maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Merge branch 'master' into vhost_config_variables, and replace IS_SSL with SCHEME

Browse Source 
Conflicts (resolved):
	lng/english.lng.php
	lng/german.lng.php
This commit is contained in:
Chris Vigelius
2015-07-30 11:35:26 +02:00
parent 89c4b969d1 0455cb96ca
commit 19d94471d9
23 changed files with 4059 additions and 2387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
actions/admin/settings/131.ssl.php
View File

@@ -37,7 +37,7 @@ return array(
'varname' => 'ssl_cipher_list', 'varname' => 'ssl_cipher_list',
'type' => 'string', 'type' => 'string',
'string_emptyallowed' => false, 'string_emptyallowed' => false,
'default' => 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH', 'default' => 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128',
'save_method' => 'storeSettingField', 'save_method' => 'storeSettingField',
), ),
'system_ssl_cert_file' => array( 'system_ssl_cert_file' => array(

1
admin_settings.php
View File

@@ -283,6 +283,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
foreach ($integrity->available as $id => $check) { foreach ($integrity->available as $id => $check) {
$displayid = $id + 1; $displayid = $id + 1;
$result = $integrity->$check(); $result = $integrity->$check();
$checkdesc = $lng['integrity_check'][$check];
eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";"); eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
} }
eval("echo \"" . getTemplate("settings/integritycheck") . "\";"); eval("echo \"" . getTemplate("settings/integritycheck") . "\";");

22
customer_domains.php
View File

@@ -102,6 +102,11 @@ if ($page == 'overview') {
if ($row['parentdomainid'] == 0) { if ($row['parentdomainid'] == 0) {
$domain_sort_array[$sortkey][$sortkey] = $row; $domain_sort_array[$sortkey][$sortkey] = $row;
} else { } else {
// when searching and the results are subdomains only, we need to get
// the parent domain to this subdomain
if (!isset($domain_id_array[$row['parentdomainid']])) {
$domain_id_array[$row['parentdomainid']] = "[parent-domain]";
}
$domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row; $domain_sort_array[$domain_id_array[$row['parentdomainid']]][$sortkey] = $row;
} }
} }
@@ -117,13 +122,16 @@ if ($page == 'overview') {
$i = 0; $i = 0;
foreach ($domain_sort_array as $sortkey => $domain_array) { foreach ($domain_sort_array as $sortkey => $domain_array) {
if ($paging->checkDisplay($i)) { if ($paging->checkDisplay($i)) {
$row = htmlentities_array($domain_array[$sortkey]);
if (Settings::Get('system.awstats_enabled') == '1') { if (isset($domain_array[$sortkey])) {
$statsapp = 'awstats'; $row = htmlentities_array($domain_array[$sortkey]);
} else { if (Settings::Get('system.awstats_enabled') == '1') {
$statsapp = 'webalizer'; $statsapp = 'awstats';
} else {
$statsapp = 'webalizer';
}
eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
} }
eval("\$domains.=\"" . getTemplate("domains/domains_delimiter") . "\";");
if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') { if ($paging->sortfield == 'd.domain' && $paging->sortorder == 'asc') {
ksort($domain_array); ksort($domain_array);
@@ -299,6 +307,7 @@ if ($page == 'overview') {
// ssl ip/port assigned to the domain // ssl ip/port assigned to the domain
if (domainHasSslIpPort($domain_check['id']) == true) { if (domainHasSslIpPort($domain_check['id']) == true) {
$ssl_redirect = '1'; $ssl_redirect = '1';
$_doredirect = true;
} else { } else {
standard_error('sslredirectonlypossiblewithsslipport'); standard_error('sslredirectonlypossiblewithsslipport');
} }
@@ -540,6 +549,7 @@ if ($page == 'overview') {
// ssl ip/port assigned to the domain // ssl ip/port assigned to the domain
if (domainHasSslIpPort($id) == true) { if (domainHasSslIpPort($id) == true) {
$ssl_redirect = '1'; $ssl_redirect = '1';
$_doredirect = true;
} else { } else {
standard_error('sslredirectonlypossiblewithsslipport'); standard_error('sslredirectonlypossiblewithsslipport');
} }

2
install/froxlor.sql
View File

@@ -486,7 +486,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'mod_fcgid_defaultini_ownvhost', '2'), ('system', 'mod_fcgid_defaultini_ownvhost', '2'),
('system', 'awstats_icons', '/usr/share/awstats/icon/'), ('system', 'awstats_icons', '/usr/share/awstats/icon/'),
('system', 'ssl_cert_chainfile', ''), ('system', 'ssl_cert_chainfile', ''),
('system', 'ssl_cipher_list', 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH'), ('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
('system', 'nginx_php_backend', '127.0.0.1:8888'), ('system', 'nginx_php_backend', '127.0.0.1:8888'),
('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'), ('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
('system', 'phpreload_command', ''), ('system', 'phpreload_command', ''),

10
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -2905,7 +2905,15 @@ if (isFroxlorVersion('0.9.33')) {
if (isFroxlorVersion('0.9.33.1')) { if (isFroxlorVersion('0.9.33.1')) {
showUpdateStep("Updating from 0.9.33.1 to 0.9.34-dev1", false); showUpdateStep("Updating from 0.9.33.1 to 0.9.33.2");
lastStepStatus(0);
updateToVersion('0.9.33.2');
}
if (isFroxlorVersion('0.9.33.2')) {
showUpdateStep("Updating from 0.9.33.2 to 0.9.34-dev1", false);
showUpdateStep("Updating table structure of domains"); showUpdateStep("Updating table structure of domains");
Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `parentdomainid` int(11) NOT NULL default '0'"); Database::query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` MODIFY `parentdomainid` int(11) NOT NULL default '0'");

67
lib/classes/database/class.Database.php
View File

@@ -312,6 +312,32 @@ class Database {
private static function _showerror($error, $showerror = true) { private static function _showerror($error, $showerror = true) {
global $userinfo, $theme, $linker; global $userinfo, $theme, $linker;
// include userdata.inc.php
require FROXLOR_INSTALL_DIR."/lib/userdata.inc.php";
// le format
if (isset($sql['root_user'])
&& isset($sql['root_password'])
&& (!isset($sql_root) || !is_array($sql_root))
) {
$sql_root = array(0 => array('caption' => 'Default', 'host' => $sql['host'], 'socket' => (isset($sql['socket']) ? $sql['socket'] : null), 'user' => $sql['root_user'], 'password' => $sql['root_password']));
}
// hide username/password in messages
$error_message = $error->getMessage();
$error_trace = $error->getTraceAsString();
// error-message
$error_message = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_message);
$error_message = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_message);
// error-trace
$error_trace = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_trace);
$error_trace = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_trace);
if ($error->getCode() == 2003) {
$error_message = "Unable to connect to database. Either the mysql-server is not running or your user/password is wrong.";
$error_trace = "";
}
/** /**
* log to a file, so we can actually ask people for the error * log to a file, so we can actually ask people for the error
* (no one seems to find the stuff in the syslog) * (no one seems to find the stuff in the syslog)
@@ -320,11 +346,10 @@ class Database {
if (!file_exists($sl_dir)) { if (!file_exists($sl_dir)) {
@mkdir($sl_dir, 0755); @mkdir($sl_dir, 0755);
} }
$sl_file = makeCorrectFile($sl_dir."/sql-error.log"); openlog("froxlor", LOG_PID | LOG_PERROR, LOG_LOCAL0);
$sqllog = @fopen($sl_file, 'a'); syslog(LOG_WARNING, str_replace("\n", " ", $error_message));
@fwrite($sqllog, date('d.m.Y H:i', time())." --- ".str_replace("\n", " ", $error->getMessage())."\n"); syslog(LOG_WARNING, str_replace("\n", " ", "--- DEBUG: ".$error_trace));
@fwrite($sqllog, date('d.m.Y H:i', time())." --- DEBUG: \n".$error->getTraceAsString()."\n"); closelog();
@fclose($sqllog);
/** /**
* log error for reporting * log error for reporting
@@ -333,43 +358,17 @@ class Database {
$err_file = makeCorrectFile($sl_dir."/".$errid."_sql-error.log"); $err_file = makeCorrectFile($sl_dir."/".$errid."_sql-error.log");
$errlog = @fopen($err_file, 'w'); $errlog = @fopen($err_file, 'w');
@fwrite($errlog, "|CODE ".$error->getCode()."\n"); @fwrite($errlog, "|CODE ".$error->getCode()."\n");
@fwrite($errlog, "|MSG ".$error->getMessage()."\n"); @fwrite($errlog, "|MSG ".$error_message."\n");
@fwrite($errlog, "|FILE ".$error->getFile()."\n"); @fwrite($errlog, "|FILE ".$error->getFile()."\n");
@fwrite($errlog, "|LINE ".$error->getLine()."\n"); @fwrite($errlog, "|LINE ".$error->getLine()."\n");
@fwrite($errlog, "|TRACE\n".$error->getTraceAsString()."\n"); @fwrite($errlog, "|TRACE\n".$error_trace."\n");
@fclose($errlog); @fclose($errlog);
if ($showerror) { if ($showerror) {
// include userdata.inc.php
require FROXLOR_INSTALL_DIR."/lib/userdata.inc.php";
// fallback // fallback
$theme = 'Sparkle'; $theme = 'Sparkle';
// le format
if (isset($sql['root_user'])
&& isset($sql['root_password'])
&& (!isset($sql_root) || !is_array($sql_root))
) {
$sql_root = array(0 => array('caption' => 'Default', 'host' => $sql['host'], 'socket' => (isset($sql['socket']) ? $sql['socket'] : null), 'user' => $sql['root_user'], 'password' => $sql['root_password']));
}
// hide username/password in messages
$error_message = $error->getMessage();
$error_trace = $error->getTraceAsString();
// error-message
$error_message = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_message);
$error_message = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_message);
// error-trace
$error_trace = str_replace($sql['password'], 'DB_UNPRIV_PWD', $error_trace);
$error_trace = str_replace($sql_root[0]['password'], 'DB_ROOT_PWD', $error_trace);
if ($error->getCode() == 2003) {
$error_message = "Unable to connect to database. Either the mysql-server is not running or your user/password is wrong.";
$error_trace = "";
}
// clean up sensitive data // clean up sensitive data
unset($sql); unset($sql);
unset($sql_root); unset($sql_root);
@@ -400,7 +399,7 @@ class Database {
die($err_hint); die($err_hint);
} }
} }
die("We are sorry, but a MySQL - error occurred. The administrator may find more information in in the sql-error.log in the logs/ directory"); die("We are sorry, but a MySQL - error occurred. The administrator may find more information in the syslog");
} }
} }
} }

15
lib/classes/webserver/class.ConfigIO.php
View File

@@ -33,6 +33,10 @@ class ConfigIO {
* @return null * @return null
*/ */
public function cleanUp() { public function cleanUp() {
// old error logs
$this->_cleanErrLogs();
// awstats files // awstats files
$this->_cleanAwstatsFiles(); $this->_cleanAwstatsFiles();
@@ -52,6 +56,17 @@ class ConfigIO {
$this->_cleanCustomerSslCerts(); $this->_cleanCustomerSslCerts();
} }
private function _cleanErrLogs() {
$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
if (@is_dir($err_dir)) {
// now get rid of old stuff
//(but append /*.log so we don't delete the directory)
$err_dir.='/*.log';
safe_exec('rm -rf '. makeCorrectFile($err_dir));
}
}
/** /**
* remove customer-specified auto-generated ssl-certificates * remove customer-specified auto-generated ssl-certificates
* (they are being regenerated) * (they are being regenerated)

436
lib/configfiles/gentoo.inc.php
View File

@@ -1,436 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'gentoo' => array(
'label' => 'Gentoo',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache2' => array(
'label' => 'Apache2 Webserver',
'commands' => array(
$configcommand['vhost'],
'chown root:0 ' . Settings::Get('system.apacheconf_vhost'),
'chmod 0600 ' . Settings::Get('system.apacheconf_vhost'),
$configcommand['diroptions'],
'chown root:0 ' . Settings::Get('system.apacheconf_diroptions'),
'chmod 0600 ' . Settings::Get('system.apacheconf_diroptions'),
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir')
),
'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ?
array(
'etc_apache2_modules.d_70_fastcgi.conf' => '/etc/apache2/modules.d/70_fastcgi.conf'
)
:
null,
'restart' => array(
'rc-update add apache2 default',
'/etc/init.d/apache2 restart'
)
),
'lighttpd' => array(
'label' => 'Lighttpd Webserver',
'commands_1' => array(
'emerge -av lighttpd'
),
'files' => array(
'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf'
),
'commands_2' => array(
$configcommand['vhost'],
$configcommand['diroptions'],
$configcommand['v_inclighty'],
$configcommand['d_inclighty'],
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'rc-update add lighttpd default'
),
'restart' => array(
'/etc/init.d/lighttpd restart'
)
),
'nginx' => array(
'label' => 'Nginx Webserver',
'commands_1' => array(
'emerge nginx',
),
'files' => array(
'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf',
'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi'
),
'commands_2' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod u+x /etc/init.d/php-fcgi',
'rc-update add nginx default'
),
'restart' => array(
'/etc/init.d/nginx restart'
)
),
)
),
'dns' => array(
'label' => $lng['admin']['configfiles']['dns'],
'daemons' => array(
'bind' => array(
'label' => 'Bind9 Nameserver',
'files' => array(
'etc_bind_default.zone' => '/etc/bind/default.zone'
),
'commands' => array(
'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf',
'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chown named:0 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chmod 0600 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'rc-update add named default'
),
'restart' => array(
'/etc/init.d/named restart'
)
),
)
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix_courier' => array(
'label' => 'Postfix/Courier',
'commands_1' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'echo "mail-mta/postfix -dovecot-sasl sasl" >> /etc/portage/package.use',
'emerge -av postfix',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'chmod 0750 ' . Settings::Get('system.vmail_homedir'),
'mv /etc/postfix/main.cf /etc/postfix/main.cf.gentoo',
'touch /etc/postfix/main.cf',
'touch /etc/sasl2/smtpd.conf',
'chown root:root /etc/postfix/main.cf',
'chown root:root /etc/sasl2/smtpd.conf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0600 /etc/sasl2/smtpd.conf',
'for suffix in {alias,mailbox,uid,gid}_maps mailbox_domains sender_permissions; do',
' touch /etc/postfix/mysql-virtual_${suffix}.cf',
' chown root:postfix /etc/postfix/mysql-virtual_${suffix}.cf',
' chmod 0640 /etc/postfix/mysql-virtual_${suffix}.cf',
'done'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_mysql-virtual_uid_maps.cf' => '/etc/postfix/mysql-virtual_uid_maps.cf',
'etc_postfix_mysql-virtual_gid_maps.cf' => '/etc/postfix/mysql-virtual_gid_maps.cf',
'etc_sasl2_smtpd.conf' => '/etc/sasl2/smtpd.conf'
),
'commands_2' => array(
'rc-update add postfix default'
),
'restart' => array(
'/etc/init.d/postfix restart'
)
),
'postfix_dovecot' => array(
'label' => 'Postfix/Dovecot',
'commands_1' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'echo "mail-mta/postfix dovecot-sasl -sasl" >> /etc/portage/package.use',
'emerge -av postfix',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'chmod 0750 ' . Settings::Get('system.vmail_homedir'),
'mv /etc/postfix/main.cf /etc/postfix/main.cf.gentoo',
'mv /etc/postfix/master.cf /etc/postfix/master.cf.gentoo',
'touch /etc/postfix/{main,master}.cf',
'chown root:root /etc/postfix/{main,master}.cf',
'chmod 0644 /etc/postfix/{main,master}.cf',
'for suffix in {alias,mailbox,uid,gid}_maps mailbox_domains sender_permissions; do',
' touch /etc/postfix/mysql-virtual_${suffix}.cf',
' chown root:postfix /etc/postfix/mysql-virtual_${suffix}.cf',
' chmod 0640 /etc/postfix/mysql-virtual_${suffix}.cf',
'done'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_mysql-virtual_uid_maps.cf' => '/etc/postfix/mysql-virtual_uid_maps.cf',
'etc_postfix_mysql-virtual_gid_maps.cf' => '/etc/postfix/mysql-virtual_gid_maps.cf'
),
'commands_2' => array(
'rc-update add postfix default'
),
'restart' => array(
'/etc/init.d/postfix restart'
)
),
'postfix_mxaccess' => array(
'label' => 'Postfix MX-Access (anti spam)',
'files' => array(
'etc_postfix_mx_access' => '/etc/postfix/mx_access',
'etc_postfix_main.cf' => '/etc/postfix/main.cf'
),
'commands_1' => array(
'postmap /etc/postfix/mx_access'
),
'restart' => array(
'newaliases',
'/etc/init.d/postfix restart'
)
),
'dkim' => array(
'label' => 'DomainKey filter',
'commands_1' => array(
'emerge dkim-milter',
'emerge --config mail-filter/dkim-milter',
'mkdir -p /etc/postfix/dkim'
),
'files' => array(
'dkim-filter.conf' => '/etc/mail/dkim-filter/dkim-filter.conf'
),
'commands_2' => array(
'echo "smtpd_milters = inet:localhost:8891
milter_macro_daemon_name = SIGNING
milter_default_action = accept" >> /etc/postfix/main.cf',
'rc-update add dkim-filter default'
),
'restart' => array(
'/etc/init.d/postfix restart'
)
)
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'courier' => array(
'label' => 'Courier-IMAP (POP3/IMAP)',
'commands_1' => array(
'rm /etc/courier/authlib/authdaemonrc',
'rm /etc/courier/authlib/authmysqlrc',
'rm /etc/courier-imap/pop3d',
'rm /etc/courier-imap/imapd',
'rm /etc/courier-imap/pop3d-ssl',
'rm /etc/courier-imap/imapd-ssl',
'touch /etc/courier/authlib/authdaemonrc',
'touch /etc/courier/authlib/authmysqlrc',
'touch /etc/courier-imap/pop3d',
'touch /etc/courier-imap/imapd',
'touch /etc/courier-imap/pop3d-ssl',
'touch /etc/courier-imap/imapd-ssl'
),
'files' => array(
'etc_courier_authlib_authdaemonrc' => '/etc/courier/authlib/authdaemonrc',
'etc_courier_authlib_authmysqlrc' => '/etc/courier/authlib/authmysqlrc',
'etc_courier-imap_pop3d' => '/etc/courier-imap/pop3d',
'etc_courier-imap_imapd' => '/etc/courier-imap/imapd',
'etc_courier-imap_pop3d-ssl' => '/etc/courier-imap/pop3d-ssl',
'etc_courier-imap_imapd-ssl' => '/etc/courier-imap/imapd-ssl'
),
'commands_2' => array(
'chown root:0 /etc/courier/authlib/authdaemonrc',
'chown root:0 /etc/courier/authlib/authmysqlrc',
'chown root:0 /etc/courier-imap/pop3d',
'chown root:0 /etc/courier-imap/imapd',
'chown root:0 /etc/courier-imap/pop3d-ssl',
'chown root:0 /etc/courier-imap/imapd-ssl',
'chmod 0600 /etc/courier/authlib/authdaemonrc',
'chmod 0600 /etc/courier/authlib/authmysqlrc',
'chmod 0600 /etc/courier-imap/pop3d',
'chmod 0600 /etc/courier-imap/imapd',
'chmod 0600 /etc/courier-imap/pop3d-ssl',
'chmod 0600 /etc/courier-imap/imapd-ssl',
'rc-update add courier-authlib default',
'rc-update add courier-pop3d default',
'rc-update add courier-imapd default'
),
'restart' => array(
'/etc/init.d/courier-authlib restart',
'/etc/init.d/courier-pop3d restart',
'/etc/init.d/courier-imapd restart'
)
),
'dovecot' => array(
'label' => 'Dovecot',
'commands_1' => array(
'echo "net-mail/dovecot mysql" >> /etc/portage/package.use',
'emerge -av dovecot',
'mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.gentoo',
'mv /etc/dovecot/dovecot-sql.conf /etc/dovecot/dovecot-sql.conf.gentoo',
'touch /etc/dovecot/dovecot.conf',
'touch /etc/dovecot/dovecot-sql.conf',
),
'files' => array(
'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',
'etc_dovecot_dovecot-sql.conf' => '/etc/dovecot/dovecot-sql.conf'
),
'commands_2' => array(
'chmod 0640 /etc/dovecot/dovecot-sql.conf',
'rc-update add dovecot default'
),
'restart' => array(
'/etc/init.d/dovecot restart'
)
)
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd',
'commands_1' => array(
'echo "net-ftp/proftpd mysql" >> /etc/portage/package.use',
'emerge -av proftpd',
'touch /etc/proftpd/proftpd.conf'
),
'files' => array(
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'commands_2' => array(
'chown root:0 /etc/proftpd/proftpd.conf',
'chmod 0600 /etc/proftpd/proftpd.conf',
'rc-update add proftpd default'
),
'restart' => array(
'/etc/init.d/proftpd restart'
)
),
'pureftpd' => array(
'label' => 'PureFTPD',
'commands_1' => array(
'emerge pure-ftpd'
),
'files' => array(
'etc_conf.d_pure-ftpd' => '/etc/conf.d/pure-ftpd',
'etc_pureftpd-mysql.conf' => '/etc/pureftpd-mysql.conf'
),
'commands_2' => array(
'chown root:0 /etc/conf.d/pure-ftpd',
'chmod 0644 /etc/conf.d/pure-ftpd',
'chown root:0 /etc/pureftpd-mysql.conf',
'chmod 0600 /etc/pureftpd-mysql.conf',
'rc-update add pure-ftpd default'
),
'restart' => array(
'/etc/init.d/pure-ftpd restart'
)
)
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'commands_1' => array(
'touch /etc/cron.d/froxlor',
'chown root:0 /etc/cron.d/froxlor',
'chmod 0640 /etc/cron.d/froxlor'
),
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
Settings::Get('system.crondreload')
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'emerge awstats',
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself',
'rm /etc/cron.d/awstats'
),
),
'libnss' => array(
'label' => 'libnss (system login with mysql)',
'commands_1' => array(
'emerge -av libnss-mysql'
),
'files' => array(
'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
'etc_nsswitch.conf' => '/etc/nsswitch.conf',
),
'commands_2' => array(
'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg',
'rc-update add nscd default'
),
'restart' => array(
'/etc/init.d/nscd restart'
)
),
'logrotate' => array(
'label' => 'Logrotate',
'commands_1' => array(
'emerge -av app-admin/logrotate',
'touch /etc/logrotate.d/froxlor',
'chmod 644 /etc/logrotate.d/froxlor'
),
'files' => array(
'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor'
),
'commands_2' => array(
'# emerge automatically adds a daily cronjob for logrotate',
'# you do not have to do anything else :)'
)
)
)
)
)
)
);

4
lib/configfiles/gentoo.xml
View File

@@ -2692,8 +2692,8 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
#TLSLog /var/log/proftpd-tls.log #TLSLog /var/log/proftpd-tls.log
#TLSProtocol SSLv23 #TLSProtocol SSLv23
#TLSTimeoutHandshake 120 #TLSTimeoutHandshake 120
# Really important for WinClients # Really important for WinClients and some clients
#TLSOptions NoCertRequest #TLSOptions NoCertRequest NoSessionReuseRequired
#TLSRSACertificateFile /etc/ssl/server/<SERVERNAME>.crt #TLSRSACertificateFile /etc/ssl/server/<SERVERNAME>.crt
#TLSRSACertificateKeyFile /etc/ssl/server/<SERVERNAME>.key #TLSRSACertificateKeyFile /etc/ssl/server/<SERVERNAME>.key
# Authenticate client that want to use FTP over TLS? # Authenticate client that want to use FTP over TLS?

3846
lib/configfiles/jessie.xml Normal file
View File

File diff suppressed because it is too large Load Diff

421
lib/configfiles/precise.inc.php
View File

@@ -1,421 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'ubuntu_precise' => array(
'label' => 'Ubuntu 12.04 (Precise)',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache2' => array(
'label' => 'Apache 2',
'commands' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'a2dismod userdir'
),
'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ?
array(
'etc_apache2_mods-enabled_fastcgi.conf' => '/etc/apache2/mods-enabled/fastcgi.conf'
)
:
null,
'restart' => array(
'/etc/init.d/apache2 restart'
),
),
'lighttpd' => array(
'label' => 'Lighttpd Webserver',
'commands_1' => array(
'apt-get install lighttpd',
),
'files' => array(
'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf',
),
'commands_2' => array(
$configcommand['vhost'],
$configcommand['diroptions'],
$configcommand['v_inclighty'],
$configcommand['d_inclighty'],
'lighty-disable-mod cgi',
'lighty-disable-mod fastcgi',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir')
),
'restart' => array(
'/etc/init.d/lighttpd restart'
),
),
'nginx' => array(
'label' => 'Nginx Webserver',
'commands_1' => array(
'apt-get install nginx php5-cgi',
),
'files' => array(
'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf',
'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi'
),
'commands_2' => array(
'rm /etc/nginx/sites-enabled/default',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod u+x /etc/init.d/php-fcgi'
),
'restart' => array(
'/etc/init.d/php-fcgi start',
'/etc/init.d/nginx restart'
)
),
),
),
'dns' => array(
'label' => $lng['admin']['configfiles']['dns'],
'daemons' => array(
'bind' => array(
'label' => 'Bind9',
'commands' => array(
'apt-get install bind9',
'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf',
'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chown root:bind ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chmod 0644 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf'
),
'restart' => array(
'/etc/init.d/bind9 restart'
)
),
'powerdns' => array(
'label' => 'PowerDNS',
'files' => array(
'etc_powerdns_pdns.conf' => '/etc/powerdns/pdns.conf',
'etc_powerdns_pdns-froxlor.conf' => '/etc/powerdns/pdns_froxlor.conf',
),
'restart' => array(
'/etc/init.d/pdns restart'
)
),
)
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix_courier' => array(
'label' => 'Postfix/Courier',
'commands' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'touch /etc/postfix/sasl/smtpd.conf',
'chown root:root /etc/postfix/main.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/sasl/smtpd.conf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0600 /etc/postfix/sasl/smtpd.conf',
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_sasl_smtpd.conf' => '/etc/postfix/sasl/smtpd.conf'
),
'restart' => array(
'newaliases',
'/etc/init.d/postfix restart'
)
),
'dkim' => array(
'label' => 'DomainKey filter',
'commands_1' => array(
'apt-get install dkim-filter',
'mkdir -p /etc/postfix/dkim'
),
'files' => array(
'dkim-filter.conf' => '/etc/dkim-filter.conf'
),
'commands_2' => array(
'echo "milter_default_action = accept" >> /etc/postfix/main.cf',
'echo "milter_protocol = 2" >> /etc/postfix/main.cf',
'echo "smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf',
'echo "non_smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf'
),
'restart' => array(
'/etc/init.d/dkim-filter restart',
'/etc/init.d/postfix restart'
)
),
'postfix_dovecot' => array(
'label' => 'Postfix/Dovecot',
'commands' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'apt-get install postfix postfix-mysql',
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/main.cf',
'chown root:root /etc/postfix/master.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0644 /etc/postfix/master.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf'
),
'restart' => array(
'/etc/init.d/postfix restart',
'newaliases'
)
),
'postfix_mxaccess' => array(
'label' => 'Postfix MX-Access (anti spam)',
'files' => array(
'etc_postfix_mx_access' => '/etc/postfix/mx_access',
'etc_postfix_main.cf' => '/etc/postfix/main.cf'
),
'commands_1' => array(
'postmap /etc/postfix/mx_access'
),
'restart' => array(
'/etc/init.d/postfix restart'
)
),
'exim4' => array(
'label' => 'Exim4',
'commands_1' => array(
'dpkg-reconfigure exim4-config',
'# choose "no configuration at this time" and "splitted configuration files" in the dialog'
),
'files' => array(
'etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul' => '/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt.rul',
'etc_exim4_conf.d_auth_30_froxlor-config' => '/etc/exim4/conf.d/auth/30_froxlor-config',
'etc_exim4_conf.d_main_10_froxlor-config_options' => '/etc/exim4/conf.d/main/10_froxlor-config_options',
'etc_exim4_conf.d_router_180_froxlor-config' => '/etc/exim4/conf.d/router/180_froxlor-config',
'etc_exim4_conf.d_transport_30_froxlor-config' => '/etc/exim4/conf.d/transport/30_froxlor-config'
),
'commands_2' => array(
'chmod o-rx /var/lib/exim4',
'chmod o-rx /etc/exim4/conf.d/main/10_froxlor-config_options'
),
'restart' => array(
'/etc/init.d/exim4 restart'
)
)
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'courier' => array(
'label' => 'Courier',
'commands' => array(
'apt-get install courier-pop courier-imap courier-authlib-mysql'
),
'files' => array(
'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc',
'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc'
),
'restart' => array(
'/etc/init.d/courier-authdaemon restart',
'/etc/init.d/courier-pop restart'
)
),
'dovecot' => array(
'label' => 'Dovecot',
'commands_1' => array(
'apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql dovecot-managesieved dovecot-sieve mail-stack-delivery'
),
'files' => array(
'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf',
'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
'etc_dovecot_conf.d_auth-sql.conf.ext' => '/etc/dovecot/conf.d/auth-sql.conf.ext',
'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext'
),
'commands_2' => array(
'chmod 0640 /etc/dovecot/dovecot-sql.conf.ext'
),
'restart' => array(
'/etc/init.d/dovecot restart'
)
)
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd',
'commands' => array(
'apt-get install proftpd-basic proftpd-mod-mysql'
),
'files' => array(
'etc_proftpd_sql.conf' => '/etc/proftpd/sql.conf',
'etc_proftpd_modules.conf' => '/etc/proftpd/modules.conf',
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'restart' => array(
'/etc/init.d/proftpd restart'
)
),
'pure-ftpd' => array(
'label' => 'Pure FTPd',
'commands_1' => array(
'apt-get install pure-ftpd-common pure-ftpd-mysql'
),
'files' => array(
'etc_pure-ftpd_conf_MinUID' => '/etc/pure-ftpd/conf/MinUID',
'etc_pure-ftpd_conf_MySQLConfigFile' => '/etc/pure-ftpd/conf/MySQLConfigFile',
'etc_pure-ftpd_conf_NoAnonymous' => '/etc/pure-ftpd/conf/NoAnonymous',
'etc_pure-ftpd_conf_MaxIdleTime' => '/etc/pure-ftpd/conf/MaxIdleTime',
'etc_pure-ftpd_conf_ChrootEveryone' => '/etc/pure-ftpd/conf/ChrootEveryone',
'etc_pure-ftpd_conf_PAMAuthentication' => '/etc/pure-ftpd/conf/PAMAuthentication',
'etc_pure-ftpd_db_mysql.conf' => '/etc/pure-ftpd/db/mysql.conf',
'etc_pure-ftpd_conf_CustomerProof' => '/etc/pure-ftpd/conf/CustomerProof',
'etc_pure-ftpd_conf_Bind' => '/etc/pure-ftpd/conf/Bind',
'etc_default_pure-ftpd-common' => '/etc/default/pure-ftpd-common'
),
'commands_2' => array(
'chmod 0640 /etc/pure-ftpd/db/mysql.conf'
),
'restart' => array(
'/etc/init.d/pure-ftpd-mysql restart'
)
),
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
Settings::Get('system.crondreload')
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'apt-get install awstats',
'cp /usr/share/awstats/tools/awstats_buildstaticpages.pl '.makeCorrectDir(Settings::Get('system.awstats_path')),
'mv '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.conf').' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself',
'rm /etc/cron.d/awstats'
),
),
'libnss' => array(
'label' => 'libnss-bg (system login with mysql)',
'commands' => array(
'apt-get install libnss-mysql-bg nscd',
'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg'
),
'files' => array(
'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
'etc_nsswitch.conf' => '/etc/nsswitch.conf',
),
'restart' => array(
'/etc/init.d/nscd restart'
)
),
'logrotate' => array(
'label' => 'Logrotate',
'commands_1' => array(
'apt-get install logrotate',
'touch /etc/logrotate.d/froxlor',
'chmod 644 /etc/logrotate.d/froxlor'
),
'files' => array(
'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor'
),
'commands_2' => array(
'# apt automatically adds a daily cronjob for logrotate',
'# you do not have to do anything else :)'
)
)
)
)
)
)
);

169
lib/configfiles/rhel7.inc.php
View File

@@ -1,169 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2014 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Ante de Baas <mail@debaas.net> (2014-)
* @author Froxlor team <team@froxlor.org> (2014-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'rhel7' => array(
'label' => 'RHEL / CentOS 7',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache' => array(
'label' => 'Apache 2.4',
'commands' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : ''
),
'restart' => array(
'systemctl reload-or-restart httpd.service'
)
),
),
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix' => array(
'label' => 'Postfix 2.10',
'commands_install' => array(
'yum install postfix',
'systemctl enable postfix.service',
),
'commands' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/mysql-*.cf',
'chmod 0600 /etc/postfix/mysql-*.cf',
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf'
),
'restart' => array(
'newaliases',
'systemctl reload-or-restart postfix.service'
)
),
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'dovecot' => array(
'label' => 'Dovecot 2.2',
'commands_install' => array(
'yum install dovecot dovecot-mysql dovecot-pigeonhole',
'systemctl enable dovecot.service',
),
'commands' => array(
'touch /etc/dovecot/dovecot-sql.conf.ext',
'chmod 0600 /etc/dovecot/dovecot-sql.conf.ext',
),
'files' => array(
'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',
'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext',
'etc_dovecot_conf.d_10-auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
'etc_dovecot_conf.d_10-logging.conf' => '/etc/dovecot/conf.d/10-logging.conf',
'etc_dovecot_conf.d_10-mail.conf' => '/etc/dovecot/conf.d/10-mail.conf',
'etc_dovecot_conf.d_10-master.conf' => '/etc/dovecot/conf.d/10-master.conf',
'etc_dovecot_conf.d_10-ssl.conf' => '/etc/dovecot/conf.d/10-ssl.conf',
'etc_dovecot_conf.d_15-lda.conf' => '/etc/dovecot/conf.d/15-lda.conf',
'etc_dovecot_conf.d_15-mailboxes.conf' => '/etc/dovecot/conf.d/15-mailboxes.conf',
'etc_dovecot_conf.d_20-imap.conf' => '/etc/dovecot/conf.d/20-imap.conf',
'etc_dovecot_conf.d_20-lmtp.conf' => '/etc/dovecot/conf.d/20-lmtp.conf',
'etc_dovecot_conf.d_20-managesieve.conf' => '/etc/dovecot/conf.d/20-managesieve.conf',
'etc_dovecot_conf.d_20-pop3.conf' => '/etc/dovecot/conf.d/20-pop3.conf',
'etc_dovecot_conf.d_90-sieve.conf' => '/etc/dovecot/conf.d/90-sieve.conf',
),
'restart' => array(
'systemctl reload-or-restart dovecot.service',
)
),
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd 1.3',
'commands_install' => array(
'yum install proftpd proftpd-mysql',
'systemctl enable proftpd.service',
),
'files' => array(
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'restart' => array(
'systemctl reload-or-restart proftpd.service'
)
),
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
'systemctl reload-or-restart crond.service'
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself'
)
)
)
)
)
)
);

2
lib/configfiles/rhel_centos.xml
View File

@@ -2120,7 +2120,7 @@ ControlsLog /var/log/proftpd/controls.log
TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
TLSCipherSuite ALL:!ADH:!DES TLSCipherSuite ALL:!ADH:!DES
TLSOptions NoCertRequest TLSOptions NoCertRequest NoSessionReuseRequired
TLSVerifyClient off TLSVerifyClient off
#TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
TLSLog /var/log/proftpd/tls.log TLSLog /var/log/proftpd/tls.log

416
lib/configfiles/trusty.inc.php
View File

@@ -1,416 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'ubuntu_trusty' => array(
'label' => 'Ubuntu 14.04 (Trusty)',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache2' => array(
'label' => 'Apache 2',
'commands' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'a2dismod userdir'
),
'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ?
array(
'etc_apache2_mods-enabled_fastcgi.conf' => '/etc/apache2/mods-enabled/fastcgi.conf'
)
:
null,
'restart' => array(
'service apache2 restart'
),
),
'lighttpd' => array(
'label' => 'Lighttpd Webserver',
'commands_1' => array(
'apt-get install lighttpd',
),
'files' => array(
'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf',
),
'commands_2' => array(
$configcommand['vhost'],
$configcommand['diroptions'],
$configcommand['v_inclighty'],
$configcommand['d_inclighty'],
'lighty-disable-mod cgi',
'lighty-disable-mod fastcgi',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir')
),
'restart' => array(
'service lighttpd restart'
),
),
'nginx' => array(
'label' => 'Nginx Webserver',
'commands_1' => array(
'apt-get install nginx php5-cgi php5-cli',
),
'files' => array(
'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf',
'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi'
),
'commands_2' => array(
'rm /etc/nginx/sites-enabled/default',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod u+x /etc/init.d/php-fcgi'
),
'restart' => array(
'service php-fcgi start',
'service nginx restart'
)
),
),
),
'dns' => array(
'label' => $lng['admin']['configfiles']['dns'],
'daemons' => array(
'bind' => array(
'label' => 'Bind9',
'commands' => array(
'apt-get install bind9',
'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf',
'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chown root:bind ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chmod 0644 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf'
),
'restart' => array(
'service bind9 restart'
)
),
'powerdns' => array(
'label' => 'PowerDNS',
'files' => array(
'etc_powerdns_pdns.conf' => '/etc/powerdns/pdns.conf',
'etc_powerdns_pdns-froxlor.conf' => '/etc/powerdns/pdns_froxlor.conf',
),
'restart' => array(
'service pdns restart'
)
),
)
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix_courier' => array(
'label' => 'Postfix/Courier',
'commands' => array(
'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'touch /etc/postfix/sasl/smtpd.conf',
'chown root:root /etc/postfix/main.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/sasl/smtpd.conf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0600 /etc/postfix/sasl/smtpd.conf',
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_sasl_smtpd.conf' => '/etc/postfix/sasl/smtpd.conf'
),
'restart' => array(
'newaliases',
'service postfix restart'
)
),
'dkim' => array(
'label' => 'DomainKey filter',
'commands_1' => array(
'apt-get install dkim-filter',
'mkdir -p /etc/postfix/dkim'
),
'files' => array(
'dkim-filter.conf' => '/etc/dkim-filter.conf'
),
'commands_2' => array(
'echo "milter_default_action = accept" >> /etc/postfix/main.cf',
'echo "milter_protocol = 2" >> /etc/postfix/main.cf',
'echo "smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf',
'echo "non_smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf'
),
'restart' => array(
'service dkim-filter restart',
'service postfix restart'
)
),
'postfix_dovecot' => array(
'label' => 'Postfix/Dovecot',
'commands' => array(
'apt-get install postfix postfix-mysql',
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/main.cf',
'chown root:root /etc/postfix/master.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0644 /etc/postfix/master.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf'
),
'restart' => array(
'newaliases',
'service postfix restart'
)
),
'postfix_mxaccess' => array(
'label' => 'Postfix MX-Access (anti spam)',
'files' => array(
'etc_postfix_mx_access' => '/etc/postfix/mx_access',
'etc_postfix_main.cf' => '/etc/postfix/main.cf'
),
'commands_1' => array(
'postmap /etc/postfix/mx_access'
),
'restart' => array(
'service postfix restart'
)
),
'exim4' => array(
'label' => 'Exim4',
'commands_1' => array(
'dpkg-reconfigure exim4-config',
'# choose "no configuration at this time" and "splitted configuration files" in the dialog'
),
'files' => array(
'etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul' => '/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt.rul',
'etc_exim4_conf.d_auth_30_froxlor-config' => '/etc/exim4/conf.d/auth/30_froxlor-config',
'etc_exim4_conf.d_main_10_froxlor-config_options' => '/etc/exim4/conf.d/main/10_froxlor-config_options',
'etc_exim4_conf.d_router_180_froxlor-config' => '/etc/exim4/conf.d/router/180_froxlor-config',
'etc_exim4_conf.d_transport_30_froxlor-config' => '/etc/exim4/conf.d/transport/30_froxlor-config'
),
'commands_2' => array(
'chmod o-rx /var/lib/exim4',
'chmod o-rx /etc/exim4/conf.d/main/10_froxlor-config_options'
),
'restart' => array(
'service exim4 restart'
)
)
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'courier' => array(
'label' => 'Courier',
'commands' => array(
'apt-get install courier-pop courier-imap courier-authlib-mysql'
),
'files' => array(
'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc',
'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc'
),
'restart' => array(
'service courier-authdaemon restart',
'service courier-pop restart'
)
),
'dovecot' => array(
'label' => 'Dovecot',
'commands_1' => array(
'apt-get install dovecot-imapd dovecot-pop3d dovecot-mysql mail-stack-delivery'
),
'files' => array(
'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf',
'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext'
),
'restart' => array(
'service dovecot restart'
)
)
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd',
'commands' => array(
'apt-get install proftpd-basic proftpd-mod-mysql'
),
'files' => array(
'etc_proftpd_sql.conf' => '/etc/proftpd/sql.conf',
'etc_proftpd_modules.conf' => '/etc/proftpd/modules.conf',
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'restart' => array(
'service proftpd restart'
)
),
'pure-ftpd' => array(
'label' => 'Pure FTPd',
'commands_1' => array(
'apt-get install pure-ftpd-common pure-ftpd-mysql'
),
'files' => array(
'etc_pure-ftpd_conf_MinUID' => '/etc/pure-ftpd/conf/MinUID',
'etc_pure-ftpd_conf_MySQLConfigFile' => '/etc/pure-ftpd/conf/MySQLConfigFile',
'etc_pure-ftpd_conf_NoAnonymous' => '/etc/pure-ftpd/conf/NoAnonymous',
'etc_pure-ftpd_conf_MaxIdleTime' => '/etc/pure-ftpd/conf/MaxIdleTime',
'etc_pure-ftpd_conf_ChrootEveryone' => '/etc/pure-ftpd/conf/ChrootEveryone',
'etc_pure-ftpd_conf_PAMAuthentication' => '/etc/pure-ftpd/conf/PAMAuthentication',
'etc_pure-ftpd_db_mysql.conf' => '/etc/pure-ftpd/db/mysql.conf',
'etc_pure-ftpd_conf_CustomerProof' => '/etc/pure-ftpd/conf/CustomerProof',
'etc_pure-ftpd_conf_Bind' => '/etc/pure-ftpd/conf/Bind',
'etc_default_pure-ftpd-common' => '/etc/default/pure-ftpd-common'
),
'commands_2' => array(
'chmod 0640 /etc/pure-ftpd/db/mysql.conf'
),
'restart' => array(
'service pure-ftpd-mysql restart'
)
),
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
Settings::Get('system.crondreload')
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'apt-get install awstats',
'cp /usr/share/awstats/tools/awstats_buildstaticpages.pl '.makeCorrectDir(Settings::Get('system.awstats_path')),
'mv '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.conf').' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself',
'rm /etc/cron.d/awstats'
),
),
'libnss' => array(
'label' => 'libnss-bg (system login with mysql)',
'commands' => array(
'apt-get install libnss-mysql-bg nscd',
'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg'
),
'files' => array(
'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
'etc_nsswitch.conf' => '/etc/nsswitch.conf',
),
'restart' => array(
'service nscd restart'
)
),
'logrotate' => array(
'label' => 'Logrotate',
'commands_1' => array(
'apt-get install logrotate',
'touch /etc/logrotate.d/froxlor',
'chmod 644 /etc/logrotate.d/froxlor'
),
'files' => array(
'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor'
),
'commands_2' => array(
'# apt automatically adds a daily cronjob for logrotate',
'# you do not have to do anything else :)'
)
)
)
)
)
)
);

457
lib/configfiles/wheezy.inc.php
View File

@@ -1,457 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'debian_wheezy' => array(
'label' => 'Debian 7.0 (Wheezy)',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache2' => array(
'label' => 'Apache 2',
'commands' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'a2dismod userdir'
),
'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ?
array(
'etc_apache2_mods-enabled_fastcgi.conf' => '/etc/apache2/mods-enabled/fastcgi.conf'
)
:
null,
'restart' => array(
'/etc/init.d/apache2 restart'
),
),
'lighttpd' => array(
'label' => 'Lighttpd Webserver',
'commands_1' => array(
'apt-get install lighttpd',
),
'files' => array(
'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf',
),
'commands_2' => array(
$configcommand['vhost'],
$configcommand['diroptions'],
$configcommand['v_inclighty'],
$configcommand['d_inclighty'],
'lighty-disable-mod cgi',
'lighty-disable-mod fastcgi',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir')
),
'restart' => array(
'/etc/init.d/lighttpd restart'
)
),
'nginx' => array(
'label' => 'Nginx Webserver',
'commands_1' => array(
'apt-get install nginx php5-cgi',
),
'files' => array(
'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf',
'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi'
),
'commands_2' => array(
'rm /etc/nginx/sites-enabled/default',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod u+x /etc/init.d/php-fcgi'
),
'restart' => array(
'/etc/init.d/php-fcgi start',
'/etc/init.d/nginx restart'
)
)
)
),
'dns' => array(
'label' => $lng['admin']['configfiles']['dns'],
'daemons' => array(
'bind' => array(
'label' => 'Bind9',
'commands' => array(
'apt-get install bind9',
'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf.local',
'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chown root:bind ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chmod 0644 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf'
),
'restart' => array(
'/etc/init.d/bind9 restart'
)
),
'powerdns' => array(
'label' => 'PowerDNS',
'files' => array(
'etc_powerdns_pdns.conf' => '/etc/powerdns/pdns.conf',
'etc_powerdns_bindbackend.conf' => '/etc/powerdns/bindbackend.conf',
),
'restart' => array(
'/etc/init.d/pdns restart'
)
),
)
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix_courier' => array(
'label' => 'Postfix/Courier',
'commands' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' '.$vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'touch /etc/postfix/sasl/smtpd.conf',
'chown root:root /etc/postfix/main.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/sasl/smtpd.conf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0600 /etc/postfix/sasl/smtpd.conf',
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_sasl_smtpd.conf' => '/etc/postfix/sasl/smtpd.conf',
'etc_aliases' => '/etc/aliases'
),
'restart' => array(
'newaliases',
'/etc/init.d/postfix restart'
)
),
'dkim' => array(
'label' => 'DomainKey filter',
'commands_1' => array(
'apt-get install opendkim',
'mkdir -p /etc/postfix/dkim'
),
'files' => array(
'opendkim.conf' => '/etc/opendkim.conf'
),
'commands_2' => array(
'echo "milter_default_action = accept" >> /etc/postfix/main.cf',
'echo "milter_protocol = 6" >> /etc/postfix/main.cf',
'echo "smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf',
'echo "non_smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf'
),
'restart' => array(
'/etc/init.d/opendkim restart',
'/etc/init.d/postfix restart'
)
),
'postfix_dovecot' => array(
'label' => 'Postfix/Dovecot',
'commands' => array(
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R ' . $vmail_username . ':' . $vmail_groupname . ' ' . Settings::Get('system.vmail_homedir'),
'apt-get install postfix postfix-mysql',
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/main.cf',
'chown root:root /etc/postfix/master.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0644 /etc/postfix/master.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_aliases' => '/etc/aliases'
),
'restart' => array(
'newaliases',
'/etc/init.d/postfix restart'
)
),
'postfix_mxaccess' => array(
'label' => 'Postfix MX-Access (anti spam)',
'files' => array(
'etc_postfix_mx_access' => '/etc/postfix/mx_access',
'etc_postfix_main.cf' => '/etc/postfix/main.cf'
),
'commands_1' => array(
'postmap /etc/postfix/mx_access'
),
'restart' => array(
'/etc/init.d/postfix restart'
)
),
'exim4' => array(
'label' => 'Exim4',
'commands_1' => array(
'dpkg-reconfigure exim4-config',
'# choose "no configuration at this time" and "splitted configuration files" in the dialog'
),
'files' => array(
'etc_exim4_conf.d_acl_30_exim4-config_check_rcpt' => '/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt',
'etc_exim4_conf.d_auth_30_froxlor-config' => '/etc/exim4/conf.d/auth/30_froxlor-config',
'etc_exim4_conf.d_main_10_froxlor-config_options' => '/etc/exim4/conf.d/main/10_froxlor-config_options',
'etc_exim4_conf.d_router_180_froxlor-config' => '/etc/exim4/conf.d/router/180_froxlor-config',
'etc_exim4_conf.d_transport_30_froxlor-config' => '/etc/exim4/conf.d/transport/30_froxlor-config'
),
'commands_2' => array(
'chmod o-rx /var/lib/exim4',
'chmod o-rx /etc/exim4/conf.d/main/10_froxlor-config_options'
),
'restart' => array(
'/etc/init.d/exim4 restart'
)
)
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'courier' => array(
'label' => 'Courier',
'commands' => array(
'apt-get install courier-pop courier-imap courier-authlib-mysql'
),
'files' => array(
'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc',
'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc'
),
'restart' => array(
'/etc/init.d/courier-authdaemon restart',
'/etc/init.d/courier-pop restart'
)
),
'dovecot' => array(
'label' => 'Dovecot',
'commands_1' => array(
'apt-get install dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-managesieved dovecot-sieve'
),
'files' => array(
'etc_dovecot_conf.d_10-auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
'etc_dovecot_conf.d_10-mail.conf' => '/etc/dovecot/conf.d/10-mail.conf',
'etc_dovecot_conf.d_10-master.conf' => '/etc/dovecot/conf.d/10-master.conf',
'etc_dovecot_conf.d_15-lda.conf' => '/etc/dovecot/conf.d/15-lda.conf',
'etc_dovecot_conf.d_20-imap.conf' => '/etc/dovecot/conf.d/20-imap.conf',
'etc_dovecot_conf.d_20-pop3.conf' => '/etc/dovecot/conf.d/20-pop3.conf',
'etc_dovecot_conf.d_20-managesieve.conf' => '/etc/dovecot/20-managesieve.conf',
'etc_dovecot_conf.d_90-sieve.conf' => '/etc/dovecot/90-sieve.conf',
'etc_dovecot_dovecot.conf' => '/etc/dovecot/dovecot.conf',
'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext'
),
'restart' => array(
'/etc/init.d/dovecot restart'
)
)
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd',
'commands' => array(
'apt-get install proftpd-basic proftpd-mod-mysql'
),
'files' => array(
'etc_proftpd_sql.conf' => '/etc/proftpd/sql.conf',
'etc_proftpd_modules.conf' => '/etc/proftpd/modules.conf',
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'restart' => array(
'/etc/init.d/proftpd restart'
)
),
'pure-ftpd' => array(
'label' => 'Pure FTPd',
'commands_1' => array(
'apt-get install pure-ftpd-common pure-ftpd-mysql'
),
'files' => array(
'etc_pure-ftpd_conf_MinUID' => '/etc/pure-ftpd/conf/MinUID',
'etc_pure-ftpd_conf_MySQLConfigFile' => '/etc/pure-ftpd/conf/MySQLConfigFile',
'etc_pure-ftpd_conf_NoAnonymous' => '/etc/pure-ftpd/conf/NoAnonymous',
'etc_pure-ftpd_conf_MaxIdleTime' => '/etc/pure-ftpd/conf/MaxIdleTime',
'etc_pure-ftpd_conf_ChrootEveryone' => '/etc/pure-ftpd/conf/ChrootEveryone',
'etc_pure-ftpd_conf_PAMAuthentication' => '/etc/pure-ftpd/conf/PAMAuthentication',
'etc_pure-ftpd_db_mysql.conf' => '/etc/pure-ftpd/db/mysql.conf',
'etc_pure-ftpd_conf_CustomerProof' => '/etc/pure-ftpd/conf/CustomerProof',
'etc_pure-ftpd_conf_Bind' => '/etc/pure-ftpd/conf/Bind',
'etc_default_pure-ftpd-common' => '/etc/default/pure-ftpd-common'
),
'commands_2' => array(
'chmod 0640 /etc/pure-ftpd/db/mysql.conf'
),
'restart' => array(
'/etc/init.d/pure-ftpd-mysql restart'
)
),
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
Settings::Get('system.crondreload')
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'apt-get install awstats',
'cp /usr/share/awstats/tools/awstats_buildstaticpages.pl '.makeCorrectDir(Settings::Get('system.awstats_path')),
'mv '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.conf').' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself',
'rm /etc/cron.d/awstats'
),
),
'libnss' => array(
'label' => 'libnss (system login with mysql)',
'commands' => array(
'apt-get install libnss-mysql-bg nscd',
'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg'
),
'files' => array(
'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
'etc_nsswitch.conf' => '/etc/nsswitch.conf',
),
'restart' => array(
'/etc/init.d/nscd restart'
)
),
'logrotate' => array(
'label' => 'Logrotate',
'commands_1' => array(
'apt-get install logrotate',
'touch /etc/logrotate.d/froxlor',
'chmod 644 /etc/logrotate.d/froxlor'
),
'files' => array(
'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor'
),
'commands_2' => array(
'# apt automatically adds a daily cronjob for logrotate',
'# you do not have to do anything else :)'
)
),
'fcgid' => array(
'label' => 'FCGID',
'commands' => array(
'apt-get install apache2-suexec libapache2-mod-fcgid php5-cgi',
'a2enmod suexec fcgid',
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'groupadd -f '.Settings::Get('system.mod_fcgid_httpgroup') : null,
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'useradd -s /bin/false -g '.Settings::Get('system.mod_fcgid_httpgroup').' '.Settings::Get('system.mod_fcgid_httpuser') : null,
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'chown -R '.Settings::Get('system.mod_fcgid_httpuser').':'.Settings::Get('system.mod_fcgid_httpgroup').' '.FROXLOR_INSTALL_DIR : null,
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'mkdir -p '.makeCorrectDir(Settings::Get('system.mod_fcgid_configdir')) : null,
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'mkdir -p '.makeCorrectDir(Settings::Get('system.mod_fcgid_tmpdir')) : null,
(Settings::Get('system.mod_fcgid_ownvhost') == '1') ? 'a2dismod php5' : null
),
'restart' => array(
Settings::Get('system.apachereload_command')
)
),
'php-fpm' => array(
'label' => 'PHP-FPM',
'commands' => array(
(Settings::Get('system.webserver') == 'apache2') ? '# add "non-free" after all occurrences of "main" in /etc/apt/sources.list' : null,
(Settings::Get('system.webserver') == 'apache2') ? '# this is needed for libapache2-mod-fastcgi to install' : null,
'apt-get install '.((Settings::Get('system.webserver') == 'apache2') ? 'apache2-suexec libapache2-mod-fastcgi ' : '') . 'php5-fpm',
'rm /etc/php5/fpm/pool.d/www.conf',
(Settings::Get('system.webserver') == 'apache2') ? 'a2enmod suexec fastcgi actions' : null,
(Settings::Get('phpfpm.enabled_ownvhost') == '1') ? 'groupadd -f '.Settings::Get('phpfpm.vhost_httpgroup') : null,
(Settings::Get('phpfpm.enabled_ownvhost') == '1') ? 'useradd -s /bin/false -g '.Settings::Get('phpfpm.vhost_httpgroup').' '.Settings::Get('phpfpm.vhost_httpuser') : null,
(Settings::Get('phpfpm.enabled_ownvhost') == '1') ? 'usermod -aG '.Settings::Get('phpfpm.vhost_httpgroup').' '.Settings::Get('system.httpuser') : null,
(Settings::Get('phpfpm.enabled_ownvhost') == '1') ? 'chown -R '.Settings::Get('phpfpm.vhost_httpuser').':'.Settings::Get('phpfpm.vhost_httpgroup').' '.FROXLOR_INSTALL_DIR : null,
(Settings::Get('system.webserver') == 'apache2' && Settings::Get('phpfpm.enabled_ownvhost') == '1') ? 'a2dismod php5' : null
),
'restart' => array(
Settings::Get('system.apachereload_command')
)
)
)
)
)
)
);

381
lib/configfiles/wheezy.xml
View File

@@ -2852,387 +2852,6 @@ auth_mechanisms = plain login
#!include auth-deny.conf.ext #!include auth-deny.conf.ext
#!include auth-master.conf.ext #!include auth-master.conf.ext
#!include auth-system.conf.ext
!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
#!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext
]]>
</content>
</file>
<file name="/etc/dovecot/dovecot.conf" chown="root:root"
chmod="0640" backup="true">
<content><![CDATA[
## Dovecot configuration file
# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration
# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.
# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace "
# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var
# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol
# A comma separated list of IPs or hosts where to listen in for connections.
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::
# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/
# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot
# Greeting message for clients.
#login_greeting = Dovecot ready.
# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =
# Sepace separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets =
# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =
# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no
# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes
# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server
# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ
##
## Dictionary server settings
##
# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
]]>
</content>
</file>
<file name="/etc/dovecot/dovecot-sql.conf.ext" chown="root:root"
chmod="0600" backup="true">
<content><![CDATA[
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki2.dovecot.org/AuthDatabase/SQL
#
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the username and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
#
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the username and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
#
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
#
# CREATE TABLE users (
# username VARCHAR(128) NOT NULL,
# domain VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# uid INTEGER NOT NULL,
# gid INTEGER NOT NULL,
# active CHAR(1) DEFAULT 'Y' NOT NULL
# );
# Database driver: mysql, pgsql, sqlite
driver = mysql
# Database connection string. This is driver-specific setting.
#
# HA / round-robin load-balancing is supported by giving multiple host
# settings, like: host=sql1.host.org host=sql2.host.org
#
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
# Use maxconns=n (default 5) to change how many connections Dovecot can
# create to pgsql.
#
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
#
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
# option_file - Read options from the given file instead of
# the default my.cnf location
# option_group - Read options from the given group (default: client)
#
# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
# Note that currently you can't use spaces in parameters.
#
# sqlite:
# The path to the database file.
#
# Examples:
# connect = host=192.168.1.1 dbname=users
# connect = host=sql.example.com dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
# Default password scheme.
#
# List of supported schemes is in
# http://wiki2.dovecot.org/Authentication/PasswordSchemes
#
default_pass_scheme = CRYPT
# passdb query to retrieve the password. It can return fields:
# password - The user's password. This field must be returned.
# user - user@domain from the database. Needed with case-insensitive lookups.
# username and domain - An alternative way to represent the "user" field.
#
# The "user" field is often necessary with case-insensitive lookups to avoid
# e.g. "name" and "nAme" logins creating two different mail directories. If
# your user and domain names are in separate fields, you can return "username"
# and "domain" fields instead of "user".
#
# The query can also return other fields which have a special meaning, see
# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
#
# Commonly used available substitutions (see http://wiki2.dovecot.org/Variables
# for full list):
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
#
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
#
# Example:
# password_query = SELECT userid AS user, pw AS password \
# FROM users WHERE userid = '%u' AND active = 'Y'
#
#password_query = \
# SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d'
# userdb query to retrieve the user information. It can return fields:
# uid - System UID (overrides mail_uid setting)
# gid - System GID (overrides mail_gid setting)
# home - Home directory
# mail - Mail location (overrides mail_location setting)
#
# None of these are strictly required. If you use a single UID and GID, and
# home or mail directory fits to a template string, you could use userdb static
# instead. For a list of all fields that can be returned, see
# http://wiki2.dovecot.org/UserDatabase/ExtraFields
#
# Examples:
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#
#user_query = \
# SELECT home, uid, gid \
# FROM users WHERE username = '%n' AND domain = '%d'
user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', (quota*1024)) as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
#password_query = \
# SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u'
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
# Query to get a list of all usernames.
#iterate_query = SELECT username AS user FROM users
]]>
</content>
</file>
<file name="/etc/dovecot/conf.d/10-auth.conf" chown="root:0"
chmod="0640" backup="true">
<content><![CDATA[
##
## Authentication processes
##
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
disable_plaintext_auth = no
# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
#auth_cache_size = 0
# Time to live for cached data. After TTL expires the cached record is no
# longer used, *except* if the main database lookup returns internal failure.
# We also try to handle password changes automatically: If user's previous
# authentication was successful, but this one wasn't, the cache isn't used.
# For now this works only with plaintext authentication.
#auth_cache_ttl = 1 hour
# TTL for negative hits (user not found, password mismatch).
# 0 disables caching them completely.
#auth_cache_negative_ttl = 1 hour
# Space separated list of realms for SASL authentication mechanisms that need
# them. You can leave it empty if you don't want to support multiple realms.
# Many clients simply use the first one listed here, so keep the default realm
# first.
#auth_realms =
# Default realm/domain to use if none was specified. This is used for both
# SASL realms and appending @domain to username in plaintext logins.
#auth_default_realm =
# List of allowed characters in username. If the user-given username contains
# a character not listed in here, the login automatically fails. This is just
# an extra check to make sure user can't exploit any potential quote escaping
# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
# set this value to empty.
#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
# Username character translations before it's looked up from databases. The
# value contains series of from -> to characters. For example "#@/@" means
# that '#' and '/' characters are translated to '@'.
#auth_username_translation =
# Username formatting before it's looked up from databases. You can use
# the standard variables here, eg. %Lu would lowercase the username, %n would
# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
# "-AT-". This translation is done after auth_username_translation changes.
#auth_username_format = %Lu
# If you want to allow master users to log in by specifying the master
# username within the normal username string (ie. not using SASL mechanism's
# support for it), you can specify the separator character here. The format
# is then <username><separator><master username>. UW-IMAP uses "*" as the
# separator, so that could be a good choice.
#auth_master_user_separator =
# Username to use for users logging in with ANONYMOUS SASL mechanism
#auth_anonymous_username = anonymous
# Maximum number of dovecot-auth worker processes. They're used to execute
# blocking passdb and userdb queries (eg. MySQL and PAM). They're
# automatically created and destroyed as needed.
#auth_worker_max_count = 30
# Host name to use in GSSAPI principal names. The default is to use the
# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
# entries.
#auth_gssapi_hostname =
# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
# default (usually /etc/krb5.keytab) if not specified. You may need to change
# the auth service to run as root to be able to read this file.
#auth_krb5_keytab =
# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
#auth_use_winbind = no
# Path for Samba's ntlm_auth helper binary.
#auth_winbind_helper_path = /usr/bin/ntlm_auth
# Time to delay before replying to failed authentications.
#auth_failure_delay = 2 secs
# Require a valid SSL client certificate or the authentication fails.
#auth_ssl_require_client_cert = no
# Take the username from client's SSL certificate, using
# X509_NAME_get_text_by_NID() which returns the subject's DN's
# CommonName.
#auth_ssl_username_from_cert = no
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
# gss-spnego
# NOTE: See also disable_plaintext_auth setting.
auth_mechanisms = plain login
##
## Password and user databases
##
#
# Password database is used to verify user's password (and nothing more).
# You can have multiple passdbs and userdbs. This is useful if you want to
# allow both system users (/etc/passwd) and virtual users to login without
# duplicating the system users into virtual database.
#
# <doc/wiki/PasswordDatabase.txt>
#
# User database specifies where mails are located and what user/group IDs
# own them. For single-UID configuration use "static" userdb.
#
# <doc/wiki/UserDatabase.txt>
#!include auth-deny.conf.ext
#!include auth-master.conf.ext
#!include auth-system.conf.ext #!include auth-system.conf.ext
!include auth-sql.conf.ext !include auth-sql.conf.ext
#!include auth-ldap.conf.ext #!include auth-ldap.conf.ext

10
lng/english.lng.php
View File

@@ -1727,7 +1727,7 @@ $lng['domains']['serveraliasoption_www'] = 'WWW (www.domain.tld)';
$lng['domains']['serveraliasoption_none'] = 'No alias'; $lng['domains']['serveraliasoption_none'] = 'No alias';
$lng['error']['givendirnotallowed'] = 'The given directory in field %s is not allowed.'; $lng['error']['givendirnotallowed'] = 'The given directory in field %s is not allowed.';
$lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Configure the allowed SSL ciphers'; $lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Configure the allowed SSL ciphers';
$lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'This is a list of ciphers that you want (or don\'t want) to use when talking SSL. For a list of ciphers and how to include/exclude them, see sections "CIPHER LIST FORMAT" and "CIPHER STRINGS" on <a href="http://openssl.org/docs/apps/ciphers.html">the man-page for ciphers</a>.<br /><br /><b>Default value is:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>'; $lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'This is a list of ciphers that you want (or don\'t want) to use when talking SSL. For a list of ciphers and how to include/exclude them, see sections "CIPHER LIST FORMAT" and "CIPHER STRINGS" on <a href="http://openssl.org/docs/apps/ciphers.html">the man-page for ciphers</a>.<br /><br /><b>Default value is:</b><pre>ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128</pre>';
// Added in Froxlor 0.9.31 // Added in Froxlor 0.9.31
$lng['panel']['dashboard'] = 'Dashboard'; $lng['panel']['dashboard'] = 'Dashboard';
@@ -1843,6 +1843,12 @@ $lng['admin']['configfiles']['commands'] = '<span class="red">Commands:</span> T
$lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> This is an example of the contents of a configuration file. The commands before these textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "MYSQL_PASSWORD" on your own. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"'; $lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> This is an example of the contents of a configuration file. The commands before these textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "MYSQL_PASSWORD" on your own. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"';
$lng['serversettings']['apache_itksupport']['title'] = 'Use modifications for Apache ITK-MPM'; $lng['serversettings']['apache_itksupport']['title'] = 'Use modifications for Apache ITK-MPM';
$lng['serversettings']['apache_itksupport']['description'] = '<strong class="red">ATTENTION:</strong> use only if you acutally have apache itk-mpm enabled<br />otherwise your webserver will not be able to start'; $lng['serversettings']['apache_itksupport']['description'] = '<strong class="red">ATTENTION:</strong> use only if you acutally have apache itk-mpm enabled<br />otherwise your webserver will not be able to start';
$lng['admin']['specialsettings_replacements'] = "You can use the following variables:<br/><code>{DOMAIN}</code>, <code>{DOCROOT}</code>, <code>{CUSTOMER}</code>, <code>{IP}</code>, <code>{PORT}</code>, <code>{IS_SSL}</code><br/>"; $lng['integrity_check']['DatabaseCharset'] = 'Characterset of database (should be UTF-8)';
$lng['integrity_check']['DomainIpTable'] = 'IP &lt;&dash;&gt; domain references';
$lng['integrity_check']['SubdomainSslRedirect'] = 'False SSL-redirect flag for non-ssl domains';
$lng['integrity_check']['FroxlorLocalGroupMemberForFcgidPhpFpm'] = 'froxlor-user in the customer groups (for FCGID/php-fpm)';
$lng['integrity_check']['WebserverGroupMemberForFcgidPhpFpm'] = 'Webserver-user in the customer groups (for FCGID/php-fpm)';
$lng['admin']['specialsettings_replacements'] = "You can use the following variables:<br/><code>{DOMAIN}</code>, <code>{DOCROOT}</code>, <code>{CUSTOMER}</code>, <code>{IP}</code>, <code>{PORT}</code>, <code>{SCHEME}</code><br/>";
$lng['serversettings']['default_vhostconf']['description'] = 'The content of this field will be included into this ip/port vHost container directly. '.$lng['admin']['specialsettings_replacements'].' Attention: The code won\'t be checked for any errors. If it contains errors, webserver might not start again!'; $lng['serversettings']['default_vhostconf']['description'] = 'The content of this field will be included into this ip/port vHost container directly. '.$lng['admin']['specialsettings_replacements'].' Attention: The code won\'t be checked for any errors. If it contains errors, webserver might not start again!';
$lng['serversettings']['default_vhostconf_domain']['description'] = 'The content of this field will be included into the domain vHost container directly. '.$lng['admin']['specialsettings_replacements'].' Attention: The code won\'t be checked for any errors. If it contains errors, webserver might not start again!'; $lng['serversettings']['default_vhostconf_domain']['description'] = 'The content of this field will be included into the domain vHost container directly. '.$lng['admin']['specialsettings_replacements'].' Attention: The code won\'t be checked for any errors. If it contains errors, webserver might not start again!';

9
lng/german.lng.php
View File

@@ -1454,7 +1454,7 @@ $lng['domains']['serveraliasoption_www'] = 'www (www.domain.tld)';
$lng['domains']['serveraliasoption_none'] = 'Kein Alias'; $lng['domains']['serveraliasoption_none'] = 'Kein Alias';
$lng['error']['givendirnotallowed'] = 'Das angegebene Verzeichnis im Feld %s ist nicht erlaubt.'; $lng['error']['givendirnotallowed'] = 'Das angegebene Verzeichnis im Feld %s ist nicht erlaubt.';
$lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Erlaubte SSL Ciphers festlegen'; $lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Erlaubte SSL Ciphers festlegen';
$lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'Dies ist eine Liste von Ciphers die genutzt werden sollen (oder auch nicht genutzt werden sollen) wenn eine SSL Verbindung besteht. Eine Liste aller Ciphers und wie diese hinzugefügt/ausgeschlossen werden ist in den Abschnitten "CIPHER LIST FORMAT" und "CIPHER STRINGS" in <a href="http://openssl.org/docs/apps/ciphers.html">der man-page für Ciphers</a> zu finden.<br /><br /><b>Standard-Wert ist:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>'; $lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'Dies ist eine Liste von Ciphers die genutzt werden sollen (oder auch nicht genutzt werden sollen) wenn eine SSL Verbindung besteht. Eine Liste aller Ciphers und wie diese hinzugefügt/ausgeschlossen werden ist in den Abschnitten "CIPHER LIST FORMAT" und "CIPHER STRINGS" in <a href="http://openssl.org/docs/apps/ciphers.html">der man-page für Ciphers</a> zu finden.<br /><br /><b>Standard-Wert ist:</b><pre>ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128</pre>';
// Added in Froxlor 0.9.31 // Added in Froxlor 0.9.31
$lng['panel']['dashboard'] = 'Dashboard'; $lng['panel']['dashboard'] = 'Dashboard';
@@ -1570,6 +1570,11 @@ $lng['admin']['configfiles']['commands'] = '<span class="red">Kommandos:</span>
$lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Dies ist der Inhalt einer Konfigurationsdatei. Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zeildatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><br><span class="red">Beachten Sie:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetzen Sie "MYSQL_PASSWORD" manuell durch das entsprechende Passwort. Falls Sie es vergessen haben sollten, finden Sie es in der Datei "lib/userdata.inc.php".'; $lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Dies ist der Inhalt einer Konfigurationsdatei. Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zeildatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><br><span class="red">Beachten Sie:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetzen Sie "MYSQL_PASSWORD" manuell durch das entsprechende Passwort. Falls Sie es vergessen haben sollten, finden Sie es in der Datei "lib/userdata.inc.php".';
$lng['serversettings']['apache_itksupport']['title'] = 'Anpassungen für Apache ITK-MPM verwenden'; $lng['serversettings']['apache_itksupport']['title'] = 'Anpassungen für Apache ITK-MPM verwenden';
$lng['serversettings']['apache_itksupport']['description'] = '<div class="red">Achtung: Bitte nur verwenden, wenn wirklich Apache itk-mpm verwendet wird, ansonsten wird der Webserver nicht starten.</div>'; $lng['serversettings']['apache_itksupport']['description'] = '<div class="red">Achtung: Bitte nur verwenden, wenn wirklich Apache itk-mpm verwendet wird, ansonsten wird der Webserver nicht starten.</div>';
$lng['admin']['specialsettings_replacements'] = "Die folgenden Variablen können verwendet werden:<br/><code>{DOMAIN}</code>, <code>{DOCROOT}</code>, <code>{CUSTOMER}</code>, <code>{IP}</code>, <code>{PORT}</code>, <code>{IS_SSL}</code><br/>"; $lng['integrity_check']['DatabaseCharset'] = 'Characterset der Datenbank (sollte UTF-8 sein)';
$lng['integrity_check']['DomainIpTable'] = 'IP &lt;&dash;&gt; Domain Verkn&uuml;pfung';
$lng['integrity_check']['SubdomainSslRedirect'] = 'Falsches SSL-redirect Flag bei nicht-ssl Domains';
$lng['integrity_check']['FroxlorLocalGroupMemberForFcgidPhpFpm'] = 'froxlor-Benutzer in Kunden Gruppen (f&uuml;r FCGID/php-fpm)';
$lng['integrity_check']['WebserverGroupMemberForFcgidPhpFpm'] = 'Webserver-Benutzer in Kunden Gruppen (f&uuml;r FCGID/php-fpm)';
$lng['admin']['specialsettings_replacements'] = "Die folgenden Variablen können verwendet werden:<br/><code>{DOMAIN}</code>, <code>{DOCROOT}</code>, <code>{CUSTOMER}</code>, <code>{IP}</code>, <code>{PORT}</code>, <code>{SCHEME}</code><br/>";
$lng['serversettings']['default_vhostconf']['description'] = 'Der Inhalt dieses Feldes wird direkt in den IP/Port-vHost-Container übernommen. '.$lng['admin']['specialsettings_replacements'].'<br /><strong>ACHTUNG:</strong> Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Der Webserver könnte nicht mehr starten!'; $lng['serversettings']['default_vhostconf']['description'] = 'Der Inhalt dieses Feldes wird direkt in den IP/Port-vHost-Container übernommen. '.$lng['admin']['specialsettings_replacements'].'<br /><strong>ACHTUNG:</strong> Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Der Webserver könnte nicht mehr starten!';
$lng['serversettings']['default_vhostconf_domain']['description'] = 'Der Inhalt dieses Feldes wird direkt in jeden Domain-vHost-Container übernommen. '. $lng['admin']['specialsettings_replacements'].'<strong>ACHTUNG:</strong> Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Der Webserver könnte nicht mehr starten!'; $lng['serversettings']['default_vhostconf_domain']['description'] = 'Der Inhalt dieses Feldes wird direkt in jeden Domain-vHost-Container übernommen. '. $lng['admin']['specialsettings_replacements'].'<strong>ACHTUNG:</strong> Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Der Webserver könnte nicht mehr starten!';

2
scripts/classes/class.HttpConfigBase.php
View File

@@ -29,7 +29,7 @@ class HttpConfigBase {
'CUSTOMER' => $domain['loginname'], 'CUSTOMER' => $domain['loginname'],
'IP' => $ip, 'IP' => $ip,
'PORT' => $port, 'PORT' => $port,
'IS_SSL' => ($is_ssl_vhost)?'ssl':'', 'SCHEME' => ($is_ssl_vhost)?'https':'http',
'DOCROOT' => $domain['documentroot'] 'DOCROOT' => $domain['documentroot']
); );
return replace_variables($template, $templateVars); return replace_variables($template, $templateVars);

74
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -343,26 +343,52 @@ class apache extends HttpConfigBase {
} }
if ($row_ipsandports['ssl_cert_file'] != '') { if ($row_ipsandports['ssl_cert_file'] != '') {
$this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol ALL -SSLv2 -SSLv3' . "\n";
// this makes it more secure, thx to Marcel (08/2013)
$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . "\n";
if ($row_ipsandports['ssl_key_file'] != '') { // check for existence, #1485
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateKeyFile ' . makeCorrectFile($row_ipsandports['ssl_key_file']) . "\n"; if (!file_exists($row_ipsandports['ssl_cert_file'])) {
} $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate file "'.$row_ipsandports['ssl_cert_file'].'" does not exist! Cannot create ssl-directives');
echo $ipport . ' :: certificate file "'.$row_ipsandports['ssl_cert_file'].'" does not exist! Cannot create SSL-directives'."\n";
} else {
if ($row_ipsandports['ssl_ca_file'] != '') { $this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCACertificateFile ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . "\n"; $this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol ALL -SSLv2 -SSLv3' . "\n";
} // this makes it more secure, thx to Marcel (08/2013)
$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLVerifyDepth 10' . "\n";
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateFile ' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . "\n";
// #418 if ($row_ipsandports['ssl_key_file'] != '') {
if ($row_ipsandports['ssl_cert_chainfile'] != '') { // check for existence, #1485
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateChainFile ' . makeCorrectFile($row_ipsandports['ssl_cert_chainfile']) . "\n"; if (!file_exists($row_ipsandports['ssl_key_file'])) {
} $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate key file "'.$row_ipsandports['ssl_key_file'].'" does not exist! Cannot create ssl-directives');
echo $ipport . ' :: certificate key file "'.$row_ipsandports['ssl_key_file'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateKeyFile ' . makeCorrectFile($row_ipsandports['ssl_key_file']) . "\n";
}
}
if ($row_ipsandports['ssl_ca_file'] != '') {
// check for existence, #1485
if (!file_exists($row_ipsandports['ssl_ca_file'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate CA file "'.$row_ipsandports['ssl_ca_file'].'" does not exist! Cannot create ssl-directives');
echo $ipport . ' :: certificate CA file "'.$row_ipsandports['ssl_ca_file'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCACertificateFile ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . "\n";
}
}
// #418
if ($row_ipsandports['ssl_cert_chainfile'] != '') {
// check for existence, #1485
if (!file_exists($row_ipsandports['ssl_cert_chainfile'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate chain file "'.$row_ipsandports['ssl_cert_chainfile'].'" does not exist! Cannot create ssl-directives');
echo $ipport . ' :: certificate chain file "'.$row_ipsandports['ssl_cert_chainfile'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$this->virtualhosts_data[$vhosts_filename] .= ' SSLCertificateChainFile ' . makeCorrectFile($row_ipsandports['ssl_cert_chainfile']) . "\n";
}
}
}
} }
} }
@@ -616,14 +642,15 @@ class apache extends HttpConfigBase {
&& ((int)$domain['ismainbutsubto'] == 0 && ((int)$domain['ismainbutsubto'] == 0
|| domainMainToSubExists($domain['ismainbutsubto']) == false) || domainMainToSubExists($domain['ismainbutsubto']) == false)
) { ) {
$vhost_no = '22'; $vhost_no = '35';
} elseif ((int)$domain['parentdomainid'] == 0 } elseif ((int)$domain['parentdomainid'] == 0
&& isCustomerStdSubdomain((int)$domain['id']) == false && isCustomerStdSubdomain((int)$domain['id']) == false
&& (int)$domain['ismainbutsubto'] > 0 && (int)$domain['ismainbutsubto'] > 0
) { ) {
$vhost_no = '21'; $vhost_no = '30';
} else { } else {
$vhost_no = '20'; // number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth
$vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1);
} }
if ($ssl_vhost === true) { if ($ssl_vhost === true) {
@@ -790,7 +817,6 @@ class apache extends HttpConfigBase {
$vhost_content .= ' RewriteRule ^/(.*) '. $corrected_docroot.'$1 ' . $modrew_red . "\n"; $vhost_content .= ' RewriteRule ^/(.*) '. $corrected_docroot.'$1 ' . $modrew_red . "\n";
$vhost_content .= ' </IfModule>' . "\n"; $vhost_content .= ' </IfModule>' . "\n";
$code = getDomainRedirectCode($domain['id']);
$vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n"; $vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n";
} else { } else {
@@ -1139,9 +1165,9 @@ class apache extends HttpConfigBase {
$vhosts_file = ''; $vhosts_file = '';
// sort by filename so the order is: // sort by filename so the order is:
// 1. subdomains 20 // 1. subdomains x-29
// 2. subdomains as main-domains 21 // 2. subdomains as main-domains 30
// 3. main-domains 22 // 3. main-domains 35
// #437 // #437
ksort($this->virtualhosts_data); ksort($this->virtualhosts_data);

37
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -169,15 +169,28 @@ class lighttpd extends HttpConfigBase {
} }
if ($row_ipsandports['ssl_cert_file'] != '') { if ($row_ipsandports['ssl_cert_file'] != '') {
$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.use-sslv2 = "disable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.honor-cipher-order = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.pemfile = "' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . '"' . "\n";
if ($row_ipsandports['ssl_ca_file'] != '') { // check for existence, #1485
$this->lighttpd_data[$vhost_filename].= 'ssl.ca-file = "' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . '"' . "\n"; if (!file_exists($row_ipsandports['ssl_cert_file'])) {
} $this->logger->logAction(CRON_ACTION, LOG_ERROR, $ip.':'.$port . ' :: certificate file "'.$row_ipsandports['ssl_cert_file'].'" does not exist! Cannot create ssl-directives');
echo $ip.':'.$port . ' :: certificate file "'.$row_ipsandports['ssl_cert_file'].'" does not exist! Cannot create SSL-directives'."\n";
} else {
$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.use-sslv2 = "disable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.honor-cipher-order = "enable"' . "\n";
$this->lighttpd_data[$vhost_filename].= 'ssl.pemfile = "' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . '"' . "\n";
if ($row_ipsandports['ssl_ca_file'] != '') {
// check for existence, #1485
if (!file_exists($row_ipsandports['ssl_ca_file'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERROR, $ip.':'.$port . ' :: certificate CA file "'.$row_ipsandports['ssl_ca_file'].'" does not exist! Cannot create ssl-directives');
echo $ip.':'.port . ' :: certificate CA file "'.$row_ipsandports['ssl_ca_file'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$this->lighttpd_data[$vhost_filename].= 'ssl.ca-file = "' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . '"' . "\n";
}
}
}
} }
} }
@@ -307,7 +320,7 @@ class lighttpd extends HttpConfigBase {
$_pos = strrpos($_tmp_path, '/'); $_pos = strrpos($_tmp_path, '/');
$_inc_path = substr($_tmp_path, $_pos+1); $_inc_path = substr($_tmp_path, $_pos+1);
// subdomain // maindomain
if ((int)$domain['parentdomainid'] == 0 if ((int)$domain['parentdomainid'] == 0
&& isCustomerStdSubdomain((int)$domain['id']) == false && isCustomerStdSubdomain((int)$domain['id']) == false
&& ((int)$domain['ismainbutsubto'] == 0 && ((int)$domain['ismainbutsubto'] == 0
@@ -322,9 +335,10 @@ class lighttpd extends HttpConfigBase {
) { ) {
$vhost_no = '51'; $vhost_no = '51';
} }
// main domain // subdomains
else { else {
$vhost_no = '52'; // number of dots in a domain specifies it's position (and depth of subdomain) starting at 89 going downwards on higher depth
$vhost_no = (string)(90 - substr_count($domain['domain'], ".") + 1);
} }
if ($ssl == '1') { if ($ssl == '1') {
@@ -499,6 +513,7 @@ class lighttpd extends HttpConfigBase {
} }
if ($domain['ssl_cert_file'] != '') { if ($domain['ssl_cert_file'] != '') {
$ssl_settings.= 'ssl.engine = "enable"' . "\n"; $ssl_settings.= 'ssl.engine = "enable"' . "\n";
$ssl_settings.= 'ssl.use-sslv2 = "disable"' . "\n"; $ssl_settings.= 'ssl.use-sslv2 = "disable"' . "\n";
$ssl_settings.= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n"; $ssl_settings.= 'ssl.cipher-list = "' . Settings::Get('system.ssl_cipher_list') . '"' . "\n";

53
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -153,7 +153,7 @@ class nginx extends HttpConfigBase {
if ($row_ipsandports['ssl_ca_file'] == '') { if ($row_ipsandports['ssl_ca_file'] == '') {
$row_ipsandports['ssl_ca_file'] = Settings::Get('system.ssl_ca_file'); $row_ipsandports['ssl_ca_file'] = Settings::Get('system.ssl_ca_file');
} }
if ($row_ipsandports['ssl_cert_file'] != '') { if ($row_ipsandports['ssl_cert_file'] != '' && file_exists($row_ipsandports['ssl_cert_file'])) {
$ssl_vhost = true; $ssl_vhost = true;
} }
} }
@@ -203,6 +203,7 @@ class nginx extends HttpConfigBase {
* SSL config options * SSL config options
*/ */
if ($row_ipsandports['ssl'] == '1') { if ($row_ipsandports['ssl'] == '1') {
$row_ipsandports['domain'] = Settings::Get('system.hostname');
$this->nginx_data[$vhost_filename].=$this->composeSslSettings($row_ipsandports); $this->nginx_data[$vhost_filename].=$this->composeSslSettings($row_ipsandports);
} }
@@ -298,14 +299,15 @@ class nginx extends HttpConfigBase {
&& ((int)$domain['ismainbutsubto'] == 0 && ((int)$domain['ismainbutsubto'] == 0
|| domainMainToSubExists($domain['ismainbutsubto']) == false) || domainMainToSubExists($domain['ismainbutsubto']) == false)
) { ) {
$vhost_no = '22'; $vhost_no = '35';
} elseif ((int)$domain['parentdomainid'] == 0 } elseif ((int)$domain['parentdomainid'] == 0
&& isCustomerStdSubdomain((int)$domain['id']) == false && isCustomerStdSubdomain((int)$domain['id']) == false
&& (int)$domain['ismainbutsubto'] > 0 && (int)$domain['ismainbutsubto'] > 0
) { ) {
$vhost_no = '21'; $vhost_no = '30';
} else { } else {
$vhost_no = '20'; // number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth
$vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1);
} }
if ($ssl_vhost === true) { if ($ssl_vhost === true) {
@@ -556,20 +558,39 @@ class nginx extends HttpConfigBase {
} }
if ($domain['ssl_cert_file'] != '') { if ($domain['ssl_cert_file'] != '') {
// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
//$sslsettings .= "\t" . 'ssl on;' . "\n";
$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2;' . "\n";
$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
$sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n";
if ($domain['ssl_key_file'] != '') { // check for existence, #1485
$sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' . "\n"; if (!file_exists($domain['ssl_cert_file'])) {
} $this->logger->logAction(CRON_ACTION, LOG_ERROR, $domain['domain'] . ' :: certificate file "'.$domain['ssl_cert_file'].'" does not exist! Cannot create ssl-directives');
echo $domain['domain'] . ' :: certificate file "'.$domain['ssl_cert_file'].'" does not exist! Cannot create SSL-directives'."\n";
} else {
// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
//$sslsettings .= "\t" . 'ssl on;' . "\n";
$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2;' . "\n";
$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
$sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n";
if ($domain['ssl_ca_file'] != '') { if ($domain['ssl_key_file'] != '') {
$sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n"; // check for existence, #1485
} if (!file_exists($row_ipsandports['ssl_key_file'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERROR, $ipport . ' :: certificate key file "'.$domain['ssl_key_file'].'" does not exist! Cannot create ssl-directives');
echo $ipport . ' :: certificate key file "'.$domain['ssl_key_file'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' . "\n";
}
}
if ($domain['ssl_ca_file'] != '') {
// check for existence, #1485
if (!file_exists($row_ipsandports['ssl_ca_file'])) {
$this->logger->logAction(CRON_ACTION, LOG_ERROR, $domain['domain'] . ' :: certificate CA file "'.$domain['ssl_ca_file'].'" does not exist! Cannot create ssl-directives');
echo $domain['domain'] . ' :: certificate CA file "'.$domain['ssl_ca_file'].'" does not exist! SSL-directives might not be working'."\n";
} else {
$sslsettings.= "\t" . 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n";
}
}
}
} }
return $sslsettings; return $sslsettings;

2
templates/Sparkle/admin/settings/integritycheck_row.tpl vendored
View File

@@ -1,6 +1,6 @@
<tr> <tr>
<td>{$displayid}</td> <td>{$displayid}</td>
<td>{$check}</td> <td>{$checkname}</td>
<td> <td>
<if $result == '1'> <if $result == '1'>
<span class="green">OK</span> <span class="green">OK</span>