From d75f0807d3d054fba633ffef4e4785900d05de6e Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sat, 02 Aug 2008 05:08:03 -0400
Subject: [PATCH] - Enabled tools module for administrator by default. - Updated Ubuntu installation instructions.

---
 install/lib/installer_base.lib.php |  100 ++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 97 insertions(+), 3 deletions(-)

diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 3fc9787..4de5648 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -595,6 +595,60 @@
 		
 	}
 	
+	public function configure_firewall()
+	{
+		global $conf;
+		
+		$dist_init_scripts = $conf['init_scripts'];
+  		
+		if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
+  		@mkdir("/etc/Bastille", octdec($directory_mode));
+  		if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
+  		caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
+  		caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
+  		$content = rf("/etc/Bastille/bastille-firewall.cfg");
+  		$content = str_replace("{DNS_SERVERS}", "", $content);
+
+  		$tcp_public_services = '';
+  		$udp_public_services = '';
+		
+		$row = $this->db->queryOneRecord("SELECT * FROM firewall WHERE server_id = ".intval($this->conf['server_id']));
+		
+  		if(trim($row["tcp_port"]) != '' || trim($row["udp_port"]) != ''){
+    		$tcp_public_services = trim(str_replace(',',' ',$row["tcp_port"]));
+    		$udp_public_services = trim(str_replace(',',' ',$row["udp_port"]));
+  		} else {
+    		$tcp_public_services = '21 22 25 53 80 110 443 8080 10000';
+    		$udp_public_services = '53';
+  		}
+  		$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
+  		$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
+
+  		wf("/etc/Bastille/bastille-firewall.cfg", $content);
+
+  		if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
+  		caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
+  		caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);
+
+  		if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
+  		caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
+  		caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);
+
+  		if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
+  		caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
+  		caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
+		
+		if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);
+
+  		exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
+  		if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
+  		unset($ipchains_location);
+  		exec("which iptables &> /dev/null", $iptables_location, $ret_val);
+  		if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
+  		unset($iptables_location);
+
+	}
+	
 	
 	public function install_ispconfig()
     {
@@ -603,8 +657,10 @@
 		$install_dir = $this->conf['ispconfig_install_dir'];
 
 		//* Create the ISPConfig installation directory
-		$command = "mkdir $install_dir";
-		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		if(!@is_dir("$install_dir")) {
+			$command = "mkdir $install_dir";
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		}
 		
 		//* Create a ISPConfig user and group
 		$command = 'groupadd ispconfig';
@@ -636,6 +692,7 @@
 		$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
 		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
 		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
+		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		wf("$install_dir/interface/lib/$configfile", $content);
 		
 		//* Create the config file for ISPConfig server
@@ -649,6 +706,7 @@
 		$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
 		$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
 		$content = str_replace('{server_id}', $conf['server_id'], $content);
+		$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
 		wf("$install_dir/server/lib/$configfile", $content);
 		
 		
@@ -711,6 +769,10 @@
 		//* make sure that the server config file (not the interface one) is only readable by the root user
 		exec("chmod 600 $install_dir/server/lib/$configfile");
 		exec("chown root:root $install_dir/server/lib/$configfile");
+		if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
+			exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
+			exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
+		}
 		
 		// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
 		// and must be fixed as this will allow the apache user to read the ispconfig files.
@@ -737,7 +799,7 @@
 		//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
 		//* and create the symlink
 		if($this->install_ispconfig_interface == true) {
-			if(!is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) {
+			if(!@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) {
 				exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/ispconfig.vhost");
 			}
 		}
@@ -753,6 +815,38 @@
 		
 		//set the fast cgi starter script to executable
 		exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
+		
+		//* Make the logs readable for the ispconfig user
+		if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
+		if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
+		if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
+		if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
+		
+		
+	}
+	
+	public function configure_dbserver()
+	{
+		global $conf;
+		
+		//* If this server shall act as database server for client DB's, we configure this here
+		$install_dir = $this->conf['ispconfig_install_dir'];
+		
+		// Create a file with the database login details which 
+		// are used to create the client databases.
+		
+		if(!is_dir("$install_dir/server/lib")) {
+			$command = "mkdir $install_dir/server/lib";
+			caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		}
+		
+		$content = rf("tpl/mysql_clientdb.conf.master");
+		$content = str_replace('{username}',$conf['mysql']['admin_user'],$content);
+		$content = str_replace('{password}',$conf['mysql']['admin_password'], $content);
+		wf("$install_dir/server/lib/mysql_clientdb.conf",$content);
+		exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf");
+		exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf");
+		
 	}
 	
 	public function install_crontab()

--
Gitblit v1.9.1