diff --git a/lib/configfiles/jessie.xml b/lib/configfiles/jessie.xml
index 8651d62b..2019e1c8 100644
--- a/lib/configfiles/jessie.xml
+++ b/lib/configfiles/jessie.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
 	<distribution name="Debian" codename="Jessie"
-		version="8.x" defaulteditor="/usr/bin/nano">
+		version="8.x" defaulteditor="/usr/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
diff --git a/lib/configfiles/precise.xml b/lib/configfiles/precise.xml
deleted file mode 100644
index 6555238f..00000000
--- a/lib/configfiles/precise.xml
+++ /dev/null
@@ -1,1788 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<froxlor>
-	<distribution name="Ubuntu" codename="Precise"
-		version="12.04" defaulteditor="/usr/bin/nano" deprecated="true">
-		<services>
-			<!-- HTTP -->
-			<service type="http" title="{{lng.admin.configfiles.http}}">
-				<!-- general HTTP commands -->
-				<general>
-					<commands index="1">
-						<command>
-							<visibility mode="isdir">{{settings.system.apacheconf_vhost}}
-							</visibility>
-							<content><![CDATA[mkdir -p {{settings.system.apacheconf_vhost}}]]></content>
-						</command>
-						<command>
-							<visibility mode="isfile">{{settings.system.apacheconf_vhost}}
-							</visibility>
-							<content><![CDATA[touch {{settings.system.apacheconf_vhost}}]]></content>
-						</command>
-						<command><![CDATA[chown root:0 {{settings.system.apacheconf_vhost}}]]></command>
-						<command><![CDATA[chmod 0600 {{settings.system.apacheconf_vhost}}]]></command>
-						<command>
-							<visibility mode="isdir">{{settings.system.apacheconf_diroptions}}
-							</visibility>
-							<content><![CDATA[mkdir -p {{settings.system.apacheconf_diroptions}}]]></content>
-						</command>
-						<command>
-							<visibility mode="isfile">{{settings.system.apacheconf_diroptions}}
-							</visibility>
-							<content><![CDATA[touch {{settings.system.apacheconf_diroptions}}]]></content>
-						</command>
-						<command><![CDATA[chown root:0 {{settings.system.apacheconf_diroptions}}]]></command>
-						<command><![CDATA[chmod 0600 {{settings.system.apacheconf_diroptions}}]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.documentroot_prefix}}]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.logfiles_directory}}]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command><![CDATA[chmod 1777 {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command>
-							<visibility mode="notempty">{{settings.system.deactivateddocroot}}
-							</visibility>
-							<content><![CDATA[mkdir -p {{settings.system.deactivateddocroot}}]]></content>
-						</command>
-					</commands>
-				</general>
-				<!-- HTTP Apache -->
-				<daemon name="apache" version="2.2" title="Apache 2.2"
-					default="true">
-					<install><![CDATA[apt-get install apache2]]></install>
-					<include>//service[@type='http']/general/commands</include>
-					<command><![CDATA[a2dismod userdir]]></command>
-					<command><![CDATA[a2enmod headers]]></command>
-					<command>
-						<visibility mode="true">{{settings.system.use_ssl}}
-						</visibility>
-						<content><![CDATA[a2enmod ssl]]></content>
-					</command>
-					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
-						<visibility mode="true">{{settings.phpfpm.enabled}}
-						</visibility>
-						<content><![CDATA[
-<IfModule mod_fastcgi.c>
-    FastCgiIpcDir <FPM_IPCDIR>
-
-    <Location "/fastcgiphp">
-        Order Deny,Allow
-        Deny from All
-        # Prevent accessing this path directly
-        Allow from env=REDIRECT_STATUS
-    </Location>
-</IfModule>
-]]>
-						</content>
-					</file>
-					<file name="{{settings.system.letsencryptacmeconf}}">
-						<visibility mode="true">{{settings.system.leenabled}}
-						</visibility>
-						<content><![CDATA[
-Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}}/.well-known/acme-challenge"
-<Directory "{{settings.system.letsencryptchallengepath}}/.well-known/acme-challenge">
-	Order allow,deny
-	Allow from all
-</Directory>
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/apache2 restart]]></command>
-				</daemon>
-				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
-					<install><![CDATA[apt-get install lighttpd]]></install>
-					<file name="/etc/lighttpd/lighttpd.conf">
-						<content><![CDATA[
-###############################################################################
-# Default lighttpd.conf for Froxlor.
-###############################################################################
-var.basedir  = "/var/www"
-var.logdir   = "/var/log/lighttpd"
-var.statedir = "/var/lib/lighttpd"
-
-server.modules = (
-	"mod_rewrite",
-	"mod_redirect",
-	"mod_alias",
-	"mod_access",
-	"mod_auth",
-	"mod_fastcgi",
-	"mod_cgi",
-	"mod_setenv",
-	"mod_accesslog"
-)
-
-server.username      = "www-data"
-server.groupname     = "www-data"
-server.document-root = var.basedir
-server.pid-file      = "/var/run/lighttpd.pid"
-accesslog.filename   = var.logdir + "/access.log"
-server.errorlog      = var.logdir  + "/error.log"
-
-server.indexfiles    = ("index.php", "index.html",
-						"index.htm", "default.htm")
-
-server.name			 = "<SERVERNAME>"
-server.port          = 80
-server.bind          = "<SERVERIP>"
-url.access-deny = ("~", ".inc")
-
-fastcgi.server = (
-".php" => (
-		"localhost" => (
-			"socket" => "/tmp/lighttpd-fcgi-sock-lighttpd",
-			"broken-scriptfilename" => "enable",
-			"bin-path" => "/usr/bin/php5-cgi",
-			"min-procs" => 1,
-			"max-procs" => 1,
-			"max-load-per-proc" => 4,
-			"idle-timeout" => 60,
-			"bin-environment" => (
-				"UID" => "www-data",
-				"GID" => "www-data",
-				"PHP_FCGI_CHILDREN" => "0",
-				"PHP_FCGI_MAX_REQUESTS" => "10000"
-			),
-			"bin-copy-environment" => ( "" )
-		)
-	)
-)
-
-alias.url           += ("/.well-known/acme-challenge/" => "{{settings.system.letsencryptchallengepath}}/.well-known/acme-challenge/")
-
-#### external configuration files
-## mimetype mapping
-include_shell "/usr/share/lighttpd/create-mime.assign.pl"
-]]>
-						</content>
-					</file>
-					<include>//service[@type='http']/general/commands</include>
-					<command>
-						<visibility mode="isdir">{{settings.system.apacheconf_vhost}}
-						</visibility>
-						<content><![CDATA[echo -e '\\ninclude_shell "cat {{settings.system.apacheconf_vhost}}*.conf"' >> /etc/lighttpd/lighttpd.conf]]></content>
-					</command>
-					<command>
-						<visibility mode="isfile">{{settings.system.apacheconf_vhost}}
-						</visibility>
-						<content><![CDATA[echo -e '\\ninclude "{{settings.system.apacheconf_vhost}}"' >> /etc/lighttpd/lighttpd.conf]]></content>
-					</command>
-					<command>
-						<visibility mode="isdir">{{settings.system.apacheconf_diroptions}}
-						</visibility>
-						<content><![CDATA[echo -e '\\ninclude_shell "cat {{settings.system.apacheconf_diroptions}}*.conf"' >> /etc/lighttpd/lighttpd.conf]]></content>
-					</command>
-					<command>
-						<visibility mode="isfile">{{settings.system.apacheconf_diroptions}}
-						</visibility>
-						<content><![CDATA[echo -e '\\ninclude "{{settings.system.apacheconf_diroptions}}"' >> /etc/lighttpd/lighttpd.conf]]></content>
-					</command>
-					<command><![CDATA[lighty-disable-mod cgi]]></command>
-					<command><![CDATA[lighty-disable-mod fastcgi]]></command>
-					<command><![CDATA[/etc/init.d/lighttpd restart]]></command>
-				</daemon>
-				<!-- HTTP Nginx -->
-				<daemon name="nginx" title="nginx">
-					<install><![CDATA[apt-get install nginx php5-cli]]></install>
-					<install>
-						<visibility mode="false">{{settings.phpfpm.enabled}}
-						</visibility>
-						<visibility mode="false">{{settings.system.mod_fcgid}}
-						</visibility>
-						<content><![CDATA[apt-get install php5-cgi]]></content>
-					</install>
-					<command><![CDATA[rm /etc/nginx/sites-enabled/default]]></command>
-					<file name="/etc/nginx/nginx.conf">
-						<content><![CDATA[
-user www-data;
-worker_processes  4;
-
-pid /var/run/nginx.pid;
-
-events {
-    worker_connections  1024;
-}
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    access_log  /var/log/nginx/access.log;
-
-    sendfile        on;
-    tcp_nodelay     on;
-
-    keepalive_timeout  65;
-
-    gzip  on;
-
-    include /etc/nginx/conf.d/*.conf;
-    include /etc/nginx/sites-enabled/*;
-}
-]]>
-						</content>
-					</file>
-					<file name="/etc/nginx/fastcgi_params">
-						<content><![CDATA[
-fastcgi_connect_timeout 65;
-fastcgi_send_timeout    180;
-fastcgi_read_timeout    180;
-
-fastcgi_param  QUERY_STRING       $query_string;
-fastcgi_param  REQUEST_METHOD     $request_method;
-fastcgi_param  CONTENT_TYPE       $content_type;
-fastcgi_param  CONTENT_LENGTH     $content_length;
-
-fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
-fastcgi_param  REQUEST_URI        $request_uri;
-fastcgi_param  DOCUMENT_URI       $document_uri;
-fastcgi_param  DOCUMENT_ROOT      $document_root;
-fastcgi_param  SERVER_PROTOCOL    $server_protocol;
-fastcgi_param  HTTPS              $https if_not_empty;
-
-fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
-fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
-
-fastcgi_param  REMOTE_ADDR        $remote_addr;
-fastcgi_param  REMOTE_PORT        $remote_port;
-fastcgi_param  SERVER_ADDR        $server_addr;
-fastcgi_param  SERVER_PORT        $server_port;
-fastcgi_param  SERVER_NAME        $server_name;
-
-# PHP only, required if PHP was built with --enable-force-cgi-redirect
-fastcgi_param  REDIRECT_STATUS    200;
-]]>
-						</content>
-					</file>
-					<file name="{{settings.system.letsencryptacmeconf}}">
-						<visibility mode="true">{{settings.system.leenabled}}
-						</visibility>
-						<content><![CDATA[
-location /.well-known/acme-challenge {
-	alias {{settings.system.letsencryptchallengepath}}/.well-known/acme-challenge;
-
-	location ~ /.well-known/acme-challenge/(.*) {
-		default_type text/plain;
-	}
-}
-]]>
-						</content>
-					</file>
-					<file name="/etc/init.d/php-fcgi" chmod="u+x">
-						<visibility mode="false">{{settings.phpfpm.enabled}}
-						</visibility>
-						<visibility mode="false">{{settings.system.mod_fcgid}}
-						</visibility>
-						<content><![CDATA[
-#!/bin/bash
-### BEGIN INIT INFO
-# Provides:          php-fcgi
-# Required-Start:    $remote_fs $syslog
-# Required-Stop:     $remote_fs $syslog
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: php-fcgi initscript
-# Description:       Custom php-fcgi initscript for Froxlor
-### END INIT INFO
-
-BIND="127.0.0.1:8888"
-USER="www-data"
-PHP_FCGI_CHILDREN="15"
-PHP_FCGI_MAX_REQUESTS="1000"
-
-PHP_CGI="/usr/bin/php-cgi"
-PHP_CGI_NAME="$(basename ${PHP_CGI})"
-PHP_CGI_ARGS="- USER=${USER} PATH=/usr/bin PHP_FCGI_CHILDREN=${PHP_FCGI_CHILDREN} PHP_FCGI_MAX_REQUESTS=${PHP_FCGI_MAX_REQUESTS} ${PHP_CGI} -b ${BIND}"
-RETVAL="0"
-
-start() {
-      echo -n "Starting PHP FastCGI: "
-      start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- $PHP_CGI_ARGS
-      RETVAL="$?"
-      echo "${PHP_CGI_NAME}."
-}
-stop() {
-      echo -n "Stopping PHP FastCGI: "
-      killall -q -w -u ${USER} ${PHP_CGI}
-      RETVAL="$?"
-      echo "${PHP_CGI_NAME}."
-}
-
-case "$1" in
-    start)
-      start
-  ;;
-    stop)
-      stop
-  ;;
-    restart)
-      stop
-      start
-  ;;
-    *)
-      echo "Usage: php-fastcgi {start|stop|restart}"
-      exit 1
-  ;;
-esac
-exit "$RETVAL"
-]]>
-						</content>
-					</file>
-					<include>//service[@type='http']/general/commands</include>
-					<command>
-						<visibility mode="false">{{settings.phpfpm.enabled}}
-						</visibility>
-						<visibility mode="false">{{settings.system.mod_fcgid}}
-						</visibility>
-						<content><![CDATA[/etc/init.d/php-fcgi restart]]></content>
-					</command>
-					<command><![CDATA[/etc/init.d/nginx restart]]></command>
-				</daemon>
-			</service>
-			<!--DNS -->
-			<service type="dns" title="{{lng.admin.configfiles.dns}}">
-				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver" default="true">
-					<install><![CDATA[apt-get install bind9]]></install>
-					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf]]></command>
-					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
-					<command><![CDATA[chown root:bind {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
-					<command><![CDATA[chmod 0644 {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
-					<command><![CDATA[/etc/init.d/bind9 restart]]></command>
-				</daemon>
-				<daemon name="powerdns" title="PowerDNS (standalone)">
-					<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
-					<file name="/etc/powerdns/pdns.conf" backup="true" chmod="600">
-						<content><![CDATA[
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
-# add these entries to the list if any speficied: <AXFRSERVERS>
-allow-recursion=127.0.0.1
-config-dir=/etc/powerdns
-daemon=yes
-guardian=yes
-lazy-recursion=yes
-local-port=53
-master=yes
-module-dir=/usr/lib/powerdns
-setgid=pdns
-setuid=pdns
-socket-dir=/var/run
-version-string=powerdns
-include-dir=/etc/powerdns/froxlor/
-]]>
-						</content>
-					</file>
-					<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
-					<file name="/etc/powerdns/froxlor/pdns_froxlor.conf"
-						chown="root:root" chmod="600">
-						<content><![CDATA[
-# mysql-settings / you need to create the power-dns database for yourself!
-launch=gmysql
-gmysql-host=127.0.0.1
-gmysql-port=3306
-gmysql-dbname=pdns
-gmysql-user=powerdns
-gmysql-group=client
-gmysql-password=
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/pdns restart]]></command>
-				</daemon>
-				<daemon name="powerdns_bind"
-					title="PowerDNS via bind-backend">
-					<install><![CDATA[apt-get install pdns-server]]></install>
-					<file name="/etc/powerdns/pdns.conf" backup="true" chmod="600">
-						<content><![CDATA[
-allow-recursion=127.0.0.1
-config-dir=/etc/powerdns
-daemon=yes
-guardian=yes
-launch=bind
-lazy-recursion=yes
-local-port=53
-master=yes
-module-dir=/usr/lib/powerdns
-setgid=pdns
-setuid=pdns
-socket-dir=/var/run
-version-string=powerdns
-bind-config=<BIND_CONFIG_PATH>named.conf
-bind-check-interval=300
-include-dir=/etc/powerdns/froxlor/
-]]>
-						</content>
-					</file>
-					<command><![CDATA[mkdir -p /etc/powerdns/froxlor/]]></command>
-					<file name="/etc/powerdns/froxlor/pdns_froxlor.conf"
-						chown="root:root" chmod="600">
-						<content><![CDATA[
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
-# add these entries to the list if any speficied: <AXFRSERVERS>
-#local-ipv6=YOUR_IPv6_(if_any)
-bind-config=<BIND_CONFIG_PATH>named.conf
-bind-check-interval=180
-log-dns-details=yes
-local-address=<SERVERIP>,127.0.0.1
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/pdns restart]]></command>
-				</daemon>
-			</service>
-			<!-- SMTP services -->
-			<service type="smtp" title="{{lng.admin.configfiles.smtp}}">
-				<!-- general SMTP commands -->
-				<general>
-					<commands index="1">
-						<command>
-							<visibility mode="groupnotexists">{{settings.system.vmail_gid}}
-							</visibility>
-							<content><![CDATA[groupadd -g {{settings.system.vmail_gid}} vmail]]></content>
-						</command>
-						<command>
-							<visibility mode="usernotexists">{{settings.system.vmail_uid}}
-							</visibility>
-							<content><![CDATA[useradd -u {{settings.system.vmail_uid}} -g vmail vmail]]></content>
-						</command>
-					</commands>
-					<installs index="1">
-						<install><![CDATA[apt-get install postfix postfix-mysql]]></install>
-					</installs>
-					<commands index="2">
-						<command><![CDATA[mkdir -p /var/spool/postfix/etc/pam.d]]></command>
-						<command><![CDATA[mkdir -p /var/spool/postfix/var/run/mysqld]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.vmail_homedir}}]]></command>
-						<command><![CDATA[chown -R {{settings.system.vmail_uid}}:{{settings.system.vmail_gid}} {{settings.system.vmail_homedir}}]]></command>
-						<command><![CDATA[chmod 0750  {{settings.system.vmail_homedir}}]]></command>
-					</commands>
-					<files index="0">
-						<file name="/etc/postfix/mysql-virtual_alias_maps.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-hosts = <SQL_HOST>
-query = SELECT destination FROM mail_virtual WHERE email = '%s' AND trim(destination) <> ''
-]]>
-							</content>
-						</file>
-						<file name="/etc/postfix/mysql-virtual_mailbox_domains.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-hosts = <SQL_HOST>
-query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
-]]>
-							</content>
-						</file>
-						<file name="/etc/postfix/mysql-virtual_mailbox_maps.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-expansion_limit = 1
-hosts = <SQL_HOST>
-query = SELECT CONCAT(homedir,maildir) FROM mail_users WHERE email = '%s'
-]]>
-							</content>
-						</file>
-						<file name="/etc/postfix/mysql-virtual_sender_permissions.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-hosts = <SQL_HOST>
-query = SELECT DISTINCT username FROM mail_users WHERE email in ((SELECT mail_virtual.email_full FROM mail_virtual WHERE mail_virtual.email = '%s' UNION SELECT mail_virtual.destination FROM mail_virtual WHERE mail_virtual.email = '%s'));
-]]>
-							</content>
-						</file>
-						<file name="/etc/postfix/mysql-virtual_uid_maps.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-expansion_limit = 1
-hosts = <SQL_HOST>
-query = SELECT uid FROM mail_users WHERE email = '%s'
-]]>
-							</content>
-						</file>
-						<file name="/etc/postfix/mysql-virtual_gid_maps.cf"
-							chown="root:postfix" chmod="0640">
-							<content><![CDATA[
-user = <SQL_UNPRIVILEGED_USER>
-password = <SQL_UNPRIVILEGED_PASSWORD>
-dbname = <SQL_DB>
-expansion_limit = 1
-hosts = <SQL_HOST>
-query = SELECT gid FROM mail_users WHERE email = '%s'
-]]>
-							</content>
-						</file>
-						<file name="/etc/aliases" backup="true">
-							<content><![CDATA[
-# /etc/aliases
-mailer-daemon: postmaster
-postmaster: root
-nobody: root
-hostmaster: root
-usenet: root
-news: root
-webmaster: root
-www: root
-ftp: root
-abuse: root
-noc: root
-security: root
-
-# change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
-]]>
-							</content>
-						</file>
-					</files>
-					<commands index="3">
-						<command><![CDATA[newaliases]]></command>
-						<command><![CDATA[/etc/init.d/postfix restart]]></command>
-					</commands>
-				</general>
-				<!-- postfix with dovecot -->
-				<daemon name="postfix_dovecot" title="Postfix with dovecot"
-					default="true">
-					<include>//service[@type='smtp']/general/commands[@index=1]
-					</include>
-					<include>//service[@type='smtp']/general/installs[@index=1]
-					</include>
-					<include>//service[@type='smtp']/general/commands[@index=2]
-					</include>
-					<file name="/etc/postfix/main.cf" chown="root:root"
-						chmod="0644" backup="true">
-						<content><![CDATA[
-## General Postfix configuration
-# FQDN from Froxlor
-mydomain = <SERVERNAME>
-
-# set myhostname to $mydomain because Froxlor alrady uses a FQDN
-myhostname = $mydomain
-
-mydestination = $myhostname,
-	$mydomain,
-	localhost.$myhostname,
-	localhost.$mydomain,
-	localhost
-mynetworks = 127.0.0.0/8
-inet_interfaces = all
-append_dot_mydomain = no
-biff = no
-
-# Postfix performance settings
-default_destination_concurrency_limit = 20
-local_destination_concurrency_limit = 2
-
-# SMTPD Settings
-smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
-smtpd_helo_required = yes
-smtpd_recipient_restrictions = permit_mynetworks,
-	permit_sasl_authenticated,
-	reject_unauth_destination,
-	reject_unauth_pipelining,
-	reject_non_fqdn_recipient
-smtpd_sender_restrictions = permit_mynetworks,
-	reject_sender_login_mismatch,
-	permit_sasl_authenticated,
-	reject_unknown_helo_hostname,
-	reject_unknown_recipient_domain,
-	reject_unknown_sender_domain
-smtpd_client_restrictions = permit_mynetworks,
-	permit_sasl_authenticated,
-	reject_unknown_client_hostname
-
-# Postfix 2.10 requires this option. Postfix < 2.10 ignores this.
-# The option is intentionally left empty.
-smtpd_relay_restrictions =
-
-# Maximum size of Message in bytes (50MB)
-message_size_limit = 52428800
-
-## SASL Auth Settings
-smtpd_sasl_auth_enable = yes
-smtpd_sasl_local_domain = $myhostname
-broken_sasl_auth_clients = yes
-## Dovecot Settings for deliver, SASL Auth and virtual transport
-smtpd_sasl_type = dovecot
-virtual_transport = dovecot
-dovecot_destination_recipient_limit = 1
-smtpd_sasl_path = private/dovecot-auth
-
-# Virtual delivery settings
-virtual_mailbox_base = /
-virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
-virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
-virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
-smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf
-virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
-virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
-
-# Local delivery settings
-local_transport = local
-alias_maps = $alias_database
-
-# Default Mailbox size, is set to 0 which means unlimited!
-mailbox_size_limit = 0
-virtual_mailbox_limit = 0
-
-### TLS settings
-###
-## TLS for outgoing mails from the server to another server
-#smtp_tls_security_level = may
-#smtp_tls_note_starttls_offer = yes
-## TLS for incoming connections (clients or other mail servers)
-#smtpd_tls_security_level = may
-#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
-#smtpd_tls_key_file = $smtpd_tls_cert_file
-#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
-#smtpd_tls_loglevel = 1
-#smtpd_tls_received_header = yes
-
-debugger_command =
-         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
-         ddd $daemon_directory/$process_name $process_id & sleep 5
-]]>
-						</content>
-					</file>
-					<include>//service[@type='smtp']/general/files[@index=0]</include>
-					<file name="/etc/postfix/master.cf" chown="root:root"
-						chmod="0644" backup="true" mode="append">
-						<content><![CDATA[
-# Add these lines to be able to use dovecot as delivery agent
-# Dovecot LDA
-dovecot	  unix	-	n	n	-	-	pipe
-	flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
-]]>
-						</content>
-					</file>
-					<include>//service[@type='smtp']/general/commands[@index=3]
-					</include>
-				</daemon>
-				<!-- postfix with courier -->
-				<daemon name="postfix_courier" title="Postfix with courier">
-					<include>//service[@type='smtp']/general/commands[@index=1]
-					</include>
-					<include>//service[@type='smtp']/general/installs[@index=1]
-					</include>
-					<install><![CDATA[apt-get install libsasl2-2 libsasl2-modules libsasl2-modules-sql]]></install>
-					<include>//service[@type='smtp']/general/commands[@index=2]
-					</include>
-					<file name="/etc/postfix/main.cf" chown="root:root"
-						chmod="0644" backup="true">
-						<content><![CDATA[
-## General Postfix configuration
-# should be the default domain from your provider eg. "server100.provider.tld"
-mydomain = <SERVERNAME>
-
-# should be different from $mydomain eg. "mail.$mydomain"
-myhostname = mail.$mydomain
-
-mydestination = $myhostname,
-	$mydomain,
-	localhost.$myhostname,
-	localhost.$mydomain,
-	localhost
-mynetworks = 127.0.0.0/8
-inet_interfaces = all
-append_dot_mydomain = no
-biff = no
-
-# Postfix performance settings
-default_destination_concurrency_limit = 20
-local_destination_concurrency_limit = 2
-
-# SMTPD Settings
-smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
-smtpd_helo_required = yes
-smtpd_recipient_restrictions = permit_mynetworks,
-	permit_sasl_authenticated,
-	reject_unauth_destination,
-	reject_unauth_pipelining,
-	reject_non_fqdn_recipient
-smtpd_sender_restrictions = permit_mynetworks,
-	reject_sender_login_mismatch,
-	permit_sasl_authenticated,
-	reject_unknown_helo_hostname,
-	reject_unknown_recipient_domain,
-	reject_unknown_sender_domain
-smtpd_client_restrictions = permit_mynetworks,
-	permit_sasl_authenticated,
-	reject_unknown_client_hostname
-
-# Postfix 2.10 requires this option. Postfix < 2.10 ignores this.
-# The option is intentionally left empty.
-smtpd_relay_restrictions =
-
-# Maximum size of Message in bytes (50MB)
-message_size_limit = 52428800
-
-## SASL Auth Settings
-smtpd_sasl_auth_enable = yes
-smtpd_sasl_local_domain = $myhostname
-broken_sasl_auth_clients = yes
-
-# Virtual delivery settings
-virtual_mailbox_base = /
-virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
-virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
-virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
-smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf
-virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
-virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
-
-# Local delivery settings
-local_transport = local
-alias_maps = $alias_database
-
-# Default Mailbox size, is set to 0 which means unlimited!
-mailbox_size_limit = 0
-virtual_mailbox_limit = 0
-
-### TLS settings
-###
-## TLS for outgoing mails from the server to another server
-#smtp_tls_security_level = may
-#smtp_tls_note_starttls_offer = yes
-## TLS for email client
-#smtpd_tls_security_level = may
-#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
-#smtpd_tls_key_file = $smtpd_tls_cert_file
-#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
-#smtpd_tls_loglevel = 1
-#smtpd_tls_received_header = yes
-
-debugger_command =
-         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
-         ddd $daemon_directory/$process_name $process_id & sleep 5
-]]>
-						</content>
-					</file>
-					<include>//service[@type='smtp']/general/files[@index=0]</include>
-					<file name="/etc/postfix/sasl/smtpd.conf" chown="root:root"
-						chmod="0600">
-						<content><![CDATA[
-pwcheck_method: auxprop
-auxprop_plugin: sql
-allowanonymouslogin: no
-allowplaintext: yes
-mech_list: plain login cram-md5 digest-md5
-sql_engine: mysql
-sql_hostnames: <SQL_HOST>
-sql_user: <SQL_UNPRIVILEGED_USER>
-sql_passwd: <SQL_UNPRIVILEGED_PASSWORD>
-sql_database: <SQL_DB>
-sql_select: SELECT password FROM mail_users WHERE username='%u@%r' OR email='%u@%r'
-]]>
-						</content>
-					</file>
-					<include>//service[@type='smtp']/general/commands[@index=3]
-					</include>
-				</daemon>
-			</service>
-			<!-- IMAP/POP3 services -->
-			<service type="mail" title="{{lng.admin.configfiles.mail}}">
-				<!-- Dovecot -->
-				<daemon name="dovecot" version="2" title="Dovecot"
-					default="true">
-					<install><![CDATA[apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql dovecot-managesieved dovecot-sieve mail-stack-delivery]]></install>
-					<file name="/etc/dovecot/conf.d/01-mail-stack-delivery.conf"
-						chown="root:root" chmod="0644" backup="true">
-						<content><![CDATA[
-# Some general options
-protocols = imap pop3 sieve
-disable_plaintext_auth = no
-ssl = yes
-ssl_cert = </etc/ssl/certs/ssl-mail.pem
-ssl_key = </etc/ssl/private/ssl-mail.key
-ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
-mail_location = maildir:~/Maildir
-auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
-
-# IMAP configuration
-protocol imap {
-        mail_plugins = quota imap_quota
-        mail_max_userip_connections = 10
-	imap_client_workarounds = delay-newmail
-
-	# IMAP logout format string:
-	#  %i - total number of bytes read from client
-	#  %o - total number of bytes sent to client
-	imap_logout_format = in=%i out=%o
-}
-
-# POP3 configuration
-protocol pop3 {
-        mail_max_userip_connections = 10
-        pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
-	pop3_uidl_format = UID%u-%v
-	mail_plugins = quota
-
-	# POP3 logout format string:
-	# %i - total number of bytes read from client
-	# %o - total number of bytes sent to client
-	# %t - number of TOP commands
-	# %p - number of bytes sent to client as a result of TOP command
-	# %r - number of RETR commands
-	# %b - number of bytes sent to client as a result of RETR command
-	# %d - number of deleted messages
-	# %m - number of messages (before deletion)
-	# %s - mailbox size in bytes (before deletion)
-	# %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
-	pop3_logout_format = in=%i out=%o top=%t/%p retr=%r/%b del=%d/%m size=%s
-}
-
-# LDA configuration
-protocol lda {
-	postmaster_address = postmaster@<SERVERNAME>
-	mail_plugins = sieve quota
-		quota_full_tempfail = yes
-		deliver_log_format = msgid=%m: %$
-		rejection_reason = Your message to <%t> was automatically rejected:%n%r
-}
-
-# Sieve configuration
-protocol sieve {
-}
-
-service managesieve-login {
-	inet_listener sieve {
-		port = 4190
-	}
-}
-
-service managesieve {
-}
-
-# Plugins configuration
-plugin {
-	sieve = ~/sieve/.dovecot.sieve
-	sieve_dir = ~/sieve
-	quota = maildir
-}
-
-# Authentication configuration
-auth_mechanisms = plain login
-
-service auth {
-  # Postfix smtp-auth
-  unix_listener /var/spool/postfix/private/dovecot-auth {
-    mode = 0660
-    user = postfix
-    group = postfix
-  }
-}
-]]>
-						</content>
-					</file>
-					<file name="/etc/dovecot/conf.d/10-auth.conf"
-						chown="root:root" chmod="0640" backup="true">
-						<content><![CDATA[
-##
-## Authentication processes
-##
-
-# Disable LOGIN command and all other plaintext authentications unless
-# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
-# matches the local IP (ie. you're connecting from the same computer), the
-# connection is considered secure and plaintext authentication is allowed.
-#disable_plaintext_auth = yes
-
-# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
-# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
-#auth_cache_size = 0
-# Time to live for cached data. After TTL expires the cached record is no
-# longer used, *except* if the main database lookup returns internal failure.
-# We also try to handle password changes automatically: If user's previous
-# authentication was successful, but this one wasn't, the cache isn't used.
-# For now this works only with plaintext authentication.
-#auth_cache_ttl = 1 hour
-# TTL for negative hits (user not found, password mismatch).
-# 0 disables caching them completely.
-#auth_cache_negative_ttl = 1 hour
-
-# Space separated list of realms for SASL authentication mechanisms that need
-# them. You can leave it empty if you don't want to support multiple realms.
-# Many clients simply use the first one listed here, so keep the default realm
-# first.
-#auth_realms =
-
-# Default realm/domain to use if none was specified. This is used for both
-# SASL realms and appending @domain to username in plaintext logins.
-#auth_default_realm =
-
-# List of allowed characters in username. If the user-given username contains
-# a character not listed in here, the login automatically fails. This is just
-# an extra check to make sure user can't exploit any potential quote escaping
-# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
-# set this value to empty.
-#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
-
-# Username character translations before it's looked up from databases. The
-# value contains series of from -> to characters. For example "#@/@" means
-# that '#' and '/' characters are translated to '@'.
-#auth_username_translation =
-
-# Username formatting before it's looked up from databases. You can use
-# the standard variables here, eg. %Lu would lowercase the username, %n would
-# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
-# "-AT-". This translation is done after auth_username_translation changes.
-#auth_username_format =
-
-# If you want to allow master users to log in by specifying the master
-# username within the normal username string (ie. not using SASL mechanism's
-# support for it), you can specify the separator character here. The format
-# is then <username><separator><master username>. UW-IMAP uses "*" as the
-# separator, so that could be a good choice.
-#auth_master_user_separator =
-
-# Username to use for users logging in with ANONYMOUS SASL mechanism
-#auth_anonymous_username = anonymous
-
-# Maximum number of dovecot-auth worker processes. They're used to execute
-# blocking passdb and userdb queries (eg. MySQL and PAM). They're
-# automatically created and destroyed as needed.
-#auth_worker_max_count = 30
-
-# Host name to use in GSSAPI principal names. The default is to use the
-# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
-# entries.
-#auth_gssapi_hostname =
-
-# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
-# default (usually /etc/krb5.keytab) if not specified. You may need to change
-# the auth service to run as root to be able to read this file.
-#auth_krb5_keytab =
-
-# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
-# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
-#auth_use_winbind = no
-
-# Path for Samba's ntlm_auth helper binary.
-#auth_winbind_helper_path = /usr/bin/ntlm_auth
-
-# Time to delay before replying to failed authentications.
-#auth_failure_delay = 2 secs
-
-# Require a valid SSL client certificate or the authentication fails.
-#auth_ssl_require_client_cert = no
-
-# Take the username from client's SSL certificate, using
-# X509_NAME_get_text_by_NID() which returns the subject's DN's
-# CommonName.
-#auth_ssl_username_from_cert = no
-
-# Space separated list of wanted authentication mechanisms:
-#   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
-#   gss-spnego
-# NOTE: See also disable_plaintext_auth setting.
-auth_mechanisms = plain login
-
-##
-## Password and user databases
-##
-
-#
-# Password database is used to verify user's password (and nothing more).
-# You can have multiple passdbs and userdbs. This is useful if you want to
-# allow both system users (/etc/passwd) and virtual users to login without
-# duplicating the system users into virtual database.
-#
-# <doc/wiki/PasswordDatabase.txt>
-#
-# User database specifies where mails are located and what user/group IDs
-# own them. For single-UID configuration use "static" userdb.
-#
-# <doc/wiki/UserDatabase.txt>
-
-#!include auth-deny.conf.ext
-#!include auth-master.conf.ext
-
-#!include auth-system.conf.ext
-!include auth-sql.conf.ext
-#!include auth-ldap.conf.ext
-#!include auth-passwdfile.conf.ext
-#!include auth-checkpassword.conf.ext
-#!include auth-vpopmail.conf.ext
-#!include auth-static.conf.ext
-]]>
-						</content>
-					</file>
-					<file name="/etc/dovecot/conf.d/auth-sql.conf.ext"
-						chown="root:0" chmod="0644" backup="true">
-						<content><![CDATA[
-passdb {
-    driver = sql
-    args = /etc/dovecot/dovecot-sql.conf.ext
-}
-userdb {
-    driver = sql
-    args = /etc/dovecot/dovecot-sql.conf.ext
-}
-]]>
-						</content>
-					</file>
-					<file name="/etc/dovecot/dovecot-sql.conf.ext" chown="root:0"
-						chmod="0640" backup="true">
-						<content><![CDATA[
-driver = mysql
-connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
-default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
-user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u')
-iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/dovecot restart]]></command>
-				</daemon>
-				<!-- Courier -->
-				<daemon name="courier" title="Courier">
-					<install><![CDATA[apt-get install courier-pop courier-imap courier-authlib-mysql]]></install>
-					<file name="/etc/courier/authdaemonrc" chown="root:0"
-						chmod="0600" backup="true">
-						<content><![CDATA[
-##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
-#
-# Copyright 2000-2001 Double Precision, Inc.  See COPYING for
-# distribution information.
-#
-# authdaemonrc created from authdaemonrc.dist by sysconftool
-#
-# Do not alter lines that begin with ##, they are used when upgrading
-# this configuration.
-#
-# This file configures authdaemond, the resident authentication daemon.
-#
-# Comments in this file are ignored.  Although this file is intended to
-# be sourced as a shell script, authdaemond parses it manually, so
-# the acceptable syntax is a bit limited.  Multiline variable contents,
-# with the \ continuation character, are not allowed.  Everything must
-# fit on one line.  Do not use any additional whitespace for indentation,
-# or anything else.
-
-##NAME: authmodulelist:0
-#
-# The authentication modules that are linked into authdaemond.  The
-# default list is installed.  You may selectively disable modules simply
-# by removing them from the following list.  The available modules you
-# can use are: authcustom authcram authuserdb authldap authmysql authpam
-
-authmodulelist="authmysql"
-
-##NAME: authmodulelistorig:1
-#
-# This setting is used by Courier's webadmin module, and should be left
-# alone
-
-authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"
-
-##NAME: daemons:0
-#
-# The number of daemon processes that are started.  authdaemon is typically
-# installed where authentication modules are relatively expensive: such
-# as authldap, or authmysql, so it's better to have a number of them running.
-# PLEASE NOTE:  Some platforms may experience a problem if there's more than
-# one daemon.  Specifically, SystemV derived platforms that use TLI with
-# socket emulation.  I'm suspicious of TLI's ability to handle multiple
-# processes accepting connections on the same filesystem domain socket.
-#
-# You may need to increase daemons if as your system load increases.  Symptoms
-# include sporadic authentication failures.  If you start getting
-# authentication failures, increase daemons.  However, the default of 5
-# SHOULD be sufficient.  Bumping up daemon count is only a short-term
-# solution.  The permanent solution is to add more resources: RAM, faster
-# disks, faster CPUs...
-
-daemons=5
-
-##NAME: version:0
-#
-# When you have multiple versions of authdaemond.* installed, authdaemond
-# just picks the first one it finds.  Set "version" to override that.
-# For example:  version=authdaemond.plain
-
-version=""
-
-##NAME: authdaemonvar:0
-#
-# authdaemonvar is here, but is not used directly by authdaemond.  It's
-# used by various configuration and build scripts, so don't touch it!
-
-authdaemonvar=/var/run/courier/authdaemon
-]]>
-						</content>
-					</file>
-					<file name="/etc/courier/authmysqlrc" chown="root:0"
-						chmod="0600" backup="true">
-						<content><![CDATA[
-MYSQL_SERVER <SQL_HOST>
-MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
-MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
-MYSQL_PORT 3306
-MYSQL_DATABASE <SQL_DB>
-MYSQL_USER_TABLE mail_users
-MYSQL_CRYPT_PWFIELD password_enc
-MYSQL_UID_FIELD uid
-MYSQL_GID_FIELD gid
-MYSQL_LOGIN_FIELD username
-MYSQL_HOME_FIELD homedir
-MYSQL_MAILDIR_FIELD maildir
-MYSQL_QUOTA_FIELD (quota*1024*1024)
-MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/courier-authdaemon restart]]></command>
-					<command><![CDATA[/etc/init.d/courier-pop restart]]></command>
-				</daemon>
-			</service>
-			<!-- FTP services -->
-			<service type="ftp" title="{{lng.admin.configfiles.ftp}}">
-				<!-- Proftpd -->
-				<daemon name="proftpd" title="ProFTPd" default="true">
-					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<file name="/etc/proftpd/create-cert.sh" chown="root:0"
-						chmod="0700">
-						<content><![CDATA[#!/bin/bash
-[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
-]]>
-						</content>
-					</file>
-					<commands index="1">
-						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
-						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
-					</commands>
-					<file name="/etc/proftpd/proftpd.conf" chown="root:0"
-						chmod="0600" backup="true">
-						<content><![CDATA[
-#
-# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
-# To really apply changes reload proftpd after modifications.
-#
-
-# Includes DSO modules
-Include /etc/proftpd/modules.conf
-
-# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
-UseIPv6				on
-
-ServerName			"<SERVERNAME> FTP Server"
-ServerType			standalone
-DeferWelcome			off
-
-MultilineRFC2228		on
-DefaultServer			on
-ShowSymlinks			on
-
-TimeoutNoTransfer		600
-TimeoutStalled			600
-TimeoutIdle			1200
-
-DisplayLogin                    welcome.msg
-DisplayChdir               	.message true
-ListOptions                	"-l"
-
-DenyFilter			\*.*/
-
-# Use this to jail all users in their homes
-# DefaultRoot			~
-
-# Users require a valid shell listed in /etc/shells to login.
-# Use this directive to release that constrain.
-# RequireValidShell		off
-
-# Port 21 is the standard FTP port.
-Port				21
-
-# In some cases you have to specify passive ports range to by-pass
-# firewall limitations. Ephemeral ports can be used for that, but
-# feel free to use a more narrow range.
-# PassivePorts                  49152 65534
-
-# If your host was NATted, this option is useful in order to
-# allow passive tranfers to work. You have to use your public
-# address and opening the passive ports used on your firewall as well.
-# MasqueradeAddress		1.2.3.4
-
-# This is useful for masquerading address with dynamic IPs:
-# refresh any configured MasqueradeAddress directives every 8 hours
-<IfModule mod_dynmasq.c>
-# DynMasqRefresh 28800
-</IfModule>
-
-# To prevent DoS attacks, set the maximum number of child processes
-# to 30.  If you need to allow more than 30 concurrent connections
-# at once, simply increase this value.  Note that this ONLY works
-# in standalone mode, in inetd mode you should use an inetd server
-# that allows you to limit maximum number of processes per service
-# (such as xinetd)
-MaxInstances			30
-
-# Set the user and group that the server normally runs at.
-User				proftpd
-Group				nogroup
-
-# Umask 022 is a good standard umask to prevent new files and dirs
-# (second parm) from being group and world writable.
-Umask				022  022
-# Normally, we want files to be overwriteable.
-AllowOverwrite			on
-
-# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
-# PersistentPasswd		off
-
-# This is required to use both PAM-based authentication and local passwords
-# AuthOrder			mod_auth_pam.c* mod_auth_unix.c
-
-# Be warned: use of this directive impacts CPU average load!
-# Uncomment this if you like to see progress and transfer rate with ftpwho
-# in downloads. That is not needed for uploads rates.
-#
-# UseSendFile			off
-
-TransferLog /var/log/proftpd/xferlog
-SystemLog   /var/log/proftpd/proftpd.log
-
-# Allow up- and downloads to be continued
-AllowRetrieveRestart	On
-AllowStoreRestart		On
-
-<IfModule mod_quotatab.c>
-QuotaEngine on
-</IfModule>
-
-<IfModule mod_ratio.c>
-Ratios off
-</IfModule>
-
-
-# Delay engine reduces impact of the so-called Timing Attack described in
-# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
-# It is on by default.
-<IfModule mod_delay.c>
-DelayEngine off
-</IfModule>
-
-<IfModule mod_ctrls.c>
-ControlsEngine        off
-ControlsMaxClients    2
-ControlsLog           /var/log/proftpd/controls.log
-ControlsInterval      5
-ControlsSocket        /var/run/proftpd/proftpd.sock
-</IfModule>
-
-<IfModule mod_ctrls_admin.c>
-AdminControlsEngine off
-</IfModule>
-
-#
-# Alternative authentication frameworks
-#
-#Include /etc/proftpd/ldap.conf
-Include /etc/proftpd/sql.conf
-
-#
-# This is used for FTPS connections
-#
-Include /etc/proftpd/tls.conf
-]]>
-						</content>
-					</file>
-					<file name="/etc/proftpd/modules.conf" chown="root:0"
-						chmod="0644" backup="true">
-						<content><![CDATA[
-#
-# This file is used to manage DSO modules and features.
-#
-
-# This is the directory where DSO modules reside
-
-ModulePath /usr/lib/proftpd
-
-# Allow only user root to load and unload modules, but allow everyone
-# to see which modules have been loaded
-
-ModuleControlsACLs insmod,rmmod allow user root
-ModuleControlsACLs lsmod allow user *
-
-LoadModule mod_ctrls_admin.c
-LoadModule mod_tls.c
-
-# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this
-LoadModule mod_sql.c
-
-# Install proftpd-mod-ldap to use this
-#LoadModule mod_ldap.c
-
-#
-# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required
-# to have SQL authorization working. You can also comment out the
-# unused module here, in alternative.
-#
-
-# Install proftpd-mod-mysql to use this
-LoadModule mod_sql_mysql.c
-
-# Install proftpd-mod-pgsql to use this
-#LoadModule mod_sql_postgres.c
-
-#LoadModule mod_radius.c
-LoadModule mod_quotatab.c
-LoadModule mod_quotatab_file.c
-
-# Install proftpd-mod-ldap to use this
-#LoadModule mod_quotatab_ldap.c
-
-# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
-LoadModule mod_quotatab_sql.c
-LoadModule mod_quotatab_radius.c
-LoadModule mod_wrap.c
-LoadModule mod_rewrite.c
-LoadModule mod_load.c
-LoadModule mod_ban.c
-LoadModule mod_wrap2.c
-LoadModule mod_wrap2_file.c
-# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
-#LoadModule mod_wrap2_sql.c
-LoadModule mod_dynmasq.c
-
-
-# keep this module the last one
-LoadModule mod_ifsession.c
-]]>
-						</content>
-					</file>
-					<file name="/etc/proftpd/sql.conf" chown="root:0" chmod="0600"
-						backup="true">
-						<content><![CDATA[
-<IfModule mod_sql.c>
-DefaultRoot ~
-RequireValidShell off
-AuthOrder mod_sql.c
-
-SQLBackend mysql
-SQLEngine on
-SQLAuthenticate on
-
-SQLAuthTypes Crypt
-SQLAuthenticate users* groups*
-SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
-SQLUserInfo ftp_users username password uid gid homedir shell
-SQLGroupInfo ftp_groups groupname gid members
-SQLUserWhereClause "login_enabled = 'y'"
-
-SQLLog PASS login
-SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users
-
-SQLLog RETR download
-SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users
-
-SQLLog STOR upload
-SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users
-
-QuotaEngine on
-QuotaShowQuotas on
-QuotaDisplayUnits Mb
-QuotaLock /var/lock/ftpd.quotatab.lock
-QuotaLimitTable sql:/get-quota-limit
-QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
-SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'"
-SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
-SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
-SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
-
-</IfModule>
-]]>
-						</content>
-					</file>
-					<file name="/etc/proftpd/tls.conf" chown="root:root"
-						chmod="0644" backup="true">
-						<content><![CDATA[
-<IfModule mod_tls.c>
-TLSEngine                               on
-TLSLog                                  /var/log/proftpd/tls.log
-TLSProtocol                             TLSv1 TLSv1.1 TLSv1.2
-TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
-TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
-TLSECCertificateFile                    /etc/ssl/certs/proftpd_ec.crt
-TLSECCertificateKeyFile                 /etc/ssl/private/proftpd_ec.key
-TLSOptions                              NoCertRequest NoSessionReuseRequired
-TLSVerifyClient                         off
-
-# Are clients required to use FTP over TLS when talking to this server?
-#TLSRequired                             on
-
-# Allow SSL/TLS renegotiations when the client requests them, but
-# do not force the renegotations.  Some clients do not support
-# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
-# clients will close the data connection, or there will be a timeout
-# on an idle data connection.
-#
-#TLSRenegotiate                          required off
-</IfModule>
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/proftpd restart]]></command>
-				</daemon>
-				<!-- Pureftpd -->
-				<daemon name="pureftpd" title="PureFTPd">
-					<install><![CDATA[apt-get install pure-ftpd-common pure-ftpd-mysql]]></install>
-					<file name="/etc/pure-ftpd/conf/MinUID" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-1000
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/MySQLConfigFile"
-						chown="root:0" chmod="0644">
-						<content><![CDATA[
-/etc/pure-ftpd/db/mysql.conf
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/NoAnonymous" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-yes
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/MaxIdleTime" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-15
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/ChrootEveryone" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-yes
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/PAMAuthentication"
-						chown="root:0" chmod="0644">
-						<content><![CDATA[
-no
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/db/mysql.conf" chown="root:0"
-						chmod="0640" backup="true">
-						<content><![CDATA[
-MYSQLServer	<SQL_HOST>
-MYSQLUser       <SQL_UNPRIVILEGED_USER>
-MYSQLPassword   <SQL_UNPRIVILEGED_PASSWORD>
-MYSQLDatabase   <SQL_DB>
-MYSQLCrypt      any
-
-MYSQLGetPW      SELECT password FROM ftp_users WHERE username="\L" AND login_enabled="y"
-MYSQLGetUID     SELECT uid FROM ftp_users WHERE username="\L" AND login_enabled="y"
-MYSQLGetGID     SELECT gid FROM ftp_users WHERE username="\L" AND login_enabled="y"
-MYSQLGetDir     SELECT homedir FROM ftp_users WHERE username="\L" AND login_enabled="y"
-MySQLGetQTASZ 	SELECT panel_customers.diskspace/1024 AS QuotaSize FROM panel_customers, ftp_users WHERE username = "\L" AND panel_customers.loginname = SUBSTRING_INDEX('\L', 'ftp', 1)
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/CustomerProof" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-1
-]]>
-						</content>
-					</file>
-					<file name="/etc/pure-ftpd/conf/Bind" chown="root:0"
-						chmod="0644">
-						<content><![CDATA[
-21
-]]>
-						</content>
-					</file>
-					<file name="/etc/default/pure-ftpd-common" chown="root:0"
-						chmod="0644" backup="true">
-						<content><![CDATA[
-STANDALONE_OR_INETD=standalone
-VIRTUALCHROOT=false
-UPLOADSCRIPT=
-UPLOADUID=
-UPLOADGID=
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/pure-ftpd-mysql restart]]></command>
-				</daemon>
-			</service>
-			<!-- System tools/services -->
-			<service type="system" title="{{lng.admin.configfiles.etc}}">
-				<!-- Cronjob -->
-				<daemon name="cron" title="Cronjob for froxlor"
-					mandatory="true">
-					<file name="/etc/cron.d/froxlor" chown="root:0" chmod="0640">
-						<content><![CDATA[
-#
-# Set PATH, otherwise restart-scripts won't find start-stop-daemon
-#
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-#
-# Regular cron jobs for the froxlor package
-#
-# Please check that all following paths are correct
-#
-*/5 * * * *	root	/usr/bin/nice -n 5 /usr/bin/php -q <BASE_PATH>scripts/froxlor_master_cronjob.php
-]]>
-						</content>
-					</file>
-					<command><![CDATA[{{settings.system.crondreload}}]]></command>
-				</daemon>
-				<!-- AWstats -->
-				<daemon name="awstats"
-					title="Awstats (webalizer alternative)">
-					<install><![CDATA[apt-get install awstats]]></install>
-					<command><![CDATA[cp /usr/share/awstats/tools/awstats_buildstaticpages.pl {{settings.system.awstats_path}}]]></command>
-					<command><![CDATA[mv {{settings.system.awstats_conf}}/awstats.conf {{settings.system.awstats_conf}}/awstats.model.conf]]></command>
-					<command><![CDATA[sed -i.bak 's/^DirData/# DirData/' {{settings.system.awstats_conf}}/awstats.model.conf]]></command>
-					<command><![CDATA[sed -i.bak 's|^\\(DirIcons=\\).*$|\\1\\"/awstats-icon\\"|' {{settings.system.awstats_conf}}/awstats.model.conf]]></command>
-					<command><![CDATA[rm /etc/cron.d/awstats]]></command>
-				</daemon>
-				<!-- libnss-mysql -->
-				<daemon name="libnss"
-					title="libnss-mysql (required for FCGID/php-fpm/mpm-itk)">
-					<install><![CDATA[apt-get install libnss-mysql-bg nscd]]></install>
-					<file name="/etc/libnss-mysql.cfg" chown="root:root"
-						chmod="0600" backup="true">
-						<content><![CDATA[
-getpwnam    SELECT username,'x',uid,gid,'Froxlor Customer',homedir,shell \
-            FROM ftp_users \
-            WHERE username='%1$s' \
-            AND login_enabled = 'Y' \
-            ORDER BY LENGTH(username) \
-            LIMIT 1
-getpwuid    SELECT username,'x',uid,gid,'Froxlor Customer',homedir,shell \
-            FROM ftp_users \
-            WHERE uid='%1$u' \
-            AND login_enabled = 'Y' \
-            ORDER BY LENGTH(username) \
-            LIMIT 1
-getspnam    SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \
-            FROM ftp_users \
-            WHERE username='%1$s' \
-            AND login_enabled = 'Y' \
-            ORDER BY LENGTH(username) \
-            LIMIT 1
-getpwent    SELECT username,'x',uid,gid,'Froxlor Customer',homedir,shell \
-            FROM ftp_users
-getspent    SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \
-            FROM ftp_users
-getgrnam    SELECT groupname,'x',gid \
-            FROM ftp_groups \
-            WHERE groupname='%1$s' \
-            LIMIT 1
-getgrgid    SELECT groupname,'x',gid \
-            FROM ftp_groups \
-            WHERE gid='%1$u' \
-            LIMIT 1
-getgrent    SELECT groupname,'x',gid \
-            FROM ftp_groups
-memsbygid   SELECT members \
-            FROM ftp_groups \
-            WHERE gid='%1$u'
-gidsbymem   SELECT CONCAT_WS(',', gid) as gid \
-            FROM ftp_groups \
-            WHERE FIND_IN_SET('%1$s', members)
-
-host		<SQL_HOST>
-database	<SQL_DB>
-username	<SQL_UNPRIVILEGED_USER>
-password	<SQL_UNPRIVILEGED_PASSWORD>
-socket		/var/run/mysqld/mysqld.sock
-]]>
-						</content>
-					</file>
-					<command>
-						<!-- if a socket is set for the db-server use it -->
-						<visibility mode="notempty">{{sql.socket}}</visibility>
-						<content><![CDATA[sed -i.bak 's|^\\(socket\\).*$|\\1\\"{{sql.socket}}\\"|' /etc/libnss-mysql.cfg]]></content>
-					</command>
-					<file name="/etc/libnss-mysql-root.cfg" chown="root:root"
-						chmod="0600" backup="true">
-						<content><![CDATA[
-username	<SQL_UNPRIVILEGED_USER>
-password	<SQL_UNPRIVILEGED_PASSWORD>
-]]>
-						</content>
-					</file>
-					<file name="/etc/nsswitch.conf" backup="true">
-						<content><![CDATA[
-# Make sure that `passwd`, `group` and `shadow` have mysql in their lines
-# You should place mysql at the end, so that it is queried after the other mechanisams
-#
-passwd:         compat mysql
-group:          compat mysql
-shadow:         compat mysql
-
-hosts:       files dns
-networks:    files dns
-
-services:    db files
-protocols:   db files
-rpc:         db files
-ethers:      db files
-netmasks:    files
-netgroup:    files
-bootparams:  files
-
-automount:   files
-aliases:     files
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/nscd restart]]></command>
-					<!-- clear group chache -->
-					<command><![CDATA[nscd --invalidate=group]]></command>
-				</daemon>
-				<!-- libnss-extrausers -->
-				<daemon name="libnssextrausers"
-					title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
-					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
-					<commands index="1">
-						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
-					</commands>
-					<file name="/etc/nsswitch.conf" backup="true">
-						<content><![CDATA[
-# Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
-# You should place extrausers at the end, so that it is queried after the other mechanisams
-#
-passwd:         compat extrausers
-group:          compat extrausers
-shadow:         compat extrausers
-
-hosts:       files dns
-networks:    files dns
-
-services:    db files
-protocols:   db files
-rpc:         db files
-ethers:      db files
-netmasks:    files
-netgroup:    files
-bootparams:  files
-
-automount:   files
-aliases:     files
-]]>
-						</content>
-					</file>
-					<command><![CDATA[/etc/init.d/nscd restart]]></command>
-					<!-- clear group chache -->
-					<command><![CDATA[nscd --invalidate=group]]></command>
-				</daemon>
-				<!-- Logrotate -->
-				<daemon name="logrotate" title="Logrotate">
-					<install><![CDATA[apt-get install logrotate]]></install>
-					<file name="/etc/logrotate.d/froxlor" chown="root:root"
-						chmod="0644">
-						<content><![CDATA[
-#
-# Froxlor logrotate snipet
-#
-<CUSTOMER_LOGS>*.log {
-  missingok
-  daily
-  rotate 7
-  compress
-  delaycompress
-  notifempty
-  create
-  sharedscripts
-  postrotate
-  <WEBSERVER_RELOAD_CMD> > /dev/null 2>&1 || true
-  endscript
-}
-]]>
-						</content>
-					</file>
-				</daemon>
-				<!-- FCGID -->
-				<daemon name="fcgid" title="FCGID (alternative to mod_php)">
-					<install><![CDATA[apt-get install apache2-suexec libapache2-mod-fcgid php5-cgi]]></install>
-					<command><![CDATA[a2enmod suexec fcgid]]></command>
-					<commands index="1">
-						<visibility mode="true">{{settings.system.mod_fcgid_ownvhost}}
-						</visibility>
-						<command><![CDATA[groupadd -f {{settings.system.mod_fcgid_httpgroup}}]]></command>
-						<command><![CDATA[useradd -s /bin/false -g {{settings.system.mod_fcgid_httpgroup}} {{settings.system.mod_fcgid_httpuser}}]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_configdir}}]]></command>
-						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command><![CDATA[a2dismod php5]]></command>
-					</commands>
-					<!-- instead of just restarting apache, we let the cronjob do all the 
-						dirty work -->
-					<command><![CDATA[php {{const.\Froxlor\Froxlor::getInstallDir()}}/scripts/froxlor_master_cronjob.php --force]]></command>
-				</daemon>
-				<!-- PHP-FPM -->
-				<daemon name="php-fpm"
-					title="PHP-FPM (alternative to mod_php)">
-					<commands index="1">
-						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
-						</visibility>
-						<command><![CDATA[# add "non-free" after all occurrences of "main" in /etc/apt/sources.list]]></command>
-						<command><![CDATA[# this is needed for libapache2-mod-fastcgi to install]]></command>
-					</commands>
-					<install>
-						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
-						</visibility>
-						<content><![CDATA[apt-get install apache2-suexec libapache2-mod-fastcgi]]></content>
-					</install>
-					<install><![CDATA[apt-get install php5-fpm]]></install>
-					<commands index="2">
-						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
-						</visibility>
-						<command><![CDATA[a2enmod suexec fastcgi actions]]></command>
-					</commands>
-					<commands index="3">
-						<visibility mode="true">{{settings.phpfpm.enabled_ownvhost}}
-						</visibility>
-						<visibility mode="usernamenotexists">{{settings.phpfpm.vhost_httpuser}}
-						</visibility>
-						<command><![CDATA[groupadd -f {{settings.phpfpm.vhost_httpgroup}}]]></command>
-						<command><![CDATA[useradd -s /bin/false -g {{settings.phpfpm.vhost_httpgroup}} {{settings.phpfpm.vhost_httpuser}}]]></command>
-					</commands>
-					<commands index="4">
-						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
-						</visibility>
-						<visibility mode="true">{{settings.phpfpm.enabled_ownvhost}}
-						</visibility>
-						<command><![CDATA[a2dismod php5]]></command>
-					</commands>
-					<commands index="5">
-						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
-						</visibility>
-						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
-					</commands>
-					<!-- instead of just restarting apache, we let the cronjob do all the 
-						dirty work -->
-					<command><![CDATA[php {{const.\Froxlor\Froxlor::getInstallDir()}}/scripts/froxlor_master_cronjob.php --force]]></command>
-				</daemon>
-			</service>
-		</services>
-	</distribution>
-</froxlor>
diff --git a/lib/configfiles/trusty.xml b/lib/configfiles/trusty.xml
index c6a9ba24..a37ea010 100644
--- a/lib/configfiles/trusty.xml
+++ b/lib/configfiles/trusty.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
 	<distribution name="Ubuntu" codename="Trusty"
-		version="14.04" defaulteditor="/usr/bin/nano">
+		version="14.04" defaulteditor="/usr/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
diff --git a/lib/configfiles/xenial.xml b/lib/configfiles/xenial.xml
index 629f99d4..50fc87c1 100644
--- a/lib/configfiles/xenial.xml
+++ b/lib/configfiles/xenial.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
 	<distribution name="Ubuntu" codename="Xenial"
-		version="16.04.x" defaulteditor="/bin/nano">
+		version="16.04" defaulteditor="/bin/nano">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">