From e01f81c8cd2ca4f0cd489f0931491a0c2fc3bae0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 07 Nov 2011 05:50:54 -0500
Subject: [PATCH] Removed 2 items from todo which have been implemented.
---
install/lib/installer_base.lib.php | 122 +++++++++++++++++++++++++++++-----------
1 files changed, 89 insertions(+), 33 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index ef55210..b0cbfd6 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -118,12 +118,12 @@
if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
if(is_installed('postfix')) $conf['postfix']['installed'] = true;
if(is_installed('mailman')) $conf['mailman']['installed'] = true;
- if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
+ if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
- if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
+ if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
@@ -132,11 +132,12 @@
if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
if(is_installed('squid')) $conf['squid']['installed'] = true;
if(is_installed('nginx')) $conf['nginx']['installed'] = true;
- if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+ // if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
+ if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
- if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
+ if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) || ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
}
/** Create the database for ISPConfig */
@@ -263,9 +264,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
- $proxy_server_enabled = ($conf['services']['proxy'])?1:0;
- $firewall_server_enabled = ($conf['services']['firewall'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
+ $proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
+ $firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
//** Get the database version number based on the patchfiles
$found = true;
@@ -624,6 +625,21 @@
$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ $server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
+ $server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
+ unset($server_ini_rec);
+
+ //* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
+ $rbl_list = '';
+ if ($server_ini_array['mail']['realtime_blackhole_list'] != '') {
+ $rbl_hosts = explode(",",str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
+ foreach ($rbl_hosts as $key => $value) {
+ $rbl_list .= ", reject_rbl_client ". $value;
+ }
+ }
+ unset($rbl_hosts);
+ unset($server_ini_array);
+
$postconf_commands = array (
'myhostname = '.$conf['hostname'],
'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
@@ -640,7 +656,7 @@
'smtpd_sasl_auth_enable = yes',
'broken_sasl_auth_clients = yes',
'smtpd_sasl_authenticated_header = yes',
- 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination',
+ 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:'.$config_dir.'/mysql-virtual_recipient.cf, reject_unauth_destination'. $rbl_list,
'smtpd_use_tls = yes',
'smtpd_tls_security_level = may',
'smtpd_tls_cert_file = '.$config_dir.'/smtpd.cert',
@@ -670,9 +686,9 @@
//* Create the mailman files
exec('mkdir -p /var/lib/mailman/data');
- touch('/var/lib/mailman/data/aliases');
- exec('postmap /var/lib/mailman/data/aliases');
- touch('/var/lib/mailman/data/virtual-mailman');
+ if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
+ exec('postalias /var/lib/mailman/data/aliases');
+ if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
//* Make a backup copy of the main.cf file
@@ -924,12 +940,7 @@
$postconf_commands = array ();
// Check for amavisd -> pure webserver with postfix for mailing without antispam
- // Check for different names
- system('which amavisd-new', $retval); // Debian, Ubuntu, ?
- if ($retval !== 0){
- system('which amavisd', $retval); // CentOS
- }
- if ($retval === 0) {
+ if ($conf['amavis']['installed']) {
$postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
$postconf_commands[] = 'receive_override_options = no_address_mappings';
}
@@ -1260,6 +1271,10 @@
*/
}
+ public function configure_fail2ban() {
+ // To Do
+ }
+
public function configure_squid()
{
global $conf;
@@ -1279,6 +1294,7 @@
exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
}
+ /*
public function configure_ufw_firewall()
{
$configfile = 'ufw.conf';
@@ -1288,6 +1304,7 @@
exec('chmod 600 /etc/ufw/ufw.conf');
exec('chown root:root /etc/ufw/ufw.conf');
}
+ */
public function configure_firewall() {
global $conf;
@@ -1394,7 +1411,11 @@
$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
chown($install_dir, $apps_vhost_user);
chgrp($install_dir, $apps_vhost_group);
@@ -1453,7 +1474,11 @@
$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
chown($install_dir, $apps_vhost_user);
chgrp($install_dir, $apps_vhost_group);
@@ -1470,20 +1495,29 @@
} else {
$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
}
+
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'apps.sock';
+ $cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
- $content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+ $content = str_replace('{cgi_socket}', $cgi_socket, $content);
wf($vhost_conf_dir.'/apps.vhost', $content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
- $content = rf('tpl/php_fpm_pool.conf.master');
+ $content = rf('tpl/apps_php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'apps', $content);
- $content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
@@ -1666,13 +1700,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
-
-
-
-
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
@@ -1732,8 +1762,22 @@
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
- $command = 'adduser www-data ispconfig';
- caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if($conf['apache']['installed'] == true){
+ $command = 'adduser '.$conf['apache']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['apache']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
+ if($conf['nginx']['installed'] == true){
+ $command = 'adduser '.$conf['nginx']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['nginx']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
//* Make the shell scripts executable
$command = "chmod +x $install_dir/server/scripts/*.sh";
@@ -1800,8 +1844,14 @@
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
- $content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
-
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'ispconfig.sock';
+
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+
wf($vhost_conf_dir.'/ispconfig.vhost', $content);
unset($content);
@@ -1810,7 +1860,8 @@
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rf('tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
- $content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
@@ -1923,6 +1974,11 @@
"* * * * * ".$install_dir."/server/server.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log",
"30 00 * * * ".$install_dir."/server/cron_daily.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log"
);
+
+ if ($conf['nginx']['installed'] == true) {
+ $root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
+ }
+
foreach($root_cron_jobs as $cron_job) {
if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
$existing_root_cron_jobs[] = $cron_job."\n";
@@ -2013,7 +2069,7 @@
if ( is_file($tConf) ) {
$stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
if ($res == 0) { // stat successfull
- list($access, $user, $group) = split(" ", $stat);
+ list($access, $user, $group) = explode(" ", $stat);
}
if ( copy($tConf, $tConf.'~') ) {
--
Gitblit v1.9.1