From e21b923194961ec1e20630b88ee0cf959f7e831a Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sat, 10 Jan 2015 23:46:37 +0100 Subject: [PATCH 1/9] Added Ubuntu 14.04 Trusty, didn't check if the configfiles are working --- lib/configfiles/trusty.inc.php | 422 ++++++++++++++++++ .../etc_apache2_mods-enabled_fastcgi.conf | 10 + .../courier/etc_courier_authdaemonrc | 68 +++ .../courier/etc_courier_authmysqlrc | 14 + .../ubuntu_trusty/cron/etc_cron.d_froxlor | 10 + ...dovecot_conf.d_01_mail_stack_delivery.conf | 70 +++ .../dovecot/etc_dovecot_conf.d_10_auth.conf | 127 ++++++ .../etc_dovecot_conf.d_auth-sql.conf.ext | 8 + .../dovecot/etc_dovecot_dovecot-sql.conf.ext | 6 + .../libnss/etc_libnss-mysql-root.cfg | 2 + .../ubuntu_trusty/libnss/etc_libnss-mysql.cfg | 41 ++ .../ubuntu_trusty/libnss/etc_nsswitch.conf | 20 + .../ubuntu_trusty/lighttpd/etc_lighttpd.conf | 57 +++ .../logrotate/etc_logrotated_froxlor | 16 + .../ubuntu_trusty/nginx/etc_init.d_php-fcgi | 41 ++ .../nginx/etc_nginx_fastcgi.conf | 15 + .../ubuntu_trusty/nginx/etc_nginx_nginx.conf | 26 ++ .../postfix_courier/etc_postfix_main.cf | 85 ++++ .../etc_postfix_mysql-virtual_alias_maps.cf | 8 + ...c_postfix_mysql-virtual_mailbox_domains.cf | 8 + .../etc_postfix_mysql-virtual_mailbox_maps.cf | 7 + ...ostfix_mysql-virtual_sender_permissions.cf | 5 + .../etc_postfix_sasl_smtpd.conf | 11 + .../postfix_dovecot/etc_postfix_main.cf | 89 ++++ .../postfix_dovecot/etc_postfix_master.cf | 4 + .../etc_postfix_mysql-virtual_alias_maps.cf | 8 + ...c_postfix_mysql-virtual_mailbox_domains.cf | 8 + .../etc_postfix_mysql-virtual_mailbox_maps.cf | 7 + ...ostfix_mysql-virtual_sender_permissions.cf | 5 + .../postfix_mxaccess/etc_postfix_main.cf | 25 ++ .../postfix_mxaccess/etc_postfix_mx_access | 9 + .../powerdns/etc_powerdns_pdns-froxlor.conf | 7 + .../powerdns/etc_powerdns_pdns.conf | 17 + .../proftpd/etc_proftpd_modules.conf | 58 +++ .../proftpd/etc_proftpd_proftpd.conf | 131 ++++++ .../proftpd/etc_proftpd_sql.conf | 37 ++ .../pure-ftpd/etc_default_pure-ftpd-common | 5 + .../pure-ftpd/etc_pure-ftpd_conf_Bind | 1 + .../etc_pure-ftpd_conf_ChrootEveryone | 1 + .../etc_pure-ftpd_conf_CustomerProof | 1 + .../pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime | 1 + .../pure-ftpd/etc_pure-ftpd_conf_MinUID | 1 + .../etc_pure-ftpd_conf_MySQLConfigFile | 1 + .../pure-ftpd/etc_pure-ftpd_conf_NoAnonymous | 1 + .../etc_pure-ftpd_conf_PAMAuthentication | 1 + .../pure-ftpd/etc_pure-ftpd_db_mysql.conf | 11 + 46 files changed, 1506 insertions(+) create mode 100644 lib/configfiles/trusty.inc.php create mode 100644 templates/misc/configfiles/ubuntu_trusty/apache2/etc_apache2_mods-enabled_fastcgi.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authdaemonrc create mode 100644 templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authmysqlrc create mode 100644 templates/misc/configfiles/ubuntu_trusty/cron/etc_cron.d_froxlor create mode 100644 templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_10_auth.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext create mode 100644 templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_dovecot-sql.conf.ext create mode 100644 templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql-root.cfg create mode 100644 templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql.cfg create mode 100644 templates/misc/configfiles/ubuntu_trusty/libnss/etc_nsswitch.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/lighttpd/etc_lighttpd.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/logrotate/etc_logrotated_froxlor create mode 100644 templates/misc/configfiles/ubuntu_trusty/nginx/etc_init.d_php-fcgi create mode 100644 templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_fastcgi.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_nginx.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_main.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_sender_permissions.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_sasl_smtpd.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_master.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_sender_permissions.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_main.cf create mode 100644 templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_mx_access create mode 100644 templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns-froxlor.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_modules.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_proftpd.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_sql.conf create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_default_pure-ftpd-common create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_Bind create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_CustomerProof create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MinUID create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication create mode 100644 templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_db_mysql.conf diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php new file mode 100644 index 00000000..076be2a8 --- /dev/null +++ b/lib/configfiles/trusty.inc.php @@ -0,0 +1,422 @@ + (2003-2009) + * @author Froxlor team (2010-) + * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt + * @package Configfiles + * + */ + +// Try to guess user/group from settings' email UID/GID +$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid')); +$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid')); + +/* If one of them are not set, call it 'vmail' and suggest creating user/group + * in scripts. */ +if ($vmail_user === false) { + $vmail_username="vmail"; +} else { + $vmail_username=$vmail_user['name']; +} +if ($vmail_group === false) { + $vmail_groupname="vmail"; +} else { + $vmail_groupname=$vmail_group['name']; +} + +return array( + 'ubuntu_trusty' => array( + 'label' => 'Ubuntu 14.04 (Trusty)', + 'services' => array( + 'http' => array( + 'label' => $lng['admin']['configfiles']['http'], + 'daemons' => array( + 'apache2' => array( + 'label' => 'Apache 2', + 'commands' => array( + 'mkdir -p ' . Settings::Get('system.documentroot_prefix'), + 'mkdir -p ' . Settings::Get('system.logfiles_directory'), + (Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '', + 'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'), + 'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'), + 'a2dismod userdir' + ), + 'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ? + array( + 'etc_apache2_mods-enabled_fastcgi.conf' => '/etc/apache2/mods-enabled/fastcgi.conf' + ) + : + null, + 'restart' => array( + 'service apache2 restart' + ), + ), + 'lighttpd' => array( + 'label' => 'Lighttpd Webserver', + 'commands_1' => array( + 'apt-get install lighttpd', + ), + 'files' => array( + 'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf', + ), + 'commands_2' => array( + $configcommand['vhost'], + $configcommand['diroptions'], + $configcommand['v_inclighty'], + $configcommand['d_inclighty'], + 'lighty-disable-mod cgi', + 'lighty-disable-mod fastcgi', + 'mkdir -p ' . Settings::Get('system.documentroot_prefix'), + 'mkdir -p ' . Settings::Get('system.logfiles_directory'), + (Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '', + 'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'), + 'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir') + ), + 'restart' => array( + 'service lighttpd restart' + ), + ), + 'nginx' => array( + 'label' => 'Nginx Webserver', + 'commands_1' => array( + 'apt-get install nginx php5-cgi', + ), + 'files' => array( + 'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf', + 'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi' + ), + 'commands_2' => array( + 'rm /etc/nginx/sites-enabled/default', + 'mkdir -p ' . Settings::Get('system.documentroot_prefix'), + 'mkdir -p ' . Settings::Get('system.logfiles_directory'), + (Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '', + 'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'), + 'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'), + 'chmod u+x /etc/init.d/php-fcgi' + ), + 'restart' => array( + 'service php-fcgi start', + 'service nginx restart' + ) + ), + ), + ), + 'dns' => array( + 'label' => $lng['admin']['configfiles']['dns'], + 'daemons' => array( + 'bind' => array( + 'label' => 'Bind9', + 'commands' => array( + 'apt-get install bind9', + 'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf', + 'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf', + 'chown root:bind ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf', + 'chmod 0644 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' + ), + 'restart' => array( + 'service bind9 restart' + ) + ), + 'powerdns' => array( + 'label' => 'PowerDNS', + 'files' => array( + 'etc_powerdns_pdns.conf' => '/etc/powerdns/pdns.conf', + 'etc_powerdns_pdns-froxlor.conf' => '/etc/powerdns/pdns_froxlor.conf', + ), + 'restart' => array( + 'service pdns restart' + ) + ), + ) + ), + 'smtp' => array( + 'label' => $lng['admin']['configfiles']['smtp'], + 'daemons' => array( + 'postfix_courier' => array( + 'label' => 'Postfix/Courier', + 'commands' => array( + 'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql', + ($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '', + ($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '', + 'mkdir -p ' . Settings::Get('system.vmail_homedir'), + 'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'), + 'mkdir -p /var/spool/postfix/etc/pam.d', + 'mkdir -p /var/spool/postfix/var/run/mysqld', + 'touch /etc/postfix/mysql-virtual_alias_maps.cf', + 'touch /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'touch /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'touch /etc/postfix/mysql-virtual_sender_permissions.cf', + 'touch /etc/postfix/sasl/smtpd.conf', + 'chown root:root /etc/postfix/main.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf', + 'chown root:root /etc/postfix/sasl/smtpd.conf', + 'chmod 0644 /etc/postfix/main.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf', + 'chmod 0600 /etc/postfix/sasl/smtpd.conf', + ), + 'files' => array( + 'etc_postfix_main.cf' => '/etc/postfix/main.cf', + 'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf', + 'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf', + 'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf', + 'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf', + 'etc_postfix_sasl_smtpd.conf' => '/etc/postfix/sasl/smtpd.conf' + ), + 'restart' => array( + 'newaliases', + 'service postfix restart' + ) + ), + 'dkim' => array( + 'label' => 'DomainKey filter', + 'commands_1' => array( + 'apt-get install dkim-filter', + 'mkdir -p /etc/postfix/dkim' + ), + 'files' => array( + 'dkim-filter.conf' => '/etc/dkim-filter.conf' + ), + 'commands_2' => array( + 'echo "milter_default_action = accept" >> /etc/postfix/main.cf', + 'echo "milter_protocol = 2" >> /etc/postfix/main.cf', + 'echo "smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf', + 'echo "non_smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf' + ), + 'restart' => array( + 'service dkim-filter restart', + 'service postfix restart' + ) + ), + 'postfix_dovecot' => array( + 'label' => 'Postfix/Dovecot', + 'commands' => array( + 'apt-get install postfix postfix-mysql', + ($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '', + ($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '', + 'mkdir -p ' . Settings::Get('system.vmail_homedir'), + 'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'), + 'mkdir -p /var/spool/postfix/etc/pam.d', + 'mkdir -p /var/spool/postfix/var/run/mysqld', + 'touch /etc/postfix/mysql-virtual_alias_maps.cf', + 'touch /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'touch /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'touch /etc/postfix/mysql-virtual_sender_permissions.cf', + 'chown root:root /etc/postfix/main.cf', + 'chown root:root /etc/postfix/master.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf', + 'chmod 0644 /etc/postfix/main.cf', + 'chmod 0644 /etc/postfix/master.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf', + 'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf' + ), + 'files' => array( + 'etc_postfix_main.cf' => '/etc/postfix/main.cf', + 'etc_postfix_master.cf' => '/etc/postfix/master.cf', + 'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf', + 'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf', + 'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf', + 'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf' + ), + 'restart' => array( + 'newaliases', + 'service postfix restart' + ) + ), + 'postfix_mxaccess' => array( + 'label' => 'Postfix MX-Access (anti spam)', + 'files' => array( + 'etc_postfix_mx_access' => '/etc/postfix/mx_access', + 'etc_postfix_main.cf' => '/etc/postfix/main.cf' + ), + 'commands_1' => array( + 'postmap /etc/postfix/mx_access' + ), + 'restart' => array( + 'service postfix restart' + ) + ), + 'exim4' => array( + 'label' => 'Exim4', + 'commands_1' => array( + 'dpkg-reconfigure exim4-config', + '# choose "no configuration at this time" and "splitted configuration files" in the dialog' + ), + 'files' => array( + 'etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul' => '/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt.rul', + 'etc_exim4_conf.d_auth_30_froxlor-config' => '/etc/exim4/conf.d/auth/30_froxlor-config', + 'etc_exim4_conf.d_main_10_froxlor-config_options' => '/etc/exim4/conf.d/main/10_froxlor-config_options', + 'etc_exim4_conf.d_router_180_froxlor-config' => '/etc/exim4/conf.d/router/180_froxlor-config', + 'etc_exim4_conf.d_transport_30_froxlor-config' => '/etc/exim4/conf.d/transport/30_froxlor-config' + ), + 'commands_2' => array( + 'chmod o-rx /var/lib/exim4', + 'chmod o-rx /etc/exim4/conf.d/main/10_froxlor-config_options' + ), + 'restart' => array( + 'service exim4 restart' + ) + ) + ) + ), + 'mail' => array( + 'label' => $lng['admin']['configfiles']['mail'], + 'daemons' => array( + 'courier' => array( + 'label' => 'Courier', + 'commands' => array( + 'apt-get install courier-pop courier-imap courier-authlib-mysql' + ), + 'files' => array( + 'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc', + 'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc' + ), + 'restart' => array( + '/etc/init.d/courier-authdaemon restart', + '/etc/init.d/courier-pop restart' + ) + ), + 'dovecot' => array( + 'label' => 'Dovecot', + 'commands_1' => array( + 'apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql mail-stack-delivery' + ), + 'files' => array( + + 'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf', + 'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf', + 'etc_dovecot_conf.d_auth-sql.conf.ext' => '/etc/dovecot/conf.d/auth-sql.conf.ext', + 'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext' + ), + 'commands_2' => array( + 'chmod 0640 /etc/dovecot/dovecot-sql.conf.ext' + ), + 'restart' => array( + 'service dovecot restart' + ) + ) + ) + ), + 'ftp' => array( + 'label' => $lng['admin']['configfiles']['ftp'], + 'daemons' => array( + 'proftpd' => array( + 'label' => 'ProFTPd', + 'commands' => array( + 'apt-get install proftpd-basic proftpd-mod-mysql' + ), + 'files' => array( + 'etc_proftpd_sql.conf' => '/etc/proftpd/sql.conf', + 'etc_proftpd_modules.conf' => '/etc/proftpd/modules.conf', + 'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf' + ), + 'restart' => array( + '/etc/init.d/proftpd restart' + ) + ), + 'pure-ftpd' => array( + 'label' => 'Pure FTPd', + 'commands_1' => array( + 'apt-get install pure-ftpd-common pure-ftpd-mysql' + ), + 'files' => array( + 'etc_pure-ftpd_conf_MinUID' => '/etc/pure-ftpd/conf/MinUID', + 'etc_pure-ftpd_conf_MySQLConfigFile' => '/etc/pure-ftpd/conf/MySQLConfigFile', + 'etc_pure-ftpd_conf_NoAnonymous' => '/etc/pure-ftpd/conf/NoAnonymous', + 'etc_pure-ftpd_conf_MaxIdleTime' => '/etc/pure-ftpd/conf/MaxIdleTime', + 'etc_pure-ftpd_conf_ChrootEveryone' => '/etc/pure-ftpd/conf/ChrootEveryone', + 'etc_pure-ftpd_conf_PAMAuthentication' => '/etc/pure-ftpd/conf/PAMAuthentication', + 'etc_pure-ftpd_db_mysql.conf' => '/etc/pure-ftpd/db/mysql.conf', + 'etc_pure-ftpd_conf_CustomerProof' => '/etc/pure-ftpd/conf/CustomerProof', + 'etc_pure-ftpd_conf_Bind' => '/etc/pure-ftpd/conf/Bind', + 'etc_default_pure-ftpd-common' => '/etc/default/pure-ftpd-common' + ), + 'commands_2' => array( + 'chmod 0640 /etc/pure-ftpd/db/mysql.conf' + ), + 'restart' => array( + 'service pure-ftpd-mysql restart' + ) + ), + ) + ), + 'etc' => array( + 'label' => $lng['admin']['configfiles']['etc'], + 'daemons' => array( + 'cron' => array( + 'label' => 'Crond (cronscript)', + 'files' => array( + 'etc_cron.d_froxlor' => '/etc/cron.d/froxlor' + ), + 'restart' => array( + Settings::Get('system.crondreload') + ) + ), + 'awstats' => array( + 'label' => 'Awstats', + 'commands' => array( + 'apt-get install awstats', + 'cp /usr/share/awstats/tools/awstats_buildstaticpages.pl '.makeCorrectDir(Settings::Get('system.awstats_path')), + 'mv '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.conf').' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'), + 'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'), + '# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself', + 'rm /etc/cron.d/awstats' + ), + ), + 'libnss' => array( + 'label' => 'libnss-bg (system login with mysql)', + 'commands' => array( + 'apt-get install libnss-mysql-bg nscd', + 'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg' + ), + 'files' => array( + 'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg', + 'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg', + 'etc_nsswitch.conf' => '/etc/nsswitch.conf', + ), + 'restart' => array( + 'service nscd restart' + ) + ), + 'logrotate' => array( + 'label' => 'Logrotate', + 'commands_1' => array( + 'apt-get install logrotate', + 'touch /etc/logrotate.d/froxlor', + 'chmod 644 /etc/logrotate.d/froxlor' + ), + 'files' => array( + 'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor' + ), + 'commands_2' => array( + '# apt automatically adds a daily cronjob for logrotate', + '# you do not have to do anything else :)' + ) + ) + ) + ) + ) + ) +); + +?> diff --git a/templates/misc/configfiles/ubuntu_trusty/apache2/etc_apache2_mods-enabled_fastcgi.conf b/templates/misc/configfiles/ubuntu_trusty/apache2/etc_apache2_mods-enabled_fastcgi.conf new file mode 100644 index 00000000..db1a4557 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/apache2/etc_apache2_mods-enabled_fastcgi.conf @@ -0,0 +1,10 @@ + + FastCgiIpcDir + + + Order Deny,Allow + Deny from All + # Prevent accessing this path directly + Allow from env=REDIRECT_STATUS + + diff --git a/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authdaemonrc b/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authdaemonrc new file mode 100644 index 00000000..29346e54 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authdaemonrc @@ -0,0 +1,68 @@ +##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $ +# +# Copyright 2000-2001 Double Precision, Inc. See COPYING for +# distribution information. +# +# authdaemonrc created from authdaemonrc.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# This file configures authdaemond, the resident authentication daemon. +# +# Comments in this file are ignored. Although this file is intended to +# be sourced as a shell script, authdaemond parses it manually, so +# the acceptable syntax is a bit limited. Multiline variable contents, +# with the \ continuation character, are not allowed. Everything must +# fit on one line. Do not use any additional whitespace for indentation, +# or anything else. + +##NAME: authmodulelist:0 +# +# The authentication modules that are linked into authdaemond. The +# default list is installed. You may selectively disable modules simply +# by removing them from the following list. The available modules you +# can use are: authcustom authcram authuserdb authldap authmysql authpam + +authmodulelist="authmysql" + +##NAME: authmodulelistorig:1 +# +# This setting is used by Courier's webadmin module, and should be left +# alone + +authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam" + +##NAME: daemons:0 +# +# The number of daemon processes that are started. authdaemon is typically +# installed where authentication modules are relatively expensive: such +# as authldap, or authmysql, so it's better to have a number of them running. +# PLEASE NOTE: Some platforms may experience a problem if there's more than +# one daemon. Specifically, SystemV derived platforms that use TLI with +# socket emulation. I'm suspicious of TLI's ability to handle multiple +# processes accepting connections on the same filesystem domain socket. +# +# You may need to increase daemons if as your system load increases. Symptoms +# include sporadic authentication failures. If you start getting +# authentication failures, increase daemons. However, the default of 5 +# SHOULD be sufficient. Bumping up daemon count is only a short-term +# solution. The permanent solution is to add more resources: RAM, faster +# disks, faster CPUs... + +daemons=5 + +##NAME: version:0 +# +# When you have multiple versions of authdaemond.* installed, authdaemond +# just picks the first one it finds. Set "version" to override that. +# For example: version=authdaemond.plain + +version="" + +##NAME: authdaemonvar:0 +# +# authdaemonvar is here, but is not used directly by authdaemond. It's +# used by various configuration and build scripts, so don't touch it! + +authdaemonvar=/var/run/courier/authdaemon diff --git a/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authmysqlrc b/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authmysqlrc new file mode 100644 index 00000000..8e5eef90 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authmysqlrc @@ -0,0 +1,14 @@ +MYSQL_SERVER +MYSQL_USERNAME +MYSQL_PASSWORD +MYSQL_PORT 3306 +MYSQL_DATABASE +MYSQL_USER_TABLE mail_users +MYSQL_CRYPT_PWFIELD password_enc +MYSQL_UID_FIELD uid +MYSQL_GID_FIELD gid +MYSQL_LOGIN_FIELD username +MYSQL_HOME_FIELD homedir +MYSQL_MAILDIR_FIELD maildir +MYSQL_QUOTA_FIELD (quota*1024*1024) +MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3) diff --git a/templates/misc/configfiles/ubuntu_trusty/cron/etc_cron.d_froxlor b/templates/misc/configfiles/ubuntu_trusty/cron/etc_cron.d_froxlor new file mode 100644 index 00000000..ef6033d4 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/cron/etc_cron.d_froxlor @@ -0,0 +1,10 @@ +# +# Set PATH, otherwise restart-scripts won't find start-stop-daemon +# +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +# +# Regular cron jobs for the froxlor package +# +# Please check that all following paths are correct +# +*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php5 -q scripts/froxlor_master_cronjob.php diff --git a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf new file mode 100644 index 00000000..f720ec21 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf @@ -0,0 +1,70 @@ +# Some general options +protocols = imap pop3 sieve +disable_plaintext_auth = no +ssl = yes +ssl_cert = + mail_plugins = sieve quota + quota_full_tempfail = yes + deliver_log_format = msgid=%m: %$ + rejection_reason = Your message to <%t> was automatically rejected:%n%r +} + +# Plugins configuration +plugin { + sieve=~/.dovecot.sieve + sieve_dir=~/sieve + quota = maildir +} + +# Authentication configuration +auth_mechanisms = plain login + +service auth { + # Postfix smtp-auth + unix_listener /var/spool/postfix/private/dovecot-auth { + mode = 0660 + user = postfix + group = postfix + } +} diff --git a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_10_auth.conf b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_10_auth.conf new file mode 100644 index 00000000..5541d354 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_10_auth.conf @@ -0,0 +1,127 @@ +## +## Authentication processes +## + +# Disable LOGIN command and all other plaintext authentications unless +# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP +# matches the local IP (ie. you're connecting from the same computer), the +# connection is considered secure and plaintext authentication is allowed. +#disable_plaintext_auth = yes + +# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that +# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used. +#auth_cache_size = 0 +# Time to live for cached data. After TTL expires the cached record is no +# longer used, *except* if the main database lookup returns internal failure. +# We also try to handle password changes automatically: If user's previous +# authentication was successful, but this one wasn't, the cache isn't used. +# For now this works only with plaintext authentication. +#auth_cache_ttl = 1 hour +# TTL for negative hits (user not found, password mismatch). +# 0 disables caching them completely. +#auth_cache_negative_ttl = 1 hour + +# Space separated list of realms for SASL authentication mechanisms that need +# them. You can leave it empty if you don't want to support multiple realms. +# Many clients simply use the first one listed here, so keep the default realm +# first. +#auth_realms = + +# Default realm/domain to use if none was specified. This is used for both +# SASL realms and appending @domain to username in plaintext logins. +#auth_default_realm = + +# List of allowed characters in username. If the user-given username contains +# a character not listed in here, the login automatically fails. This is just +# an extra check to make sure user can't exploit any potential quote escaping +# vulnerabilities with SQL/LDAP databases. If you want to allow all characters, +# set this value to empty. +#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ + +# Username character translations before it's looked up from databases. The +# value contains series of from -> to characters. For example "#@/@" means +# that '#' and '/' characters are translated to '@'. +#auth_username_translation = + +# Username formatting before it's looked up from databases. You can use +# the standard variables here, eg. %Lu would lowercase the username, %n would +# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into +# "-AT-". This translation is done after auth_username_translation changes. +#auth_username_format = + +# If you want to allow master users to log in by specifying the master +# username within the normal username string (ie. not using SASL mechanism's +# support for it), you can specify the separator character here. The format +# is then . UW-IMAP uses "*" as the +# separator, so that could be a good choice. +#auth_master_user_separator = + +# Username to use for users logging in with ANONYMOUS SASL mechanism +#auth_anonymous_username = anonymous + +# Maximum number of dovecot-auth worker processes. They're used to execute +# blocking passdb and userdb queries (eg. MySQL and PAM). They're +# automatically created and destroyed as needed. +#auth_worker_max_count = 30 + +# Host name to use in GSSAPI principal names. The default is to use the +# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab +# entries. +#auth_gssapi_hostname = + +# Kerberos keytab to use for the GSSAPI mechanism. Will use the system +# default (usually /etc/krb5.keytab) if not specified. You may need to change +# the auth service to run as root to be able to read this file. +#auth_krb5_keytab = + +# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and +# ntlm_auth helper. +#auth_use_winbind = no + +# Path for Samba's ntlm_auth helper binary. +#auth_winbind_helper_path = /usr/bin/ntlm_auth + +# Time to delay before replying to failed authentications. +#auth_failure_delay = 2 secs + +# Require a valid SSL client certificate or the authentication fails. +#auth_ssl_require_client_cert = no + +# Take the username from client's SSL certificate, using +# X509_NAME_get_text_by_NID() which returns the subject's DN's +# CommonName. +#auth_ssl_username_from_cert = no + +# Space separated list of wanted authentication mechanisms: +# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey +# gss-spnego +# NOTE: See also disable_plaintext_auth setting. +auth_mechanisms = plain login + +## +## Password and user databases +## + +# +# Password database is used to verify user's password (and nothing more). +# You can have multiple passdbs and userdbs. This is useful if you want to +# allow both system users (/etc/passwd) and virtual users to login without +# duplicating the system users into virtual database. +# +# +# +# User database specifies where mails are located and what user/group IDs +# own them. For single-UID configuration use "static" userdb. +# +# + +#!include auth-deny.conf.ext +#!include auth-master.conf.ext + +#!include auth-system.conf.ext +!include auth-sql.conf.ext +#!include auth-ldap.conf.ext +#!include auth-passwdfile.conf.ext +#!include auth-checkpassword.conf.ext +#!include auth-vpopmail.conf.ext +#!include auth-static.conf.ext diff --git a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext new file mode 100644 index 00000000..156a491b --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext @@ -0,0 +1,8 @@ +passdb { + driver = sql + args = /etc/dovecot/dovecot-sql.conf.ext +} +userdb { + driver = sql + args = /etc/dovecot/dovecot-sql.conf.ext +} diff --git a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_dovecot-sql.conf.ext b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_dovecot-sql.conf.ext new file mode 100644 index 00000000..f4ec7e23 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_dovecot-sql.conf.ext @@ -0,0 +1,6 @@ +driver = mysql +connect = host= dbname= user= password= +default_pass_scheme = CRYPT +password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve') +user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u') +iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1) diff --git a/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql-root.cfg b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql-root.cfg new file mode 100644 index 00000000..64989771 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql-root.cfg @@ -0,0 +1,2 @@ +username +password diff --git a/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql.cfg b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql.cfg new file mode 100644 index 00000000..22d27921 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql.cfg @@ -0,0 +1,41 @@ +getpwnam SELECT username,'x',uid,gid,'MySQL User',homedir,shell \ + FROM ftp_users \ + WHERE username='%1$s' \ + AND login_enabled = 'Y' \ + LIMIT 1 +getpwuid SELECT username,'x',uid,gid,'MySQL User',homedir,shell \ + FROM ftp_users \ + WHERE uid='%1$u' \ + AND login_enabled = 'Y' \ + LIMIT 1 +getspnam SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \ + FROM ftp_users \ + WHERE username='%1$s' \ + AND login_enabled = 'Y' \ + LIMIT 1 +getpwent SELECT username,'x',uid,gid,'MySQL User',homedir,shell \ + FROM ftp_users +getspent SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \ + FROM ftp_users +getgrnam SELECT groupname,'x',gid \ + FROM ftp_groups \ + WHERE groupname='%1$s' \ + LIMIT 1 +getgrgid SELECT groupname,'x',gid \ + FROM ftp_groups \ + WHERE gid='%1$u' \ + LIMIT 1 +getgrent SELECT groupname,'x',gid \ + FROM ftp_groups +memsbygid SELECT members \ + FROM ftp_groups \ + WHERE gid='%1$u' +gidsbymem SELECT CONCAT_WS(',', gid) as gid \ + FROM ftp_groups \ + WHERE FIND_IN_SET('%1$s', members) + +host +database +username +password +socket /var/run/mysqld/mysqld.sock diff --git a/templates/misc/configfiles/ubuntu_trusty/libnss/etc_nsswitch.conf b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_nsswitch.conf new file mode 100644 index 00000000..22a74dda --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/libnss/etc_nsswitch.conf @@ -0,0 +1,20 @@ +# Make sure that `passwd`, `group` and `shadow` have mysql in their lines +# You should place mysql at the end, so that it is queried after the other mechanisams +# +passwd: compat mysql +group: compat mysql +shadow: compat mysql + +hosts: files dns +networks: files dns + +services: db files +protocols: db files +rpc: db files +ethers: db files +netmasks: files +netgroup: files +bootparams: files + +automount: files +aliases: files \ No newline at end of file diff --git a/templates/misc/configfiles/ubuntu_trusty/lighttpd/etc_lighttpd.conf b/templates/misc/configfiles/ubuntu_trusty/lighttpd/etc_lighttpd.conf new file mode 100644 index 00000000..14e7e42f --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/lighttpd/etc_lighttpd.conf @@ -0,0 +1,57 @@ +############################################################################### +# Default lighttpd.conf for Froxlor. +############################################################################### +var.basedir = "/var/www" +var.logdir = "/var/log/lighttpd" +var.statedir = "/var/lib/lighttpd" + +server.modules = ( + "mod_rewrite", + "mod_redirect", + "mod_alias", + "mod_access", + "mod_auth", + "mod_fastcgi", + "mod_cgi", + "mod_accesslog" +) + +server.username = "www-data" +server.groupname = "www-data" +server.document-root = var.basedir +server.pid-file = "/var/run/lighttpd.pid" +accesslog.filename = var.logdir + "/access.log" +server.errorlog = var.logdir + "/error.log" + +server.indexfiles = ("index.php", "index.html", + "index.htm", "default.htm") + +server.name = "" +server.port = 80 +server.bind = "" +url.access-deny = ("~", ".inc") + +fastcgi.server = ( +".php" => ( + "localhost" => ( + "socket" => "/tmp/lighttpd-fcgi-sock-lighttpd", + "broken-scriptfilename" => "enable", + "bin-path" => "/usr/bin/php5-cgi", + "min-procs" => 1, + "max-procs" => 1, + "max-load-per-proc" => 4, + "idle-timeout" => 60, + "bin-environment" => ( + "UID" => "www-data", + "GID" => "www-data", + "PHP_FCGI_CHILDREN" => "0", + "PHP_FCGI_MAX_REQUESTS" => "10000" + ), + "bin-copy-environment" => ( "" ) + ) + ) +) + +#### external configuration files +## mimetype mapping +include_shell "/usr/share/lighttpd/create-mime.assign.pl" diff --git a/templates/misc/configfiles/ubuntu_trusty/logrotate/etc_logrotated_froxlor b/templates/misc/configfiles/ubuntu_trusty/logrotate/etc_logrotated_froxlor new file mode 100644 index 00000000..d7f7deeb --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/logrotate/etc_logrotated_froxlor @@ -0,0 +1,16 @@ +# +# Froxlor logrotate snipet +# +*.log { + missingok + weekly + rotate 4 + compress + delaycompress + notifempty + create + sharedscripts + postrotate + > /dev/null 2>&1 || true + endscript +} diff --git a/templates/misc/configfiles/ubuntu_trusty/nginx/etc_init.d_php-fcgi b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_init.d_php-fcgi new file mode 100644 index 00000000..29e0cc4a --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_init.d_php-fcgi @@ -0,0 +1,41 @@ +#!/bin/bash +BIND="127.0.0.1:8888" +USER="www-data" +PHP_FCGI_CHILDREN="15" +PHP_FCGI_MAX_REQUESTS="1000" + +PHP_CGI="/usr/bin/php-cgi" +PHP_CGI_NAME="$(basename ${PHP_CGI})" +PHP_CGI_ARGS="- USER=${USER} PATH=/usr/bin PHP_FCGI_CHILDREN=${PHP_FCGI_CHILDREN} PHP_FCGI_MAX_REQUESTS=${PHP_FCGI_MAX_REQUESTS} ${PHP_CGI} -b ${BIND}" +RETVAL="0" + +start() { + echo -n "Starting PHP FastCGI: " + start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- $PHP_CGI_ARGS + RETVAL="$?" + echo "${PHP_CGI_NAME}." +} +stop() { + echo -n "Stopping PHP FastCGI: " + killall -q -w -u ${USER} ${PHP_CGI} + RETVAL="$?" + echo "${PHP_CGI_NAME}." +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + *) + echo "Usage: php-fastcgi {start|stop|restart}" + exit 1 + ;; +esac +exit "$RETVAL" diff --git a/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_fastcgi.conf b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_fastcgi.conf new file mode 100644 index 00000000..10bcaba4 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_fastcgi.conf @@ -0,0 +1,15 @@ +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; diff --git a/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_nginx.conf b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_nginx.conf new file mode 100644 index 00000000..a3f22ed0 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_nginx.conf @@ -0,0 +1,26 @@ +user www-data; +worker_processes 4; + +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + access_log /var/log/nginx/access.log; + + sendfile on; + tcp_nodelay on; + + keepalive_timeout 65; + + gzip on; + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_main.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_main.cf new file mode 100644 index 00000000..7bf3b4be --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_main.cf @@ -0,0 +1,85 @@ +## General Postfix configuration +# should be the default domain from your provider eg. "server100.provider.tld" +mydomain = + +# should be different from $mydomain eg. "mail.$mydomain" +myhostname = mail.$mydomain + +mydestination = $myhostname, + $mydomain, + localhost.$myhostname, + localhost.$mydomain, + localhost +mynetworks = 127.0.0.0/8 +inet_interfaces = all +append_dot_mydomain = no +biff = no + +# Postfix performance settings +default_destination_concurrency_limit = 20 +local_destination_concurrency_limit = 2 + +# SMTPD Settings +smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) +smtpd_helo_required = yes +smtpd_recipient_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination, + reject_unauth_pipelining, + reject_non_fqdn_recipient +smtpd_sender_restrictions = permit_mynetworks, + reject_sender_login_mismatch, + permit_sasl_authenticated, + reject_unknown_helo_hostname, + reject_unknown_recipient_domain, + reject_unknown_sender_domain +smtpd_client_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unknown_client_hostname + +# Postfix 2.10 requires this option. Postfix < 2.10 ignores this. +# The option is intentionally left empty. +smtpd_relay_restrictions = + +# Maximum size of Message in bytes (50MB) +message_size_limit = 52428800 + +## SASL Auth Settings +smtpd_sasl_auth_enable = yes +smtpd_sasl_local_domain = $myhostname +broken_sasl_auth_clients = yes + +# Virtual delivery settings +virtual_mailbox_base = +virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf +virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf +virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf +smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf +virtual_uid_maps = static: +virtual_gid_maps = static: + +# Local delivery settings +local_transport = local +alias_maps = $alias_database + +# Default Mailbox size, is set to 0 which means unlimited! +mailbox_size_limit = 0 +virtual_mailbox_limit = 0 + +### TLS settings +### +## TLS for outgoing mails from the server to another server +#smtp_tls_security_level = may +#smtp_tls_note_starttls_offer = yes +## TLS for email client +#smtpd_tls_security_level = may +#smtpd_tls_cert_file = /etc/ssl/server/.pem +#smtpd_tls_key_file = $smtpd_tls_cert_file +#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt +#smtpd_tls_loglevel = 1 +#smtpd_tls_received_header = yes + +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf new file mode 100644 index 00000000..a9e71f83 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf @@ -0,0 +1,8 @@ +user = +password = +dbname = +table = mail_virtual +select_field = destination +where_field = email +additional_conditions = and TRIM(destination) <> '' +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf new file mode 100644 index 00000000..4484bee2 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf @@ -0,0 +1,8 @@ +user = +password = +dbname = +table = panel_domains +select_field = domain +where_field = domain +additional_conditions = and isemaildomain = '1' +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf new file mode 100644 index 00000000..7e0f79af --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf @@ -0,0 +1,7 @@ +user = +password = +dbname = +table = mail_users +select_field = maildir +where_field = email +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_sender_permissions.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_sender_permissions.cf new file mode 100644 index 00000000..410be470 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_sender_permissions.cf @@ -0,0 +1,5 @@ +user = +password = +dbname = +query = select distinct username from mail_users where email in ((select mail_virtual.email_full from mail_virtual where mail_virtual.email = '%s' union select mail_virtual.destination from mail_virtual where mail_virtual.email = '%s')); +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_sasl_smtpd.conf b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_sasl_smtpd.conf new file mode 100644 index 00000000..de3699d8 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_sasl_smtpd.conf @@ -0,0 +1,11 @@ +pwcheck_method: auxprop +auxprop_plugin: sql +allowanonymouslogin: no +allowplaintext: yes +mech_list: plain login cram-md5 digest-md5 +sql_engine: mysql +sql_hostnames: +sql_user: +sql_passwd: +sql_database: +sql_select: SELECT password FROM mail_users WHERE username='%u@%r' OR email='%u@%r' \ No newline at end of file diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf new file mode 100644 index 00000000..c118e084 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf @@ -0,0 +1,89 @@ +## General Postfix configuration +# should be the default domain from your provider eg. "server100.provider.tld" +mydomain = + +# should be different from $mydomain eg. "mail.$mydomain" +myhostname = mail.$mydomain + +mydestination = $myhostname, + $mydomain, + localhost.$myhostname, + localhost.$mydomain, + localhost +mynetworks = 127.0.0.0/8 +inet_interfaces = all +append_dot_mydomain = no +biff = no + +# Postfix performance settings +default_destination_concurrency_limit = 20 +local_destination_concurrency_limit = 2 + +# SMTPD Settings +smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) +smtpd_helo_required = yes +smtpd_recipient_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination, + reject_unauth_pipelining, + reject_non_fqdn_recipient +smtpd_sender_restrictions = permit_mynetworks, + reject_sender_login_mismatch, + permit_sasl_authenticated, + reject_unknown_helo_hostname, + reject_unknown_recipient_domain, + reject_unknown_sender_domain +smtpd_client_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unknown_client_hostname + +# Postfix 2.10 requires this option. Postfix < 2.10 ignores this. +# The option is intentionally left empty. +smtpd_relay_restrictions = + +# Maximum size of Message in bytes (50MB) +message_size_limit = 52428800 + +## SASL Auth Settings +smtpd_sasl_auth_enable = yes +smtpd_sasl_local_domain = $myhostname +broken_sasl_auth_clients = yes +## Dovecot Settings for deliver, SASL Auth and virtual transport +smtpd_sasl_type = dovecot +dovecot_destination_recipient_limit = 1 +smtpd_sasl_path = private/dovecot-auth + +# Virtual delivery settings +virtual_mailbox_base = +virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf +virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf +virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf +smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf +virtual_uid_maps = static: +virtual_gid_maps = static: + +# Local delivery settings +local_transport = local +alias_maps = $alias_database + +# Default Mailbox size, is set to 0 which means unlimited! +mailbox_size_limit = 0 +virtual_mailbox_limit = 0 + +### TLS settings +### +## TLS for outgoing mails from the server to another server +#smtp_tls_security_level = may +#smtp_tls_note_starttls_offer = yes +## TLS for email client +#smtpd_tls_security_level = may +#smtpd_tls_cert_file = /etc/ssl/server/.pem +#smtpd_tls_key_file = $smtpd_tls_cert_file +#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt +#smtpd_tls_loglevel = 1 +#smtpd_tls_received_header = yes + +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_master.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_master.cf new file mode 100644 index 00000000..7314bd9d --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_master.cf @@ -0,0 +1,4 @@ +# Add these lines to be able to use dovecot as delivery agent +# Dovecot LDA +dovecot unix - n n - - pipe + flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -d ${recipient} diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf new file mode 100644 index 00000000..a9e71f83 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf @@ -0,0 +1,8 @@ +user = +password = +dbname = +table = mail_virtual +select_field = destination +where_field = email +additional_conditions = and TRIM(destination) <> '' +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf new file mode 100644 index 00000000..4484bee2 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf @@ -0,0 +1,8 @@ +user = +password = +dbname = +table = panel_domains +select_field = domain +where_field = domain +additional_conditions = and isemaildomain = '1' +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf new file mode 100644 index 00000000..7e0f79af --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf @@ -0,0 +1,7 @@ +user = +password = +dbname = +table = mail_users +select_field = maildir +where_field = email +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_sender_permissions.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_sender_permissions.cf new file mode 100644 index 00000000..410be470 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_sender_permissions.cf @@ -0,0 +1,5 @@ +user = +password = +dbname = +query = select distinct username from mail_users where email in ((select mail_virtual.email_full from mail_virtual where mail_virtual.email = '%s' union select mail_virtual.destination from mail_virtual where mail_virtual.email = '%s')); +hosts = diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_main.cf b/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_main.cf new file mode 100644 index 00000000..82b23a03 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_main.cf @@ -0,0 +1,25 @@ +# +# ATTENTION - this is not the full postfix-main.cf file +# +# it only provides additional configuration-entries! +# + +# +# look for the follow statement +# +smtpd_recipient_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination, + reject_unauth_pipelining, + reject_non_fqdn_recipient + +# +# and extend it with the following line +# so it looks like this +# +smtpd_recipient_restrictions = permit_mynetworks, + permit_sasl_authenticated, + reject_unauth_destination, + reject_unauth_pipelining, + reject_non_fqdn_recipient, + check_recipient_mx_access cidr:/etc/postfix/mx_access diff --git a/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_mx_access b/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_mx_access new file mode 100644 index 00000000..18a1ec5f --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_mx_access @@ -0,0 +1,9 @@ +0.0.0.0/8 REJECT Domain MX in broadcast network +10.0.0.0/8 REJECT Domain MX in RFC 1918 private network +169.254.0.0/16 REJECT Domain MX in link local network +172.16.0.0/12 REJECT Domain MX in RFC 1918 private network +192.0.2.0/24 REJECT Domain MX in TEST-NET network +192.168.0.0/16 REJECT Domain MX in RFC 1918 private network +224.0.0.0/4 REJECT Domain MX in class D multicast network +240.0.0.0/5 REJECT Domain MX in class E reserved network +248.0.0.0/5 REJECT Domain MX in reserved network diff --git a/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns-froxlor.conf b/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns-froxlor.conf new file mode 100644 index 00000000..5e12377d --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns-froxlor.conf @@ -0,0 +1,7 @@ +allow-axfr-ips= +#local-ipv6=YOUR_IPv6_(if_any) +bind-config=named.conf +bind-check-interval=180 +log-dns-details=yes +local-address=,127.0.0.1 + diff --git a/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns.conf b/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns.conf new file mode 100644 index 00000000..56d4b2a0 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns.conf @@ -0,0 +1,17 @@ +allow-recursion=127.0.0.1 +config-dir=/etc/powerdns +daemon=yes +guardian=yes +launch=bind +lazy-recursion=yes +local-port=53 +master=yes +module-dir=/usr/lib/powerdns +setgid=pdns +setuid=pdns +socket-dir=/var/run +version-string=powerdns +bind-config=named.conf +bind-check-interval=300 +include=/etc/powerdns/pdns_froxlor.conf + diff --git a/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_modules.conf b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_modules.conf new file mode 100644 index 00000000..da6fb9c6 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_modules.conf @@ -0,0 +1,58 @@ +# +# This file is used to manage DSO modules and features. +# + +# This is the directory where DSO modules reside + +ModulePath /usr/lib/proftpd + +# Allow only user root to load and unload modules, but allow everyone +# to see which modules have been loaded + +ModuleControlsACLs insmod,rmmod allow user root +ModuleControlsACLs lsmod allow user * + +LoadModule mod_ctrls_admin.c +LoadModule mod_tls.c + +# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this +LoadModule mod_sql.c + +# Install proftpd-mod-ldap to use this +#LoadModule mod_ldap.c + +# +# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required +# to have SQL authorization working. You can also comment out the +# unused module here, in alternative. +# + +# Install proftpd-mod-mysql to use this +LoadModule mod_sql_mysql.c + +# Install proftpd-mod-pgsql to use this +#LoadModule mod_sql_postgres.c + +#LoadModule mod_radius.c +LoadModule mod_quotatab.c +LoadModule mod_quotatab_file.c + +# Install proftpd-mod-ldap to use this +#LoadModule mod_quotatab_ldap.c + +# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this +LoadModule mod_quotatab_sql.c +LoadModule mod_quotatab_radius.c +LoadModule mod_wrap.c +LoadModule mod_rewrite.c +LoadModule mod_load.c +LoadModule mod_ban.c +LoadModule mod_wrap2.c +LoadModule mod_wrap2_file.c +# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this +#LoadModule mod_wrap2_sql.c +LoadModule mod_dynmasq.c + + +# keep this module the last one +LoadModule mod_ifsession.c diff --git a/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_proftpd.conf b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_proftpd.conf new file mode 100644 index 00000000..d50330c4 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_proftpd.conf @@ -0,0 +1,131 @@ +# +# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. +# To really apply changes reload proftpd after modifications. +# + +# Includes DSO modules +Include /etc/proftpd/modules.conf + +# Set off to disable IPv6 support which is annoying on IPv4 only boxes. +UseIPv6 on + +ServerName " FTP Server" +ServerType standalone +DeferWelcome off + +MultilineRFC2228 on +DefaultServer on +ShowSymlinks on + +TimeoutNoTransfer 600 +TimeoutStalled 600 +TimeoutIdle 1200 + +DisplayLogin welcome.msg +DisplayChdir .message true +ListOptions "-l" + +DenyFilter \*.*/ + +# Use this to jail all users in their homes +# DefaultRoot ~ + +# Users require a valid shell listed in /etc/shells to login. +# Use this directive to release that constrain. +# RequireValidShell off + +# Port 21 is the standard FTP port. +Port 21 + +# In some cases you have to specify passive ports range to by-pass +# firewall limitations. Ephemeral ports can be used for that, but +# feel free to use a more narrow range. +# PassivePorts 49152 65534 + +# If your host was NATted, this option is useful in order to +# allow passive tranfers to work. You have to use your public +# address and opening the passive ports used on your firewall as well. +# MasqueradeAddress 1.2.3.4 + +# This is useful for masquerading address with dynamic IPs: +# refresh any configured MasqueradeAddress directives every 8 hours + +# DynMasqRefresh 28800 + + +# To prevent DoS attacks, set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once, simply increase this value. Note that this ONLY works +# in standalone mode, in inetd mode you should use an inetd server +# that allows you to limit maximum number of processes per service +# (such as xinetd) +MaxInstances 30 + +# Set the user and group that the server normally runs at. +User proftpd +Group nogroup + +# Umask 022 is a good standard umask to prevent new files and dirs +# (second parm) from being group and world writable. +Umask 022 022 +# Normally, we want files to be overwriteable. +AllowOverwrite on + +# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords: +# PersistentPasswd off + +# This is required to use both PAM-based authentication and local passwords +# AuthOrder mod_auth_pam.c* mod_auth_unix.c + +# Be warned: use of this directive impacts CPU average load! +# Uncomment this if you like to see progress and transfer rate with ftpwho +# in downloads. That is not needed for uploads rates. +# +# UseSendFile off + +TransferLog /var/log/proftpd/xferlog +SystemLog /var/log/proftpd/proftpd.log + +# Allow up- and downloads to be continued +AllowRetrieveRestart On +AllowStoreRestart On + + +QuotaEngine on + + + +Ratios off + + + +# Delay engine reduces impact of the so-called Timing Attack described in +# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 +# It is on by default. + +DelayEngine off + + + +ControlsEngine off +ControlsMaxClients 2 +ControlsLog /var/log/proftpd/controls.log +ControlsInterval 5 +ControlsSocket /var/run/proftpd/proftpd.sock + + + +AdminControlsEngine off + + +# +# Alternative authentication frameworks +# +#Include /etc/proftpd/ldap.conf +Include /etc/proftpd/sql.conf + +# +# This is used for FTPS connections +# +#Include /etc/proftpd/tls.conf + diff --git a/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_sql.conf b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_sql.conf new file mode 100644 index 00000000..d05bdb3f --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_sql.conf @@ -0,0 +1,37 @@ + +DefaultRoot ~ +RequireValidShell off +AuthOrder mod_sql.c + +SQLBackend mysql +SQLEngine on +SQLAuthenticate on + +SQLAuthTypes Crypt +SQLAuthenticate users* groups* +SQLConnectInfo @ +SQLUserInfo ftp_users username password uid gid homedir shell +SQLGroupInfo ftp_groups groupname gid members +SQLUserWhereClause "login_enabled = 'y'" + +SQLLog PASS login +SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users + +SQLLog RETR download +SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users + +SQLLog STOR upload +SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users + +QuotaEngine on +QuotaShowQuotas on +QuotaDisplayUnits Mb +QuotaLock /var/lock/ftpd.quotatab.lock +QuotaLimitTable sql:/get-quota-limit +QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally +SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'" +SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" +SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies +SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies + + diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_default_pure-ftpd-common b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_default_pure-ftpd-common new file mode 100644 index 00000000..b2653904 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_default_pure-ftpd-common @@ -0,0 +1,5 @@ +STANDALONE_OR_INETD=standalone +VIRTUALCHROOT=false +UPLOADSCRIPT= +UPLOADUID= +UPLOADGID= diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_Bind b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_Bind new file mode 100644 index 00000000..aabe6ec3 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_Bind @@ -0,0 +1 @@ +21 diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone new file mode 100644 index 00000000..7cfab5b0 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone @@ -0,0 +1 @@ +yes diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_CustomerProof b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_CustomerProof new file mode 100644 index 00000000..d00491fd --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_CustomerProof @@ -0,0 +1 @@ +1 diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime new file mode 100644 index 00000000..60d3b2f4 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime @@ -0,0 +1 @@ +15 diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MinUID b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MinUID new file mode 100644 index 00000000..83b33d23 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MinUID @@ -0,0 +1 @@ +1000 diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile new file mode 100644 index 00000000..be85bafe --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile @@ -0,0 +1 @@ +/etc/pure-ftpd/db/mysql.conf diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous new file mode 100644 index 00000000..7cfab5b0 --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous @@ -0,0 +1 @@ +yes diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication new file mode 100644 index 00000000..7ecb56eb --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication @@ -0,0 +1 @@ +no diff --git a/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_db_mysql.conf b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_db_mysql.conf new file mode 100644 index 00000000..22ecee5c --- /dev/null +++ b/templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_db_mysql.conf @@ -0,0 +1,11 @@ +MYSQLServer +MYSQLUser +MYSQLPassword +MYSQLDatabase +MYSQLCrypt any + +MYSQLGetPW SELECT password FROM ftp_users WHERE username="\L" AND login_enabled="y" +MYSQLGetUID SELECT uid FROM ftp_users WHERE username="\L" AND login_enabled="y" +MYSQLGetGID SELECT gid FROM ftp_users WHERE username="\L" AND login_enabled="y" +MYSQLGetDir SELECT homedir FROM ftp_users WHERE username="\L" AND login_enabled="y" +MySQLGetQTASZ SELECT panel_customers.diskspace/1024 AS QuotaSize FROM panel_customers, ftp_users WHERE username = "\L" AND panel_customers.loginname = SUBSTRING_INDEX('\L', 'ftp', 1) From 2ae64d0abe32ce14ca00edef6bcbbc64281bf095 Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 00:06:14 +0100 Subject: [PATCH 2/9] Added Trusty --- lib/configfiles_index.inc.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/configfiles_index.inc.php b/lib/configfiles_index.inc.php index 9a1adb8a..73d8ac44 100644 --- a/lib/configfiles_index.inc.php +++ b/lib/configfiles_index.inc.php @@ -45,6 +45,7 @@ $configfiles = array(); $configfiles = array_merge( include $cfgPath . 'wheezy.inc.php', include $cfgPath . 'squeeze.inc.php', + include $cfgPath . 'trusty.inc.php', include $cfgPath . 'precise.inc.php', include $cfgPath . 'lucid.inc.php', include $cfgPath . 'gentoo.inc.php', From 84ff476dfa12c7e132a9396941b49c3024b14982 Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 13:22:35 +0100 Subject: [PATCH 3/9] check Cron reload config --- lib/configfiles/trusty.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index 076be2a8..c2d352ec 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -369,7 +369,7 @@ return array( 'etc_cron.d_froxlor' => '/etc/cron.d/froxlor' ), 'restart' => array( - Settings::Get('system.crondreload') + 'service cron reload' ) ), 'awstats' => array( From 8a3745aee8b4290a238b4784a6a151312a5c9e7e Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 15:42:01 +0100 Subject: [PATCH 4/9] updated service restart at courier imap/pop3 server --- lib/configfiles/trusty.inc.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index c2d352ec..8efef10e 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -292,8 +292,9 @@ return array( 'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc' ), 'restart' => array( - '/etc/init.d/courier-authdaemon restart', - '/etc/init.d/courier-pop restart' + 'service courier-authdaemon restart', + 'service courier-pop restart', + 'service courier-imap restart' ) ), 'dovecot' => array( From 1cb237e8e1dfb2f1337382b52f0381ddd695a5aa Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 16:01:58 +0100 Subject: [PATCH 5/9] Test zum Entfernen --- lib/configfiles/trusty.inc.php | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index 8efef10e..6cc287e8 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -282,21 +282,7 @@ return array( 'mail' => array( 'label' => $lng['admin']['configfiles']['mail'], 'daemons' => array( - 'courier' => array( - 'label' => 'Courier', - 'commands' => array( - 'apt-get install courier-pop courier-imap courier-authlib-mysql' - ), - 'files' => array( - 'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc', - 'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc' - ), - 'restart' => array( - 'service courier-authdaemon restart', - 'service courier-pop restart', - 'service courier-imap restart' - ) - ), + 'dovecot' => array( 'label' => 'Dovecot', 'commands_1' => array( From 7d478fd3783c65ad5b2a218e980082ce8939d86c Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 16:36:50 +0100 Subject: [PATCH 6/9] dovecot Installation angepasst --- lib/configfiles/trusty.inc.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index 6cc287e8..7eb84705 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -282,11 +282,24 @@ return array( 'mail' => array( 'label' => $lng['admin']['configfiles']['mail'], 'daemons' => array( - + 'courier' => array( + 'label' => 'Courier', + 'commands' => array( + 'apt-get install courier-pop courier-imap courier-authlib-mysql' + ), + 'files' => array( + 'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc', + 'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc' + ), + 'restart' => array( + '/etc/init.d/courier-authdaemon restart', + '/etc/init.d/courier-pop restart' + ) + ), 'dovecot' => array( 'label' => 'Dovecot', 'commands_1' => array( - 'apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql mail-stack-delivery' + 'apt-get install dovecot-imapd dovecot-pop3d dovecot-mysql mail-stack-delivery' ), 'files' => array( From 1889958e2bb1af165d188a7bad2d67baf66f55a2 Mon Sep 17 00:00:00 2001 From: Lednerb Date: Sun, 11 Jan 2015 22:19:49 +0100 Subject: [PATCH 7/9] added missing php5-cli to installation script --- lib/configfiles/trusty.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index 7eb84705..857907e8 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -89,7 +89,7 @@ return array( 'nginx' => array( 'label' => 'Nginx Webserver', 'commands_1' => array( - 'apt-get install nginx php5-cgi', + 'apt-get install nginx php5-cgi php5-cli', ), 'files' => array( 'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf', From ab44d27914b99992825d2f34892cd3aa7a1cc613 Mon Sep 17 00:00:00 2001 From: Lednerb Date: Mon, 12 Jan 2015 14:25:10 +0100 Subject: [PATCH 8/9] Deleted unnecessary config prompts --- lib/configfiles/trusty.inc.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lib/configfiles/trusty.inc.php b/lib/configfiles/trusty.inc.php index 857907e8..0259358b 100644 --- a/lib/configfiles/trusty.inc.php +++ b/lib/configfiles/trusty.inc.php @@ -302,15 +302,10 @@ return array( 'apt-get install dovecot-imapd dovecot-pop3d dovecot-mysql mail-stack-delivery' ), 'files' => array( - 'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf', 'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf', - 'etc_dovecot_conf.d_auth-sql.conf.ext' => '/etc/dovecot/conf.d/auth-sql.conf.ext', 'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext' ), - 'commands_2' => array( - 'chmod 0640 /etc/dovecot/dovecot-sql.conf.ext' - ), 'restart' => array( 'service dovecot restart' ) From e7d07c7924ab7d4df24ff7cef1d74924480a8197 Mon Sep 17 00:00:00 2001 From: Lednerb Date: Mon, 12 Jan 2015 14:32:00 +0100 Subject: [PATCH 9/9] Deleted unnecessary config template --- .../dovecot/etc_dovecot_conf.d_auth-sql.conf.ext | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext diff --git a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext b/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext deleted file mode 100644 index 156a491b..00000000 --- a/templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext +++ /dev/null @@ -1,8 +0,0 @@ -passdb { - driver = sql - args = /etc/dovecot/dovecot-sql.conf.ext -} -userdb { - driver = sql - args = /etc/dovecot/dovecot-sql.conf.ext -}