From b63119417fe6e4bbcd072108d7dec927ee879d4a Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Tue, 07 Jun 2016 12:47:22 -0400
Subject: [PATCH] Merge branch 'stable-3.1'
---
interface/web/sites/web_vhost_domain_edit.php | 31 +++
interface/web/sites/templates/database_user_edit.htm | 2
server/lib/classes/monitor_tools.inc.php | 28 --
server/plugins-available/mail_plugin_dkim.inc.php | 21 -
install/lib/update.lib.php | 2
server/plugins-available/cron_plugin.inc.php | 6
interface/web/dashboard/lib/lang/pl_dashlet_modules.lng | 2
interface/web/dns/dns_import.php | 11
interface/web/sites/database_quota_stats.php | 4
/dev/null | 35 ---
server/lib/classes/cron.d/900-letsencrypt.inc.php | 24 ++
install/lib/installer_base.lib.php | 3
interface/web/admin/templates/system_config_dns_edit.htm | 20 ++
install/lib/install.lib.php | 7
server/plugins-available/apache2_plugin.inc.php | 12
install/dist/conf/debiantesting.conf.php | 230 +++++++++++++++++++++++++
interface/lib/classes/tform_base.inc.php | 2
server/plugins-available/mail_plugin.inc.php | 8
server/plugins-available/nginx_plugin.inc.php | 13
server/lib/classes/system.inc.php | 31 +++
20 files changed, 383 insertions(+), 109 deletions(-)
diff --git a/install/dist/conf/debiantesting.conf.php b/install/dist/conf/debiantesting.conf.php
new file mode 100644
index 0000000..92787bf
--- /dev/null
+++ b/install/dist/conf/debiantesting.conf.php
@@ -0,0 +1,230 @@
+<?php
+
+/*
+Copyright (c) 2016, Till Brehm, ISPConfig UG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+//*** Ubuntu 16.04 default settings
+
+//* Main
+$conf['language'] = 'en';
+$conf['distname'] = 'ubuntu1604';
+$conf['hostname'] = 'server1.domain.tld'; // Full hostname
+$conf['ispconfig_install_dir'] = '/usr/local/ispconfig';
+$conf['ispconfig_config_dir'] = '/usr/local/ispconfig';
+$conf['ispconfig_log_priority'] = 2; // 0 = Debug, 1 = Warning, 2 = Error
+$conf['ispconfig_log_dir'] = '/var/log/ispconfig';
+$conf['server_id'] = 1;
+$conf['init_scripts'] = '/etc/init.d';
+$conf['runlevel'] = '/etc';
+$conf['shells'] = '/etc/shells';
+$conf['pam'] = '/etc/pam.d';
+
+//* Services provided by this server, this selection will be overridden by the expert mode
+$conf['services']['mail'] = true;
+$conf['services']['web'] = true;
+$conf['services']['dns'] = true;
+$conf['services']['file'] = true;
+$conf['services']['db'] = true;
+$conf['services']['vserver'] = true;
+$conf['services']['proxy'] = false;
+$conf['services']['firewall'] = false;
+
+//* MySQL
+$conf['mysql']['installed'] = false; // will be detected automatically during installation
+$conf['mysql']['init_script'] = 'mysql';
+$conf['mysql']['host'] = 'localhost';
+$conf['mysql']['ip'] = '127.0.0.1';
+$conf['mysql']['port'] = '3306';
+$conf['mysql']['database'] = 'dbispconfig';
+$conf['mysql']['admin_user'] = 'root';
+$conf['mysql']['admin_password'] = '';
+$conf['mysql']['charset'] = 'utf8';
+$conf['mysql']['ispconfig_user'] = 'ispconfig';
+$conf['mysql']['ispconfig_password'] = md5(uniqid(rand()));
+$conf['mysql']['master_slave_setup'] = 'n';
+$conf['mysql']['master_host'] = '';
+$conf['mysql']['master_database'] = 'dbispconfig';
+$conf['mysql']['master_admin_user'] = 'root';
+$conf['mysql']['master_admin_password'] = '';
+$conf['mysql']['master_ispconfig_user'] = '';
+$conf['mysql']['master_ispconfig_password'] = md5(uniqid(rand()));
+
+//* Apache
+$conf['apache']['installed'] = false; // will be detected automatically during installation
+$conf['apache']['user'] = 'www-data';
+$conf['apache']['group'] = 'www-data';
+$conf['apache']['init_script'] = 'apache2';
+$conf['apache']['version'] = '2.4';
+$conf['apache']['vhost_conf_dir'] = '/etc/apache2/sites-available';
+$conf['apache']['vhost_conf_enabled_dir'] = '/etc/apache2/sites-enabled';
+$conf['apache']['vhost_port'] = '8080';
+$conf['apache']['php_ini_path_apache'] = '/etc/php/7.0/apache2/php.ini';
+$conf['apache']['php_ini_path_cgi'] = '/etc/php/7.0/cgi/php.ini';
+
+//* Website base settings
+$conf['web']['website_basedir'] = '/var/www';
+$conf['web']['website_path'] = '/var/www/clients/client[client_id]/web[website_id]';
+$conf['web']['website_symlinks'] = '/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/';
+
+//* Apps base settings
+$conf['web']['apps_vhost_ip'] = '_default_';
+$conf['web']['apps_vhost_port'] = '8081';
+$conf['web']['apps_vhost_servername'] = '';
+$conf['web']['apps_vhost_user'] = 'ispapps';
+$conf['web']['apps_vhost_group'] = 'ispapps';
+
+//* Fastcgi
+$conf['fastcgi']['fastcgi_phpini_path'] = '/etc/php/7.0/cgi/';
+$conf['fastcgi']['fastcgi_starter_path'] = '/var/www/php-fcgi-scripts/[system_user]/';
+$conf['fastcgi']['fastcgi_bin'] = '/usr/bin/php-cgi';
+
+//* Postfix
+$conf['postfix']['installed'] = false; // will be detected automatically during installation
+$conf['postfix']['config_dir'] = '/etc/postfix';
+$conf['postfix']['init_script'] = 'postfix';
+$conf['postfix']['user'] = 'postfix';
+$conf['postfix']['group'] = 'postfix';
+$conf['postfix']['vmail_userid'] = '5000';
+$conf['postfix']['vmail_username'] = 'vmail';
+$conf['postfix']['vmail_groupid'] = '5000';
+$conf['postfix']['vmail_groupname'] = 'vmail';
+$conf['postfix']['vmail_mailbox_base'] = '/var/vmail';
+
+//* Mailman
+$conf['mailman']['installed'] = false; // will be detected automatically during installation
+$conf['mailman']['config_dir'] = '/etc/mailman';
+$conf['mailman']['init_script'] = 'mailman';
+
+//* Getmail
+$conf['getmail']['installed'] = false; // will be detected automatically during installation
+$conf['getmail']['config_dir'] = '/etc/getmail';
+$conf['getmail']['program'] = '/usr/bin/getmail';
+
+//* Courier
+$conf['courier']['installed'] = false; // will be detected automatically during installation
+$conf['courier']['config_dir'] = '/etc/courier';
+$conf['courier']['courier-authdaemon'] = 'courier-authdaemon';
+$conf['courier']['courier-imap'] = 'courier-imap';
+$conf['courier']['courier-imap-ssl'] = 'courier-imap-ssl';
+$conf['courier']['courier-pop'] = 'courier-pop';
+$conf['courier']['courier-pop-ssl'] = 'courier-pop-ssl';
+
+//* Dovecot
+$conf['dovecot']['installed'] = false; // will be detected automatically during installation
+$conf['dovecot']['config_dir'] = '/etc/dovecot';
+$conf['dovecot']['init_script'] = 'dovecot';
+
+//* SASL
+$conf['saslauthd']['installed'] = false; // will be detected automatically during installation
+$conf['saslauthd']['config'] = '/etc/default/saslauthd';
+$conf['saslauthd']['init_script'] = 'saslauthd';
+
+//* Amavisd
+$conf['amavis']['installed'] = false; // will be detected automatically during installation
+$conf['amavis']['config_dir'] = '/etc/amavis';
+$conf['amavis']['init_script'] = 'amavis';
+
+//* ClamAV
+$conf['clamav']['installed'] = false; // will be detected automatically during installation
+$conf['clamav']['init_script'] = 'clamav-daemon';
+
+//* Pureftpd
+$conf['pureftpd']['installed'] = false; // will be detected automatically during installation
+$conf['pureftpd']['config_dir'] = '/etc/pure-ftpd';
+$conf['pureftpd']['init_script'] = 'pure-ftpd-mysql';
+
+//* MyDNS
+$conf['mydns']['installed'] = false; // will be detected automatically during installation
+$conf['mydns']['config_dir'] = '/etc';
+$conf['mydns']['init_script'] = 'mydns';
+
+//* PowerDNS
+$conf['powerdns']['installed'] = false; // will be detected automatically during installation
+$conf['powerdns']['database'] = 'powerdns';
+$conf["powerdns"]["config_dir"] = '/etc/powerdns/pdns.d';
+$conf['powerdns']['init_script'] = 'pdns';
+
+//* BIND DNS Server
+$conf['bind']['installed'] = false; // will be detected automatically during installation
+$conf['bind']['bind_user'] = 'root';
+$conf['bind']['bind_group'] = 'bind';
+$conf['bind']['bind_zonefiles_dir'] = '/etc/bind';
+$conf['bind']['named_conf_path'] = '/etc/bind/named.conf';
+$conf['bind']['named_conf_local_path'] = '/etc/bind/named.conf.local';
+$conf['bind']['init_script'] = 'bind9';
+
+//* Jailkit
+$conf['jailkit']['installed'] = false; // will be detected automatically during installation
+$conf['jailkit']['config_dir'] = '/etc/jailkit';
+$conf['jailkit']['jk_init'] = 'jk_init.ini';
+$conf['jailkit']['jk_chrootsh'] = 'jk_chrootsh.ini';
+$conf['jailkit']['jailkit_chroot_app_programs'] = '/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico /usr/bin/mysql /usr/bin/mysqldump /usr/bin/git /usr/bin/git-receive-pack /usr/bin/git-upload-pack /usr/bin/unzip /usr/bin/zip /bin/tar /bin/rm /usr/bin/patch';
+$conf['jailkit']['jailkit_chroot_cron_programs'] = '/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php';
+
+//* Squid
+$conf['squid']['installed'] = false; // will be detected automatically during installation
+$conf['squid']['config_dir'] = '/etc/squid';
+$conf['squid']['init_script'] = 'squid';
+
+//* Nginx
+$conf['nginx']['installed'] = false; // will be detected automatically during installation
+$conf['nginx']['user'] = 'www-data';
+$conf['nginx']['group'] = 'www-data';
+$conf['nginx']['config_dir'] = '/etc/nginx';
+$conf['nginx']['vhost_conf_dir'] = '/etc/nginx/sites-available';
+$conf['nginx']['vhost_conf_enabled_dir'] = '/etc/nginx/sites-enabled';
+$conf['nginx']['init_script'] = 'nginx';
+$conf['nginx']['vhost_port'] = '8080';
+$conf['nginx']['cgi_socket'] = '/var/run/fcgiwrap.socket';
+$conf['nginx']['php_fpm_init_script'] = 'php7.0-fpm';
+$conf['nginx']['php_fpm_ini_path'] = '/etc/php/7.0/fpm/php.ini';
+$conf['nginx']['php_fpm_pool_dir'] = '/etc/php/7.0/fpm/pool.d';
+$conf['nginx']['php_fpm_start_port'] = 9010;
+$conf['nginx']['php_fpm_socket_dir'] = '/var/lib/php7.0-fpm';
+
+//* OpenVZ
+$conf['openvz']['installed'] = false;
+
+//*Bastille-Firwall
+$conf['bastille']['installed'] = false;
+$conf['bastille']['config_dir'] = '/etc/Bastille';
+
+//* vlogger
+$conf['vlogger']['config_dir'] = '/etc';
+
+//* cron
+$conf['cron']['init_script'] = 'cron';
+$conf['cron']['crontab_dir'] = '/etc/cron.d';
+$conf['cron']['wget'] = '/usr/bin/wget';
+
+//* Metronome XMPP
+$conf['xmpp']['installed'] = false;
+$conf['xmpp']['init_script'] = 'metronome';
+
+
+?>
diff --git a/install/dist/lib/ubuntu1604.lib.php b/install/dist/lib/ubuntu1604.lib.php
deleted file mode 100644
index 7aba0dc..0000000
--- a/install/dist/lib/ubuntu1604.lib.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?php
-
-/*
-Copyright (c) 2016, Till Brehm, ISPConfig UG
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name of ISPConfig nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-class installer extends installer_base {
-
-}
-
-?>
diff --git a/install/lib/install.lib.php b/install/lib/install.lib.php
index 93e5470..f670261 100644
--- a/install/lib/install.lib.php
+++ b/install/lib/install.lib.php
@@ -200,6 +200,13 @@
$distid = 'debian60';
$distbaseid = 'debian';
swriteln("Operating System: Debian 8.0 (Jessie) or compatible\n");
+ } elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) {
+ $distname = 'Debian';
+ $distver = 'Testing';
+ $distid = 'debian60';
+ $distconfid = 'debiantesting';
+ $distbaseid = 'debian';
+ swriteln("Operating System: Debian Testing\n");
} else {
$distname = 'Debian';
$distver = 'Unknown';
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 63ddb09..49b0e3d 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -224,7 +224,7 @@
if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') {
echo "Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION. Add\n\n";
echo " sql-mode=\"NO_ENGINE_SUBSTITUTION\"\n\n";
- echo"to the mysqld-section in /etc/mysql/my.cnf and restart mysqld afterwards\n";
+ echo"to the mysqld-section in your mysql-config and restart mysqld afterwards\n";
die();
}
@@ -296,6 +296,7 @@
$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
$tpl_ini_array['server']['hostname'] = $conf['hostname'];
$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
+ $tpl_ini_array['server']['firewall'] = ($conf['ufw']['installed'] == true)?'ufw':'bastille';
$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
diff --git a/install/lib/update.lib.php b/install/lib/update.lib.php
index a6bb42d..6408c18 100644
--- a/install/lib/update.lib.php
+++ b/install/lib/update.lib.php
@@ -128,7 +128,7 @@
if ($check_sql_mode['@@sql_mode'] != '' && $check_sql_mode['@@sql_mode'] != 'NO_ENGINE_SUBSTITUTION') {
echo "Wrong SQL-mode. You should use NO_ENGINE_SUBSTITUTION. Add\n\n";
echo " sql-mode=\"NO_ENGINE_SUBSTITUTION\"\n\n";
- echo"to the mysqld-section in /etc/mysql/my.cnf and restart mysqld afterwards\n";
+ echo"to the mysqld-section in your mysql-config and restart mysqld afterwards\n";
die();
}
diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php
index 599cce4..5adbdf7 100644
--- a/interface/lib/classes/tform_base.inc.php
+++ b/interface/lib/classes/tform_base.inc.php
@@ -1002,7 +1002,7 @@
unset($error);
break;
case 'ISINT':
- if(function_exists('filter_var') && $field_value < 2147483647) {
+ if(function_exists('filter_var') && $field_value < PHP_INT_MAX) {
//if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT, array("options" => array('min_range'=>0))) === false) {
if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) {
$errmsg = $validator['errmsg'];
diff --git a/interface/web/admin/templates/system_config_dns_edit.htm b/interface/web/admin/templates/system_config_dns_edit.htm
new file mode 100644
index 0000000..f3d0b20
--- /dev/null
+++ b/interface/web/admin/templates/system_config_dns_edit.htm
@@ -0,0 +1,20 @@
+<tmpl_if name="list_head_txt">
+<div class='page-header'>
+ <h1><tmpl_var name="list_head_txt"></h1>
+</div>
+</tmpl_if>
+<tmpl_if name="list_desc_txt"><p><tmpl_var name="list_desc_txt"></p></tmpl_if>
+
+<div class="form-group">
+ <label for="default_dnsserver" class="col-sm-3 control-label">{tmpl_var name='default_dnsserver_txt'}</label>
+ <div class="col-sm-9"><select name="default_dnsserver" id="default_dnsserver" class="form-control">
+ {tmpl_var name='default_dnsserver'}
+ </select></div>
+</div>
+
+<input type="hidden" name="id" value="{tmpl_var name='id'}">
+
+<div class="clear"><div class="right">
+ <button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="admin/system_config_edit.php">{tmpl_var name='btn_save_txt'}</button>
+ <button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="admin/users_list.php">{tmpl_var name='btn_cancel_txt'}</button>
+</div></div>
\ No newline at end of file
diff --git a/interface/web/dashboard/lib/lang/pl_dashlet_modules.lng b/interface/web/dashboard/lib/lang/pl_dashlet_modules.lng
index 6f9b955..5eac7fe 100644
--- a/interface/web/dashboard/lib/lang/pl_dashlet_modules.lng
+++ b/interface/web/dashboard/lib/lang/pl_dashlet_modules.lng
@@ -1,4 +1,4 @@
<?php
$wb['available_modules_txt'] = 'Dostępne moduły';
-$wb['go_to_txt'] = 'Go to';
+$wb['go_to_txt'] = 'Idź do';
?>
diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php
index 2e4d58e..bd8cc84 100644
--- a/interface/web/dns/dns_import.php
+++ b/interface/web/dns/dns_import.php
@@ -216,7 +216,7 @@
$line = trim($line);
if ($line != '' && substr($line, 0, 1) != ';'){
if(strpos($line, ";") !== FALSE) {
- if (!preg_match("/v=DKIM|v=DMARC/",$line)) {
+ if(!preg_match("/\"[^\"]+;[^\"]*\"/", $line)) {
$line = substr($line, 0, strpos($line, ";"));
}
}
@@ -267,12 +267,13 @@
$parts = explode(' ', $line);
// make elements lowercase
- $dkim=@($parts[3]=='"v=DKIM1;')?true:false;
- $dmarc=@($parts[3]=='"v=DMARC1;')?true:false;
-
$new_parts = array();
foreach($parts as $part){
- if(!$dkim && !$dmarc) {
+ if(
+ (strpos($part, ';') === false) &&
+ (!preg_match("/^\"/", $part)) &&
+ (!preg_match("/\"$/", $part))
+ ) {
$new_parts[] = strtolower($part);
} else {
$new_parts[] = $part;
diff --git a/interface/web/sites/database_quota_stats.php b/interface/web/sites/database_quota_stats.php
index faf3621..5e95fdc 100644
--- a/interface/web/sites/database_quota_stats.php
+++ b/interface/web/sites/database_quota_stats.php
@@ -57,7 +57,9 @@
if(!empty($monitor_data[$rec['server_id'].'.'.$database_name])){
$rec['database'] = $monitor_data[$rec['server_id'].'.'.$database_name]['database_name'];
$rec['client'] = $monitor_data[$rec['server_id'].'.'.$database_name]['client'];
- $rec['server_name'] = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $rec['server_id'])['server_name'];
+ $tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $rec['server_id']);
+ $rec['server_name'] = $tmp['server_name'];
+ unset($tmp);
$rec['used'] = $monitor_data[$rec['server_id'].'.'.$database_name]['used'];
$rec['quota'] = $monitor_data[$rec['server_id'].'.'.$database_name]['quota'];
diff --git a/interface/web/sites/templates/database_user_edit.htm b/interface/web/sites/templates/database_user_edit.htm
index 45b7fea..c9ae106 100644
--- a/interface/web/sites/templates/database_user_edit.htm
+++ b/interface/web/sites/templates/database_user_edit.htm
@@ -34,7 +34,7 @@
<label for="database_password" class="col-sm-3 control-label">{tmpl_var name='database_password_txt'}</label>
<div class="col-sm-9">
<div class="input-group">
- <input type="database_password" name="database_password" id="database_password" value="{tmpl_var name='database_password'}" class="form-control" autocomplete="off" onkeyup="pass_check(this.value);checkPassMatch('database_password','repeat_password');" />
+ <input type="password" name="database_password" id="database_password" value="{tmpl_var name='database_password'}" class="form-control" autocomplete="off" onkeyup="pass_check(this.value);checkPassMatch('database_password','repeat_password');" />
<span class="input-group-btn">
<button class="btn btn-default" type="button" onclick="generatePassword('database_password','repeat_password');">{tmpl_var name='generate_password_txt'}</button>
</span>
diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index 3da4823..647061e 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -50,6 +50,7 @@
class page_action extends tform_actions {
var $_vhostdomain_type = 'domain';
+ var $_letsencrypt_on_insert = false;
//* Returna a "3/2/1" path hash from a numeric id '123'
function id_hash($id, $levels) {
@@ -218,8 +219,9 @@
//* Fill the IPv6 select field with the IP addresses that are allowed for this client
$sql = "SELECT ip_address FROM server_ip WHERE server_id IN ? AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=?)";
$ips = $app->db->queryAllRecords($sql, explode(',', $client['web_servers']), $_SESSION['s']['user']['client_id']);
- $ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+ //$ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
//$ip_select = "";
+ $ip_select = "<option value=''></option>";
if(is_array($ips)) {
foreach( $ips as $ip) {
$selected = ($ip["ip_address"] == $this->dataRecord["ipv6_address"])?'SELECTED':'';
@@ -1333,6 +1335,23 @@
parent::onSubmit();
}
+
+ function onBeforeInsert() {
+ global $app, $conf;
+
+ // Letsencrypt can not be activated before the website has been created
+ // So we deactivate it here and add a datalog update in onAfterInsert
+ if(isset($this->dataRecord['ssl_letsencrypt']) && $this->dataRecord['ssl_letsencrypt'] == 'y' && isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y') {
+ // Disable letsencrypt and ssl temporarily
+ $this->dataRecord['ssl_letsencrypt'] = 'n';
+ $this->dataRecord['ssl'] = 'n';
+ // Prevent that the datalog history gets written
+ $app->tform->formDef['db_history'] = 'no';
+ // Set variable that we check in onAfterInsert
+ $this->_letsencrypt_on_insert = true;
+ }
+ }
+
function onAfterInsert() {
global $app, $conf;
@@ -1403,6 +1422,16 @@
$app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id);
}
if(isset($this->dataRecord['folder_directive_snippets'])) $app->db->query("UPDATE web_domain SET folder_directive_snippets = ? WHERE domain_id = ?", $this->dataRecord['folder_directive_snippets'], $this->id);
+
+ // Add a datalog insert without letsencrypt and then an update with letsencrypt enabled (see also onBeforeInsert)
+ if($this->_letsencrypt_on_insert == true) {
+ $new_data_record = $app->tform->getDataRecord($this->id);
+ $app->tform->datalogSave('INSERT', $this->id, array(), $new_data_record);
+ $new_data_record['ssl_letsencrypt'] = 'y';
+ $new_data_record['ssl'] = 'y';
+ $app->db->datalogUpdate('web_domain', $new_data_record, 'domain_id', $this->id);
+ }
+
}
function onBeforeUpdate () {
diff --git a/server/lib/classes/cron.d/900-letsencrypt.inc.php b/server/lib/classes/cron.d/900-letsencrypt.inc.php
index 7e1655e..5441ac2 100644
--- a/server/lib/classes/cron.d/900-letsencrypt.inc.php
+++ b/server/lib/classes/cron.d/900-letsencrypt.inc.php
@@ -36,10 +36,28 @@
public function onRunJob() {
global $app, $conf;
- $letsencrypt = array_shift( split("\n", `which letsencrypt /root/.local/share/letsencrypt/bin/letsencrypt`) );
+ $letsencrypt = array_shift( explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt')) );
if(is_executable($letsencrypt)) {
- exec($letsencrypt . ' -n renew');
- $app->services->restartServiceDelayed('httpd', 'reload');
+ $version = trim(exec($letsencrypt . ' --version 2>/dev/null'));
+ if(preg_match('/^(\S+)\s+(\d+(\.\d+)+)$/', $version, $matches)) {
+ $type = strtolower($matches[1]);
+ $version = $matches[2];
+ if(($type != 'letsencrypt' && $type != 'certbot') || version_compare($version, '0.7.0', '<')) {
+ exec($letsencrypt . ' -n renew');
+ $app->services->restartServiceDelayed('httpd', 'reload');
+ } else {
+ $marker_file = '/usr/local/ispconfig/server/le.restart';
+ $cmd = "echo '1' > " . $marker_file;
+ exec($letsencrypt . ' -n renew --post-hook ' . escapeshellarg($cmd));
+ if(file_exists($marker_file) && trim(file_get_contents($marker_file)) == '1') {
+ unlink($marker_file);
+ $app->services->restartServiceDelayed('httpd', 'reload');
+ }
+ }
+ } else {
+ exec($letsencrypt . ' -n renew');
+ $app->services->restartServiceDelayed('httpd', 'reload');
+ }
}
parent::onRunJob();
diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php
index f2b7467..9c39fc2 100644
--- a/server/lib/classes/monitor_tools.inc.php
+++ b/server/lib/classes/monitor_tools.inc.php
@@ -164,43 +164,42 @@
$relname = "UNKNOWN";
}
$distver = $ver.$lts." ".$relname;
- swriteln("Operating System: ".$distname.' '.$distver."\n");
} elseif(trim(file_get_contents('/etc/debian_version')) == '4.0') {
$distname = 'Debian';
$distver = '4.0';
$distid = 'debian40';
$distbaseid = 'debian';
- swriteln("Operating System: Debian 4.0 or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '5.0')) {
$distname = 'Debian';
$distver = 'Lenny';
$distid = 'debian40';
$distbaseid = 'debian';
- swriteln("Operating System: Debian Lenny or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '6.0') || trim(file_get_contents('/etc/debian_version')) == 'squeeze/sid') {
$distname = 'Debian';
$distver = 'Squeeze/Sid';
$distid = 'debian60';
$distbaseid = 'debian';
- swriteln("Operating System: Debian 6.0 (Squeeze/Sid) or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '7.0') || substr(trim(file_get_contents('/etc/debian_version')),0,2) == '7.' || trim(file_get_contents('/etc/debian_version')) == 'wheezy/sid') {
$distname = 'Debian';
$distver = 'Wheezy/Sid';
$distid = 'debian60';
$distbaseid = 'debian';
- swriteln("Operating System: Debian 7.0 (Wheezy/Sid) or compatible\n");
} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '8') || substr(trim(file_get_contents('/etc/debian_version')),0,1) == '8') {
$distname = 'Debian';
$distver = 'Jessie';
$distid = 'debian60';
$distbaseid = 'debian';
- swriteln("Operating System: Debian 8.0 (Jessie) or compatible\n");
+ } elseif(strstr(trim(file_get_contents('/etc/debian_version')), '/sid')) {
+ $distname = 'Debian';
+ $distver = 'Testing';
+ $distid = 'debian60';
+ $distconfid = 'debiantesting';
+ $distbaseid = 'debian';
} else {
$distname = 'Debian';
$distver = 'Unknown';
$distid = 'debian40';
$distbaseid = 'debian';
- swriteln("Operating System: Debian or compatible, unknown version.\n");
}
}
@@ -211,25 +210,21 @@
$distver = '11.0';
$distid = 'opensuse110';
$distbaseid = 'opensuse';
- swriteln("Operating System: openSUSE 11.0 or compatible\n");
} elseif(stristr(file_get_contents('/etc/SuSE-release'), '11.1')) {
$distname = 'openSUSE';
$distver = '11.1';
$distid = 'opensuse110';
$distbaseid = 'opensuse';
- swriteln("Operating System: openSUSE 11.1 or compatible\n");
} elseif(stristr(file_get_contents('/etc/SuSE-release'), '11.2')) {
$distname = 'openSUSE';
$distver = '11.2';
$distid = 'opensuse112';
$distbaseid = 'opensuse';
- swriteln("Operating System: openSUSE 11.2 or compatible\n");
} else {
$distname = 'openSUSE';
$distver = 'Unknown';
$distid = 'opensuse112';
$distbaseid = 'opensuse';
- swriteln("Operating System: openSUSE or compatible, unknown version.\n");
}
}
@@ -244,62 +239,52 @@
$distver = '9';
$distid = 'fedora9';
$distbaseid = 'fedora';
- swriteln("Operating System: Fedora 9 or compatible\n");
} elseif(stristr($content, 'Fedora release 10 (Cambridge)')) {
$distname = 'Fedora';
$distver = '10';
$distid = 'fedora9';
$distbaseid = 'fedora';
- swriteln("Operating System: Fedora 10 or compatible\n");
} elseif(stristr($content, 'Fedora release 10')) {
$distname = 'Fedora';
$distver = '11';
$distid = 'fedora9';
$distbaseid = 'fedora';
- swriteln("Operating System: Fedora 11 or compatible\n");
} elseif(stristr($content, 'CentOS release 5.2 (Final)')) {
$distname = 'CentOS';
$distver = '5.2';
$distid = 'centos52';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 5.2 or compatible\n");
} elseif(stristr($content, 'CentOS release 5.3 (Final)')) {
$distname = 'CentOS';
$distver = '5.3';
$distid = 'centos53';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 5.3 or compatible\n");
} elseif(stristr($content, 'CentOS release 5')) {
$distname = 'CentOS';
$distver = 'Unknown';
$distid = 'centos53';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 5 or compatible\n");
} elseif(stristr($content, 'CentOS Linux release 6')) {
$distname = 'CentOS';
$distver = 'Unknown';
$distid = 'centos53';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 6 or compatible\n");
} elseif(stristr($content, 'CentOS Linux release 7.2')) {
$distname = 'CentOS';
$distver = 'Unknown';
$distid = 'centos70';
$distconfid = 'centos72';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 7.2\n");
} elseif(stristr($content, 'CentOS Linux release 7')) {
$distname = 'CentOS';
$distver = 'Unknown';
$distid = 'centos70';
$distbaseid = 'fedora';
- swriteln("Operating System: CentOS 7 or compatible\n");
} else {
$distname = 'Redhat';
$distver = 'Unknown';
$distid = 'fedora9';
$distbaseid = 'fedora';
- swriteln("Operating System: Redhat or compatible, unknown version.\n");
}
}
@@ -313,7 +298,6 @@
$distver = $version[0][0].$version[0][1];
$distid = 'gentoo';
$distbaseid = 'gentoo';
- swriteln("Operating System: Gentoo $distver or compatible\n");
} else {
die('Unrecognized GNU/Linux distribution');
diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php
index 2c36c38..93cd524 100644
--- a/server/lib/classes/system.inc.php
+++ b/server/lib/classes/system.inc.php
@@ -1856,23 +1856,46 @@
}
- function getinitcommand($servicename, $action, $init_script_directory = ''){
+ function _getinitcommand($servicename, $action, $init_script_directory = '', $check_service) {
global $conf;
// upstart
if(is_executable('/sbin/initctl')){
exec('/sbin/initctl version 2>/dev/null | /bin/grep -q upstart', $retval['output'], $retval['retval']);
if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
}
+
// systemd
if(is_executable('/bin/systemd') || is_executable('/usr/bin/systemctl')){
- return 'systemctl '.$action.' '.$servicename.'.service';
+ if ($check_service) {
+ exec("systemctl is-enabled ".$servicename." 2>&1", $out, $ret_val);
+ }
+ if ($ret_val == 0 || !$check_service) {
+ return 'systemctl '.$action.' '.$servicename.'.service';
+ }
}
+
// sysvinit
if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
- return $init_script_directory.'/'.$servicename.' '.$action;
+ if($check_service && is_executable($init_script_directory.'/'.$servicename)) {
+ return $init_script_directory.'/'.$servicename.' '.$action;
+ }
+ if (!$check_service) {
+ return $init_script_directory.'/'.$servicename.' '.$action;
+ }
}
-
+
+ function getinitcommand($servicename, $action, $init_script_directory = '', $check_service=false) {
+ if (is_array($servicename)) {
+ foreach($servicename as $service) {
+ $out = $this->_getinitcommand($service, $action, $init_script_directory, true);
+ if ($out != '') return $out;
+ }
+ } else {
+ return $this->_getinitcommand($servicename, $action, $init_script_directory, $check_service);
+ }
+ }
+
function getapacheversion($get_minor = false) {
global $app;
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 8c1da78..6763399 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -882,9 +882,9 @@
}
// get the primitive folder for document_root and the filesystem, will need it later.
- $df_output=exec("df -T $document_root|awk 'END{print \$2,\$NF}'");
- $file_system = explode(" ", $df_output)[0];
- $primitive_root = explode(" ", $df_output)[1];
+ $df_output=explode(" ", exec("df -T $document_root|awk 'END{print \$2,\$NF}'"));
+ $file_system = $df_output[0];
+ $primitive_root = $df_output[1];
if ( in_array($file_system , array('ext2','ext3','ext4'), true) ) {
exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
@@ -1234,9 +1234,9 @@
$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
$success = false;
- $letsencrypt = array_shift( split("\n", `which letsencrypt /root/.local/share/letsencrypt/bin/letsencrypt`) );
+ $letsencrypt = array_shift( explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt')) );
if(is_executable($letsencrypt)) {
- $success = $this->_exec($letsencrypt . " auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
+ $success = $this->_exec($letsencrypt . " certonly --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
}
if(!$success) {
// error issuing cert
@@ -3149,7 +3149,7 @@
$tpl->setVar('fpm_pool', $pool_name);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
$tpl->setVar('fpm_user', $data['new']['system_user']);
- $tpl->setVar('fpm_group', $data['new']['system_group']);
+ $tpl->setVar('fpm_group', $web_config['group']);
$tpl->setVar('fpm_domain', $data['new']['domain']);
$tpl->setVar('pm', $data['new']['pm']);
$tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
diff --git a/server/plugins-available/cron_plugin.inc.php b/server/plugins-available/cron_plugin.inc.php
index fe3ddfb..b54e971 100644
--- a/server/plugins-available/cron_plugin.inc.php
+++ b/server/plugins-available/cron_plugin.inc.php
@@ -136,9 +136,9 @@
}
// get the primitive folder for document_root and the filesystem, will need it later.
- $df_output=exec("df -T $document_root|awk 'END{print \$2,\$NF}'");
- $file_system = explode(" ", $df_output)[0];
- $primitive_root = explode(" ", $df_output)[1];
+ $df_output=explode(" ", exec("df -T $document_root|awk 'END{print \$2,\$NF}'"));
+ $file_system = $df_output[0];
+ $primitive_root = $df_output[1];
if ( in_array($file_system , array('ext2','ext3','ext4'),true) ) {
exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
diff --git a/server/plugins-available/mail_plugin.inc.php b/server/plugins-available/mail_plugin.inc.php
index 8696205..8275696 100644
--- a/server/plugins-available/mail_plugin.inc.php
+++ b/server/plugins-available/mail_plugin.inc.php
@@ -206,7 +206,9 @@
}
//* Send the welcome email message
- $domain = explode('@', $data["new"]["email"])[1];
+ $tmp = explode('@', $data["new"]["email"]);
+ $domain = $tmp[1];
+ unset($tmp);
$html = false;
if(file_exists($conf['rootpath'].'/conf-custom/mail/welcome_email_'.$domain.'.html')) {
$lines = file($conf['rootpath'].'/conf-custom/mail/welcome_email_'.$domain.'.html');
@@ -466,7 +468,9 @@
if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $mount_backup = false;
if($mount_backup){
$sql = "SELECT * FROM mail_domain WHERE domain = ?";
- $domain_rec = $app->db->queryOneRecord($sql, explode("@",$data['old']['email'])[1]);
+ $tmp = explode("@",$data['old']['email']);
+ $domain_rec = $app->db->queryOneRecord($sql,$tmp[1]);
+ unset($tmp);
if (is_array($domain_rec)) {
$mail_backup_dir = $backup_dir.'/mail'.$domain_rec['domain_id'];
$mail_backup_files = 'mail'.$data['old']['mailuser_id'];
diff --git a/server/plugins-available/mail_plugin_dkim.inc.php b/server/plugins-available/mail_plugin_dkim.inc.php
index 25f1871..0b840db 100755
--- a/server/plugins-available/mail_plugin_dkim.inc.php
+++ b/server/plugins-available/mail_plugin_dkim.inc.php
@@ -171,22 +171,11 @@
* This function restarts amavis
*/
function restart_amavis() {
- global $app, $conf;
- $pos_init=array(
- $conf['init_scripts'].'/amavis',
- $conf['init_scripts'].'/amavisd'
- );
- $initfile='';
- foreach($pos_init as $init) {
- if (is_executable($init)) {
- $initfile=$init;
- break;
- }
- }
- if ( $initfile == '' ) $initfile = 'service amavis';
- $app->log('Restarting amavis: '.$initfile.'.', LOGLEVEL_DEBUG);
- exec(escapeshellarg($initfile).' restart', $output);
- foreach($output as $logline) $app->log($logline, LOGLEVEL_DEBUG);
+ global $app;
+ $initcommand = $app->system->getinitcommand(array('amavis', 'amavisd'), 'restart');
+ $app->log('Restarting amavis: '.$initcommand.'.', LOGLEVEL_DEBUG);
+ exec($initcommand, $output);
+ foreach($output as $logline) $app->log($logline, LOGLEVEL_DEBUG);
}
/**
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 9393a9b..b2262b0 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -741,9 +741,9 @@
}
// get the primitive folder for document_root and the filesystem, will need it later.
- $df_output=exec("df -T $document_root|awk 'END{print \$2,\$NF}'");
- $file_system = explode(" ", $df_output)[0];
- $primitive_root = explode(" ", $df_output)[1];
+ $df_output=explode(" ", exec("df -T $document_root|awk 'END{print \$2,\$NF}'"));
+ $file_system = $df_output[0];
+ $primitive_root = $df_output[1];
if ( in_array($file_system , array('ext2','ext3','ext4'), true) ) {
exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
@@ -932,6 +932,7 @@
$tpl->newTemplate('nginx_vhost.conf.master');
// IPv4
+ if($data['new']['ip_address'] == '') $data['new']['ip_address'] = '*';
//* use ip-mapping for web-mirror
if($data['new']['ip_address'] != '*' && $conf['mirror_server_id'] > 0) {
@@ -1312,9 +1313,9 @@
$app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
$success = false;
- $letsencrypt = array_shift( split("\n", `which letsencrypt /root/.local/share/letsencrypt/bin/letsencrypt`) );
+ $letsencrypt = array_shift( explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt')) );
if(is_executable($letsencrypt)) {
- $success = $this->_exec($letsencrypt . " auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
+ $success = $this->_exec($letsencrypt . " certonly --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
}
if(!$success) {
// error issuing cert
@@ -2763,7 +2764,7 @@
$tpl->setVar('fpm_pool', $pool_name);
$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
$tpl->setVar('fpm_user', $data['new']['system_user']);
- $tpl->setVar('fpm_group', $data['new']['system_group']);
+ $tpl->setVar('fpm_group', $web_config['group']);
$tpl->setVar('pm', $data['new']['pm']);
$tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
$tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);
--
Gitblit v1.9.1