      $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
      $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
      $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
         //* Copy the apps vhost file
         $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
         $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
         $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];

      // Dont just copy over the virtualhost template but add some custom settings
      $content = rf('tpl/apache_apps.vhost.master');
         // Dont just copy over the virtualhost template but add some custom settings
         $content = rf('tpl/apache_apps.vhost.master');

      $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
      $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
      $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
      $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
      $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
         $content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
         $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
         $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
         $content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
         $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);


      // comment out the listen directive if port is 80 or 443
      if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
         $content = str_replace('{vhost_port_listen}', '#', $content);
      } else {
         $content = str_replace('{vhost_port_listen}', '', $content);
      }
         // comment out the listen directive if port is 80 or 443
         if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
            $content = str_replace('{vhost_port_listen}', '#', $content);
         } else {
            $content = str_replace('{vhost_port_listen}', '', $content);
         }

      wf($vhost_conf_dir.'/apps.vhost', $content);
         wf($vhost_conf_dir.'/apps.vhost', $content);

      //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
      //* and create the symlink
      if($this->install_ispconfig_interface == true) {
         //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
         //* and create the symlink
         if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
         if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
            symlink($vhost_conf_dir.'/apps.vhost',$vhost_conf_enabled_dir.'/000-apps.vhost');
         }
      }
      if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
         mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
         copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
         exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
         exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
			
         if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
            mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
            copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
            exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
            exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');

         }
      }
      if($conf['nginx']['installed'] == true){
         $apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
         $apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
         $install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');

         $command = 'groupadd '.$apps_vhost_user;
         if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

         $command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
         if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");


         $command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

         if(!@is_dir($install_dir)){
            mkdir($install_dir, 0755, true);
         } else {
            chmod($install_dir, 0755);
         }
         chown($install_dir, $apps_vhost_user);
         chgrp($install_dir, $apps_vhost_group);

         //* Copy the apps vhost file
         $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
         $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
         $apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];

         // Dont just copy over the virtualhost template but add some custom settings
         $content = rf('tpl/nginx_apps.vhost.master');
			
         if($conf['web']['apps_vhost_ip'] == '_default_'){
            $apps_vhost_ip = '';
         } else {
            $apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
         }
			
         $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
         if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
         if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
         $fpm_socket = $socket_dir.'apps.sock';
         $cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);

         $content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
         $content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
         $content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
         $content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
         //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
         $content = str_replace('{fpm_socket}', $fpm_socket, $content);
         $content = str_replace('{cgi_socket}', $cgi_socket, $content);

         wf($vhost_conf_dir.'/apps.vhost', $content);
			
         // PHP-FPM
         // Dont just copy over the php-fpm pool template but add some custom settings
         $content = rf('tpl/apps_php_fpm_pool.conf.master');
         $content = str_replace('{fpm_pool}', 'apps', $content);
         //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
         $content = str_replace('{fpm_socket}', $fpm_socket, $content);
         $content = str_replace('{fpm_user}', $apps_vhost_user, $content);
         $content = str_replace('{fpm_group}', $apps_vhost_group, $content);
         wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);

         //copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
         //* and create the symlink
         if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
         if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
            symlink($vhost_conf_dir.'/apps.vhost',$vhost_conf_enabled_dir.'/000-apps.vhost');
         }
			
      }
   }
   
   public function make_ispconfig_ssl_cert() {
@@ -1448,6 +1626,7 @@
      $content = str_replace('{server_id}', $conf['server_id'], $content);
      $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
      $content = str_replace('{language}', $conf['language'], $content);
      $content = str_replace('{timezone}', $conf['timezone'], $content);

      wf($install_dir.'/interface/lib/'.$configfile, $content);

@@ -1470,6 +1649,7 @@
      $content = str_replace('{server_id}', $conf['server_id'], $content);
      $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
      $content = str_replace('{language}', $conf['language'], $content);
      $content = str_replace('{timezone}', $conf['timezone'], $content);

      wf($install_dir.'/server/lib/'.$configfile, $content);

@@ -1513,6 +1693,8 @@
      if (is_dir($dir)) {
         if ($dh = opendir($dir)) {
            while (($file = readdir($dh)) !== false) {
               if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
               if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
               if($file != '.' && $file != '..' && substr($file,-8,8) == '.inc.php') {
                  include_once($install_dir.'/server/plugins-available/'.$file);
                  $plugin_name = substr($file,0,-8);
@@ -1542,13 +1724,9 @@
      $dns_server_enabled = ($conf['services']['dns'])?1:0;
      $file_server_enabled = ($conf['services']['file'])?1:0;
      $db_server_enabled = ($conf['services']['db'])?1:0;
      $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
      $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
      $proxy_server_enabled = ($conf['services']['proxy'])?1:0;
      $firewall_server_enabled = ($conf['services']['firewall'])?1:0;





      $sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);

@@ -1589,6 +1767,10 @@
            }
         }
      }
		
      //* Make the APS directories group writable
      exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
      exec("chmod -R 770 $install_dir/server/aps_packages");

      //* make sure that the server config file (not the interface one) is only readable by the root user
      chmod($install_dir.'/server/lib/'.$configfile, 0600);
@@ -1604,56 +1786,127 @@
         chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
         chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
      }
		
      if(is_dir($install_dir.'/interface/invoices')) {
         exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
         exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
      }

      // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
      // and must be fixed as this will allow the apache user to read the ispconfig files.
      // Later this must run as own apache server or via suexec!
      $command = 'adduser www-data ispconfig';
      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
      if($conf['apache']['installed'] == true){
         $command = 'adduser '.$conf['apache']['user'].' ispconfig';
         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         if(is_group('ispapps')){
            $command = 'adduser '.$conf['apache']['user'].' ispapps';
            caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         }
      }
      if($conf['nginx']['installed'] == true){
         $command = 'adduser '.$conf['nginx']['user'].' ispconfig';
         caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         if(is_group('ispapps')){
            $command = 'adduser '.$conf['nginx']['user'].' ispapps';
            caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
         }
      }

      //* Make the shell scripts executable
      $command = "chmod +x $install_dir/server/scripts/*.sh";
      caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");

      //* Copy the ISPConfig vhost for the controlpanel
      $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
      $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
      if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
         //* Copy the ISPConfig vhost for the controlpanel
         $vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
         $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];

         // Dont just copy over the virtualhost template but add some custom settings
         $content = rf('tpl/apache_ispconfig.vhost.master');
         $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);

      // Dont just copy over the virtualhost template but add some custom settings
      $content = rf('tpl/apache_ispconfig.vhost.master');
      $content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);

      // comment out the listen directive if port is 80 or 443
      if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
         $content = str_replace('{vhost_port_listen}', '#', $content);
      } else {
         $content = str_replace('{vhost_port_listen}', '', $content);
      }
         // comment out the listen directive if port is 80 or 443
         if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
            $content = str_replace('{vhost_port_listen}', '#', $content);
         } else {
            $content = str_replace('{vhost_port_listen}', '', $content);
         }
      
      if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
         $content = str_replace('{ssl_comment}', '', $content);
      } else {
         $content = str_replace('{ssl_comment}', '#', $content);
      }
         if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
            $content = str_replace('{ssl_comment}', '', $content);
         } else {
            $content = str_replace('{ssl_comment}', '#', $content);
         }

      wf($vhost_conf_dir.'/ispconfig.vhost', $content);
         wf($vhost_conf_dir.'/ispconfig.vhost', $content);

      //copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
      //* and create the symlink
      if($this->install_ispconfig_interface == true && $this->is_update == false) {
         if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
         if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
            symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
         //copy('tpl/apache_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
         //* and create the symlink
         if($this->is_update == false) {
            if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
            if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
               symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
            }
         }
         if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
            mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
            copy('tpl/apache_ispconfig_fcgi_starter.master','/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
            exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
            symlink($install_dir.'/interface/web','/var/www/ispconfig');
            exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');

         }
      }
      if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
         mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
         copy('tpl/apache_ispconfig_fcgi_starter.master','/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
         exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
         symlink($install_dir.'/interface/web','/var/www/ispconfig');
         exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
		
      if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
         //* Copy the ISPConfig vhost for the controlpanel
         $vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
         $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];

         // Dont just copy over the virtualhost template but add some custom settings
         $content = rf('tpl/nginx_ispconfig.vhost.master');
         $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
		
         if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
            $content = str_replace('{ssl_on}', 'on', $content);
            $content = str_replace('{ssl_comment}', '', $content);
            $content = str_replace('{fastcgi_ssl}', 'on', $content);
         } else {
            $content = str_replace('{ssl_on}', 'off', $content);
            $content = str_replace('{ssl_comment}', '#', $content);
            $content = str_replace('{fastcgi_ssl}', 'off', $content);
         }
			
         $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
         if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
         if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
         $fpm_socket = $socket_dir.'ispconfig.sock';
			
         //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
         $content = str_replace('{fpm_socket}', $fpm_socket, $content);
			
         wf($vhost_conf_dir.'/ispconfig.vhost', $content);
			
         unset($content);
			
         // PHP-FPM
         // Dont just copy over the php-fpm pool template but add some custom settings
         $content = rf('tpl/php_fpm_pool.conf.master');
         $content = str_replace('{fpm_pool}', 'ispconfig', $content);
         //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
         $content = str_replace('{fpm_socket}', $fpm_socket, $content);
         $content = str_replace('{fpm_user}', 'ispconfig', $content);
         $content = str_replace('{fpm_group}', 'ispconfig', $content);
         wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);

         //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
         //* and create the symlink
         if($this->is_update == false) {
            if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
            if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
               symlink($vhost_conf_dir.'/ispconfig.vhost',$vhost_conf_enabled_dir.'/000-ispconfig.vhost');
            }
         }
      }

      //* Install the update script
@@ -1680,10 +1933,12 @@
         if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
         touch($conf['ispconfig_log_dir'].'/ispconfig.log');
      }

      rename($install_dir.'/server/scripts/run-getmail.sh','/usr/local/bin/run-getmail.sh');
      if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
      chmod('/usr/local/bin/run-getmail.sh', 0744);
		
      if(is_user('getmail')) {
         rename($install_dir.'/server/scripts/run-getmail.sh','/usr/local/bin/run-getmail.sh');
         if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
         chmod('/usr/local/bin/run-getmail.sh', 0744);
      }

      //* Add Log-Rotation
      if (is_dir('/etc/logrotate.d')) {
@@ -1730,7 +1985,7 @@
      wf($install_dir.'/server/lib/mysql_clientdb.conf',$content);
      chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
      chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
      chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
      chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');		

   }

@@ -1752,6 +2007,11 @@
            "* * * * * ".$install_dir."/server/server.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log",
            "30 00 * * * ".$install_dir."/server/cron_daily.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log"
      );
		
      if ($conf['nginx']['installed'] == true) {
         $root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
      }
		
      foreach($root_cron_jobs as $cron_job) {
         if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
            $existing_root_cron_jobs[] = $cron_job."\n";
@@ -1842,7 +2102,7 @@
      if ( is_file($tConf) ) {
         $stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
         if ($res == 0) { // stat successfull
            list($access, $user, $group) = split(" ", $stat);
            list($access, $user, $group) = explode(" ", $stat);
         }

         if ( copy($tConf, $tConf.'~') ) {